Skip to content

Commit 7f84d74

Browse files
justincorrigiblejustincorrigible
committed
add container emptydirs, sidecars, command and args for [email protected]
bonus: - improved volumeMounts logic to prevent duplicates - allows secret creation
1 parent 8adf5f6 commit 7f84d74

File tree

6 files changed

+472
-76
lines changed

6 files changed

+472
-76
lines changed

README.md

Lines changed: 23 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,24 @@ Repository to keep helm charts for the overture projects.
44

55
# How to package and publish:
66

7-
- Turn a chart into a versioned chart archive file
7+
- Bump the chart version following SemVer standards
8+
- Turn a chart into a versioned chart archive file
89

910
```
10-
helm package ./mychart
11+
helm package ./mychart
1112
```
1213

13-
- then copy the chart to the charts-server repository (another git repository in overture-stack)
14-
- then you need to reindex — see charts-server for instructions.
14+
- See the [charts-server's ReadMe](https://github.com/overture-stack/charts-server) for further instructions.
15+
16+
### Implementation notes:
17+
18+
- You're able to test your changes locally through
19+
20+
```
21+
helm template <packaged chart or folder> <optionally: -f values.yaml>
22+
```
23+
24+
---
1525

1626
# Upgrade notes
1727

@@ -20,15 +30,15 @@ helm package ./mychart
2030
This app now uses Helm configMaps to store a few config files.
2131
When the chart is deployed the following configmaps are created, containing these files:
2232

23-
### In Server (formerly API), `arranger-server-configs`
33+
### In Server (formerly "API"), `arranger-server-configs`
2434

25-
- base.json
26-
- extended.json
27-
- facets.json
28-
- matchbox.json
29-
- table.json
35+
- base.json
36+
- extended.json
37+
- facets.json
38+
- matchbox.json
39+
- table.json
3040

31-
Each of these default to `{}`, and should customised by passing values into helm in the follwowing fashion
41+
Each of these default to `{}`, and should customized by passing values into helm in the following fashion
3242

3343
```
3444
serverConfigs: {
@@ -40,8 +50,8 @@ serverConfigs: {
4050

4151
### And in Admin UI, `arranger-nginx-config`
4252

43-
- nginx.conf
44-
- env-config.js
53+
- nginx.conf
54+
- env-config.js
4555

4656
| Customizable parameter | Description | Default |
4757
| -------------------------- | ----------------- | ------- |

stateless-svc/Chart.yaml

Lines changed: 1 addition & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -2,16 +2,6 @@ apiVersion: v2
22
name: stateless-svc
33
description: A generic Helm chart for Kubernetes
44

5-
# A chart can be either an 'application' or a 'library' chart.
6-
#
7-
# Application charts are a collection of templates that can be packaged into versioned archives
8-
# to be deployed.
9-
#
10-
# Library charts provide useful utilities or functions for the chart developer. They're included as
11-
# a dependency of application charts to inject those utilities and functions into the rendering
12-
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
135
type: application
146

15-
# This is the chart version. This version number should be incremented each time you make changes
16-
# to the chart and its templates, including the app version.
17-
version: 1.4.0
7+
version: 1.4.1

stateless-svc/templates/_volumes.tpl

Lines changed: 284 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,284 @@
1+
{{- /*
2+
Render container volumeMounts for given context (container or sidecar). Usage:
3+
4+
- in containers/sidecars
5+
{{ include "stateless-svc.renderVolumeMounts" (dict "root" $root "values" .Values) }}
6+
7+
- for the overall deployment volumes
8+
{{ include "stateless-svc.renderVolumes" (dict "root" $root "values" .Values) }}
9+
*/ -}}
10+
11+
{{- /* Logic for volume mounts in both container and sidecars */ -}}
12+
{{- define "renderMounts.volume" -}}
13+
- name: {{ index . 0 }}
14+
mountPath: {{ index . 1 }}
15+
{{- if index . 2 }}
16+
readOnly: {{ index . 2 }}
17+
{{- end }}
18+
{{- end -}}
19+
20+
{{- /* main container */ -}}
21+
{{- define "stateless-svc.renderVolumeMounts" -}}
22+
{{- $root := index . "root" -}}
23+
{{- $vals := index . "values" -}}
24+
25+
{{if or
26+
(gt (len $vals.mountEmptyDirs) 0)
27+
(gt (len $vals.mountSecrets) 0)
28+
}}
29+
volumeMounts:
30+
{{- /* top-level emptyDirs */ -}}
31+
{{ range $ei, $emptyDir := $vals.mountEmptyDirs }}
32+
{{- $emptyDirVolName := "" -}}
33+
{{- $path := $emptyDir.name | lower | replace "_" "-" -}}
34+
35+
{{- if $emptyDir.shared }}
36+
{{- $emptyDirVolName = $path -}}
37+
{{- else }}
38+
{{- $emptyDirVolName := (printf "%s-%s" (include "stateless-svc.fullname" $root) $path) -}}
39+
{{- end }}
40+
41+
{{- $mountPath := $emptyDir.path | default (printf "/tmp/%s" $path) -}}
42+
43+
{{- include "renderMounts.volume" (list $emptyDirVolName $mountPath "") | nindent 4 }}
44+
{{- end }}
45+
46+
{{- /* top-level secret mounts */ -}}
47+
{{- range $i, $secretsVolume := $vals.mountSecrets }}
48+
{{- $secretsVolName := "" -}}
49+
{{- $mountPath := "" -}}
50+
{{- $readOnly := "" -}}
51+
{{- $path := "" -}}
52+
53+
{{- if kindIs "string" $secretsVolume }}
54+
{{- $path = $secretsVolume | lower | replace "_" "-" -}}
55+
{{- $secretsVolName = printf "%s-%s" (include "stateless-svc.fullname" $root) $path -}}
56+
{{- $mountPath = printf "/tmp/%s" $path -}}
57+
{{- else }}
58+
{{- $path = $secretsVolume.name | lower | replace "_" "-" -}}
59+
{{- $secretsVolName = printf "%s-%s" (include "stateless-svc.fullname" $root) $path -}}
60+
{{- $mountPath = $secretsVolume.path | default (printf "/tmp/%s" $path) -}}
61+
{{- if hasKey $secretsVolume "readOnly" }}
62+
{{- $readOnly = $secretsVolume.readOnly -}}
63+
{{- end -}}
64+
{{- end }}
65+
66+
{{- include "renderMounts.volume" (list $secretsVolName $mountPath $readOnly) | nindent 4 }}
67+
{{- end }}
68+
{{- end }}
69+
{{- end }}
70+
71+
72+
{{- define "stateless-svc.hasSidecarMounts" -}}
73+
{{- $ctx := . -}}
74+
{{- $found := false -}}
75+
{{- range $idx, $sidecar := $ctx.Values.sidecars }}
76+
{{- if or (gt (len (default list $sidecar.mountEmptyDirs)) 0) (gt (len (default list $sidecar.mountSecrets)) 0) }}
77+
{{- $found = true -}}
78+
{{- break -}}
79+
{{- end }}
80+
{{- end }}
81+
{{- if $found }}true{{- else }}false{{- end }}
82+
{{- end -}}
83+
84+
{{- /* sidecars */ -}}
85+
{{- define "stateless-svc.renderSidecars" -}}
86+
{{- $root := index . "root" -}}
87+
{{- $vals := index . "values" -}}
88+
89+
{{- if eq (include "stateless-svc.hasSidecarMounts" $root) "true" -}}
90+
{{ "" }}
91+
sidecars:
92+
{{- range $si, $sidecarFromValues := $vals.sidecars }}
93+
{{- $sidecar := dict -}}
94+
{{- range $key, $value := $sidecarFromValues }}
95+
{{- if and
96+
(ne $key "mountEmptyDirs")
97+
(ne $key "mountSecrets")
98+
}}
99+
{{- $_ := set $sidecar $key $value -}}
100+
{{- end }}
101+
{{- end -}}
102+
103+
{{- $yaml := toYaml $sidecar | trim -}}
104+
{{- $lines := splitList "\n" $yaml -}}
105+
106+
{{- if gt (len $lines) 0 }}
107+
- {{ index $lines 0 }}
108+
{{- range $si, $line := rest $lines }}
109+
{{ $line | printf "%s" }}
110+
{{- end }}
111+
{{- end -}}
112+
113+
{{- if or $sidecarFromValues.mountEmptyDirs $sidecarFromValues.mountSecrets }}
114+
volumeMounts:
115+
{{- range $sidecarEmptyDir := $sidecarFromValues.mountEmptyDirs -}}
116+
{{- $emptyDirVolName := "" -}}
117+
{{- $path := $sidecarEmptyDir.name | lower | replace "_" "-" -}}
118+
119+
{{- if $sidecarEmptyDir.shared }}
120+
{{- $emptyDirVolName = $path -}}
121+
{{- else }}
122+
{{- $emptyDirVolName := (printf "%s-%s"
123+
$sidecarFromValues.name
124+
($sidecarEmptyDir.name | lower | replace "_" "-")
125+
) -}}
126+
{{- end -}}
127+
128+
{{- $mountPath := $sidecarEmptyDir.path | default (printf "/tmp/%s" $path) -}}
129+
130+
{{- include "renderMounts.volume" (list $emptyDirVolName $mountPath "") | nindent 8 -}}
131+
{{- end }}
132+
133+
{{- range $j, $sidecarSecretsVolume := $sidecarFromValues.mountSecrets }}
134+
{{- $sidecarSecretsVolName := "" -}}
135+
{{- $mountPath := "" -}}
136+
{{- $readOnly := "" -}}
137+
{{- $path := "" -}}
138+
139+
{{- if kindIs "string" $sidecarSecretsVolume }}
140+
{{- $path = $sidecarSecretsVolume | lower | replace "_" "-" -}}
141+
{{- $sidecarSecretsVolName = printf "%s-%s" $sidecarFromValues.name $path -}}
142+
{{- $mountPath = printf "/tmp/%s" $path -}}
143+
{{- else }}
144+
{{- $path = $sidecarSecretsVolume.name | lower | replace "_" "-" -}}
145+
{{- $sidecarSecretsVolName = (printf "%s-%s"
146+
$sidecarFromValues.name
147+
($sidecarSecretsVolume.name | lower | replace "_" "-")
148+
) -}}
149+
{{- $mountPath = ($sidecarSecretsVolume.path |
150+
default (printf "/tmp/%s"
151+
($sidecarSecretsVolume.secret.secretName | lower | replace "_" "-") |
152+
default $path
153+
)
154+
) -}}
155+
{{- if hasKey $sidecarSecretsVolume "readOnly" }}
156+
{{- $readOnly = $sidecarSecretsVolume.readOnly -}}
157+
{{- end }}
158+
{{- end -}}
159+
160+
{{- include "renderMounts.volume" (list $sidecarSecretsVolName $mountPath $readOnly) | nindent 8 -}}
161+
{{- end }}
162+
{{- end }}
163+
{{- end }}
164+
{{- end }}
165+
{{- end }}
166+
167+
168+
{{- /* logic for volumes */ -}}
169+
170+
{{- define "renderVolumes.emptyDir" -}}
171+
- name: {{ index . 0 }}
172+
emptyDir: {}
173+
{{- end -}}
174+
175+
{{- define "renderVolumes.secret" -}}
176+
- name: {{ index . 0 }}
177+
secret:
178+
secretName: {{ index . 1 }}
179+
defaultMode: {{ index . 2 }}
180+
{{- end -}}
181+
182+
{{- define "stateless-svc.renderVolumes" -}}
183+
{{- $root := index . "root" -}}
184+
{{- $vals := index . "values" -}}
185+
186+
{{- /* build volumes only if any mounts or sidecars exist */ -}}
187+
{{- if or
188+
(gt (len $vals.mountEmptyDirs) 0)
189+
(gt (len $vals.mountSecrets) 0)
190+
(gt (len $vals.sidecars) 0)
191+
}}
192+
volumes:
193+
{{- $seen := dict -}}
194+
195+
{{- range $ei, $emptyDir := $vals.mountEmptyDirs }}
196+
{{- $emptyDirVolName := "" -}}
197+
{{- $givenName := ($emptyDir.name | lower | replace "_" "-") -}}
198+
199+
{{- if $emptyDir.shared }}
200+
{{- $emptyDirVolName = $givenName -}}
201+
{{- else }}
202+
{{- $emptyDirVolName = (printf "%s-%s"
203+
(include "stateless-svc.fullname" $root)
204+
$givenName
205+
) | nindent 4 -}}
206+
{{- end -}}
207+
208+
{{- if not (hasKey $seen $emptyDirVolName) }}
209+
{{- $_ := set $seen $emptyDirVolName true -}}
210+
{{- include "renderVolumes.emptyDir" (list $emptyDirVolName) | nindent 4 }}
211+
{{- end }}
212+
{{- end }}
213+
214+
{{- range $i, $secretsVolume := $vals.mountSecrets }}
215+
{{- $secretsVolName := "" -}}
216+
{{- $secretName := "" -}}
217+
{{- $mode := "0644" -}}
218+
219+
{{- if kindIs "string" $secretsVolume }}
220+
{{- $secretsVolName = (printf "%s-%s"
221+
(include "stateless-svc.fullname" $root)
222+
($secretsVolume | lower | replace "_" "-")
223+
) -}}
224+
{{- $secretName = $secretsVolume -}}
225+
{{- else }}
226+
{{- $secretsVolName := (printf "%s-%s"
227+
(include "stateless-svc.fullname" $root)
228+
($secretsVolume.name | lower | replace "_" "-")
229+
) -}}
230+
{{- $secretName = $secretsVolume.secret.secretName | default $secretsVolume.name -}}
231+
{{- $mode = ($secretsVolume.defaultMode | default "0644") -}}
232+
{{- end }}
233+
234+
{{- if not (hasKey $seen $secretsVolName) }}
235+
{{- $_ := set $seen $secretsVolName true -}}
236+
{{- include "stateless-svc.renderVolumes" (list $secretsVolName $secretName $mode) | nindent 4 }}
237+
{{- end }}
238+
{{- end }}
239+
240+
{{- range $si, $sidecar := $vals.sidecars }}
241+
{{- range $sidecarEmptyDir := $sidecar.mountEmptyDirs }}
242+
{{- $emptyDirVolName := "" -}}
243+
{{- $givenName := ($sidecarEmptyDir.name | lower | replace "_" "-") -}}
244+
245+
{{- if $sidecarEmptyDir.shared }}
246+
{{- $emptyDirVolName = $givenName -}}
247+
{{- else }}
248+
{{- $emptyDirVolName = (printf "%s-%s" $sidecar.name $givenName) -}}
249+
{{- end }}
250+
251+
{{- if not (hasKey $seen $emptyDirVolName) }}
252+
{{- $_ := set $seen $emptyDirVolName true -}}
253+
{{- include "renderVolumes.emptyDir" (list $emptyDirVolName) | nindent 4 }}
254+
{{- end }}
255+
{{- end }}
256+
257+
{{- range $sidecarSecretsVolume := $sidecar.mountSecrets }}
258+
{{- $sidecarSecretsVolName := "" -}}
259+
{{- $secretName := "" -}}
260+
{{- $mode := "0644" -}}
261+
262+
{{- if kindIs "string" $sidecarSecretsVolume }}
263+
{{- $sidecarSecretsVolName = (printf "%s-%s"
264+
$sidecar.name
265+
($sidecarSecretsVolume | lower | replace "_" "-")
266+
) -}}
267+
{{- $secretName = $sidecarSecretsVolume -}}
268+
{{- else }}
269+
{{- $sidecarSecretsVolName = (printf "%s-%s"
270+
$sidecar.name
271+
($sidecarSecretsVolume.name | lower | replace "_" "-")
272+
) -}}
273+
{{- $secretName = $sidecarSecretsVolume.secret.secretName | default $sidecarSecretsVolume.name -}}
274+
{{- $mode = ($sidecarSecretsVolume.defaultMode | default "0644") -}}
275+
{{- end }}
276+
277+
{{- if not (hasKey $seen $sidecarSecretsVolName) }}
278+
{{- $_ := set $seen $sidecarSecretsVolName true -}}
279+
{{- include "stateless-svc.renderVolumes" (list $sidecarSecretsVolName $secretName $mode) | nindent 4 }}
280+
{{- end }}
281+
{{- end }}
282+
{{- end }}
283+
{{- end }}
284+
{{- end }}

0 commit comments

Comments
 (0)