guilhem_lavaux/helm_website
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Loads of new features, including live updater

Browse Source
This commit is contained in:
Guilhem Lavaux 2024-11-20 10:32:53 +01:00
parent f25565dff5
commit 13b075660d
7 changed files with 127 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Chart.yaml
View File

@ -6,3 +6,13 @@ description: A basic Helm chart for Kubernetes
type: application
version: 0.1.0
appVersion: "1.0.0"
dependencies:
- name: postgresql
version: 15.5.0
repository: oci://registry-1.docker.io/bitnamicharts
condition: postgresql.enabled
- name: mysql
version: 11.1.19
repository: oci://registry-1.docker.io/bitnamicharts
condition: mysql.enabled

17
templates/NOTES.txt Normal file
View File

@ -0,0 +1,17 @@
{{- $releaseNamespace := {{ .Release.Namespace }} }}
{{- $secretName := {{ .Release.Name }}-webhook-secret }}
CHART NAME: {{ .Chart.Name }}
CHART VERSION: {{ .Chart.Version }}
APP VERSION: {{ .Chart.AppVersion }}
** Please be patient while the chart is being deployed **
To get the webhook identification run:
export WEBHOOK_SECRET=$(kubectl get secret --namespace {{ $releaseNamespace }} {{ $secretName }} -o jsonpath="{.data.WEBHOOK_SECRET}" | base64 -d)
export API_USERNAME=$(kubectl get secret --namespace {{ $releaseNamespace }} {{ $secretName }} -o jsonpath="{.data.API_USERNAME}" | base64 -d): {{ $apiUsername | b64enc }}
export API_PASSWORD=$(kubectl get secret --namespace {{ $releaseNamespace }} {{ $secretName }} -o jsonpath="{.data.API_PASSWORD}" | base64 -d): {{ $apiUsername | b64enc }}
To build the authentication header:
echo "Basic $(echo -n $API_USERNAME:$API_PASSWORD | base64)"

42
templates/deployment.yaml
View File

@ -14,6 +14,26 @@ spec:
labels:
{{- include "basic-app.selectorLabels" . | nindent 8 }}
spec:
initContainers:
- name: git-cloner
image: "{{ .Values.updater.image.repository }}:{{ .Values.updater.image.tag }}"
imagePullPolicy: {{ .Values.updater.image.pullPolicy }}
volumeMounts:
- name: data
mountPath: "/web"
command:
- /bin/sh
- -ec
- |
cd /web
test -d .git && exit 0
git clone ${GIT_URL} .
mkdir lib/config
git lfs install
git lfs pull
env:
- name: GIT_URL
value: "{{ .Values.updater.url }}"
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
@ -21,9 +41,10 @@ spec:
ports:
- containerPort: 80
protocol: TCP
name: http-svc
volumeMounts:
- name: data
mountPath: /data
mountPath: /var/www/html
env:
{{- with .Values.env.plain }}
{{- toYaml . | nindent 12 }}
@ -54,15 +75,21 @@ spec:
optional: {{ .optional | default false }}
{{- end }}
- name: {{ .Chart.PullName }}
image: "{{ .Values.puller.image.repository }}:{{ .Values.puller.image.tag }}"
imagePullPolicy: {{ .Values.puller.image.pullPolicy }}
image: "{{ .Values.updater.image.repository }}:{{ .Values.updater.image.tag }}"
imagePullPolicy: {{ .Values.updater.image.pullPolicy }}
ports:
- containerPort: 80
- containerPort: 8000
protocol: TCP
name: webhook-svc
volumeMounts:
- name: data
mountPath: /data
mountPath: /web
env:
- name: "DATA_DIR"
value: "/web"
{{- with .Values.updater.env.plain }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.env.plain }}
{{- toYaml . | nindent 12 }}
{{- end }}
@ -86,6 +113,8 @@ spec:
name: {{ .name }}
optional: {{ .optional | default false }}
{{- end }}
- secretRef:
name: {{ .Release.Name }}-webhook-secret
{{- range .Values.env.secretRefs }}
- secretRef:
name: {{ .name }}
@ -94,5 +123,4 @@ spec:
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ .Release.Name }}-pvc
claimName: {{ .Release.Name }}-pvc

15
templates/ingress.yaml
View File

@ -24,15 +24,20 @@ spec:
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
- path: /
pathType: Prefix
backend:
service:
name: {{ $.Release.Name }}
port:
number: {{ $.Values.service.port }}
{{- end }}
number: 80
- path: "/.webhook"
pathType: Prefix
backend:
service:
name: {{ $.Release.Name }}
port:
number: 8000
{{- end }}
{{- end }}

34
templates/secrets.yaml Normal file
View File

@ -0,0 +1,34 @@
{{- if and (not $webhook_secret) .Values.updater.webhook_secret }}
{{- $webhook_secret = .Values.updater.webhook_secret }}
{{- end }}
{{- if not $webhook_secret }}
{{- $webhook_secret = randAlphaNum 10 }}
{{- end }}
{{- if and (not $apiUsername) .Values.updater.apiUsername }}
{{- $apiUsername = .Values.updater.apiUsername }}
{{- end }}
{{- if and (not $apiPassword) .Values.updater.apiPassword }}
{{- $apiPassword = .Values.updater.apiPassword }}
{{- end }}
{{- if not $apiUsername}}
{{- $apiUsername = randAlphaNum 10 }}
{{- end }}
{{- if not $apiPassword}}
{{- $apiPassword = randAlphaNum 10 }}
{{- end }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-webhook-secret
namespace: {{ .Release.Namespace }}
type: Opaque
data:
WEBHOOK_SECRET: {{ $webhook_secret | b64enc }}
API_USERNAME: {{ $apiUsername | b64enc }}
API_PASSWORD: {{ $apiPassword | b64enc }}
SCRIPT_NAME: "/.webhook"

10
templates/service.yaml
View File

@ -2,15 +2,19 @@ apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "basic-app.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: 80
- port: 80
targetPort: http-svc
protocol: TCP
name: http
- port: 8000
targetPort: webhook-svc
protocol: TCP
name: webhook
selector:
{{- include "basic-app.selectorLabels" . | nindent 4 }}

22
values.yaml
View File

@ -5,15 +5,21 @@ image:
pullPolicy: IfNotPresent
tag: "latest"
puller:
image:
repository: nginx
pullPolicy: IfNotPresent
tag: "latest"
mysql:
enabled: false
service:
type: ClusterIP
port: 80
postgresql:
enabled: false
updater:
image:
repository: glvx/web-updater
pullPolicy: IfNotPresent
tag: "241120-1"
url: ""
webhook-secret: ""
apiUsername: ""
apiPassword: ""
ingress:
enabled: true