julian/scale-catalog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

no message

Browse Source
This commit is contained in:
Kjeld Schouten-Lebbing
2023-03-16 10:06:03 +01:00
parent 34c3562bfd
commit ea1a7af498
346 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
scale-catalog-template/library/common/templates/classes/_pvc.tpl Normal file
View File

@ -0,0 +1,62 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
`SPDX-License-Identifier: Apache-2.0`
This file is considered to be modified by the TrueCharts Project.
*/}}
{{/*
This template serves as a blueprint for all PersistentVolumeClaim objects that are created
within the common library.
*/}}
{{- define "common.classes.pvc" -}}
{{- $values := .Values.persistence -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.persistence -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- $pvcName := include "common.names.fullname" . -}}
{{- if hasKey $values "nameOverride" -}}
{{- $pvcName = $values.nameOverride -}}
{{- else if hasKey $values "nameSuffix" -}}
{{- $pvcName = printf "%v-%v" $pvcName $values.nameSuffix -}}
{{ end -}}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ $pvcName }}
{{- if or $values.skipuninstall $values.annotations }}
annotations:
{{- if $values.skipuninstall }}
"helm.sh/resource-policy": keep
{{- end }}
{{- with $values.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
labels:
{{- include "common.labels" . | nindent 4 }}
spec:
accessModes:
- {{ required (printf "accessMode is required for PVC %v" $pvcName) $values.accessMode | quote }}
resources:
requests:
storage: {{ required (printf "size is required for PVC %v" $pvcName) $values.size | quote }}
{{- if $values.storageClass }}
storageClassName: {{ include "common.storage.class" . }}
{{- else }}
storageClassName: {{ ( printf "%v-%v" "ix-storage-class" .Release.Name ) }}
{{- end }}
{{- end -}}

99
scale-catalog-template/library/common/templates/classes/_service.tpl Normal file
View File

@ -0,0 +1,99 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
`SPDX-License-Identifier: Apache-2.0`
This file is considered to be modified by the TrueCharts Project.
*/}}
{{/*
This template serves as a blueprint for all Service objects that are created
within the common library.
*/}}
{{- define "common.classes.service" -}}
{{- $values := .Values.services.main -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.service -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- $serviceName := include "common.names.fullname" . -}}
{{- if hasKey $values "nameSuffix" -}}
{{- $serviceName = printf "%v-%v" $serviceName $values.nameSuffix -}}
{{ end -}}
{{- $svcType := $values.type | default "" -}}
{{- $portProtocol := $values.port.protocol -}}
{{- if or ( eq $values.port.protocol "HTTP" ) ( eq $values.port.protocol "HTTPS" ) ( eq $values.port.protocol "TCP" ) -}}
{{- $portProtocol = "TCP" -}}
{{- else if eq $values.port.protocol "UDP" }}
{{- $portProtocol = "UDP" -}}
{{- end }}
apiVersion: v1
kind: Service
metadata:
name: {{ $serviceName }}
labels:
{{- include "common.labels" . | nindent 4 }}
{{- if $values.labels }}
{{ toYaml $values.labels | nindent 4 }}
{{- end }}
annotations:
{{- if eq $values.port.protocol "HTTPS" }}
traefik.ingress.kubernetes.io/service.serversscheme: https
{{- end }}
{{- with $values.annotations }}
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if (or (eq $svcType "ClusterIP") (empty $svcType)) }}
type: ClusterIP
{{- if $values.clusterIP }}
clusterIP: {{ $values.clusterIP }}
{{end}}
{{- else if eq $svcType "LoadBalancer" }}
type: {{ $svcType }}
{{- if $values.loadBalancerIP }}
loadBalancerIP: {{ $values.loadBalancerIP }}
{{- end }}
{{- if $values.externalTrafficPolicy }}
externalTrafficPolicy: {{ $values.externalTrafficPolicy }}
{{- end }}
{{- if $values.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml $values.loadBalancerSourceRanges | nindent 4 }}
{{- end -}}
{{- else }}
type: {{ $svcType }}
{{- end }}
{{- if $values.sessionAffinity }}
sessionAffinity: {{ $values.sessionAffinity }}
{{- if $values.sessionAffinityConfig }}
sessionAffinityConfig:
{{ toYaml $values.sessionAffinityConfig | nindent 4 }}
{{- end -}}
{{- end }}
{{- with $values.externalIPs }}
externalIPs:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if $values.publishNotReadyAddresses }}
publishNotReadyAddresses: {{ $values.publishNotReadyAddresses }}
{{- end }}
{{- include "common.classes.service.ports" (dict "svcType" $svcType "values" $values ) | trim | nindent 2 }}
selector:
{{- include "common.labels.selectorLabels" . | nindent 4 }}
{{- end }}

47
scale-catalog-template/library/common/templates/classes/_service_ports.tpl Normal file
View File

@ -0,0 +1,47 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
`SPDX-License-Identifier: Apache-2.0`
This file is considered to be modified by the TrueCharts Project.
*/}}
{{/*
Render all the ports and additionalPorts for a Service object.
*/}}
{{- define "common.classes.service.ports" -}}
{{- $ports := list -}}
{{- $values := .values -}}
{{- $ports = mustAppend $ports $values.port -}}
{{- range $_ := $values.additionalPorts -}}
{{- $ports = mustAppend $ports . -}}
{{- end }}
{{- if $ports -}}
ports:
{{- range $_ := $ports }}
{{- $protocol := "" -}}
{{- if or ( eq .protocol "HTTP" ) ( eq .protocol "HTTPS" ) }}
{{- $protocol = "TCP" -}}
{{- else }}
{{- $protocol = .protocol | default "TCP" -}}
{{- end }}
- port: {{ .port }}
targetPort: {{ .targetPort | default .name | default "http" }}
protocol: {{ $protocol | default "TCP" }}
name: {{ .name | default "http" }}
{{- if (and (eq $.svcType "NodePort") (not (empty .nodePort))) }}
nodePort: {{ .nodePort }}
{{ end }}
{{- end -}}
{{- end -}}
{{- end }}

63
scale-catalog-template/library/common/templates/classes/ingress/_externalService.tpl Normal file
View File

@ -0,0 +1,63 @@
{{- define "common.classes.externalService" -}}
{{- $serviceName := include "common.names.fullname" . -}}
{{- $values := .Values -}}
{{- $svcPort := 80 }}
{{- $ingressService := $.Values }}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.ingress -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- if hasKey $values "nameSuffix" -}}
{{- $serviceName = printf "%v-%v" $serviceName $values.nameSuffix -}}
{{ end -}}
{{- $svcName := $values.serviceName | default $serviceName -}}
{{- if $values.servicePort }}
{{- $svcPort = $values.servicePort -}}
{{- end }}
apiVersion: v1
kind: Service
metadata:
name: {{ $svcName }}
labels:
{{- include "common.labels" . | nindent 4 }}
annotations:
{{- if eq ( $values.serviceType | default "" ) "HTTPS" }}
traefik.ingress.kubernetes.io/service.serversscheme: https
{{- end }}
{{- with $values.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
ports:
{{- if eq $values.type "UDP"}}
- protocol: UDP
port: {{ $values.servicePort }}
targetPort: {{ $values.servicePort }}
{{- else }}
- protocol: TCP
port: {{ $values.servicePort }}
targetPort: {{ $values.servicePort }}
{{- end }}
---
apiVersion: v1
kind: Endpoints
metadata:
name: {{ $svcName }}
labels:
{{- include "common.labels" . | nindent 4 }}
annotations:
{{- with $values.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
subsets:
- addresses:
- ip: {{ $values.serviceTarget }}
ports:
- port: {{ $values.servicePort }}
{{- end }}

148
scale-catalog-template/library/common/templates/classes/ingress/_ingress.tpl Normal file
View File

@ -0,0 +1,148 @@
{{/*
This template serves as a blueprint for all Ingress objects that are created
within the common library.
*/}}
{{- define "common.classes.ingress" -}}
{{- $ingressName := include "common.names.fullname" . -}}
{{- $values := .Values -}}
{{- $svcPort := 80 -}}
{{- $portProtocol := "" -}}
{{- $ingressService := $.Values -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.ingress -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- if hasKey $values "nameSuffix" -}}
{{- $ingressName = printf "%v-%v" $ingressName $values.nameSuffix -}}
{{- if not $values.servicePort }}
{{- $ingressService := index $.Values.services ( $values.nameSuffix | quote ) }}
{{- if $ingressService.enabled }}
{{- $svcPort = $ingressService.port.port -}}
{{- $portProtocol = $ingressService.port.protocol | default "" }}
{{- else if $.Values.services.main.enabled }}
{{- $svcPort = $.Values.services.main.port.port -}}
{{- $portProtocol = $.Values.services.main.port.protocol | default "" -}}
{{ end -}}
{{ end -}}
{{- else if and ( $.Values.services.main.enabled ) ( not $values.servicePort ) }}
{{- $svcPort = $.Values.services.main.port.port -}}
{{- $portProtocol = $.Values.services.main.port.protocol | default "" -}}
{{ end -}}
{{- $authForwardName := ( printf "%v-%v" $ingressName "auth-forward" ) -}}
{{- $svcName := $values.serviceName | default $ingressName -}}
{{- if $values.dynamicServiceName }}
{{- $dynamicServiceName := printf "%v-%v" .Release.Name $values.dynamicServiceName -}}
{{- $svcName = $dynamicServiceName -}}
{{- end }}
{{- if $values.servicePort }}
{{- $svcPort = $values.servicePort -}}
{{- end }}
{{- if $values.serviceType }}
{{- $portProtocol = $values.serviceType -}}
{{- end }}
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
kind: Ingress
metadata:
name: {{ $ingressName }}
labels:
{{- include "common.labels" . | nindent 4 }}
annotations:
{{- if eq $portProtocol "HTTPS" }}
traefik.ingress.kubernetes.io/service.serversscheme: https
{{- end }}
traefik.ingress.kubernetes.io/router.entrypoints: {{ $values.entrypoint | default "websecure" }}
traefik.ingress.kubernetes.io/router.middlewares: traefik-middlewares-chain-public@kubernetescrd{{ if $values.authForwardURL }},{{ printf "%v-%v@%v" .Release.Namespace $authForwardName "kubernetescrd" }}{{ end }}
{{- with $values.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
{{- if $values.ingressClassName }}
ingressClassName: {{ $values.ingressClassName }}
{{- end }}
{{- end }}
{{- if or ( eq $values.certType "selfsigned") (eq $values.certType "ixcert") }}
tls:
- hosts:
{{- if $values.host}}
- {{ $values.host | quote }}
{{- else }}
{{- range $values.hosts }}
- {{ .host | quote }}
{{- end }}
{{- end }}
{{- if eq $values.certType "ixcert" }}
secretName: {{ $ingressName }}
{{- end }}
{{- end }}
rules:
{{- if $values.host }}
- host: {{ $values.host | quote }}
http:
paths:
- path: {{ $values.path | default "/" }}
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
pathType: Prefix
{{- end }}
backend:
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
service:
name: {{ $svcName }}
port:
number: {{ $svcPort }}
{{- else }}
serviceName: {{ $svcName }}
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}
{{- range $values.hosts }}
- host: {{ .host | quote }}
http:
paths:
- path: {{ .path | default "/" }}
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
pathType: Prefix
{{- end }}
backend:
{{- if eq (include "common.capabilities.ingress.apiVersion" $) "networking.k8s.io/v1" }}
service:
name: {{ $svcName }}
port:
number: {{ $svcPort }}
{{- else }}
serviceName: {{ $svcName }}
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}
{{- if $values.authForwardURL }}
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: {{ $authForwardName }}
spec:
forwardAuth:
address: {{ $values.authForwardURL | quote }}
tls:
insecureSkipVerify: true
trustForwardHeader: true
authResponseHeaders:
- Remote-User
- Remote-Groups
- Remote-Name
- Remote-Email
{{- end }}
{{- end }}

127
scale-catalog-template/library/common/templates/classes/ingress/_ingressRoute.tpl Normal file
View File

@ -0,0 +1,127 @@
{{/*
This template serves as a blueprint for all ingressRoute objects that are created
within the common library.
*/}}
{{- define "common.classes.ingressRoute" -}}
{{- $ingressName := include "common.names.fullname" . -}}
{{- $values := .Values -}}
{{- $svcPort := 80 }}
{{- $portProtocol := "" }}
{{- $ingressService := $.Values }}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.ingress -}}
{{- $values = . -}}
{{- end -}}
{{ end -}}
{{- if hasKey $values "nameSuffix" -}}
{{- $ingressName = printf "%v-%v" $ingressName $values.nameSuffix -}}
{{- if and ( $.Values.services ) ( not $values.servicePort ) }}
{{- $ingressService := index $.Values.services ( $values.nameSuffix | quote) }}
{{- $svcPort = $ingressService.port.port }}
{{- $portProtocol = $ingressService.port.protocol | default "" }}
{{ end -}}
{{- else if and ( $.Values.services ) ( not $values.servicePort ) }}
{{- $svcPort = $.Values.services.main.port.port }}
{{- $portProtocol = $.Values.services.main.port.protocol | default "" }}
{{ end -}}
{{- $authForwardName := ( printf "%v-%v" $ingressName "auth-forward" ) -}}
{{- $svcName := $values.serviceName | default $ingressName -}}
{{- if $values.servicePort }}
{{- $svcPort = $values.servicePort }}
{{- end }}
{{- if $values.serviceType }}
{{- $portProtocol = $values.serviceType }}
{{- end }}
apiVersion: traefik.containo.us/v1alpha1
{{- if eq $values.type "UDP" }}
kind: IngressRouteUDP
{{- else if eq $values.type "TCP" }}
kind: IngressRouteTCP
{{- else }}
kind: IngressRoute
{{- end }}
metadata:
name: {{ $ingressName }}
labels:
{{- include "common.labels" . | nindent 4 }}
annotations:
{{- with $values.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
entryPoints:
- {{ $values.entrypoint }}
routes:
{{- if eq $values.type "UDP" }}
- services:
- name: {{ $svcName }}
port: {{ $svcPort }}
weight: 10
{{- else if eq $values.type "TCP" }}
- match: HostSNI(`*`)
services:
- name: {{ $svcName }}
port: {{ $svcPort }}
weight: 10
terminationDelay: 400
{{- else }}
- kind: Rule
match: Host(`{{ (index $values.hosts 0).host }}`) && PathPrefix(`{{ (index $values.hosts 0).path | default "/" }}`)
services:
- name: {{ $svcName }}
{{- if $values.serviceKind }}
kind: {{ $values.serviceKind }}
{{- else }}
port: {{ $svcPort }}
{{- end }}
middlewares:
- name: traefik-middlewares-chain-public@kubernetescrd
{{- if $values.authForwardURL }}
- name: "{{ printf "%v-%v@%v" .Release.Namespace $authForwardName "kubernetescrd" }}"
{{- end }}
{{- end }}
{{- if not ( eq $values.type "UDP" ) }}
{{- if or ( eq $values.certType "selfsigned") (eq $values.certType "ixcert") }}
tls:
domains:
- main: {{ (index $values.hosts 0).host }}
sans:
{{- range $values.hosts }}
- {{ .host | quote }}
{{- end }}
{{- if eq $values.certType "ixcert" }}
secretName: {{ $ingressName }}
{{- end }}
passthrough: false
{{- end }}
{{- end }}
{{- if $values.authForwardURL }}
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: {{ $authForwardName }}
spec:
forwardAuth:
address: {{ $values.authForwardURL | quote }}
tls:
insecureSkipVerify: true
trustForwardHeader: true
authResponseHeaders:
- Remote-User
- Remote-Groups
- Remote-Name
- Remote-Email
{{- end }}
{{- end }}