Removing abstracted templates

charts/nr-compliance-enforcement-cm/Chart.yaml

@@ -24,30 +24,6 @@ version: 0.1.0
 # It is recommended to use it with quotes.
 appVersion: "1.16.0"
 
-dependencies:
-  - name: component
-    condition: backend.enabled
-    version: 0.2.3
-    repository: https://raw.githubusercontent.com/bcgov/helm-service/gh-pages
-    alias: backend
-
-  - name: component
-    condition: frontend.enabled
-    version: 0.2.3
-    repository: https://raw.githubusercontent.com/bcgov/helm-service/gh-pages
-    alias: frontend
-
-  - name: postgresql
-    condition: bitnami-pg.enabled
-    version: 13.2.24
-    repository: https://charts.bitnami.com/bitnami
-    alias: bitnami-pg
-
-  - name: component
-    condition: backup.enabled
-    version: 0.2.3
-    repository: https://raw.githubusercontent.com/bcgov/helm-service/gh-pages
-    alias: backup
 maintainers:
   - name: Om Mishra
     email: omprakash.2.mishra@gov.bc.ca

charts/nr-compliance-enforcement-cm/charts/component/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/nr-compliance-enforcement-cm/charts/component/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+appVersion: 1.0.0
+description: A Helm chart template for supporting different kind of application deployment.
+name: component
+type: application
+version: 0.2.3

charts/nr-compliance-enforcement-cm/charts/component/templates/_helpers.tpl

@@ -0,0 +1,111 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "component.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "component.fullname" -}}
+{{- $componentName := include "component.name" .  }}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $componentName | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "component.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "component.labels" -}}
+helm.sh/chart: {{ include "component.chart" . }}
+{{ include "component.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+{{- if .Values.global.tag }}
+app.kubernetes.io/image-tag: {{ .Values.global.tag | quote }}
+{{- end }}
+{{- if .Values.global.labels }}
+{{tpl .Values.global.labels .}}
+{{- end }}
+{{- end }}
+{{/*
+Selector labels
+*/}}
+{{- define "component.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "component.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Pod Annotations
+*/}}
+{{- define "component.podAnnotations" -}}
+{{- if .Values.global.podAnnotations }}
+{{tpl .Values.global.podAnnotations .}}
+{{- end }}
+{{- end }}
+
+
+{{/*
+Get Environment Variables
+*/}}
+{{- define "component.env" -}}
+{{- default ("") .Values.configmap.env }}
+{{- end }}
+
+{{/*
+Create default ConfigMap
+*/}}
+{{- define "component.configmap" -}}
+{{ printf "%s%s" (.Values.configmap.script) (include "component.env" .) }}
+{{- end}}
+
+
+
+{{/*
+Vault Sideloader Annotations
+*/}}
+{{- define "component.vaultAnnotations" -}}
+{{- if and .Values.vault .Values.vault.enabled }}
+# 1. Vault injector configuration goes here, inside the template.
+vault.hashicorp.com/agent-inject: 'true'
+vault.hashicorp.com/agent-inject-token: 'true'
+vault.hashicorp.com/agent-pre-populate-only: 'true' # this makes sure the secret vault will only change during pod restart
+vault.hashicorp.com/auth-path: auth/k8s-silver  # This was tricky.  Be sure to use k8s-silver, k8s-gold, or k8s-golddr
+vault.hashicorp.com/namespace: platform-services
+vault.hashicorp.com/role: {{tpl .Values.global.license .}}-{{tpl .Values.vault.role .}}  # licenseplate-nonprod or licenseplate-prod are your options
+{{- if .Values.vault.resources }}
+vault.hashicorp.com/agent-requests-cpu: {{.Values.vault.resources.requests.cpu }}
+vault.hashicorp.com/agent-limits-cpu: {{.Values.vault.resources.limits.cpu }}
+vault.hashicorp.com/agent-requests-mem: {{.Values.vault.resources.requests.memory }}
+vault.hashicorp.com/agent-limits-mem: {{.Values.vault.resources.limits.memory }}
+{{- end }}
+
+# Configure how to retrieve and populate the secrets from Vault:
+# - The name of the secret is any unique string after vault.hashicorp.com/agent-inject-secret-<name>
+# - The value is the path in Vault where the secret is located.
+{{- range $k := .Values.vault.secretPaths }}
+vault.hashicorp.com/agent-inject-secret-{{tpl $k $}}:    {{tpl $.Values.global.license $}}-{{tpl $.Values.vault.role $}}/{{tpl $k $}}
+vault.hashicorp.com/agent-inject-template-{{tpl $k $}}: |
+  {{ printf "%s" "{{" }}- with secret "{{tpl $.Values.global.license $}}-{{tpl $.Values.vault.role $}}/{{tpl $k $}}"{{ printf "%s" "}}" }}
+  {{ printf "%s" "{{" }}- range $k,$v := .Data.data{{ printf "%s" "}}"  }}
+  export {{"{{"}}$k{{"}}"}}="{{"{{"}}$v{{"}}"}}"
+  {{ printf "%s" "{{" }}- end{{ printf "%s" "}}" }}
+  {{ printf "%s" "{{" }}- end{{ printf "%s" "}}" }}
+{{- end }}
+{{- end }}
+{{- end }}

charts/nr-compliance-enforcement-cm/charts/component/templates/configmap.yaml

@@ -0,0 +1,14 @@
+---
+{{- if and .Values.configmap .Values.configmap.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "component.fullname" . }}
+  labels:
+    {{- include "component.labels" . | nindent 4 }}
+data:
+    {{- range  $k,$v := .Values.configmap.data }}
+    {{ $k | quote }}: {{ tpl $v $ | quote }}
+    {{- end }}
+
+{{- end }}

charts/nr-compliance-enforcement-cm/charts/component/templates/cronjob.yaml

@@ -0,0 +1,162 @@
+{{- if and .Values.cronjob .Values.cronjob.enabled }}
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ include "component.fullname" . }}
+  labels:
+    {{- include "component.labels" . | nindent 4 }}
+  namespace: {{ .Release.Namespace | quote }}
+  {{- if .Values.cronjob.annotations }}
+  annotations: {{- .Values.cronjob.annotations | nindent 4 }}
+  {{- end }}
+spec:
+  schedule: {{ quote .Values.cronjob.schedule }}
+  concurrencyPolicy: {{ .Values.cronjob.concurrencyPolicy }}
+  failedJobsHistoryLimit: {{ .Values.cronjob.failedJobsHistoryLimit }}
+  successfulJobsHistoryLimit: {{ .Values.cronjob.successfulJobsHistoryLimit }}
+  {{- if .Values.cronjob.startingDeadlineSeconds }}
+  startingDeadlineSeconds: {{ .Values.cronjob.startingDeadlineSeconds }}
+  {{- end }}
+  jobTemplate:
+    spec:
+      {{- if .Values.cronjob.ttlSecondsAfterFinished }}
+      ttlSecondsAfterFinished: {{ .Values.cronjob.ttlSecondsAfterFinished }}
+      {{- end }}
+      template:
+        metadata:
+          labels:
+            {{- include "component.labels" . | nindent 12 }}
+          {{- if .Values.cronjob.annotations }}
+          annotations: {{- .Values.cronjob.annotations | nindent 4 }}
+          {{- end }}
+        spec:
+          {{- if .Values.cronjob.nodeSelector }}
+          nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.cronjob.nodeSelector "context" $) | nindent 12 }}
+          {{- end }}
+          containers:
+            {{- range .Values.containers }}
+            - name: {{ .name }}
+              {{- if .command }}
+              command:
+                {{- range .command }}
+                - "{{ . }}"
+              {{- end }}
+              {{- end}}
+              {{- if .args }}
+              args:
+              {{- range .args }}
+                - "{{ . }}"
+              {{- end }}
+              {{- end }}
+              {{- if .securityContext }}
+              securityContext:
+              {{- toYaml .securityContext | nindent 12 }}
+              {{- end}}
+              {{- if  $.Values.global.openshiftImageRegistry }}
+              {{- if (contains "sha256:" .tag) }}
+              image: '{{$.Values.global.openshiftImageRegistry}}/{{$.Release.Namespace}}/{{$.Release.Name}}-{{ .name }}:{{ trimPrefix "sha256:" tpl .tag $  }}'
+              {{- else }}
+              image: '{{$.Values.global.openshiftImageRegistry}}/{{$.Release.Namespace}}/{{$.Release.Name}}-{{ .name }}:{{ tpl .tag $ }}'
+              {{- end }}
+              {{- else }}
+              {{- if (contains "sha256:" .tag) }}
+              image: '{{ tpl .registry $ }}/{{ tpl .repository $ }}/{{ .image }}@{{ (tpl .tag $) }}'
+              {{- else }}
+              image: '{{ tpl .registry $ }}/{{ tpl .repository $ }}/{{ .image }}:{{ (tpl .tag $) }}'
+              {{- end }}
+              {{- end }}
+              imagePullPolicy: {{ default "IfNotPresent" .pullPolicy }}
+                {{- if .envFrom }}
+              envFrom:
+                    {{- if .envFrom.secretRef }}
+                - secretRef:
+                    name: {{ include "component.fullname" $ }}
+                    {{- end }}
+                    {{- if .envFrom.configMapRef }}
+                - configMapRef:
+                    name: {{ include "component.fullname" $ }}
+                    {{- end }}
+                    {{- end }}
+                    {{- if .env }}
+              env:
+                    {{- if .env.fromLocalConfigmap }}
+                    {{- range $item := .env.fromLocalConfigmap }} # picking individual elements from configmap of individual component (backend, frontend, etc)
+                - name: {{$item.name}} # the env variable name
+                  valueFrom:
+                    configMapKeyRef:
+                      name: {{ include "component.fullname" $ }}
+                      key: {{$item.key}} # the key of configmap
+                    {{- end }}
+                    {{- end }}
+                    {{- if .env.fromGlobalConfigmap }}
+                    {{- range $item := .env.fromGlobalConfigmap }} # picking individual elements from global configmap of entire deployment set
+                - name: {{$item.name}} # the env variable name
+                  valueFrom:
+                    configMapKeyRef:
+                      name: {{ $.Release.Name }}
+                      key: {{$item.key}} # the key of configmap
+                    {{- end }}
+                    {{- end }}
+                    {{- if .env.fromLocalSecret }}
+                    {{- range $item := .env.fromLocalSecret }} # picking individual elements from secret of individual component (backend, frontend, etc)
+                - name: {{$item.name}} # the env variable name
+                  valueFrom:
+                    secretKeyRef:
+                            {{- if $item.secretName }}
+                      name: {{tpl $item.secretName $}}
+                            {{- else }}
+                      name: {{ include "component.fullname" $ }}
+                            {{- end }}
+                      key: {{$item.key}} # the key of secret
+                    {{- end }}
+                    {{- end }}
+                    {{- if .env.fromGlobalSecret }}
+                    {{- range $item := .env.fromGlobalSecret }} # picking individual elements from global secret of entire deployment set
+                - name: {{$item.name}} # the env variable name
+                  valueFrom:
+                    secretKeyRef:
+                            {{- if $item.secretName }}
+                      name: {{tpl $item.secretName $}}
+                            {{- else }}
+                      name: {{ $.Release.Name }}
+                            {{- end }}
+                      key: {{$item.key}} # the key of secret
+                    {{- end }}
+                    {{- end }}
+                    {{- if .env.fromValues }} #this could be pure values based env like DB URLS or DB Host et
+                    {{- range $item := .env.fromValues }} # picking individual elements from global secret of entire deployment set
+                - name: {{$item.name}} # the env variable name
+                  value: {{tpl  $item.value $ | quote}} # the value of env variable
+                    {{- end }}
+                    {{- end }}
+                    {{- end }}
+
+              {{- if .resources}}
+              {{- with .resources }}
+              resources:
+                {{- toYaml . | nindent 16 }}
+              {{- end }}
+              {{- else }}
+              resources:
+                limits:
+                  cpu: 100m
+                  memory: 250Mi
+                requests:
+                  cpu: 20m
+                  memory: 50Mi
+              {{- end }}
+              {{- end }}
+              {{- if .volumeMounts }}
+              volumeMounts:
+                {{- tpl (toYaml .volumeMounts) $ | nindent 12 }}
+              {{- end }}
+          restartPolicy: {{ .Values.cronjob.restartPolicy }}
+          {{- if and .Values.cronjob.podSecurityContext .Values.cronjob.podSecurityContext.enabled }}
+          securityContext:
+            fsGroup: {{ .Values.cronjob.podSecurityContext.fsGroup }}
+          {{- end }}
+          {{- if .Values.cronjob.volumes }}
+          volumes:
+          {{- tpl (toYaml .Values.cronjob.volumes) . | nindent 10 }}
+          {{- end }}
+{{- end}}