Skip to content

Commit

Permalink
chore(templates): ensure named templates follow helm best practices (#…
Browse files Browse the repository at this point in the history 
…160) (#163)

* chore(proxy): prefix partial templates with underscore

* chore(templates): prefex named template with chart name

* chore(deploy): remove duplicate securityContext field and blank space

* chore(templates): add comments for named templates

* fix(notes): fix nil pointer exceptions

* fix: non-empty tls should show https url

(cherry picked from commit 8115c82)

Co-authored-by: Thuan Vo <thuan.votann@gmail.com>
  • Loading branch information
@mergify @tthvo
mergify[bot] and tthvo authored Jun 27, 2024
1 parent bcb9535 commit dab6ec2
Show file tree
Hide file tree
Showing 9 changed files with 35 additions and 31 deletions.
6 changes: 3 additions & 3 deletions charts/cryostat/templates/NOTES.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,10 +47,10 @@
```
{{- if .Values.core.route.enabled }}
echo {{ ternary "https" "http" .Values.core.route.tls.enabled }}://$(oc get route -n {{ .Release.Namespace }} {{ include "cryostat.fullname" . }} -o jsonpath="{.status.ingress[0].host}")
{{- else if .Values.core.ingress.enabled -}}
{{- else if .Values.core.ingress.enabled }}
{{- range $host := .Values.core.ingress.hosts -}}
{{- range .paths -}}
{{ ternary "https" "http" .Values.core.ingress.tls }}://{{ $host.host }}{{ .path }}
{{- range .paths }}
{{ ternary "http" "https" (empty $.Values.core.ingress.tls) }}://{{ $host.host }}{{ .path }}
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.core.service.type }}
Expand Down
24 changes: 12 additions & 12 deletions charts/cryostat/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ Create chart name and version as used by the chart label.
{{- end }}

{{/*
Common labels
Common labels.
*/}}
{{- define "cryostat.labels" -}}
helm.sh/chart: {{ include "cryostat.chart" . }}
Expand All @@ -43,15 +43,15 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}

{{/*
Selector labels
Selector labels.
*/}}
{{- define "cryostat.selectorLabels" -}}
app.kubernetes.io/name: {{ include "cryostat.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

{{/*
Create the name of the service account to use
Create the name of the service account to use.
*/}}
{{- define "cryostat.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
Expand All @@ -62,31 +62,31 @@ Create the name of the service account to use
{{- end }}

{{/*
Get or generate a default connection key for database
Get or generate a default connection key for database.
*/}}
{{- define "cryostat.databaseConnectionKey" -}}
{{- $secret := (lookup "v1" "Secret" .Release.Namespace (printf "%s-db" .Release.Name)) -}}
{{- if $secret -}}
{{/*
Use current key. Do not regenerate
Use current key. Do not regenerate.
*/}}
{{- $secret.data.CONNECTION_KEY -}}
{{- else -}}
{{/*
Generate new key
Generate new key.
*/}}
{{- (randAlphaNum 32) | b64enc | quote -}}
{{- end -}}
{{- end -}}

{{/*
Get or generate a default encryption key for database
Get or generate a default encryption key for database.
*/}}
{{- define "cryostat.databaseEncryptionKey" -}}
{{- $secret := (lookup "v1" "Secret" .Release.Namespace (printf "%s-db" .Release.Name)) -}}
{{- if $secret -}}
{{/*
Use current key. Do not regenerate
Use current key. Do not regenerate.
*/}}
{{- $secret.data.ENCRYPTION_KEY -}}
{{- else -}}
Expand All @@ -98,13 +98,13 @@ Get or generate a default encryption key for database
{{- end -}}

{{/*
Get or generate a default secret key for object storage
Get or generate a default secret key for object storage.
*/}}
{{- define "cryostat.objectStorageSecretKey" -}}
{{- $secret := (lookup "v1" "Secret" .Release.Namespace (printf "%s-storage" .Release.Name)) -}}
{{- if $secret -}}
{{/*
Use current secret. Do not regenerate
Use current secret. Do not regenerate.
*/}}
{{- $secret.data.SECRET_KEY -}}
{{- else -}}
Expand Down Expand Up @@ -135,7 +135,7 @@ Generate or retrieve a default value for cookieSecret.
{{- end }}

{{/*
Get sanitized list or defaults (if not disabled) as comma-separated list
Get sanitized list or defaults (if not disabled) as comma-separated list.
*/}}
{{- define "cryostat.commaSepList" -}}
{{- $l := index . 0 -}}
Expand All @@ -144,5 +144,5 @@ Generate or retrieve a default value for cookieSecret.
{{- if and (not $l) (not $disableDefaults) -}}
{{- $l = list $default -}}
{{- end -}}
{{- join "," (default list $l | compact | uniq) | quote -}}
{{- join "," (default list $l | compact | uniq) | quote -}}
{{- end -}}
7 changes: 5 additions & 2 deletions charts/cryostat/templates/oauth2Proxy.tpl → charts/cryostat/templates/_oauth2Proxy.tpl
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,10 @@
{{- define "oauth2Proxy" }}
{{/*
Create OAuth2 Proxy container. Configurations defined in alpha_config.yaml
*/}}
{{- define "cryostat.oauth2Proxy" -}}
- name: {{ printf "%s-%s" .Chart.Name "authproxy" }}
securityContext:
{{- toYaml (.Values.oauth2Proxy).securityContext | nindent 12 }}
{{- toYaml (.Values.oauth2Proxy).securityContext | nindent 4 }}
image: "{{ (.Values.oauth2Proxy).image.repository }}:{{ (.Values.oauth2Proxy).image.tag }}"
args:
- "--alpha-config=/etc/oauth2_proxy/alpha_config/alpha_config.yaml"
Expand Down
7 changes: 5 additions & 2 deletions ...ryostat/templates/openshiftOauthProxy.tpl → ...yostat/templates/_openshiftOauthProxy.tpl
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,10 @@
{{- define "openshiftOauthProxy" }}
{{/*
Create OpenShift OAuth Proxy container.
*/}}
{{- define "cryostat.openshiftOauthProxy" -}}
- name: {{ printf "%s-%s" .Chart.Name "authproxy" }}
securityContext:
{{- toYaml .Values.openshiftOauthProxy.securityContext | nindent 12 }}
{{- toYaml .Values.openshiftOauthProxy.securityContext | nindent 4 }}
image: "{{ .Values.openshiftOauthProxy.image.repository }}:{{ .Values.openshiftOauthProxy.image.tag }}"
args:
- --skip-provider-button={{ not .Values.authentication.basicAuth.enabled }}
Expand Down
6 changes: 2 additions & 4 deletions charts/cryostat/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@ spec:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
{{- if (.Values.authentication.openshift).enabled }}
{{- include "openshiftOauthProxy" . | nindent 8 }}
{{- include "cryostat.openshiftOauthProxy" . | nindent 8 }}
{{- else }}
{{- include "oauth2Proxy" . | nindent 8 }}
{{- include "cryostat.oauth2Proxy" . | nindent 8 }}
{{- end }}
- name: {{ .Chart.Name }}
securityContext:
Expand Down Expand Up @@ -197,8 +197,6 @@ spec:
failureThreshold: 9
resources:
{{- toYaml (.Values.storage).resources | nindent 12 }}
securityContext:
{{- toYaml (.Values.storage).securityContext | nindent 12 }}
- name: {{ printf "%s-%s" .Chart.Name "grafana" }}
securityContext:
{{- toYaml .Values.grafana.securityContext | nindent 12 }}
Expand Down
4 changes: 2 additions & 2 deletions charts/cryostat/templates/ingress.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{- define "createIngress" }}
{{- define "cryostat.createIngress" }}
{{- $svcName := index . 0 }}
{{- $svcPort := index . 1 }}
{{- $ := index . 2 }}
Expand Down Expand Up @@ -66,5 +66,5 @@ spec:

{{- $fullName := include "cryostat.fullname" . -}}
{{- if .Values.core.ingress.enabled }}
{{- include "createIngress" (list $fullName .Values.core.service.httpPort $ .Values.core)}}
{{- include "cryostat.createIngress" (list $fullName .Values.core.service.httpPort $ .Values.core)}}
{{- end }}
4 changes: 2 additions & 2 deletions charts/cryostat/templates/role.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{- define "createRole" -}}
{{- define "cryostat.createRole" -}}
{{- $ns := index . 0 -}}
{{- with index . 1 -}}
---
Expand Down Expand Up @@ -56,6 +56,6 @@ rules:
{{- $watchNs = list .Release.Namespace -}}
{{- end -}}
{{- range $ns := $watchNs }}
{{ include "createRole" (list $ns $) }}
{{ include "cryostat.createRole" (list $ns $) }}
{{- end -}}
{{- end -}}
4 changes: 2 additions & 2 deletions charts/cryostat/templates/rolebinding.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{- define "createRolebinding" -}}
{{- define "cryostat.createRolebinding" -}}
{{- $ns := index . 0 -}}
{{- with index . 1 -}}
---
Expand Down Expand Up @@ -26,6 +26,6 @@ subjects:
{{- $watchNs = list .Release.Namespace -}}
{{- end -}}
{{- range $ns := $watchNs }}
{{ include "createRolebinding" (list $ns $) }}
{{ include "cryostat.createRolebinding" (list $ns $) }}
{{- end -}}
{{- end -}}
4 changes: 2 additions & 2 deletions charts/cryostat/templates/route.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{- define "createRoute" }}
{{- define "cryostat.createRoute" }}
{{- $svcName := index . 0 }}
{{- $targetPort := index . 1 }}
{{- $ := index . 2 }}
Expand Down Expand Up @@ -46,5 +46,5 @@ spec:

{{- $fullName := include "cryostat.fullname" . -}}
{{- if .Values.core.route.enabled }}
{{- include "createRoute" (list $fullName 4180 $ .Values.core)}}
{{- include "cryostat.createRoute" (list $fullName 4180 $ .Values.core)}}
{{- end }}

0 comments on commit dab6ec2

Please sign in to comment.