From 6e442d3fa254d64b80a0718ac3a3a43bb65a76e3 Mon Sep 17 00:00:00 2001 From: Saurabh Lohe <105858985+slohe1@users.noreply.github.com> Date: Thu, 11 Jan 2024 14:48:18 +0530 Subject: [PATCH] OPSEXP-2295 Review and align chart alfresco-connector-ms365 with newer principals (#180) --- charts/alfresco-connector-ms365/Chart.yaml | 2 +- charts/alfresco-connector-ms365/README.md | 14 ++-- .../alfresco-connector-ms365/README.md.gotmpl | 18 +++++ .../templates/_helpers-env.tpl | 24 +++++++ .../templates/_helpers.tpl | 11 +++ .../templates/deployment-connector-ms365.yaml | 71 +++++-------------- .../templates/serviceaccount.yaml | 12 ++++ .../deployment-connector-ms365_test.yaml | 3 + charts/alfresco-connector-ms365/values.yaml | 41 +++++++++++ 9 files changed, 137 insertions(+), 59 deletions(-) create mode 100644 charts/alfresco-connector-ms365/README.md.gotmpl create mode 100644 charts/alfresco-connector-ms365/templates/_helpers-env.tpl create mode 100644 charts/alfresco-connector-ms365/templates/serviceaccount.yaml diff --git a/charts/alfresco-connector-ms365/Chart.yaml b/charts/alfresco-connector-ms365/Chart.yaml index 72a89668..d4c34db4 100644 --- a/charts/alfresco-connector-ms365/Chart.yaml +++ b/charts/alfresco-connector-ms365/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: alfresco-connector-ms365 description: A Helm chart for deploying Alfresco connector ms365 service type: application -version: 0.4.0 +version: 0.5.0-alpha.0 appVersion: "2.0.0" dependencies: - name: alfresco-common diff --git a/charts/alfresco-connector-ms365/README.md b/charts/alfresco-connector-ms365/README.md index b81761f7..6bab8c75 100644 --- a/charts/alfresco-connector-ms365/README.md +++ b/charts/alfresco-connector-ms365/README.md @@ -1,9 +1,11 @@ # alfresco-connector-ms365 -![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.0](https://img.shields.io/badge/AppVersion-2.0.0-informational?style=flat-square) +![Version: 0.5.0-alpha.0](https://img.shields.io/badge/Version-0.5.0--alpha.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.0](https://img.shields.io/badge/AppVersion-2.0.0-informational?style=flat-square) A Helm chart for deploying Alfresco connector ms365 service +Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/blob/master/docs/helm/README.md) for information on the Helm charts and deployment instructions. + ## Requirements | Repository | Name | Version | @@ -14,6 +16,7 @@ A Helm chart for deploying Alfresco connector ms365 service | Key | Type | Default | Description | |-----|------|---------|-------------| +| affinity | string | `"podAntiAffinity:\n preferredDuringSchedulingIgnoredDuringExecution:\n - weight: 10\n podAffinityTerm:\n labelSelector:\n matchExpressions:\n - key: app.kubernetes.io/name\n operator: In\n values:\n - {{ template \"alfresco-connector-ms365.name\" . }}\n - key: app.kubernetes.io/instance\n operator: In\n values:\n - {{ .Release.Name }}\n topologyKey: failure-domain.beta.kubernetes.io/zone\n - weight: 5\n podAffinityTerm:\n labelSelector:\n matchExpressions:\n - key: app.kubernetes.io/name\n operator: In\n values:\n - {{ template \"alfresco-connector-ms365.name\" . }}\n - key: app.kubernetes.io/instance\n operator: In\n values:\n - {{ .Release.Name }}\n topologyKey: kubernetes.io/hostname"` | Pod affinity, passed thru tpl function | | environment | object | `{}` | | | global.alfrescoRegistryPullSecrets | string | `"quay-registry-secret"` | | | image.internalPort | int | `9095` | | @@ -27,6 +30,8 @@ A Helm chart for deploying Alfresco connector ms365 service | livenessProbe.periodSeconds | int | `20` | | | livenessProbe.timeoutSeconds | int | `10` | | | nodeSelector | object | `{}` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | | podSecurityContext.runAsNonRoot | bool | `true` | | | podSecurityContext.runAsUser | int | `33006` | | | readinessProbe.initialDelaySeconds | int | `20` | | @@ -45,8 +50,9 @@ A Helm chart for deploying Alfresco connector ms365 service | service.externalPort | int | `80` | | | service.name | string | `"ms365-service"` | | | service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `"ms365-sa"` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | strategy.rollingUpdate.maxSurge | int | `1` | | | strategy.rollingUpdate.maxUnavailable | int | `0` | | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) +| tolerations | list | `[]` | | diff --git a/charts/alfresco-connector-ms365/README.md.gotmpl b/charts/alfresco-connector-ms365/README.md.gotmpl new file mode 100644 index 00000000..b301f393 --- /dev/null +++ b/charts/alfresco-connector-ms365/README.md.gotmpl @@ -0,0 +1,18 @@ +{{ template "chart.header" . }} +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.badgesSection" . }} + +{{ template "chart.description" . }} + +Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/blob/master/docs/helm/README.md) for information on the Helm charts and deployment instructions. + +{{ template "chart.homepageLine" . }} + +{{ template "chart.maintainersSection" . }} + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} diff --git a/charts/alfresco-connector-ms365/templates/_helpers-env.tpl b/charts/alfresco-connector-ms365/templates/_helpers-env.tpl new file mode 100644 index 00000000..7d2d90b8 --- /dev/null +++ b/charts/alfresco-connector-ms365/templates/_helpers-env.tpl @@ -0,0 +1,24 @@ +{{/* +Set environment variables necessary for configmap +*/}} +{{- define "alfresco-connector-ms365.env" -}} +{{- $repo_details_cm := coalesce .Values.repository.existingConfigMap.name (include "alfresco-connector-ms365.fullname" .) -}} +{{- $repo_url := printf "-Dalfresco.base-url=http://%s:%s" "$(REPO_HOST)" "$(REPO_PORT)" }} +- name: REPO_HOST + valueFrom: + configMapKeyRef: + name: {{ $repo_details_cm }} + key: {{ .Values.repository.existingConfigMap.keys.host }} +- name: REPO_PORT + valueFrom: + configMapKeyRef: + name: {{ $repo_details_cm }} + key: {{ .Values.repository.existingConfigMap.keys.port }} +{{- range $key, $value := (omit .Values.environment "JAVA_OPTS") }} +- name: {{ $key }} + value: {{ $value | quote }} +{{- end }} +- name: JAVA_OPTS + value: >- + {{ (printf "%s %s" (.Values.environment.JAVA_OPTS | default "") ($repo_url)) }} +{{- end -}} diff --git a/charts/alfresco-connector-ms365/templates/_helpers.tpl b/charts/alfresco-connector-ms365/templates/_helpers.tpl index 7008b021..93689f6d 100644 --- a/charts/alfresco-connector-ms365/templates/_helpers.tpl +++ b/charts/alfresco-connector-ms365/templates/_helpers.tpl @@ -49,3 +49,14 @@ Selector labels app.kubernetes.io/name: {{ include "alfresco-connector-ms365.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "alfresco-connector-ms365.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "alfresco-connector-ms365.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/alfresco-connector-ms365/templates/deployment-connector-ms365.yaml b/charts/alfresco-connector-ms365/templates/deployment-connector-ms365.yaml index 311d76f0..cb7c4d95 100644 --- a/charts/alfresco-connector-ms365/templates/deployment-connector-ms365.yaml +++ b/charts/alfresco-connector-ms365/templates/deployment-connector-ms365.yaml @@ -23,65 +23,16 @@ spec: labels: {{- include "alfresco-connector-ms365.selectorLabels" . | nindent 8 }} spec: - {{- include "component-pod-security-context" .Values | indent 4 }} - {{- if .Values.nodeSelector }} - nodeSelector: {{- .Values.nodeSelector | toYaml | nindent 8 }} - {{- end }} - {{- include "alfresco-content-services.imagePullSecrets" . | indent 6 }} - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 10 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - {{ template "alfresco-connector-ms365.name" . }} - - key: app.kubernetes.io/instance - operator: In - values: - - {{ .Release.Name }} - topologyKey: failure-domain.beta.kubernetes.io/zone - - weight: 5 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - {{ template "alfresco-connector-ms365.name" . }} - - key: app.kubernetes.io/instance - operator: In - values: - - {{ .Release.Name }} - topologyKey: kubernetes.io/hostname + {{- include "alfresco-common.imagePullSecrets" . | indent 6 }} + serviceAccountName: {{ include "alfresco-connector-ms365.serviceAccountName" . }} + {{- include "alfresco-common.component-pod-security-context" .Values | indent 4 }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- include "component-security-context" .Values | indent 8 }} - {{- $repo_details_cm := .Values.repository.existingConfigMap.name | default (include "alfresco-connector-ms365.fullname" .) }} - {{- $repo_url := printf "-Dalfresco.base-url=http://%s:%s" "$(REPO_HOST)" "$(REPO_PORT)" }} + {{- include "alfresco-common.component-security-context" .Values | indent 8 }} env: - - name: REPO_HOST - valueFrom: - configMapKeyRef: - name: {{ $repo_details_cm }} - key: {{ .Values.repository.existingConfigMap.keys.host }} - - name: REPO_PORT - valueFrom: - configMapKeyRef: - name: {{ $repo_details_cm }} - key: {{ .Values.repository.existingConfigMap.keys.port }} - {{- range $key, $value := (omit .Values.environment "JAVA_OPTS") }} - - name: {{ $key }} - value: {{ $value | quote }} - {{- end }} - - name: JAVA_OPTS - value: >- - {{ (printf "%s %s" (.Values.environment.JAVA_OPTS | default "") ($repo_url)) }} + {{- include "alfresco-connector-ms365.env" $ | indent 12 }} ports: - containerPort: {{ .Values.image.internalPort }} resources: {{- toYaml .Values.resources | nindent 12 }} @@ -98,3 +49,15 @@ spec: periodSeconds: {{ .Values.livenessProbe.periodSeconds }} failureThreshold: 1 timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- tpl . $ | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/alfresco-connector-ms365/templates/serviceaccount.yaml b/charts/alfresco-connector-ms365/templates/serviceaccount.yaml new file mode 100644 index 00000000..c2b4fb1c --- /dev/null +++ b/charts/alfresco-connector-ms365/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "alfresco-connector-ms365.serviceAccountName" . }} + labels: + {{- include "alfresco-connector-ms365.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/alfresco-connector-ms365/tests/deployment-connector-ms365_test.yaml b/charts/alfresco-connector-ms365/tests/deployment-connector-ms365_test.yaml index 141d5964..2a3f3a69 100644 --- a/charts/alfresco-connector-ms365/tests/deployment-connector-ms365_test.yaml +++ b/charts/alfresco-connector-ms365/tests/deployment-connector-ms365_test.yaml @@ -10,6 +10,9 @@ tests: - equal: path: metadata.name value: RELEASE-NAME-alfresco-connector-ms365 + - equal: + path: spec.template.spec.serviceAccountName + value: ms365-sa template: deployment-connector-ms365.yaml - it: should render cpu and memory limits diff --git a/charts/alfresco-connector-ms365/values.yaml b/charts/alfresco-connector-ms365/values.yaml index 6be7f8f7..0901ebda 100644 --- a/charts/alfresco-connector-ms365/values.yaml +++ b/charts/alfresco-connector-ms365/values.yaml @@ -6,6 +6,39 @@ strategy: maxUnavailable: 0 replicaCount: 2 nodeSelector: {} +tolerations: [] +# -- Pod affinity, passed thru tpl function +affinity: |- + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 10 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - {{ template "alfresco-connector-ms365.name" . }} + - key: app.kubernetes.io/instance + operator: In + values: + - {{ .Release.Name }} + topologyKey: failure-domain.beta.kubernetes.io/zone + - weight: 5 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - {{ template "alfresco-connector-ms365.name" . }} + - key: app.kubernetes.io/instance + operator: In + values: + - {{ .Release.Name }} + topologyKey: kubernetes.io/hostname +podAnnotations: {} +podLabels: {} image: repository: quay.io/alfresco/alfresco-ooi-service tag: 2.0.0 @@ -51,3 +84,11 @@ repository: host: REPO_HOST # -- name of the key in the configMap where to find the repository service port port: REPO_PORT +serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- Annotations to add to the service account + annotations: {} + # -- The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: ms365-sa