From 6879e6baf14637aa1b00e3ee799ce56c064dcca0 Mon Sep 17 00:00:00 2001 From: Guilhem Lavaux Date: Wed, 20 Nov 2024 18:16:42 +0100 Subject: [PATCH] Update --- templates/NOTES.txt | 9 +++++---- templates/deployment.yaml | 9 +++++---- templates/secrets.yaml | 17 ++++------------- templates/service.yaml | 2 +- values.yaml | 40 ++++++++++++++++++++------------------- 5 files changed, 36 insertions(+), 41 deletions(-) diff --git a/templates/NOTES.txt b/templates/NOTES.txt index e8bae8c..fa5eb40 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -1,5 +1,6 @@ -{{- $releaseNamespace := {{ .Release.Namespace }} }} -{{- $secretName := {{ .Release.Name }}-webhook-secret }} +{{- $releaseNamespace := .Release.Namespace }} +{{- $releaseName := .Release.Name }} +{{- $secretName := printf "%s-webhook-secret" $releaseName }} CHART NAME: {{ .Chart.Name }} CHART VERSION: {{ .Chart.Version }} APP VERSION: {{ .Chart.AppVersion }} @@ -9,8 +10,8 @@ APP VERSION: {{ .Chart.AppVersion }} To get the webhook identification run: export WEBHOOK_SECRET=$(kubectl get secret --namespace {{ $releaseNamespace }} {{ $secretName }} -o jsonpath="{.data.WEBHOOK_SECRET}" | base64 -d) - export API_USERNAME=$(kubectl get secret --namespace {{ $releaseNamespace }} {{ $secretName }} -o jsonpath="{.data.API_USERNAME}" | base64 -d): {{ $apiUsername | b64enc }} - export API_PASSWORD=$(kubectl get secret --namespace {{ $releaseNamespace }} {{ $secretName }} -o jsonpath="{.data.API_PASSWORD}" | base64 -d): {{ $apiUsername | b64enc }} + export API_USERNAME=$(kubectl get secret --namespace {{ $releaseNamespace }} {{ $secretName }} -o jsonpath="{.data.API_USERNAME}" | base64 -d) + export API_PASSWORD=$(kubectl get secret --namespace {{ $releaseNamespace }} {{ $secretName }} -o jsonpath="{.data.API_PASSWORD}" | base64 -d) To build the authentication header: diff --git a/templates/deployment.yaml b/templates/deployment.yaml index 3efb79e..7b7895d 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: - name: GIT_URL value: "{{ .Values.updater.url }}" containers: - - name: {{ .Chart.Name }} + - name: web image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: @@ -45,7 +45,7 @@ spec: name: http-svc volumeMounts: - name: data - mountPath: /var/www/html + mountPath: "/var/www/html" env: {{- with .Values.env.plain }} {{- toYaml . | nindent 12 }} @@ -75,9 +75,10 @@ spec: name: {{ .name }} optional: {{ .optional | default false }} {{- end }} - - name: {{ .Chart.PullName }} + - name: updater image: "{{ .Values.updater.image.repository }}:{{ .Values.updater.image.tag }}" imagePullPolicy: {{ .Values.updater.image.pullPolicy }} + command: ["/webhook-runner.sh"] ports: - containerPort: 8000 protocol: TCP @@ -124,4 +125,4 @@ spec: volumes: - name: data persistentVolumeClaim: - claimName: {{ .Release.Name }}-pvc \ No newline at end of file + claimName: {{ .Release.Name }}-pvc diff --git a/templates/secrets.yaml b/templates/secrets.yaml index 43ed0d7..d629915 100644 --- a/templates/secrets.yaml +++ b/templates/secrets.yaml @@ -1,19 +1,10 @@ +{{- $webhook_secret := .Values.updater.webhook_secret }} +{{- $apiUsername := .Values.updater.apiUsername }} +{{- $apiPassword := .Values.updater.apiPassword }} - -{{- if and (not $webhook_secret) .Values.updater.webhook_secret }} -{{- $webhook_secret = .Values.updater.webhook_secret }} -{{- end }} {{- if not $webhook_secret }} {{- $webhook_secret = randAlphaNum 10 }} {{- end }} - -{{- if and (not $apiUsername) .Values.updater.apiUsername }} -{{- $apiUsername = .Values.updater.apiUsername }} -{{- end }} -{{- if and (not $apiPassword) .Values.updater.apiPassword }} -{{- $apiPassword = .Values.updater.apiPassword }} -{{- end }} - {{- if not $apiUsername}} {{- $apiUsername = randAlphaNum 10 }} {{- end }} @@ -31,4 +22,4 @@ data: WEBHOOK_SECRET: {{ $webhook_secret | b64enc }} API_USERNAME: {{ $apiUsername | b64enc }} API_PASSWORD: {{ $apiPassword | b64enc }} - SCRIPT_NAME: "/.webhook" \ No newline at end of file + SCRIPT_NAME: {{ "/.webhook" | b64enc }} \ No newline at end of file diff --git a/templates/service.yaml b/templates/service.yaml index 2f05db6..bf6caab 100644 --- a/templates/service.yaml +++ b/templates/service.yaml @@ -6,7 +6,7 @@ metadata: labels: {{- include "basic-app.labels" . | nindent 4 }} spec: - type: {{ .Values.service.type }} + type: ClusterIP ports: - port: 80 targetPort: http-svc diff --git a/values.yaml b/values.yaml index b95dd0c..a30d0b9 100644 --- a/values.yaml +++ b/values.yaml @@ -16,10 +16,12 @@ updater: repository: glvx/web-updater pullPolicy: IfNotPresent tag: "241120-1" - url: "" + url: "https://git.aquila-consortium.org/guilhem_lavaux/gl-website-deployer" webhook-secret: "" apiUsername: "" apiPassword: "" + env: + plain: {} ingress: enabled: true @@ -59,21 +61,21 @@ env: value: "8080" # Environment variables from ConfigMaps - configMapRefs: - - name: app-config # Reference an existing ConfigMap - optional: true # Make it optional - - configMapKeys: - - name: CONFIG_KEY - configMapName: app-config - key: config.key - - # Environment variables from Secrets - secretRefs: - - name: app-secrets # Reference an existing Secret - optional: true # Make it optional - - secretKeys: - - name: API_KEY - secretName: app-secrets - key: api.key +# configMapRefs: +# - name: app-config # Reference an existing ConfigMap +# optional: true # Make it optional +# +# configMapKeys: +# - name: CONFIG_KEY +# configMapName: app-config +# key: config.key +# +# # Environment variables from Secrets +# secretRefs: +# - name: app-secrets # Reference an existing Secret +# optional: true # Make it optional +# +# secretKeys: +# - name: API_KEY +# secretName: app-secrets +# key: api.key