From 63aea278e5f52092e23536639ba3ae28e998817f Mon Sep 17 00:00:00 2001 From: Hritik Batra Date: Tue, 19 Nov 2024 18:01:22 +0530 Subject: [PATCH] [CI] Helm Chart Update whoami --- CHANGELOG.md | 1 + argocd-helm-charts/whoami/Chart.lock | 6 +- argocd-helm-charts/whoami/Chart.yaml | 2 +- .../whoami/charts/whoami/Chart.lock | 6 +- .../whoami/charts/whoami/Chart.yaml | 6 +- .../whoami/charts/whoami/README.md | 20 +++- .../charts/whoami/charts/common/.helmignore | 4 + .../charts/whoami/charts/common/Chart.yaml | 8 +- .../charts/whoami/charts/common/README.md | 12 +- .../charts/common/templates/_affinities.tpl | 32 +++++- .../charts/common/templates/_capabilities.tpl | 108 ++++++++++++------ .../common/templates/_compatibility.tpl | 42 +++++++ .../charts/common/templates/_errors.tpl | 2 +- .../charts/common/templates/_images.tpl | 56 ++++++--- .../charts/common/templates/_ingress.tpl | 2 +- .../charts/common/templates/_labels.tpl | 29 ++--- .../whoami/charts/common/templates/_names.tpl | 2 +- .../charts/common/templates/_resources.tpl | 50 ++++++++ .../charts/common/templates/_secrets.tpl | 59 ++++++---- .../charts/common/templates/_storage.tpl | 15 +-- .../charts/common/templates/_tplvalues.tpl | 31 +++-- .../whoami/charts/common/templates/_utils.tpl | 12 +- .../charts/common/templates/_warnings.tpl | 94 ++++++++++++++- .../templates/validations/_cassandra.tpl | 2 +- .../common/templates/validations/_mariadb.tpl | 2 +- .../common/templates/validations/_mongodb.tpl | 2 +- .../common/templates/validations/_mysql.tpl | 2 +- .../templates/validations/_postgresql.tpl | 2 +- .../common/templates/validations/_redis.tpl | 2 +- .../templates/validations/_validations.tpl | 2 +- .../charts/whoami/charts/common/values.yaml | 2 +- .../charts/whoami/templates/deployment.yaml | 23 +++- .../charts/whoami/templates/ingress.yaml | 11 +- .../whoami/charts/whoami/templates/pdb.yaml | 3 +- .../charts/whoami/templates/service.yaml | 23 ++-- .../whoami/templates/serviceaccount.yaml | 9 +- .../whoami/charts/whoami/values.yaml | 32 +++++- 37 files changed, 537 insertions(+), 179 deletions(-) create mode 100644 argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_compatibility.tpl create mode 100644 argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_resources.tpl diff --git a/CHANGELOG.md b/CHANGELOG.md index 76ee269c4..9421c6eb4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ All releases and the changes included in them (pulled from git commits added sin - Updated redmine from version 30.0.4 to 32.0.1 ### Minor Version Upgrades %%^^ +- Updated whoami from version 5.1.2 to 5.2.0 - Updated external-dns from version 8.5.1 to 8.6.0 - Updated aws-ebs-csi-driver from version 2.36.0 to 2.37.0 diff --git a/argocd-helm-charts/whoami/Chart.lock b/argocd-helm-charts/whoami/Chart.lock index 5f7393d9f..719b125a1 100644 --- a/argocd-helm-charts/whoami/Chart.lock +++ b/argocd-helm-charts/whoami/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: whoami repository: https://cowboysysop.github.io/charts/ - version: 5.1.2 -digest: sha256:b7eba34065db2846b86baacfd1b94c891686f99600fa70a14cabc8c13ee949fb -generated: "2024-09-03T13:50:57.891364385+05:30" + version: 5.2.0 +digest: sha256:5f5665c6d4b1b6b386bed15e9d9cef64243cef3aec9541c258e9b1c97a928795 +generated: "2024-11-19T18:00:59.324892284+05:30" diff --git a/argocd-helm-charts/whoami/Chart.yaml b/argocd-helm-charts/whoami/Chart.yaml index 1865f3cc5..7e3d4261a 100644 --- a/argocd-helm-charts/whoami/Chart.yaml +++ b/argocd-helm-charts/whoami/Chart.yaml @@ -3,5 +3,5 @@ name: whoami version: 1.0.0 dependencies: - name: whoami - version: 5.1.2 + version: 5.2.0 repository: https://cowboysysop.github.io/charts/ diff --git a/argocd-helm-charts/whoami/charts/whoami/Chart.lock b/argocd-helm-charts/whoami/charts/whoami/Chart.lock index 344991737..534ae984f 100644 --- a/argocd-helm-charts/whoami/charts/whoami/Chart.lock +++ b/argocd-helm-charts/whoami/charts/whoami/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: https://charts.bitnami.com/bitnami/ - version: 2.9.0 -digest: sha256:4cef72a3c3673ad3afb34a2397131f9a218cf6a6385426f075d6e9035ac13a77 -generated: "2024-08-25T02:38:20.443962339Z" + version: 2.21.0 +digest: sha256:e25ca51f064e63a6b2d595f4bb318563de95e5e7ee2534b0457010be6acefc1e +generated: "2024-11-12T20:55:22.135486192Z" diff --git a/argocd-helm-charts/whoami/charts/whoami/Chart.yaml b/argocd-helm-charts/whoami/charts/whoami/Chart.yaml index cc6700ac6..e398484f2 100644 --- a/argocd-helm-charts/whoami/charts/whoami/Chart.yaml +++ b/argocd-helm-charts/whoami/charts/whoami/Chart.yaml @@ -4,11 +4,11 @@ annotations: url: https://cowboysysop.github.io/charts/pgp-public-key-2022-02-19.asc kubeVersion: '>=1.24' apiVersion: v2 -appVersion: 1.10.1 +appVersion: 1.10.3 dependencies: - name: common repository: https://charts.bitnami.com/bitnami/ - version: 2.9.0 + version: 2.21.0 description: Tiny Go webserver that prints os information and HTTP request to output home: https://github.com/traefik/whoami maintainers: @@ -18,4 +18,4 @@ name: whoami sources: - https://github.com/traefik/whoami - https://github.com/cowboysysop/charts/tree/master/charts/whoami -version: 5.1.2 +version: 5.2.0 diff --git a/argocd-helm-charts/whoami/charts/whoami/README.md b/argocd-helm-charts/whoami/charts/whoami/README.md index c76008d39..fb1536469 100644 --- a/argocd-helm-charts/whoami/charts/whoami/README.md +++ b/argocd-helm-charts/whoami/charts/whoami/README.md @@ -108,7 +108,7 @@ The command deletes the release named `my-release` and frees all the kubernetes | `replicaCount` | Number of replicas | `1` | | `image.registry` | Image registry | `docker.io` | | `image.repository` | Image repository | `traefik/whoami` | -| `image.tag` | Image tag | `v1.10.1` | +| `image.tag` | Image tag | `v1.10.3` | | `image.digest` | Image digest | `""` | | `image.pullPolicy` | Image pull policy | `IfNotPresent` | | `pdb.create` | Specifies whether a pod disruption budget should be created | `false` | @@ -117,10 +117,14 @@ The command deletes the release named `my-release` and frees all the kubernetes | `serviceAccount.create` | Specifies whether a service account should be created | `true` | | `serviceAccount.annotations` | Service account annotations | `{}` | | `serviceAccount.name` | The name of the service account to use (Generated using the `whoami.fullname` template if not set) | `nil` | +| `hostAliases` | Pod host aliases | `[]` | +| `deploymentAnnotations` | Additional deployment annotations | `{}` | | `podAnnotations` | Additional pod annotations | `{}` | | `podLabels` | Additional pod labels | `{}` | | `podSecurityContext` | Pod security context | `{}` | | `priorityClassName` | Priority class name | `nil` | +| `runtimeClassName` | Runtime class name | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | | `securityContext` | Container security context | `{}` | | `containerPorts.http` | Container port for HTTP | `80` | | `livenessProbe.enabled` | Enable liveness probe | `true` | @@ -144,6 +148,10 @@ The command deletes the release named `my-release` and frees all the kubernetes | `service.annotations` | Service annotations | `{}` | | `service.type` | Service type | `ClusterIP` | | `service.clusterIP` | Static cluster IP address or None for headless service when service type is ClusterIP | `nil` | +| `service.ipFamilyPolicy` | Service IP family policy | `""` | +| `service.ipFamilies` | Service IP families | `[]` | +| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | | `service.loadBalancerIP` | Static load balancer IP address when service type is LoadBalancer | `nil` | | `service.loadBalancerSourceRanges` | Source IP address ranges when service type is LoadBalancer | `nil` | | `service.externalTrafficPolicy` | External traffic routing policy when service type is LoadBalancer or NodePort | `Cluster` | @@ -164,6 +172,8 @@ The command deletes the release named `my-release` and frees all the kubernetes | `extraEnvVars` | Additional container environment variables | `[]` | | `extraEnvVarsCM` | Name of existing ConfigMap containing additional container environment variables | `nil` | | `extraEnvVarsSecret` | Name of existing Secret containing additional container environment variables | `nil` | +| `extraVolumes` | Optionally specify extra list of additional volumes | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts | `[]` | ### Tests parameters @@ -171,7 +181,7 @@ The command deletes the release named `my-release` and frees all the kubernetes | ------------------------ | ----------------- | -------------------- | | `tests.image.registry` | Image registry | `ghcr.io` | | `tests.image.repository` | Image repository | `cowboysysop/pytest` | -| `tests.image.tag` | Image tag | `1.0.35` | +| `tests.image.tag` | Image tag | `1.0.41` | | `tests.image.digest` | Image digest | `""` | | `tests.image.pullPolicy` | Image pull policy | `IfNotPresent` | @@ -194,3 +204,9 @@ $ helm install my-release \ ``` **TIP**: You can use the default [values.yaml](values.yaml). + +## License + +The source code of this chart is under [MIT License](LICENSE). + +It also uses source code under Apache 2.0 License from the [Bitnami repository](https://github.com/bitnami/charts). diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/.helmignore b/argocd-helm-charts/whoami/charts/whoami/charts/common/.helmignore index 50af03172..d0e10845d 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/.helmignore +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/.helmignore @@ -20,3 +20,7 @@ .idea/ *.tmproj .vscode/ +# img folder +img/ +# Changelog +CHANGELOG.md diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/Chart.yaml b/argocd-helm-charts/whoami/charts/whoami/charts/common/Chart.yaml index 644d2a798..8af61a71c 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/Chart.yaml +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.9.0 +appVersion: 2.21.0 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://bitnami.com @@ -14,10 +14,10 @@ keywords: - function - bitnami maintainers: -- name: VMware, Inc. +- name: Broadcom, Inc. All Rights Reserved. url: https://github.com/bitnami/charts name: common sources: -- https://github.com/bitnami/charts +- https://github.com/bitnami/charts/tree/main/bitnami/common type: library -version: 2.9.0 +version: 2.21.0 diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/README.md b/argocd-helm-charts/whoami/charts/whoami/charts/common/README.md index fe6a01000..fee26c991 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/README.md +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/README.md @@ -24,18 +24,18 @@ data: myvalue: "Hello World" ``` +Looking to use our applications in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. + ## Introduction This chart provides a common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager. Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters. -Looking to use our applications in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. - ## Prerequisites -- Kubernetes 1.19+ -- Helm 3.2.0+ +- Kubernetes 1.23+ +- Helm 3.8.0+ ## Parameters @@ -214,13 +214,13 @@ helm install test mychart --set path.to.value00="",path.to.value01="" #### Useful links -- +- - - ## License -Copyright © 2023 VMware, Inc. +Copyright © 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_affinities.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_affinities.tpl index b77534bb9..c2d290792 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_affinities.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_affinities.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} @@ -60,12 +60,13 @@ Return a topologyKey definition {{/* Return a soft podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.soft" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}} +{{ include "common.affinities.pods.soft" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "context" $) -}} */}} {{- define "common.affinities.pods.soft" -}} {{- $component := default "" .component -}} {{- $customLabels := default (dict) .customLabels -}} {{- $extraMatchLabels := default (dict) .extraMatchLabels -}} +{{- $extraPodAffinityTerms := default (list) .extraPodAffinityTerms -}} preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: @@ -78,16 +79,30 @@ preferredDuringSchedulingIgnoredDuringExecution: {{- end }} topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} weight: 1 + {{- range $extraPodAffinityTerms }} + - podAffinityTerm: + labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" $.context )) | nindent 10 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := .extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + weight: {{ .weight | default 1 -}} + {{- end -}} {{- end -}} {{/* Return a hard podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.hard" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}} +{{ include "common.affinities.pods.hard" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "context" $) -}} */}} {{- define "common.affinities.pods.hard" -}} {{- $component := default "" .component -}} {{- $customLabels := default (dict) .customLabels -}} {{- $extraMatchLabels := default (dict) .extraMatchLabels -}} +{{- $extraPodAffinityTerms := default (list) .extraPodAffinityTerms -}} requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" .context )) | nindent 8 }} @@ -98,6 +113,17 @@ requiredDuringSchedulingIgnoredDuringExecution: {{ $key }}: {{ $value | quote }} {{- end }} topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + {{- range $extraPodAffinityTerms }} + - labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" $.context )) | nindent 8 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := .extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + {{- end -}} {{- end -}} {{/* diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_capabilities.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_capabilities.tpl index c6d115fe5..2fe81d32d 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_capabilities.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_capabilities.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} @@ -9,22 +9,15 @@ SPDX-License-Identifier: APACHE-2.0 Return the target Kubernetes version */}} {{- define "common.capabilities.kubeVersion" -}} -{{- if .Values.global }} - {{- if .Values.global.kubeVersion }} - {{- .Values.global.kubeVersion -}} - {{- else }} - {{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} - {{- end -}} -{{- else }} -{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} -{{- end -}} +{{- default (default .Capabilities.KubeVersion.Version .Values.kubeVersion) ((.Values.global).kubeVersion) -}} {{- end -}} {{/* Return the appropriate apiVersion for poddisruptionbudget. */}} {{- define "common.capabilities.policy.apiVersion" -}} -{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.21-0" $kubeVersion) -}} {{- print "policy/v1beta1" -}} {{- else -}} {{- print "policy/v1" -}} @@ -35,7 +28,8 @@ Return the appropriate apiVersion for poddisruptionbudget. Return the appropriate apiVersion for networkpolicy. */}} {{- define "common.capabilities.networkPolicy.apiVersion" -}} -{{- if semverCompare "<1.7-0" (include "common.capabilities.kubeVersion" .) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.7-0" $kubeVersion) -}} {{- print "extensions/v1beta1" -}} {{- else -}} {{- print "networking.k8s.io/v1" -}} @@ -46,7 +40,8 @@ Return the appropriate apiVersion for networkpolicy. Return the appropriate apiVersion for cronjob. */}} {{- define "common.capabilities.cronjob.apiVersion" -}} -{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.21-0" $kubeVersion) -}} {{- print "batch/v1beta1" -}} {{- else -}} {{- print "batch/v1" -}} @@ -57,7 +52,8 @@ Return the appropriate apiVersion for cronjob. Return the appropriate apiVersion for daemonset. */}} {{- define "common.capabilities.daemonset.apiVersion" -}} -{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.14-0" $kubeVersion) -}} {{- print "extensions/v1beta1" -}} {{- else -}} {{- print "apps/v1" -}} @@ -68,7 +64,8 @@ Return the appropriate apiVersion for daemonset. Return the appropriate apiVersion for deployment. */}} {{- define "common.capabilities.deployment.apiVersion" -}} -{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.14-0" $kubeVersion) -}} {{- print "extensions/v1beta1" -}} {{- else -}} {{- print "apps/v1" -}} @@ -79,7 +76,8 @@ Return the appropriate apiVersion for deployment. Return the appropriate apiVersion for statefulset. */}} {{- define "common.capabilities.statefulset.apiVersion" -}} -{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.14-0" $kubeVersion) -}} {{- print "apps/v1beta1" -}} {{- else -}} {{- print "apps/v1" -}} @@ -90,30 +88,24 @@ Return the appropriate apiVersion for statefulset. Return the appropriate apiVersion for ingress. */}} {{- define "common.capabilities.ingress.apiVersion" -}} -{{- if .Values.ingress -}} -{{- if .Values.ingress.apiVersion -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if (.Values.ingress).apiVersion -}} {{- .Values.ingress.apiVersion -}} -{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- else if and (not (empty $kubeVersion)) (semverCompare "<1.14-0" $kubeVersion) -}} {{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} +{{- else if and (not (empty $kubeVersion)) (semverCompare "<1.19-0" $kubeVersion) -}} {{- print "networking.k8s.io/v1beta1" -}} {{- else -}} {{- print "networking.k8s.io/v1" -}} {{- end }} -{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} {{- end -}} {{/* Return the appropriate apiVersion for RBAC resources. */}} {{- define "common.capabilities.rbac.apiVersion" -}} -{{- if semverCompare "<1.17-0" (include "common.capabilities.kubeVersion" .) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.17-0" $kubeVersion) -}} {{- print "rbac.authorization.k8s.io/v1beta1" -}} {{- else -}} {{- print "rbac.authorization.k8s.io/v1" -}} @@ -124,7 +116,8 @@ Return the appropriate apiVersion for RBAC resources. Return the appropriate apiVersion for CRDs. */}} {{- define "common.capabilities.crd.apiVersion" -}} -{{- if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.19-0" $kubeVersion) -}} {{- print "apiextensions.k8s.io/v1beta1" -}} {{- else -}} {{- print "apiextensions.k8s.io/v1" -}} @@ -135,7 +128,8 @@ Return the appropriate apiVersion for CRDs. Return the appropriate apiVersion for APIService. */}} {{- define "common.capabilities.apiService.apiVersion" -}} -{{- if semverCompare "<1.10-0" (include "common.capabilities.kubeVersion" .) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.10-0" $kubeVersion) -}} {{- print "apiregistration.k8s.io/v1beta1" -}} {{- else -}} {{- print "apiregistration.k8s.io/v1" -}} @@ -146,7 +140,8 @@ Return the appropriate apiVersion for APIService. Return the appropriate apiVersion for Horizontal Pod Autoscaler. */}} {{- define "common.capabilities.hpa.apiVersion" -}} -{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .context) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" .context -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.23-0" $kubeVersion) -}} {{- if .beta2 -}} {{- print "autoscaling/v2beta2" -}} {{- else -}} @@ -161,7 +156,8 @@ Return the appropriate apiVersion for Horizontal Pod Autoscaler. Return the appropriate apiVersion for Vertical Pod Autoscaler. */}} {{- define "common.capabilities.vpa.apiVersion" -}} -{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .context) -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" .context -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.23-0" $kubeVersion) -}} {{- if .beta2 -}} {{- print "autoscaling/v2beta2" -}} {{- else -}} @@ -172,6 +168,54 @@ Return the appropriate apiVersion for Vertical Pod Autoscaler. {{- end -}} {{- end -}} +{{/* +Returns true if PodSecurityPolicy is supported +*/}} +{{- define "common.capabilities.psp.supported" -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if or (empty $kubeVersion) (semverCompare "<1.25-0" $kubeVersion) -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Returns true if AdmissionConfiguration is supported +*/}} +{{- define "common.capabilities.admissionConfiguration.supported" -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if or (empty $kubeVersion) (not (semverCompare "<1.23-0" $kubeVersion)) -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for AdmissionConfiguration. +*/}} +{{- define "common.capabilities.admissionConfiguration.apiVersion" -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.23-0" $kubeVersion) -}} +{{- print "apiserver.config.k8s.io/v1alpha1" -}} +{{- else if and (not (empty $kubeVersion)) (semverCompare "<1.25-0" $kubeVersion) -}} +{{- print "apiserver.config.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "apiserver.config.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for PodSecurityConfiguration. +*/}} +{{- define "common.capabilities.podSecurityConfiguration.apiVersion" -}} +{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}} +{{- if and (not (empty $kubeVersion)) (semverCompare "<1.23-0" $kubeVersion) -}} +{{- print "pod-security.admission.config.k8s.io/v1alpha1" -}} +{{- else if and (not (empty $kubeVersion)) (semverCompare "<1.25-0" $kubeVersion) -}} +{{- print "pod-security.admission.config.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "pod-security.admission.config.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + {{/* Returns true if the used Helm version is 3.3+. A way to check the used Helm version was not introduced until version 3.3.0 with .Capabilities.HelmVersion, which contains an additional "{}}" structure. diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_compatibility.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_compatibility.tpl new file mode 100644 index 000000000..eb4061d7d --- /dev/null +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_compatibility.tpl @@ -0,0 +1,42 @@ +{{/* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* vim: set filetype=mustache: */}} + +{{/* +Return true if the detected platform is Openshift +Usage: +{{- include "common.compatibility.isOpenshift" . -}} +*/}} +{{- define "common.compatibility.isOpenshift" -}} +{{- if .Capabilities.APIVersions.Has "security.openshift.io/v1" -}} +{{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Render a compatible securityContext depending on the platform. By default it is maintained as it is. In other platforms like Openshift we remove default user/group values that do not work out of the box with the restricted-v1 SCC +Usage: +{{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) -}} +*/}} +{{- define "common.compatibility.renderSecurityContext" -}} +{{- $adaptedContext := .secContext -}} + +{{- if (((.context.Values.global).compatibility).openshift) -}} + {{- if or (eq .context.Values.global.compatibility.openshift.adaptSecurityContext "force") (and (eq .context.Values.global.compatibility.openshift.adaptSecurityContext "auto") (include "common.compatibility.isOpenshift" .context)) -}} + {{/* Remove incompatible user/group values that do not work in Openshift out of the box */}} + {{- $adaptedContext = omit $adaptedContext "fsGroup" "runAsUser" "runAsGroup" -}} + {{- if not .secContext.seLinuxOptions -}} + {{/* If it is an empty object, we remove it from the resulting context because it causes validation issues */}} + {{- $adaptedContext = omit $adaptedContext "seLinuxOptions" -}} + {{- end -}} + {{- end -}} +{{- end -}} +{{/* Remove fields that are disregarded when running the container in privileged mode */}} +{{- if $adaptedContext.privileged -}} + {{- $adaptedContext = omit $adaptedContext "capabilities" "seLinuxOptions" -}} +{{- end -}} +{{- omit $adaptedContext "enabled" | toYaml -}} +{{- end -}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_errors.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_errors.tpl index 07ded6f64..e96536519 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_errors.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_errors.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_images.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_images.tpl index 2181f3224..6821b1ce2 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_images.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_images.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} @@ -9,15 +9,11 @@ Return the proper image name {{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }} */}} {{- define "common.images.image" -}} -{{- $registryName := .imageRoot.registry -}} +{{- $registryName := default .imageRoot.registry ((.global).imageRegistry) -}} {{- $repositoryName := .imageRoot.repository -}} {{- $separator := ":" -}} {{- $termination := .imageRoot.tag | toString -}} -{{- if .global }} - {{- if .global.imageRegistry }} - {{- $registryName = .global.imageRegistry -}} - {{- end -}} -{{- end -}} + {{- if .imageRoot.digest }} {{- $separator = "@" -}} {{- $termination = .imageRoot.digest | toString -}} @@ -36,19 +32,25 @@ Return the proper Docker Image Registry Secret Names (deprecated: use common.ima {{- define "common.images.pullSecrets" -}} {{- $pullSecrets := list }} - {{- if .global }} - {{- range .global.imagePullSecrets -}} + {{- range ((.global).imagePullSecrets) -}} + {{- if kindIs "map" . -}} + {{- $pullSecrets = append $pullSecrets .name -}} + {{- else -}} {{- $pullSecrets = append $pullSecrets . -}} - {{- end -}} + {{- end }} {{- end -}} {{- range .images -}} {{- range .pullSecrets -}} - {{- $pullSecrets = append $pullSecrets . -}} + {{- if kindIs "map" . -}} + {{- $pullSecrets = append $pullSecrets .name -}} + {{- else -}} + {{- $pullSecrets = append $pullSecrets . -}} + {{- end -}} {{- end -}} {{- end -}} - {{- if (not (empty $pullSecrets)) }} + {{- if (not (empty $pullSecrets)) -}} imagePullSecrets: {{- range $pullSecrets | uniq }} - name: {{ . }} @@ -64,22 +66,44 @@ Return the proper Docker Image Registry Secret Names evaluating values as templa {{- $pullSecrets := list }} {{- $context := .context }} - {{- if $context.Values.global }} - {{- range $context.Values.global.imagePullSecrets -}} + {{- range (($context.Values.global).imagePullSecrets) -}} + {{- if kindIs "map" . -}} + {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" .name "context" $context)) -}} + {{- else -}} {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}} {{- end -}} {{- end -}} {{- range .images -}} {{- range .pullSecrets -}} - {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}} + {{- if kindIs "map" . -}} + {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" .name "context" $context)) -}} + {{- else -}} + {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}} + {{- end -}} {{- end -}} {{- end -}} - {{- if (not (empty $pullSecrets)) }} + {{- if (not (empty $pullSecrets)) -}} imagePullSecrets: {{- range $pullSecrets | uniq }} - name: {{ . }} {{- end }} {{- end }} {{- end -}} + +{{/* +Return the proper image version (ingores image revision/prerelease info & fallbacks to chart appVersion) +{{ include "common.images.version" ( dict "imageRoot" .Values.path.to.the.image "chart" .Chart ) }} +*/}} +{{- define "common.images.version" -}} +{{- $imageTag := .imageRoot.tag | toString -}} +{{/* regexp from https://github.com/Masterminds/semver/blob/23f51de38a0866c5ef0bfc42b3f735c73107b700/version.go#L41-L44 */}} +{{- if regexMatch `^([0-9]+)(\.[0-9]+)?(\.[0-9]+)?(-([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?(\+([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?$` $imageTag -}} + {{- $version := semver $imageTag -}} + {{- printf "%d.%d.%d" $version.Major $version.Minor $version.Patch -}} +{{- else -}} + {{- print .chart.AppVersion -}} +{{- end -}} +{{- end -}} + diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_ingress.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_ingress.tpl index efa5b85c7..7d2b87985 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_ingress.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_ingress.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_labels.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_labels.tpl index fac46076a..0a0cc5488 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_labels.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_labels.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} @@ -11,21 +11,19 @@ Kubernetes standard labels */}} {{- define "common.labels.standard" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "helm.sh/chart" (include "common.names.chart" .context) - "app.kubernetes.io/instance" .context.Release.Name - "app.kubernetes.io/managed-by" .context.Release.Service - ) - | toYaml -}} +{{- $default := dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service -}} +{{- with .context.Chart.AppVersion -}} +{{- $_ := set $default "app.kubernetes.io/version" . -}} +{{- end -}} +{{ template "common.tplvalues.merge" (dict "values" (list .customLabels $default) "context" .context) }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} helm.sh/chart: {{ include "common.names.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Chart.AppVersion }} +app.kubernetes.io/version: {{ . | quote }} +{{- end -}} {{- end -}} {{- end -}} @@ -40,14 +38,7 @@ overwrote them on metadata.labels fields. */}} {{- define "common.labels.matchLabels" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "app.kubernetes.io/instance" .context.Release.Name - ) - | toYaml -}} +{{ merge (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") (dict "app.kubernetes.io/name" (include "common.names.name" .context) "app.kubernetes.io/instance" .context.Release.Name ) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_names.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_names.tpl index a222924f1..ba8395685 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_names.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_names.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_resources.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_resources.tpl new file mode 100644 index 000000000..d8a43e1c2 --- /dev/null +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_resources.tpl @@ -0,0 +1,50 @@ +{{/* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* vim: set filetype=mustache: */}} + +{{/* +Return a resource request/limit object based on a given preset. +These presets are for basic testing and not meant to be used in production +{{ include "common.resources.preset" (dict "type" "nano") -}} +*/}} +{{- define "common.resources.preset" -}} +{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} +{{- $presets := dict + "nano" (dict + "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + ) + "micro" (dict + "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + ) + "small" (dict + "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + ) + "medium" (dict + "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + ) + "large" (dict + "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + ) + "xlarge" (dict + "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + ) + "2xlarge" (dict + "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") + "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + ) + }} +{{- if hasKey $presets .type -}} +{{- index $presets .type | toYaml -}} +{{- else -}} +{{- printf "ERROR: Preset key '%s' invalid. Allowed values are %s" .type (join "," (keys $presets)) | fail -}} +{{- end -}} +{{- end -}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_secrets.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_secrets.tpl index a193c46b6..801918ce3 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_secrets.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_secrets.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} @@ -78,6 +78,8 @@ Params: - chartName - String - Optional - Name of the chart used when said chart is deployed as a subchart. - context - Context - Required - Parent context. - failOnNew - Boolean - Optional - Default to true. If set to false, skip errors adding new keys to existing secrets. + - skipB64enc - Boolean - Optional - Default to false. If set to true, no the secret will not be base64 encrypted. + - skipQuote - Boolean - Optional - Default to false. If set to true, no quotes will be added around the secret. The order in which this function returns a secret password: 1. Already existing 'Secret' resource (If a 'Secret' resource is found under the name provided to the 'secret' parameter to this function and that 'Secret' resource contains a key with the name passed as the 'key' parameter to this function then the value of this existing secret password will be returned) @@ -91,7 +93,6 @@ The order in which this function returns a secret password: {{- $password := "" }} {{- $subchart := "" }} -{{- $failOnNew := default true .failOnNew }} {{- $chartName := default "" .chartName }} {{- $passwordLength := default 10 .length }} {{- $providedPasswordKey := include "common.utils.getKeyFromList" (dict "keys" .providedValues "context" $.context) }} @@ -99,33 +100,45 @@ The order in which this function returns a secret password: {{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data }} {{- if $secretData }} {{- if hasKey $secretData .key }} - {{- $password = index $secretData .key | quote }} - {{- else if $failOnNew }} + {{- $password = index $secretData .key | b64dec }} + {{- else if not (eq .failOnNew false) }} {{- printf "\nPASSWORDS ERROR: The secret \"%s\" does not contain the key \"%s\"\n" .secret .key | fail -}} {{- end -}} -{{- else if $providedPasswordValue }} - {{- $password = $providedPasswordValue | toString | b64enc | quote }} -{{- else }} +{{- end }} - {{- if .context.Values.enabled }} - {{- $subchart = $chartName }} - {{- end -}} - - {{- $requiredPassword := dict "valueKey" $providedPasswordKey "secret" .secret "field" .key "subchart" $subchart "context" $.context -}} - {{- $requiredPasswordError := include "common.validations.values.single.empty" $requiredPassword -}} - {{- $passwordValidationErrors := list $requiredPasswordError -}} - {{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $.context) -}} - - {{- if .strong }} - {{- $subStr := list (lower (randAlpha 1)) (randNumeric 1) (upper (randAlpha 1)) | join "_" }} - {{- $password = randAscii $passwordLength }} - {{- $password = regexReplaceAllLiteral "\\W" $password "@" | substr 5 $passwordLength }} - {{- $password = printf "%s%s" $subStr $password | toString | shuffle | b64enc | quote }} +{{- if not $password }} + {{- if $providedPasswordValue }} + {{- $password = $providedPasswordValue | toString }} {{- else }} - {{- $password = randAlphaNum $passwordLength | b64enc | quote }} - {{- end }} + {{- if .context.Values.enabled }} + {{- $subchart = $chartName }} + {{- end -}} + + {{- if not (eq .failOnNew false) }} + {{- $requiredPassword := dict "valueKey" $providedPasswordKey "secret" .secret "field" .key "subchart" $subchart "context" $.context -}} + {{- $requiredPasswordError := include "common.validations.values.single.empty" $requiredPassword -}} + {{- $passwordValidationErrors := list $requiredPasswordError -}} + {{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $.context) -}} + {{- end }} + + {{- if .strong }} + {{- $subStr := list (lower (randAlpha 1)) (randNumeric 1) (upper (randAlpha 1)) | join "_" }} + {{- $password = randAscii $passwordLength }} + {{- $password = regexReplaceAllLiteral "\\W" $password "@" | substr 5 $passwordLength }} + {{- $password = printf "%s%s" $subStr $password | toString | shuffle }} + {{- else }} + {{- $password = randAlphaNum $passwordLength }} + {{- end }} + {{- end -}} +{{- end -}} +{{- if not .skipB64enc }} +{{- $password = $password | b64enc }} {{- end -}} +{{- if .skipQuote -}} {{- printf "%s" $password -}} +{{- else -}} +{{- printf "%s" $password | quote -}} +{{- end -}} {{- end -}} {{/* diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_storage.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_storage.tpl index 16405a0f8..aa75856c0 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_storage.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_storage.tpl @@ -1,28 +1,21 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} {{/* vim: set filetype=mustache: */}} + {{/* Return the proper Storage Class {{ include "common.storage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $) }} */}} {{- define "common.storage.class" -}} - -{{- $storageClass := .persistence.storageClass -}} -{{- if .global -}} - {{- if .global.storageClass -}} - {{- $storageClass = .global.storageClass -}} - {{- end -}} -{{- end -}} - +{{- $storageClass := (.global).storageClass | default .persistence.storageClass | default (.global).defaultStorageClass | default "" -}} {{- if $storageClass -}} {{- if (eq "-" $storageClass) -}} {{- printf "storageClassName: \"\"" -}} - {{- else }} + {{- else -}} {{- printf "storageClassName: %s" $storageClass -}} {{- end -}} {{- end -}} - {{- end -}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_tplvalues.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_tplvalues.tpl index dc15f7fdc..c84d72c80 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_tplvalues.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_tplvalues.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} @@ -11,17 +11,28 @@ Usage: {{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $ "scope" $app ) }} */}} {{- define "common.tplvalues.render" -}} -{{- if .scope }} - {{- if typeIs "string" .value }} - {{- tpl (cat "{{- with $.RelativeScope -}}" .value "{{- end }}") (merge (dict "RelativeScope" .scope) .context) }} +{{- $value := typeIs "string" .value | ternary .value (.value | toYaml) }} +{{- if contains "{{" (toJson .value) }} + {{- if .scope }} + {{- tpl (cat "{{- with $.RelativeScope -}}" $value "{{- end }}") (merge (dict "RelativeScope" .scope) .context) }} {{- else }} - {{- tpl (cat "{{- with $.RelativeScope -}}" (.value | toYaml) "{{- end }}") (merge (dict "RelativeScope" .scope) .context) }} + {{- tpl $value .context }} {{- end }} {{- else }} - {{- if typeIs "string" .value }} - {{- tpl .value .context }} - {{- else }} - {{- tpl (.value | toYaml) .context }} - {{- end }} + {{- $value }} +{{- end }} +{{- end -}} + +{{/* +Merge a list of values that contains template after rendering them. +Merge precedence is consistent with http://masterminds.github.io/sprig/dicts.html#merge-mustmerge +Usage: +{{ include "common.tplvalues.merge" ( dict "values" (list .Values.path.to.the.Value1 .Values.path.to.the.Value2) "context" $ ) }} +*/}} +{{- define "common.tplvalues.merge" -}} +{{- $dst := dict -}} +{{- range .values -}} +{{- $dst = include "common.tplvalues.render" (dict "value" . "context" $.context "scope" $.scope) | fromYaml | merge $dst -}} {{- end -}} +{{ $dst | toYaml }} {{- end -}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_utils.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_utils.tpl index c87040cd9..d53c74aa2 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_utils.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_utils.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} @@ -65,3 +65,13 @@ Usage: {{- end -}} {{- printf "%s" $key -}} {{- end -}} + +{{/* +Checksum a template at "path" containing a *single* resource (ConfigMap,Secret) for use in pod annotations, excluding the metadata (see #18376). +Usage: +{{ include "common.utils.checksumTemplate" (dict "path" "/configmap.yaml" "context" $) }} +*/}} +{{- define "common.utils.checksumTemplate" -}} +{{- $obj := include (print .context.Template.BasePath .path) .context | fromYaml -}} +{{ omit $obj "apiVersion" "kind" "metadata" | toYaml | sha256sum }} +{{- end -}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_warnings.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_warnings.tpl index 66dffc1fe..e4dbecde2 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_warnings.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/_warnings.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} @@ -13,7 +13,97 @@ Usage: {{- if and (contains "bitnami/" .repository) (not (.tag | toString | regexFind "-r\\d+$|sha256:")) }} WARNING: Rolling tag detected ({{ .repository }}:{{ .tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment. -+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/ ++info https://docs.vmware.com/en/VMware-Tanzu-Application-Catalog/services/tutorials/GUID-understand-rolling-tags-containers-index.html {{- end }} +{{- end -}} + +{{/* +Warning about replaced images from the original. +Usage: +{{ include "common.warnings.modifiedImages" (dict "images" (list .Values.path.to.the.imageRoot) "context" $) }} +*/}} +{{- define "common.warnings.modifiedImages" -}} +{{- $affectedImages := list -}} +{{- $printMessage := false -}} +{{- $originalImages := .context.Chart.Annotations.images -}} +{{- range .images -}} + {{- $fullImageName := printf (printf "%s/%s:%s" .registry .repository .tag) -}} + {{- if not (contains $fullImageName $originalImages) }} + {{- $affectedImages = append $affectedImages (printf "%s/%s:%s" .registry .repository .tag) -}} + {{- $printMessage = true -}} + {{- end -}} +{{- end -}} +{{- if $printMessage }} + +⚠ SECURITY WARNING: Original containers have been substituted. This Helm chart was designed, tested, and validated on multiple platforms using a specific set of Bitnami and Tanzu Application Catalog containers. Substituting other containers is likely to cause degraded security and performance, broken chart features, and missing environment variables. + +Substituted images detected: +{{- range $affectedImages }} + - {{ . }} +{{- end }} +{{- end -}} +{{- end -}} +{{/* +Warning about not setting the resource object in all deployments. +Usage: +{{ include "common.warnings.resources" (dict "sections" (list "path1" "path2") context $) }} +Example: +{{- include "common.warnings.resources" (dict "sections" (list "csiProvider.provider" "server" "volumePermissions" "") "context" $) }} +The list in the example assumes that the following values exist: + - csiProvider.provider.resources + - server.resources + - volumePermissions.resources + - resources +*/}} +{{- define "common.warnings.resources" -}} +{{- $values := .context.Values -}} +{{- $printMessage := false -}} +{{ $affectedSections := list -}} +{{- range .sections -}} + {{- if eq . "" -}} + {{/* Case where the resources section is at the root (one main deployment in the chart) */}} + {{- if not (index $values "resources") -}} + {{- $affectedSections = append $affectedSections "resources" -}} + {{- $printMessage = true -}} + {{- end -}} + {{- else -}} + {{/* Case where the are multiple resources sections (more than one main deployment in the chart) */}} + {{- $keys := split "." . -}} + {{/* We iterate through the different levels until arriving to the resource section. Example: a.b.c.resources */}} + {{- $section := $values -}} + {{- range $keys -}} + {{- $section = index $section . -}} + {{- end -}} + {{- if not (index $section "resources") -}} + {{/* If the section has enabled=false or replicaCount=0, do not include it */}} + {{- if and (hasKey $section "enabled") -}} + {{- if index $section "enabled" -}} + {{/* enabled=true */}} + {{- $affectedSections = append $affectedSections (printf "%s.resources" .) -}} + {{- $printMessage = true -}} + {{- end -}} + {{- else if and (hasKey $section "replicaCount") -}} + {{/* We need a casting to int because number 0 is not treated as an int by default */}} + {{- if (gt (index $section "replicaCount" | int) 0) -}} + {{/* replicaCount > 0 */}} + {{- $affectedSections = append $affectedSections (printf "%s.resources" .) -}} + {{- $printMessage = true -}} + {{- end -}} + {{- else -}} + {{/* Default case, add it to the affected sections */}} + {{- $affectedSections = append $affectedSections (printf "%s.resources" .) -}} + {{- $printMessage = true -}} + {{- end -}} + {{- end -}} + {{- end -}} +{{- end -}} +{{- if $printMessage }} + +WARNING: There are "resources" sections in the chart not set. Using "resourcesPreset" is not recommended for production. For production installations, please set the following values according to your workload needs: +{{- range $affectedSections }} + - {{ . }} +{{- end }} ++info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +{{- end -}} {{- end -}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_cassandra.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_cassandra.tpl index eda9aada5..3f41ff8fc 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_cassandra.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_cassandra.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mariadb.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mariadb.tpl index 17d83a2fd..6ea8c0f45 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mariadb.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mariadb.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mongodb.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mongodb.tpl index bbb445b86..d4cd38cbb 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mongodb.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mongodb.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mysql.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mysql.tpl index ca3953f86..924812a93 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mysql.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_mysql.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_postgresql.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_postgresql.tpl index 8c9aa570e..0fa0b1467 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_postgresql.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_postgresql.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_redis.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_redis.tpl index fc0d208dd..f4778256d 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_redis.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_redis.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_validations.tpl b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_validations.tpl index 31ceda871..7cdee6170 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_validations.tpl +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/templates/validations/_validations.tpl @@ -1,5 +1,5 @@ {{/* -Copyright VMware, Inc. +Copyright Broadcom, Inc. All Rights Reserved. SPDX-License-Identifier: APACHE-2.0 */}} diff --git a/argocd-helm-charts/whoami/charts/whoami/charts/common/values.yaml b/argocd-helm-charts/whoami/charts/whoami/charts/common/values.yaml index 9abe0e154..de2cac57d 100644 --- a/argocd-helm-charts/whoami/charts/whoami/charts/common/values.yaml +++ b/argocd-helm-charts/whoami/charts/whoami/charts/common/values.yaml @@ -1,4 +1,4 @@ -# Copyright VMware, Inc. +# Copyright Broadcom, Inc. All Rights Reserved. # SPDX-License-Identifier: APACHE-2.0 ## bitnami/common diff --git a/argocd-helm-charts/whoami/charts/whoami/templates/deployment.yaml b/argocd-helm-charts/whoami/charts/whoami/templates/deployment.yaml index 27cf252a7..5a1435379 100644 --- a/argocd-helm-charts/whoami/charts/whoami/templates/deployment.yaml +++ b/argocd-helm-charts/whoami/charts/whoami/templates/deployment.yaml @@ -7,9 +7,9 @@ metadata: {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} - {{- if .Values.commonAnnotations }} - annotations: - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- if or .Values.deploymentAnnotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.deploymentAnnotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} {{- end }} spec: replicas: {{ .Values.replicaCount }} @@ -37,10 +37,19 @@ spec: {{- end }} spec: {{- include "common.images.pullSecrets" ( dict "images" ( list .Values.image ) "global" .Values.global ) | nindent 6 }} + {{- if .Values.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} + {{- end }} {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName | quote }} {{- end }} + {{- if .Values.runtimeClassName }} + runtimeClassName: {{ .Values.runtimeClassName | quote }} + {{- end }} serviceAccountName: {{ include "whoami.serviceAccountName" . }} + {{- if .Values.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: @@ -111,6 +120,10 @@ spec: {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + {{- if .Values.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -123,3 +136,7 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + volumes: + {{- if .Values.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} + {{- end }} diff --git a/argocd-helm-charts/whoami/charts/whoami/templates/ingress.yaml b/argocd-helm-charts/whoami/charts/whoami/templates/ingress.yaml index d12138eb2..d7491c95c 100644 --- a/argocd-helm-charts/whoami/charts/whoami/templates/ingress.yaml +++ b/argocd-helm-charts/whoami/charts/whoami/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if .Values.ingress.enabled }} apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} kind: Ingress metadata: @@ -9,13 +9,8 @@ metadata: {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if or .Values.ingress.annotations .Values.commonAnnotations }} - annotations: - {{- if .Values.ingress.annotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.annotations "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.ingress.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} {{- end }} spec: {{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }} diff --git a/argocd-helm-charts/whoami/charts/whoami/templates/pdb.yaml b/argocd-helm-charts/whoami/charts/whoami/templates/pdb.yaml index 24ce6689d..0e3751fd3 100644 --- a/argocd-helm-charts/whoami/charts/whoami/templates/pdb.yaml +++ b/argocd-helm-charts/whoami/charts/whoami/templates/pdb.yaml @@ -9,8 +9,7 @@ metadata: {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} - annotations: - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: {{- if .Values.pdb.minAvailable }} diff --git a/argocd-helm-charts/whoami/charts/whoami/templates/service.yaml b/argocd-helm-charts/whoami/charts/whoami/templates/service.yaml index 329ec8466..accad37fa 100644 --- a/argocd-helm-charts/whoami/charts/whoami/templates/service.yaml +++ b/argocd-helm-charts/whoami/charts/whoami/templates/service.yaml @@ -8,19 +8,26 @@ metadata: {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if or .Values.service.annotations .Values.commonAnnotations }} - annotations: - {{- if .Values.service.annotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.service.annotations "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} {{- end }} spec: type: {{ .Values.service.type }} {{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }} clusterIP: {{ .Values.service.clusterIP }} {{- end }} + {{- if .Values.service.ipFamilyPolicy }} + ipFamilyPolicy: {{ .Values.service.ipFamilyPolicy }} + {{- end }} + {{- if not (empty .Values.service.ipFamilies)}} + ipFamilies: {{- toYaml .Values.service.ipFamilies | nindent 4 }} + {{- end }} + {{- if .Values.service.sessionAffinity }} + sessionAffinity: {{ .Values.service.sessionAffinity }} + {{- end }} + {{- if .Values.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} {{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerIP }} loadBalancerIP: {{ .Values.service.loadBalancerIP }} {{- end }} @@ -29,7 +36,7 @@ spec: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} {{- end }} {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} - externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} {{- end }} ports: - port: {{ .Values.service.ports.http }} diff --git a/argocd-helm-charts/whoami/charts/whoami/templates/serviceaccount.yaml b/argocd-helm-charts/whoami/charts/whoami/templates/serviceaccount.yaml index 925c1e47b..bb5b79a4b 100644 --- a/argocd-helm-charts/whoami/charts/whoami/templates/serviceaccount.yaml +++ b/argocd-helm-charts/whoami/charts/whoami/templates/serviceaccount.yaml @@ -9,12 +9,7 @@ metadata: {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} - annotations: - {{- if .Values.serviceAccount.annotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.serviceAccount.annotations "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $ ) | nindent 4 }} {{- end }} {{- end -}} diff --git a/argocd-helm-charts/whoami/charts/whoami/values.yaml b/argocd-helm-charts/whoami/charts/whoami/values.yaml index a3cf8aa33..a04abb965 100644 --- a/argocd-helm-charts/whoami/charts/whoami/values.yaml +++ b/argocd-helm-charts/whoami/charts/whoami/values.yaml @@ -73,6 +73,12 @@ serviceAccount: ## @param serviceAccount.name The name of the service account to use (Generated using the `whoami.fullname` template if not set) name: +## @param hostAliases Pod host aliases +hostAliases: [] + +## @param deploymentAnnotations Additional deployment annotations +deploymentAnnotations: {} + ## @param podAnnotations Additional pod annotations podAnnotations: {} @@ -87,6 +93,12 @@ podSecurityContext: {} priorityClassName: # priorityClassName : high-priority +## @param runtimeClassName Runtime class name +runtimeClassName: "" + +## @param topologySpreadConstraints Topology Spread Constraints for pod assignment +topologySpreadConstraints: [] + ## @param securityContext Container security context securityContext: {} # capabilities: @@ -168,6 +180,18 @@ service: clusterIP: # clusterIP: 10.43.0.100 + ## @param service.ipFamilyPolicy Service IP family policy + ipFamilyPolicy: "" + + ## @param service.ipFamilies Service IP families + ipFamilies: [] + + ## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin + sessionAffinity: None + + ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity + sessionAffinityConfig: {} + ## @param service.loadBalancerIP Static load balancer IP address when service type is LoadBalancer loadBalancerIP: # loadBalancerIP: 10.0.0.100 @@ -249,6 +273,12 @@ extraEnvVarsCM: ## @param extraEnvVarsSecret Name of existing Secret containing additional container environment variables extraEnvVarsSecret: +## @param extraVolumes Optionally specify extra list of additional volumes +extraVolumes: [] + +## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts +extraVolumeMounts: [] + ## @section Tests parameters tests: @@ -260,7 +290,7 @@ tests: repository: cowboysysop/pytest ## @param tests.image.tag Image tag - tag: 1.0.35 + tag: 1.0.41 ## @param tests.image.digest Image digest digest: ""