Merge pull request #3 from Cdayz/add-helm-chart

Add helm chart and change ci

.github/workflows/main.yml

@@ -0,0 +1,84 @@
+name: Default CI
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+
+jobs:
+  build-and-test-binary:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Set up Go
+      uses: actions/setup-go@v4
+      with:
+        go-version-file: 'go.mod'
+
+    - name: Download go modules
+      run: go mod download
+
+    - name: Generate code
+      run: bash scripts/update-codegen.sh
+
+    - name: Validate there are no changes
+      run: |
+        git status --porcelain
+        export code=$(git status --porcelain | wc -l)
+        exit $code
+
+    - name: Build
+      run: go build -v ./...
+
+    - name: Test
+      run: go test -v ./...
+
+  build-and-test-helm-chart:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        fetch-depth: 0
+
+    - uses: actions/setup-python@v4
+      with:
+        python-version: '3.10'
+        check-latest: true
+
+    - name: Install Helm
+      uses: azure/setup-helm@v3
+      with:
+        version: v3.12.1
+
+    - name: Set up chart-testing
+      uses: helm/chart-testing-action@v2.6.0
+
+    - name: Print chart-testing version information
+      run: ct version
+
+    - name: Run chart-testing (list-changed)
+      id: list-changed
+      run: |
+        changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
+        if [[ -n "$changed" ]]; then
+          echo "changed=true" >> "$GITHUB_OUTPUT"
+        fi
+
+    - name: Run chart-testing (lint)
+      if: steps.list-changed.outputs.changed == 'true'
+      run: ct lint --target-branch ${{ github.event.repository.default_branch }}
+
+    - name: Create kind cluster
+      if: steps.list-changed.outputs.changed == 'true'
+      uses: helm/kind-action@v1.8.0
+      with:
+        cluster_name: chart-testing
+
+    - name: Run chart-testing (install)
+      if: steps.list-changed.outputs.changed == 'true'
+      run: |
+        docker build -t ghcr.io/cdayz/k8s-image-pre-puller:local .
+        kind load --name chart-testing docker-image ghcr.io/cdayz/k8s-image-pre-puller:local
+        ct install --target-branch ${{ github.event.repository.default_branch }} --helm-extra-set-args "--set=image.tag=local --set=replicas=1"

.github/workflows/docker.yml → .github/workflows/release.yml

@@ -1,4 +1,4 @@
-name: Create and publish a Docker image
+name: Release CI
 
 on:
   push:
@@ -9,14 +9,21 @@ env:
   IMAGE_NAME: ${{ github.repository }}
 
 jobs:
-  build-and-push-image:
+  release:
     runs-on: ubuntu-latest
     permissions:
       contents: read
       packages: write
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Install Helm
+        uses: azure/setup-helm@v3
+        with:
+          version: v3.12.1
 
       - name: Log in to the Container registry
         uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
@@ -31,10 +38,16 @@ jobs:
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
-      - name: Build and push Docker image
+      - name: Release Docker image
         uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
         with:
           context: .
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Release Helm Chart
+        uses: helm/chart-releaser-action@v1.1.0
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+          CR_RELEASE_NAME_TEMPLATE: "k8s-image-pre-puller-{{ .Version }}"

Dockerfile

@@ -10,11 +10,11 @@ RUN go mod download
 
 COPY . .
 
-RUN go build -a -o pre-pull-image-controller cmd/pre-pull-image-controller/main.go
+RUN CGO_ENABLED=0 go build -a -o /workspace/pre-pull-image-controller cmd/pre-pull-image-controller/main.go
 
 FROM gcr.io/distroless/static:nonroot
 WORKDIR /
-COPY --from=builder /workspace/pre-pull-image-controller .
+COPY --from=builder /workspace/pre-pull-image-controller /pre-pull-image-controller
 USER 65532:65532
 
 ENTRYPOINT ["/pre-pull-image-controller"]

charts/k8s-image-pre-puller/Chart.yaml

@@ -0,0 +1,8 @@
+apiVersion: v2
+name: k8s-image-pre-puller
+description: A Helm chart for k8s-image-pre-puller operator
+version: 1.1.28
+home: https://github.com/Cdayz/k8s-image-pre-puller
+maintainers:
+  - name: cdayz
+    email: capitan.crazy.dayz@gmail.com

charts/k8s-image-pre-puller/README.md

@@ -0,0 +1,67 @@
+# k8s-image-pre-puller
+
+A Helm chart for k8s-image-pre-puller operator
+
+## Introduction
+
+This chart bootstraps a [Kubernetes Operator for Prepulling Docker Images](https://github.com/Cdayz/k8s-image-pre-puller) deployment using the [Helm](https://helm.sh) package manager.
+
+## Prerequisites
+
+- Helm >= 3
+- Kubernetes >= 1.16
+
+## Installing the chart
+
+```shell
+helm repo add k8s-image-pre-puller https://cdayz.github.io/k8s-image-pre-puller
+helm install my-release k8s-image-pre-puller/k8s-image-pre-puller
+```
+
+This will create a release of `k8s-image-pre-puller` in the default namespace. To install in a different one:
+
+```shell
+helm install -n k8s-image-pre-puller-ns my-release k8s-image-pre-puller/k8s-image-pre-puller
+```
+
+Note that `helm` will fail to install if the namespace doesn't exist. Either create the namespace beforehand or pass the `--create-namespace` flag to the `helm install` command.
+
+## Uninstalling the chart
+
+To uninstall `my-release`:
+
+```shell
+helm uninstall my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release, except for the `crds`, those will have to be removed manually.
+
+## Test the chart
+
+Install [chart-testing cli](https://github.com/helm/chart-testing#installation)
+
+In Mac OS, you can just:
+
+```bash
+pip install yamale
+pip install yamllint
+brew install chart-testing
+```
+
+Run ct lint and Verify `All charts linted successfully`
+
+```bash
+Linting chart "k8s-image-pre-puller => (version: \"1.1.28\", path: \"charts/k8s-image-pre-puller\")"
+Validating /Users/cdayz/Sources/opensource/Cdayz/k8s-image-pre-puller/charts/k8s-image-pre-puller/Chart.yaml...
+Validation success! 👍
+Validating maintainers...
+==> Linting charts/k8s-image-pre-puller
+[INFO] Chart.yaml: icon is recommended
+
+1 chart(s) linted, 0 chart(s) failed
+
+------------------------------------------------------------------------------------------------------------------------
+ ✔︎ k8s-image-pre-puller => (version: "1.1.28", path: "charts/k8s-image-pre-puller")
+------------------------------------------------------------------------------------------------------------------------
+All charts linted successfully
+```

charts/k8s-image-pre-puller/crds/images.cdayz.k8s.extensions_prepullimages.yaml

@@ -0,0 +1,60 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: prepullimages.images.cdayz.k8s.extensions
+spec:
+  group: images.cdayz.k8s.extensions
+  names:
+    kind: PrePullImage
+    listKind: PrePullImageList
+    plural: prepullimages
+    singular: prepullimage
+  scope: Namespaced
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    schema:
+      openAPIV3Schema:
+        description: PrePullImage is the Schema for the prepullimages API
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: PrePullImageSpec defines the desired state of PrePullImage
+            properties:
+              image:
+                description: Image which should be pulled on nodes
+                type: string
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                description: NodeSelector for selecting only particular nodes where
+                  image should be pre-pulled
+                type: object
+            required:
+            - image
+            - nodeSelector
+            type: object
+          status:
+            description: PrePullImageStatus defines the observed state of PrePullImage
+            type: object
+        type: object
+    subresources:
+      status: {}

charts/k8s-image-pre-puller/resources/config.yaml

@@ -0,0 +1,41 @@
+logger:
+  system: {{ .Values.logger.system }}
+  level: {{ .Values.logger.level }}
+
+metrics:
+  path: {{ .Values.metrics.path }}
+  port: {{ .Values.metrics.port }}
+
+pprof:
+  enable: {{ .Values.profiling.enabled }}
+  port: {{ .Values.profiling.port }}
+
+health:
+  port: {{ .Values.healtz.port }}
+  liveness_path: {{ .Values.healtz.liveness.path }}
+  readiness_path: {{ .Values.healtz.readiness.path }}
+
+leader_election:
+  instance_id: $POD_NAME
+  lock_name: "{{ .Release.Name }}-lock"
+  lock_namespace: {{ .Release.Namespace }}
+
+worker_count: {{ .Values.controllerThreads }}
+pre_pull_image_reconciller:
+  main_container:
+    name: {{ .Values.pre_pull_image_reconciller.main_container.name }}
+    image: {{ .Values.pre_pull_image_reconciller.main_container.image }}
+    command: {{ toYaml .Values.pre_pull_image_reconciller.main_container.command | nindent 6 }}
+    args: {{ toYaml .Values.pre_pull_image_reconciller.main_container.args | nindent 6 }}
+    resources:
+      limits: {{ toYaml .Values.pre_pull_image_reconciller.main_container.resources.limits | nindent 8 }}
+      requests: {{ toYaml .Values.pre_pull_image_reconciller.main_container.resources.requests | nindent 8 }}
+  pre_pull_container:
+    name: {{ .Values.pre_pull_image_reconciller.pre_pull_container.name }}
+    image: {{ .Values.pre_pull_image_reconciller.pre_pull_container.image }}
+    command: {{ toYaml .Values.pre_pull_image_reconciller.pre_pull_container.command | nindent 6 }}
+    args: {{ toYaml .Values.pre_pull_image_reconciller.pre_pull_container.args | nindent 6 }}
+    resources:
+      limits: {{ toYaml .Values.pre_pull_image_reconciller.pre_pull_container.resources.limits | nindent 8 }}
+      requests: {{ toYaml .Values.pre_pull_image_reconciller.pre_pull_container.resources.requests | nindent 8 }}
+  image_pull_secret_names: {{ toYaml .Values.imagePullSecrets | nindent 4 }}

charts/k8s-image-pre-puller/templates/cluster-role-binding.yaml

@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Release.Name }}-rolebind
+  labels:
+    app.kubernetes.io/component: k8s-image-pre-puller
+    app.kubernetes.io/version: "{{ .Values.image.tag }}"
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Release.Name }}-sa
+    namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: ClusterRole
+  name: {{ .Release.Name }}-role
+  apiGroup: rbac.authorization.k8s.io