From ea3d13b6de681b323419d0babdc9914439318ffb Mon Sep 17 00:00:00 2001 From: fcomte Date: Mon, 11 Jul 2022 14:21:45 +0000 Subject: [PATCH] fastai --- charts/fastai/Chart.yaml | 2 +- .../templates/networkpolicy-ingress.yaml | 2 +- charts/fastai/templates/networkpolicy.yaml | 2 +- charts/fastai/values.schema.json | 564 ++++++++++-------- 4 files changed, 323 insertions(+), 247 deletions(-) diff --git a/charts/fastai/Chart.yaml b/charts/fastai/Chart.yaml index 01647cd1..1a926312 100644 --- a/charts/fastai/Chart.yaml +++ b/charts/fastai/Chart.yaml @@ -26,7 +26,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 7.0.1 +version: 7.1.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/fastai/templates/networkpolicy-ingress.yaml b/charts/fastai/templates/networkpolicy-ingress.yaml index 406b4810..b1edae9d 100644 --- a/charts/fastai/templates/networkpolicy-ingress.yaml +++ b/charts/fastai/templates/networkpolicy-ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.security.networkPolicy.enable -}} +{{- if .Values.security.networkPolicy.enabled -}} {{- if .Values.ingress.enabled -}} kind: NetworkPolicy apiVersion: networking.k8s.io/v1 diff --git a/charts/fastai/templates/networkpolicy.yaml b/charts/fastai/templates/networkpolicy.yaml index d2a07b87..a7bfb13c 100644 --- a/charts/fastai/templates/networkpolicy.yaml +++ b/charts/fastai/templates/networkpolicy.yaml @@ -1,4 +1,4 @@ -{{- if .Values.security.networkPolicy.enable -}} +{{- if .Values.security.networkPolicy.enabled -}} kind: NetworkPolicy apiVersion: networking.k8s.io/v1 metadata: diff --git a/charts/fastai/values.schema.json b/charts/fastai/values.schema.json index 1cc3b5a5..18e13780 100644 --- a/charts/fastai/values.schema.json +++ b/charts/fastai/values.schema.json @@ -143,52 +143,69 @@ "description": "security specific configuration", "type": "object", "properties": { - "password": { - "type": "string", - "description": "Password", - "default": "changeme", + "password": { + "type": "string", + "description": "Password", + "default": "changeme", + "x-form": { + "value": "{{project.password}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{project.password}}" + } + }, + "allowlist": { + "type": "object", + "description": "IP protection", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable IP protection", + "description": "Only the configured set of IPs will be able to reach the service", + "default": true, "x-form": { - "value": "{{project.password}}" + "value": "{{region.defaultIpProtection}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "region.defaultIpProtection" } - }, - "allowlist": { - "type": "object", - "description": "IP protection", - "properties": { - "enabled": { - "type": "boolean", - "title": "Enable IP protection", - "description": "Only the configured set of IPs will be able to reach the service", - "default": true, - "x-form": { - "value": "{{region.defaultIpProtection}}" - } - }, - "ip": { - "type": "string", - "description": "the white list of IP is whitespace", - "title": "Whitelist of IP", - "x-form": { - "value": "{{user.ip}}" - } - } + }, + "ip": { + "type": "string", + "description": "the allow list of IP is whitespace", + "title": "Allowed IP", + "default": "0.0.0.0/0", + "x-form": { + "value": "{{user.ip}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{user.ip}}" + }, + "hidden": { + "value": false, + "path": "security/allowlist/enabled" } - }, - "networkPolicy": { - "type": "object", - "description": "Define access policy to the service", - "properties": { - "enable": { - "type": "boolean", - "title": "Enable network policy", - "description": "Only pod from the same namespace will be allowed", - "default": true, - "x-form": { - "value": "{{region.defaultNetworkPolicy}}" - } - } + } + } + }, + "networkPolicy": { + "type": "object", + "description": "Define access policy to the service", + "properties": { + "enabled": { + "type": "boolean", + "title": "Enable network policy", + "description": "Only pod from the same namespace will be allowed", + "default": true, + "x-form": { + "value": "{{region.defaultNetworkPolicy}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "region.defaultNetworkPolicy" } + } } + } } }, "persistence": { @@ -242,208 +259,259 @@ ] } } - }, - "git": { - "description": "Git user configuration", - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Add git config inside your environment", - "default": true - }, - "name": { - "type": "string", - "description": "user name for git", - "default": "", - "x-form": { - "value": "{{git.name}}" - }, - "hidden": { - "value": false, - "path": "git/enabled" - } - }, - "email": { - "type": "string", - "description": "user email for git", - "default": "", - "x-form": { - "value": "{{git.email}}" - }, - "hidden": { - "value": false, - "path": "git/enabled" - } - }, - "cache": { - "type": "string", - "description": "duration in seconds of the credentials cache duration", - "default": "", - "x-form": { - "value": "{{git.credentials_cache_duration}}" - }, - "hidden": { - "value": false, - "path": "git/enabled" - } - }, - "token": { - "type": "string", - "description": "personal access token", - "default": "", - "x-form": { - "value": "{{git.token}}" - }, - "hidden": { - "value": false, - "path": "git/enabled" - } - }, - "repository": { - "type": "string", - "description": "projet", - "default": "", - "x-form": { - "value": "{{git.project}}" - }, - "hidden": { - "value": false, - "path": "git/enabled" - } - } - } - }, - "vault": { - "description": "Configuration of vault client", - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Add vault temporary identity inside your environment", - "default": true - }, - "token": { - "description": "token vault", - "type": "string", - "x-form": { - "value": "{{vault.VAULT_TOKEN}}" - }, - "hidden": { - "value": false, - "path": "vault/enabled" - } - }, - "url": { - "description": "url of vault server", - "type": "string", - "x-form": { - "value": "{{vault.VAULT_ADDR}}" - }, - "hidden": { - "value": false, - "path": "vault/enabled" - } - }, - "mount": { - "description": "mount of the v2 secret engine", - "type": "string", - "x-form": { - "value": "{{vault.VAULT_MOUNT}}" - }, - "hidden": { - "value": false, - "path": "vault/enabled" - } - }, - "directory": { - "description": "top level directory", - "type": "string", - "x-form": { - "value": "{{vault.VAULT_TOP_DIR}}" - }, - "hidden": { - "value": false, - "path": "vault/enabled" - } - }, - "secret": { - "description": "the path of the secret to convert into a list of environment variables", - "type": "string", - "default": "", - "hidden": { - "value": false, - "path": "vault/enabled" - } - } - } - }, - "s3": { - "description": "Configuration of temporary identity", - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "description": "Add S3 temporary identity inside your environment", - "default": true - }, - "accessKeyId": { - "description": "AWS Access Key", - "type": "string", - "x-form": { - "value": "{{s3.AWS_ACCESS_KEY_ID}}" - }, - "hidden": { - "value": false, - "path": "s3/enabled" - } - }, - "endpoint": { - "description": "AWS S3 Endpoint", - "type": "string", - "x-form": { - "value": "{{s3.AWS_S3_ENDPOINT}}" - }, - "hidden": { - "value": false, - "path": "s3/enabled" - } - }, - "defaultRegion": { - "description": "AWS S3 default region", - "type": "string", - "x-form": { - "value": "{{s3.AWS_DEFAULT_REGION}}" - }, - "hidden": { - "value": false, - "path": "s3/enabled" - } - }, - "secretAccessKey": { - "description": "AWS S3 secret access key", - "type": "string", - "x-form": { - "value": "{{s3.AWS_SECRET_ACCESS_KEY}}" - }, - "hidden": { - "value": false, - "path": "s3/enabled" - } - }, - "sessionToken": { - "description": "AWS S3 session Token", - "type": "string", - "x-form": { - "value": "{{s3.AWS_SESSION_TOKEN}}" - }, - "hidden": { - "value": false, - "path": "s3/enabled" - } - } - } - }, + }, + "git": { + "description": "Git user configuration", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Add git config inside your environment", + "default": true + }, + "name": { + "type": "string", + "description": "user name for git", + "default": "", + "x-form": { + "value": "{{git.name}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{git.name}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "email": { + "type": "string", + "description": "user email for git", + "default": "", + "x-form": { + "value": "{{git.email}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{git.email}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "cache": { + "type": "string", + "description": "duration in seconds of the credentials cache duration", + "default": "", + "x-form": { + "value": "{{git.credentials_cache_duration}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{git.credentials_cache_duration}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "token": { + "type": "string", + "description": "personal access token", + "default": "", + "x-form": { + "value": "{{git.token}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{git.token}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "repository": { + "type": "string", + "description": "Repository url", + "default": "", + "x-form": { + "value": "{{git.project}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{git.project}}" + }, + "hidden": { + "value": false, + "path": "git/enabled" + } + }, + "branch": { + "type": "string", + "description": "Brach automatically checkout", + "default": "", + "hidden": { + "value": "", + "path": "git/repository" + } + } + } + }, + "vault": { + "description": "Configuration of vault client", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Add vault temporary identity inside your environment", + "default": true + }, + "token": { + "description": "token vault", + "type": "string", + "x-form": { + "value": "{{vault.VAULT_TOKEN}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_TOKEN}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "url": { + "description": "url of vault server", + "type": "string", + "x-form": { + "value": "{{vault.VAULT_ADDR}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_ADDR}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "mount": { + "description": "mount of the v2 secret engine", + "type": "string", + "x-form": { + "value": "{{vault.VAULT_MOUNT}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_MOUNT}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "directory": { + "description": "top level directory", + "type": "string", + "x-form": { + "value": "{{vault.VAULT_TOP_DIR}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{vault.VAULT_TOP_DIR}}" + }, + "hidden": { + "value": false, + "path": "vault/enabled" + } + }, + "secret": { + "description": "the path of the secret to convert into a list of environment variables", + "type": "string", + "default": "", + "hidden": { + "value": false, + "path": "vault/enabled" + } + } + } + }, + "s3": { + "description": "Configuration of temporary identity", + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Add S3 temporary identity inside your environment", + "default": true + }, + "accessKeyId": { + "description": "AWS Access Key", + "type": "string", + "x-form": { + "value": "{{s3.AWS_ACCESS_KEY_ID}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_ACCESS_KEY_ID}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "endpoint": { + "description": "AWS S3 Endpoint", + "type": "string", + "x-form": { + "value": "{{s3.AWS_S3_ENDPOINT}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_S3_ENDPOINT}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "defaultRegion": { + "description": "AWS S3 default region", + "type": "string", + "x-form": { + "value": "{{s3.AWS_DEFAULT_REGION}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_DEFAULT_REGION}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "secretAccessKey": { + "description": "AWS S3 secret access key", + "type": "string", + "x-form": { + "value": "{{s3.AWS_SECRET_ACCESS_KEY}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_SECRET_ACCESS_KEY}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + }, + "sessionToken": { + "description": "AWS S3 session Token", + "type": "string", + "x-form": { + "value": "{{s3.AWS_SESSION_TOKEN}}" + }, + "x-onyxia": { + "overwriteDefaultWith": "{{s3.AWS_SESSION_TOKEN}}" + }, + "hidden": { + "value": false, + "path": "s3/enabled" + } + } + } + }, "ingress": { "type": "object", "form": true, @@ -456,6 +524,10 @@ "x-form": { "hidden": true, "value": "{{project.id}}-{{k8s.randomSubdomain}}.{{k8s.domain}}" + }, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{project.id}}-{{k8s.randomSubdomain}}.{{k8s.domain}}" } } } @@ -471,7 +543,11 @@ "x-form": { "hidden": true, "value": "{{k8s.initScriptUrl}}" - } + }, + "x-onyxia": { + "hidden": true, + "overwriteDefaultWith": "{{k8s.initScriptUrl}}" + } }, "personalInit": { "type": "string",