From 3fb51d7b5dd3480f036f8bbe37bee1a3c74247d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20Badst=C3=BCbner?=
 <jonas.badstuebner@hetzner-cloud.de>
Date: Tue, 31 Oct 2023 16:53:28 +0100
Subject: [PATCH 1/5] feat(coredns,helmchart): template
 topologySpreadConstraints
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jonas Badstübner <jonas.badstuebner@hetzner-cloud.de>
---
 charts/coredns/debug                     | 218 +++++++++++++++++++++++
 charts/coredns/templates/deployment.yaml |   2 +-
 charts/coredns/values.yaml               |  23 ++-
 3 files changed, 235 insertions(+), 8 deletions(-)
 create mode 100644 charts/coredns/debug

diff --git a/charts/coredns/debug b/charts/coredns/debug
new file mode 100644
index 0000000..330231b
--- /dev/null
+++ b/charts/coredns/debug
@@ -0,0 +1,218 @@
+---
+# Source: coredns/templates/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: release-name-coredns
+  labels:
+    app.kubernetes.io/managed-by: "Helm"
+    app.kubernetes.io/instance: "release-name"
+    helm.sh/chart: "coredns-1.27.1"
+    k8s-app: coredns
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "CoreDNS"
+    app.kubernetes.io/name: coredns
+data:
+  Corefile: |-
+    .:53 {
+        errors
+        health {
+            lameduck 5s
+        }
+        ready
+        kubernetes cluster.local in-addr.arpa ip6.arpa {
+            pods insecure
+            fallthrough in-addr.arpa ip6.arpa
+            ttl 30
+        }
+        prometheus 0.0.0.0:9153
+        forward . /etc/resolv.conf
+        cache 30
+        loop
+        reload
+        loadbalance
+    }
+---
+# Source: coredns/templates/clusterrole.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: release-name-coredns
+  labels:
+    app.kubernetes.io/managed-by: "Helm"
+    app.kubernetes.io/instance: "release-name"
+    helm.sh/chart: "coredns-1.27.1"
+    k8s-app: coredns
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "CoreDNS"
+    app.kubernetes.io/name: coredns
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - endpoints
+  - services
+  - pods
+  - namespaces
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - discovery.k8s.io
+  resources:
+  - endpointslices
+  verbs:
+  - list
+  - watch
+---
+# Source: coredns/templates/clusterrolebinding.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: release-name-coredns
+  labels:
+    app.kubernetes.io/managed-by: "Helm"
+    app.kubernetes.io/instance: "release-name"
+    helm.sh/chart: "coredns-1.27.1"
+    k8s-app: coredns
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "CoreDNS"
+    app.kubernetes.io/name: coredns
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: release-name-coredns
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: default
+---
+# Source: coredns/templates/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: release-name-coredns
+  labels:
+    app.kubernetes.io/managed-by: "Helm"
+    app.kubernetes.io/instance: "release-name"
+    helm.sh/chart: "coredns-1.27.1"
+    k8s-app: coredns
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "CoreDNS"
+    app.kubernetes.io/name: coredns
+spec:
+  selector:
+    app.kubernetes.io/instance: "release-name"
+    k8s-app: coredns
+    app.kubernetes.io/name: coredns
+  ports:
+  - {"name":"udp-53","port":53,"protocol":"UDP"}
+  - {"name":"tcp-53","port":53,"protocol":"TCP"}
+  type: ClusterIP
+---
+# Source: coredns/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: release-name-coredns
+  labels:
+    app.kubernetes.io/managed-by: "Helm"
+    app.kubernetes.io/instance: "release-name"
+    helm.sh/chart: "coredns-1.27.1"
+    k8s-app: coredns
+    kubernetes.io/cluster-service: "true"
+    kubernetes.io/name: "CoreDNS"
+    app.kubernetes.io/name: coredns
+    app.kubernetes.io/version: "1.11.1"
+spec:
+  replicas: 1
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 1
+      maxSurge: 25%
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: "release-name"
+      k8s-app: coredns
+      app.kubernetes.io/name: coredns
+  template:
+    metadata:
+      labels:
+        k8s-app: coredns
+        app.kubernetes.io/name: coredns
+        app.kubernetes.io/instance: "release-name"
+      annotations:
+        checksum/config: 73026f5854f730d4154f1c671ff0cb0a5ffcdfeb7eea42f1cb7df15225915f65
+        scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
+    spec:
+      terminationGracePeriodSeconds: 30
+      serviceAccountName: default
+      dnsPolicy: Default
+      topologySpreadConstraints:
+
+        - labelSelector:
+            matchLabels:
+              app.kubernetes.io/instance: 'release-name'
+              app.kubernetes.io/name: 'coredns'
+          maxSkew: 1
+          topologyKey: topology.kubernetes.io/zone
+          whenUnsatisfiable: ScheduleAnyway
+        - labelSelector:
+            matchLabels:
+              app.kubernetes.io/instance: 'release-name'
+              app.kubernetes.io/name: 'coredns'
+          maxSkew: 1
+          topologyKey: kubernetes.io/hostname
+          whenUnsatisfiable: ScheduleAnyway
+      containers:
+      - name: "coredns"
+        image: "coredns/coredns:1.11.1"
+        imagePullPolicy: IfNotPresent
+        args: [ "-conf", "/etc/coredns/Corefile" ]
+        volumeMounts:
+        - name: config-volume
+          mountPath: /etc/coredns
+        resources:
+          limits:
+            cpu: 100m
+            memory: 128Mi
+          requests:
+            cpu: 100m
+            memory: 128Mi
+        ports:
+        - {"containerPort":53,"name":"udp-53","protocol":"UDP"}
+        - {"containerPort":53,"name":"tcp-53","protocol":"TCP"}
+        - {"containerPort":9153,"name":"tcp-9153","protocol":"TCP"}
+        
+        livenessProbe:
+          httpGet:
+            path: /health
+            port: 8080
+            scheme: HTTP
+          initialDelaySeconds: 60
+          periodSeconds: 10
+          timeoutSeconds: 5
+          successThreshold: 1
+          failureThreshold: 5
+        readinessProbe:
+          httpGet:
+            path: /ready
+            port: 8181
+            scheme: HTTP
+          initialDelaySeconds: 30
+          periodSeconds: 10
+          timeoutSeconds: 5
+          successThreshold: 1
+          failureThreshold: 5
+        securityContext:
+          capabilities:
+            add:
+            - NET_BIND_SERVICE
+      volumes:
+        - name: config-volume
+          configMap:
+            name: release-name-coredns
+            items:
+            - key: Corefile
+              path: Corefile
diff --git a/charts/coredns/templates/deployment.yaml b/charts/coredns/templates/deployment.yaml
index fa86957..48c2a4f 100644
--- a/charts/coredns/templates/deployment.yaml
+++ b/charts/coredns/templates/deployment.yaml
@@ -73,7 +73,7 @@ spec:
       {{- end }}
       {{- if .Values.topologySpreadConstraints }}
       topologySpreadConstraints:
-{{ toYaml .Values.topologySpreadConstraints | indent 8 }}
+{{ tpl (toYaml .Values.topologySpreadConstraints) $ | nindent 8 }}
       {{- end }}
       {{- if .Values.tolerations }}
       tolerations:
diff --git a/charts/coredns/values.yaml b/charts/coredns/values.yaml
index e187c27..b7dad6d 100644
--- a/charts/coredns/values.yaml
+++ b/charts/coredns/values.yaml
@@ -181,14 +181,23 @@ readinessProbe:
 affinity: {}
 
 # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#topologyspreadconstraint-v1-core
-# for example:
+# and supports Helm templating.
+# For example:
 #   topologySpreadConstraints:
-#   - maxSkew: 1
-#     topologyKey: zone
-#     whenUnsatisfiable: DoNotSchedule
-#     labelSelector:
-#       matchLabels:
-#         foo: bar
+#     - labelSelector:
+#         matchLabels:
+#           app.kubernetes.io/name: '{{ template "coredns.name" . }}'
+#           app.kubernetes.io/instance: '{{ .Release.Name }}'
+#       topologyKey: topology.kubernetes.io/zone
+#       maxSkew: 1
+#       whenUnsatisfiable: ScheduleAnyway
+#     - labelSelector:
+#         matchLabels:
+#           app.kubernetes.io/name: '{{ template "coredns.name" . }}'
+#           app.kubernetes.io/instance: '{{ .Release.Name }}'
+#       topologyKey: kubernetes.io/hostname
+#       maxSkew: 1
+#       whenUnsatisfiable: ScheduleAnyway
 topologySpreadConstraints: []
 
 # Node labels for pod assignment

From 70a44271f5f5ce70fbcab93f3e22530421594c52 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20Badst=C3=BCbner?=
 <jonas.badstuebner@hetzner-cloud.de>
Date: Tue, 31 Oct 2023 17:00:37 +0100
Subject: [PATCH 2/5] chore(coredns,helmchart): bump Version; add changes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jonas Badstübner <jonas.badstuebner@hetzner-cloud.de>
---
 charts/coredns/Chart.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/charts/coredns/Chart.yaml b/charts/coredns/Chart.yaml
index 150348c..3eca399 100644
--- a/charts/coredns/Chart.yaml
+++ b/charts/coredns/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: coredns
-version: 1.27.1
+version: 1.27.2
 appVersion: 1.11.1
 home: https://coredns.io
 icon: https://coredns.io/images/CoreDNS_Colour_Horizontal.png
@@ -20,5 +20,5 @@ engine: gotpl
 type: application
 annotations:
   artifacthub.io/changes: |
-    - kind: fixed
-      description: Fixed indentation for sidecar containers
+    - kind: added
+      description: topologySpreadConstraints can be templated values

From 799400210148a6d01b590141e9011461a54f13ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20Badst=C3=BCbner?=
 <jonas.badstuebner@hetzner-cloud.de>
Date: Tue, 31 Oct 2023 17:05:18 +0100
Subject: [PATCH 3/5] chore(coredns,helmchart): rm debug
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jonas Badstübner <jonas.badstuebner@hetzner-cloud.de>
---
 charts/coredns/debug | 218 -------------------------------------------
 1 file changed, 218 deletions(-)
 delete mode 100644 charts/coredns/debug

diff --git a/charts/coredns/debug b/charts/coredns/debug
deleted file mode 100644
index 330231b..0000000
--- a/charts/coredns/debug
+++ /dev/null
@@ -1,218 +0,0 @@
----
-# Source: coredns/templates/configmap.yaml
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: release-name-coredns
-  labels:
-    app.kubernetes.io/managed-by: "Helm"
-    app.kubernetes.io/instance: "release-name"
-    helm.sh/chart: "coredns-1.27.1"
-    k8s-app: coredns
-    kubernetes.io/cluster-service: "true"
-    kubernetes.io/name: "CoreDNS"
-    app.kubernetes.io/name: coredns
-data:
-  Corefile: |-
-    .:53 {
-        errors
-        health {
-            lameduck 5s
-        }
-        ready
-        kubernetes cluster.local in-addr.arpa ip6.arpa {
-            pods insecure
-            fallthrough in-addr.arpa ip6.arpa
-            ttl 30
-        }
-        prometheus 0.0.0.0:9153
-        forward . /etc/resolv.conf
-        cache 30
-        loop
-        reload
-        loadbalance
-    }
----
-# Source: coredns/templates/clusterrole.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: release-name-coredns
-  labels:
-    app.kubernetes.io/managed-by: "Helm"
-    app.kubernetes.io/instance: "release-name"
-    helm.sh/chart: "coredns-1.27.1"
-    k8s-app: coredns
-    kubernetes.io/cluster-service: "true"
-    kubernetes.io/name: "CoreDNS"
-    app.kubernetes.io/name: coredns
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - endpoints
-  - services
-  - pods
-  - namespaces
-  verbs:
-  - list
-  - watch
-- apiGroups:
-  - discovery.k8s.io
-  resources:
-  - endpointslices
-  verbs:
-  - list
-  - watch
----
-# Source: coredns/templates/clusterrolebinding.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: release-name-coredns
-  labels:
-    app.kubernetes.io/managed-by: "Helm"
-    app.kubernetes.io/instance: "release-name"
-    helm.sh/chart: "coredns-1.27.1"
-    k8s-app: coredns
-    kubernetes.io/cluster-service: "true"
-    kubernetes.io/name: "CoreDNS"
-    app.kubernetes.io/name: coredns
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: release-name-coredns
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: default
----
-# Source: coredns/templates/service.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  name: release-name-coredns
-  labels:
-    app.kubernetes.io/managed-by: "Helm"
-    app.kubernetes.io/instance: "release-name"
-    helm.sh/chart: "coredns-1.27.1"
-    k8s-app: coredns
-    kubernetes.io/cluster-service: "true"
-    kubernetes.io/name: "CoreDNS"
-    app.kubernetes.io/name: coredns
-spec:
-  selector:
-    app.kubernetes.io/instance: "release-name"
-    k8s-app: coredns
-    app.kubernetes.io/name: coredns
-  ports:
-  - {"name":"udp-53","port":53,"protocol":"UDP"}
-  - {"name":"tcp-53","port":53,"protocol":"TCP"}
-  type: ClusterIP
----
-# Source: coredns/templates/deployment.yaml
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: release-name-coredns
-  labels:
-    app.kubernetes.io/managed-by: "Helm"
-    app.kubernetes.io/instance: "release-name"
-    helm.sh/chart: "coredns-1.27.1"
-    k8s-app: coredns
-    kubernetes.io/cluster-service: "true"
-    kubernetes.io/name: "CoreDNS"
-    app.kubernetes.io/name: coredns
-    app.kubernetes.io/version: "1.11.1"
-spec:
-  replicas: 1
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 1
-      maxSurge: 25%
-  selector:
-    matchLabels:
-      app.kubernetes.io/instance: "release-name"
-      k8s-app: coredns
-      app.kubernetes.io/name: coredns
-  template:
-    metadata:
-      labels:
-        k8s-app: coredns
-        app.kubernetes.io/name: coredns
-        app.kubernetes.io/instance: "release-name"
-      annotations:
-        checksum/config: 73026f5854f730d4154f1c671ff0cb0a5ffcdfeb7eea42f1cb7df15225915f65
-        scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
-    spec:
-      terminationGracePeriodSeconds: 30
-      serviceAccountName: default
-      dnsPolicy: Default
-      topologySpreadConstraints:
-
-        - labelSelector:
-            matchLabels:
-              app.kubernetes.io/instance: 'release-name'
-              app.kubernetes.io/name: 'coredns'
-          maxSkew: 1
-          topologyKey: topology.kubernetes.io/zone
-          whenUnsatisfiable: ScheduleAnyway
-        - labelSelector:
-            matchLabels:
-              app.kubernetes.io/instance: 'release-name'
-              app.kubernetes.io/name: 'coredns'
-          maxSkew: 1
-          topologyKey: kubernetes.io/hostname
-          whenUnsatisfiable: ScheduleAnyway
-      containers:
-      - name: "coredns"
-        image: "coredns/coredns:1.11.1"
-        imagePullPolicy: IfNotPresent
-        args: [ "-conf", "/etc/coredns/Corefile" ]
-        volumeMounts:
-        - name: config-volume
-          mountPath: /etc/coredns
-        resources:
-          limits:
-            cpu: 100m
-            memory: 128Mi
-          requests:
-            cpu: 100m
-            memory: 128Mi
-        ports:
-        - {"containerPort":53,"name":"udp-53","protocol":"UDP"}
-        - {"containerPort":53,"name":"tcp-53","protocol":"TCP"}
-        - {"containerPort":9153,"name":"tcp-9153","protocol":"TCP"}
-        
-        livenessProbe:
-          httpGet:
-            path: /health
-            port: 8080
-            scheme: HTTP
-          initialDelaySeconds: 60
-          periodSeconds: 10
-          timeoutSeconds: 5
-          successThreshold: 1
-          failureThreshold: 5
-        readinessProbe:
-          httpGet:
-            path: /ready
-            port: 8181
-            scheme: HTTP
-          initialDelaySeconds: 30
-          periodSeconds: 10
-          timeoutSeconds: 5
-          successThreshold: 1
-          failureThreshold: 5
-        securityContext:
-          capabilities:
-            add:
-            - NET_BIND_SERVICE
-      volumes:
-        - name: config-volume
-          configMap:
-            name: release-name-coredns
-            items:
-            - key: Corefile
-              path: Corefile

From 7de04332d4d157124020e13b809c9f1ba5c8f3d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20Badst=C3=BCbner?=
 <jonas.badstuebner@hetzner-cloud.de>
Date: Tue, 31 Oct 2023 17:09:54 +0100
Subject: [PATCH 4/5] chore(coredns,helmchart): nindent not needed
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jonas Badstübner <jonas.badstuebner@hetzner-cloud.de>
---
 charts/coredns/templates/deployment.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/coredns/templates/deployment.yaml b/charts/coredns/templates/deployment.yaml
index 48c2a4f..56e05cc 100644
--- a/charts/coredns/templates/deployment.yaml
+++ b/charts/coredns/templates/deployment.yaml
@@ -73,7 +73,7 @@ spec:
       {{- end }}
       {{- if .Values.topologySpreadConstraints }}
       topologySpreadConstraints:
-{{ tpl (toYaml .Values.topologySpreadConstraints) $ | nindent 8 }}
+{{ tpl (toYaml .Values.topologySpreadConstraints) $ | indent 8 }}
       {{- end }}
       {{- if .Values.tolerations }}
       tolerations:

From 6f7f11cdb0dbf496d82837f4f984c8bb42094e82 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20Badst=C3=BCbner?=
 <jonas.badstuebner@hetzner-cloud.de>
Date: Wed, 1 Nov 2023 12:33:00 +0100
Subject: [PATCH 5/5] chore(coredns,helmchart): bump version 1.28.0
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Hagai Barel <hagaibarel@gmail.com>
Signed-off-by: Jonas Badstübner <jonas.badstuebner@hetzner-cloud.de>
---
 charts/coredns/Chart.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/coredns/Chart.yaml b/charts/coredns/Chart.yaml
index 3eca399..ea5230f 100644
--- a/charts/coredns/Chart.yaml
+++ b/charts/coredns/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: coredns
-version: 1.27.2
+version: 1.28.0
 appVersion: 1.11.1
 home: https://coredns.io
 icon: https://coredns.io/images/CoreDNS_Colour_Horizontal.png