From 25aa29c452d8750cf29c2887922317aeeaaee08d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adri=C3=A1n=20Mart=C3=ADn=20Garc=C3=ADa?= <49920382+amartingarcia@users.noreply.github.com> Date: Fri, 12 May 2023 12:49:21 +0200 Subject: [PATCH] feat(objects): declare new objects (#10) --- .../templates/limitrange.yaml | 26 +++ .../templates/namespace.yaml | 16 +- .../templates/networkpolicy.yaml | 25 +++ charts/default-resources/templates/quota.yaml | 14 +- .../default-resources/templates/secrets.yaml | 12 ++ .../templates/serviceaccount.yaml | 11 +- .../templates/storageclass.yaml | 44 +++++ .../templates/volumesnapshotclass.yaml | 12 +- charts/default-resources/values.yaml | 183 +++++++++++++----- 9 files changed, 290 insertions(+), 53 deletions(-) create mode 100644 charts/default-resources/templates/limitrange.yaml create mode 100644 charts/default-resources/templates/networkpolicy.yaml create mode 100644 charts/default-resources/templates/storageclass.yaml diff --git a/charts/default-resources/templates/limitrange.yaml b/charts/default-resources/templates/limitrange.yaml new file mode 100644 index 0000000..b9d1ddc --- /dev/null +++ b/charts/default-resources/templates/limitrange.yaml @@ -0,0 +1,26 @@ +{{ if .Values.limitRange.create }} +{{ range .Values.limitRange.config }} +--- +apiVersion: v1 +kind: LimitRange +metadata: + name: {{ .name }} + namespace: {{ .namespace }} + labels: +{{- if .labels }} + {{- with .labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .annotations }} + annotations: + {{- with .annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +spec: + limits: +{{ toYaml .spec | indent 4 }} + +{{ end }} +{{ end }} \ No newline at end of file diff --git a/charts/default-resources/templates/namespace.yaml b/charts/default-resources/templates/namespace.yaml index 62827e6..cfcd893 100644 --- a/charts/default-resources/templates/namespace.yaml +++ b/charts/default-resources/templates/namespace.yaml @@ -1,10 +1,22 @@ {{ if .Values.namespaces.create }} -{{ range .Values.namespaces.name }} +{{ range .Values.namespaces.config }} --- apiVersion: v1 kind: Namespace metadata: - name: {{ . }} + name: {{ .name }} + labels: +{{- if .labels }} + {{- with .labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .annotations }} + annotations: + {{- with .annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} {{ end }} {{ end }} \ No newline at end of file diff --git a/charts/default-resources/templates/networkpolicy.yaml b/charts/default-resources/templates/networkpolicy.yaml new file mode 100644 index 0000000..661bd6c --- /dev/null +++ b/charts/default-resources/templates/networkpolicy.yaml @@ -0,0 +1,25 @@ +{{ if .Values.networkPolicies.create }} +{{ range .Values.networkPolicies.config }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ .name }} + namespace: {{ .namespace }} +{{- if .labels }} + labels: + {{- with .labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .annotations }} + annotations: + {{- with .annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +spec: +{{ toYaml .spec | indent 2 }} + +{{ end }} +{{ end }} \ No newline at end of file diff --git a/charts/default-resources/templates/quota.yaml b/charts/default-resources/templates/quota.yaml index 6043ca3..e304322 100644 --- a/charts/default-resources/templates/quota.yaml +++ b/charts/default-resources/templates/quota.yaml @@ -4,8 +4,20 @@ apiVersion: v1 kind: ResourceQuota metadata: - name: {{ .namespace }} + name: {{ .name }} namespace: {{ .namespace }} +{{- if .labels }} + labels: + {{- with .labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .annotations }} + annotations: + {{- with .annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} spec: hard: {{ toYaml .spec | indent 4 }} diff --git a/charts/default-resources/templates/secrets.yaml b/charts/default-resources/templates/secrets.yaml index 443ecda..27f9760 100644 --- a/charts/default-resources/templates/secrets.yaml +++ b/charts/default-resources/templates/secrets.yaml @@ -6,6 +6,18 @@ kind: Secret metadata: name: {{ .name }} namespace: {{ .namespace }} +{{- if .labels }} + labels: + {{- with .labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .annotations }} + annotations: + {{- with .annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} type: {{ .type }} data: {{- range $key, $value := $secrets.data }} diff --git a/charts/default-resources/templates/serviceaccount.yaml b/charts/default-resources/templates/serviceaccount.yaml index b0d1623..4c80787 100644 --- a/charts/default-resources/templates/serviceaccount.yaml +++ b/charts/default-resources/templates/serviceaccount.yaml @@ -5,11 +5,20 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ .name }} + namespace: {{ .namespace }} +{{- if .labels }} + labels: + {{- with .labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .annotations }} annotations: {{- with .annotations }} {{- toYaml . | nindent 4 }} {{- end }} - namespace: {{ .namespace }} +{{- end }} +automountServiceAccountToken: {{ .automountServiceAccountToken }} {{ end }} {{ end }} \ No newline at end of file diff --git a/charts/default-resources/templates/storageclass.yaml b/charts/default-resources/templates/storageclass.yaml new file mode 100644 index 0000000..b0e7352 --- /dev/null +++ b/charts/default-resources/templates/storageclass.yaml @@ -0,0 +1,44 @@ +{{ if .Values.storageClass.create }} +{{ range .Values.storageClass.config }} +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .name }} + labels: +{{- if .labels }} + {{- with .labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .annotations }} + annotations: + {{- with .annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +provisioner: {{ .provisioner }} +parameters: + {{- with .parameters }} + {{- toYaml . | nindent 2 }} + {{- end }} +allowVolumeExpansion: {{ .allowVolumeExpansion }} +reclaimPolicy: {{ .reclaimPolicy }} +{{- if .mountOptions }} +mountOptions: + {{- with .mountOptions }} + {{- toYaml . | nindent 2 }} + {{- end }} +{{- end }} +{{- if .allowVolumeExpansion }} +volumeBindingMode: {{ .volumeBindingMode }} +{{- end }} +{{- if .allowedTopologies }} +allowedTopologies: + {{- with .allowedTopologies }} + {{- toYaml . | nindent 2 }} + {{- end }} +{{- end }} + +{{ end }} +{{ end }} \ No newline at end of file diff --git a/charts/default-resources/templates/volumesnapshotclass.yaml b/charts/default-resources/templates/volumesnapshotclass.yaml index e1d00bb..e9ba73b 100644 --- a/charts/default-resources/templates/volumesnapshotclass.yaml +++ b/charts/default-resources/templates/volumesnapshotclass.yaml @@ -1,14 +1,22 @@ -{{ if .Values.VolumeSnapshotClass.create }} -{{ range .Values.VolumeSnapshotClass.config }} +{{ if .Values.volumeSnapshotClass.create }} +{{ range .Values.volumeSnapshotClass.config }} --- apiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshotClass metadata: name: {{ .name }} +{{- if .labels }} labels: {{- with .labels }} {{- toYaml . | nindent 4 }} {{- end }} +{{- end }} +{{- if .annotations }} + annotations: + {{- with .annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} driver: {{ .driver }} deletionPolicy: {{ .deletionPolicy }} parameters: diff --git a/charts/default-resources/values.yaml b/charts/default-resources/values.yaml index 34c8511..fb23fc2 100644 --- a/charts/default-resources/values.yaml +++ b/charts/default-resources/values.yaml @@ -4,60 +4,149 @@ --- namespaces: create: false - name: [] -# - integration -# - monitoring + config: + - name: my-namespace + labels: {} + annotations: {} quotas: create: false - config: [] -# - namespace: integration -# quota_requests_cpu: "4" -# quota_requests_memory: "6Gi" -# quota_limits_cpu: "4" -# quota_limits_memory: "6Gi" -# - namespace: monitoring -# quota_requests_cpu: "2" -# quota_requests_memory: "2Gi" -# quota_limits_cpu: "2" -# quota_limits_memory: "2Gi" + config: + - name: my-quota + namespace: my-namespace + labels: {} + annotations: {} + spec: + requests.cpu: "1" + requests.memory: 1Gi + limits.cpu: "2" + limits.memory: 2Gi + configmaps: "1" + persistentvolumeclaims: "2" + pods: "0" + replicationcontrollers: "6" + resourcequotas: "2" + services: "2" + services.loadbalancers: "4" + services.nodeports: "4" + secrets: "1" secrets: create: false - config: [] -# - name: my-secret -# namespace: my-namespace -# type: Opaque -# data: -# - name: data-name -# value: data-value + config: + - name: my-secret + namespace: my-namespace + labels: {} + annotations: {} + type: Opaque + data: + - name: data-name + value: data-value serviceAccounts: create: false - config: [] -# - name: integration -# namespace: integration -# clusterRoleRules: [] -# - apiGroups: ["extensions", "app"] -# resources: ["deployments"] -# verbs: ["get", "list", "watch", "create", "update", "patch"] -# - apiGroups: ["extensions", "app"] -# resources: ["deployments"] -# verbs: ["get", "list", "watch", "create", "update", "patch"] -# - name: monitoring -# namespace: monitoring -# clusterRoleRules: [] -# - apiGroups: ["*"] -# resources: ["*"] -# verbs: ["get", "list"] + config: + - name: my-sa + namespace: my-namespace + labels: {} + annotations: {} + automountServiceAccountToken: false -VolumeSnapshotClass: - create: false - config: [] -# - name: my-volume-snapshot-class -# labels: -# key: value -# driver: my-driver -# deletionPolicy: Retain -# parameters: -# tags: 'foo=aaa,bar=bbb' \ No newline at end of file +volumeSnapshotClass: + create: false + config: + - name: my-volume-snapshot-class + labels: {} + annotations: {} + driver: my-driver + deletionPolicy: Retain + parameters: + tags: 'foo=aaa,bar=bbb' + +storageClass: + create: false + config: + - name: azuredisk-csi-zrs + labels: {} + annotations: {} + provisioner: disk.csi.azure.com + parameters: + skuname: Premium_ZRS + allowVolumeExpansion: true + reclaimPolicy: Delete + mountOptions: + - debug + volumeBindingMode: WaitForFirstConsumer + allowedTopologies: + - matchLabelExpressions: + - key: failure-domain.beta.kubernetes.io/zone + values: + - us-central-1a + - us-central-1b + +limitRange: + create: false + config: + - name: my-limit-range + namespace: my-namespace + labels: {} + annotations: {} + spec: + - type: "Pod" + max: + cpu: "2" + memory: "1Gi" + min: + cpu: "200m" + memory: "6Mi" + + - type: "Container" + max: + cpu: "2" + memory: "1Gi" + min: + cpu: "100m" + memory: "4Mi" + default: + cpu: "300m" + memory: "200Mi" + defaultRequest: + cpu: "200m" + memory: "100Mi" + +networkPolicies: + create: false + config: + - name: my-netpol + namespace: my-namespace + labels: {} + annotations: {} + spec: + podSelector: + matchLabels: + role: db + policyTypes: + - Ingress + - Egress + ingress: + - from: + - ipBlock: + cidr: 172.17.0.0/16 + except: + - 172.17.1.0/24 + - namespaceSelector: + matchLabels: + project: myproject + - podSelector: + matchLabels: + role: frontend + ports: + - protocol: TCP + port: 6379 + egress: + - to: + - ipBlock: + cidr: 10.0.0.0/24 + ports: + - protocol: TCP + port: 5978