From be43e42ddf09e573038ff17889d384878ae51dbc Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Wed, 3 Jan 2024 17:09:08 +0100 Subject: [PATCH] add example2 --- TODO | 1 + packages/Makefile | 2 - .../apps/326070a4539db72518a9369b9aaeb3d3 | 1 - packages/apps/Makefile | 10 ++ packages/apps/http-balancer/Chart.yaml | 2 +- packages/apps/kube-vip/Chart.yaml | 2 - packages/apps/kube-vip/Makefile | 8 -- .../kube-vip-cloud-provider/.helmignore | 23 ----- .../charts/kube-vip-cloud-provider/Chart.yaml | 9 -- .../templates/_helpers.tpl | 63 ------------ .../templates/deployment.yaml | 29 ------ .../templates/rbac.yaml | 37 ------- .../kube-vip-cloud-provider/values.yaml | 39 -------- .../apps/kube-vip/charts/kube-vip/.helmignore | 23 ----- .../apps/kube-vip/charts/kube-vip/Chart.yaml | 9 -- .../charts/kube-vip/templates/_helpers.tpl | 63 ------------ .../charts/kube-vip/templates/daemonset.yaml | 64 ------------ .../charts/kube-vip/templates/rbac.yaml | 36 ------- .../apps/kube-vip/charts/kube-vip/values.yaml | 98 ------------------- packages/apps/kube-vip/values.yaml | 5 - packages/apps/monitoring-hub/Chart.yaml | 2 +- packages/apps/virtual-machine/Chart.yaml | 2 +- .../apps/virtual-machine/templates/vm.yaml | 2 + .../installer/images/installer/Dockerfile | 1 + .../core/platform/templates/helmrepos.yaml | 9 ++ packages/core/platform/values.yaml | 1 + packages/system/kubeapps/2.yaml | 73 ++++++++++++++ 27 files changed, 100 insertions(+), 514 deletions(-) delete mode 100644 packages/Makefile delete mode 160000 packages/apps/326070a4539db72518a9369b9aaeb3d3 create mode 100644 packages/apps/Makefile delete mode 100644 packages/apps/kube-vip/Chart.yaml delete mode 100644 packages/apps/kube-vip/Makefile delete mode 100644 packages/apps/kube-vip/charts/kube-vip-cloud-provider/.helmignore delete mode 100644 packages/apps/kube-vip/charts/kube-vip-cloud-provider/Chart.yaml delete mode 100644 packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/_helpers.tpl delete mode 100644 packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/deployment.yaml delete mode 100644 packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/rbac.yaml delete mode 100644 packages/apps/kube-vip/charts/kube-vip-cloud-provider/values.yaml delete mode 100644 packages/apps/kube-vip/charts/kube-vip/.helmignore delete mode 100644 packages/apps/kube-vip/charts/kube-vip/Chart.yaml delete mode 100644 packages/apps/kube-vip/charts/kube-vip/templates/_helpers.tpl delete mode 100644 packages/apps/kube-vip/charts/kube-vip/templates/daemonset.yaml delete mode 100644 packages/apps/kube-vip/charts/kube-vip/templates/rbac.yaml delete mode 100644 packages/apps/kube-vip/charts/kube-vip/values.yaml delete mode 100644 packages/apps/kube-vip/values.yaml create mode 100644 packages/system/kubeapps/2.yaml diff --git a/TODO b/TODO index 0439a42f..e042ad5b 100644 --- a/TODO +++ b/TODO @@ -23,3 +23,4 @@ docs: system charts must be accessible via helm install & flux docs: how to get first token to access cluster docs: where to store talosconfig how to version helm charts +autombump chart versions for system charts diff --git a/packages/Makefile b/packages/Makefile deleted file mode 100644 index a41fe277..00000000 --- a/packages/Makefile +++ /dev/null @@ -1,2 +0,0 @@ -repo: - make -C system $@ diff --git a/packages/apps/326070a4539db72518a9369b9aaeb3d3 b/packages/apps/326070a4539db72518a9369b9aaeb3d3 deleted file mode 160000 index 69979ff2..00000000 --- a/packages/apps/326070a4539db72518a9369b9aaeb3d3 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 69979ff2e3e796ee68a97a12e7ca2736a0defa2c diff --git a/packages/apps/Makefile b/packages/apps/Makefile new file mode 100644 index 00000000..09da2e37 --- /dev/null +++ b/packages/apps/Makefile @@ -0,0 +1,10 @@ +REPO=apps + +repo: + rm -rf ../repos/$(REPO) + mkdir -p ../repos/$(REPO) + cd ../repos/$(REPO) && helm package $$(find ../../$(REPO) -mindepth 2 -maxdepth 2 -name Chart.yaml | awk 'sub("/Chart.yaml", "")') + cd ../repos/$(REPO) && helm repo index . + +fix-chartnames: + find . -name Chart.yaml -maxdepth 2 | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: $$i/" "$$i/Chart.yaml"; done diff --git a/packages/apps/http-balancer/Chart.yaml b/packages/apps/http-balancer/Chart.yaml index e1723194..9070299e 100644 --- a/packages/apps/http-balancer/Chart.yaml +++ b/packages/apps/http-balancer/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: http-balancert +name: http-balancer description: Layer7 load balacner and caching service icon: https://www.svgrepo.com/show/373924/nginx.svg diff --git a/packages/apps/kube-vip/Chart.yaml b/packages/apps/kube-vip/Chart.yaml deleted file mode 100644 index 0aa33800..00000000 --- a/packages/apps/kube-vip/Chart.yaml +++ /dev/null @@ -1,2 +0,0 @@ -name: app -version: 0.0.0 diff --git a/packages/apps/kube-vip/Makefile b/packages/apps/kube-vip/Makefile deleted file mode 100644 index 91907d28..00000000 --- a/packages/apps/kube-vip/Makefile +++ /dev/null @@ -1,8 +0,0 @@ -include ../../hack/app-helm.mk - -update: - rm -rf charts - helm repo add kube-vip https://kube-vip.github.io/helm-charts - helm repo update kube-vip - helm pull kube-vip/kube-vip-cloud-provider --untar --untardir charts - helm pull kube-vip/kube-vip --untar --untardir charts diff --git a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/.helmignore b/packages/apps/kube-vip/charts/kube-vip-cloud-provider/.helmignore deleted file mode 100644 index 0e8a0eb3..00000000 --- a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/Chart.yaml b/packages/apps/kube-vip/charts/kube-vip-cloud-provider/Chart.yaml deleted file mode 100644 index e9e7ec59..00000000 --- a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/Chart.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v2 -appVersion: v0.0.4 -description: A Helm chart for kube-vip cloud provider -icon: https://github.com/kube-vip/kube-vip/raw/main/kube-vip.png -maintainers: -- name: kube-vip -name: kube-vip-cloud-provider -type: application -version: 0.2.2 diff --git a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/_helpers.tpl b/packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/_helpers.tpl deleted file mode 100644 index 7365d7db..00000000 --- a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/_helpers.tpl +++ /dev/null @@ -1,63 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "kube-vip-cloud-provider.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "kube-vip-cloud-provider.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "kube-vip-cloud-provider.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "kube-vip-cloud-provider.labels" -}} -helm.sh/chart: {{ include "kube-vip-cloud-provider.chart" . }} -{{ include "kube-vip-cloud-provider.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "kube-vip-cloud-provider.selectorLabels" -}} -app.kubernetes.io/name: {{ include "kube-vip-cloud-provider.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "kube-vip-cloud-provider.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "kube-vip-cloud-provider.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/deployment.yaml b/packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/deployment.yaml deleted file mode 100644 index 8ce7197e..00000000 --- a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/deployment.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "kube-vip-cloud-provider.name" . }} - namespace: {{ .Release.Namespace | default "kube-system" }} -spec: - replicas: {{ .Values.replicasCount }} - selector: - matchLabels: - {{- include "kube-vip-cloud-provider.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - {{- include "kube-vip-cloud-provider.selectorLabels" . | nindent 8 }} - spec: - containers: - - command: - - /kube-vip-cloud-provider - - --leader-elect-resource-name=kube-vip-cloud-controller - image: {{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }} - name: {{ include "kube-vip-cloud-provider.name" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - serviceAccountName: {{ include "kube-vip-cloud-provider.name" . }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/rbac.yaml b/packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/rbac.yaml deleted file mode 100644 index 60d35774..00000000 --- a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/templates/rbac.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "kube-vip-cloud-provider.name" . }} - namespace: {{ .Release.Namespace | default "kube-system" }} - labels: - {{- include "kube-vip-cloud-provider.labels" . | nindent 4 }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "kube-vip-cloud-provider.name" . }} -rules: - - apiGroups: [ "coordination.k8s.io" ] - resources: [ "leases" ] - verbs: [ "get", "create", "update", "list", "put" ] - - apiGroups: [ "" ] - resources: [ "configmaps", "endpoints","events","services/status", "leases" ] - verbs: [ "*" ] - - apiGroups: [ "" ] - resources: [ "nodes", "services" ] - verbs: [ "list","get","watch","update" ] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "kube-vip-cloud-provider.name" . }} - labels: - {{- include "kube-vip-cloud-provider.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "kube-vip-cloud-provider.name" . }} -subjects: - - kind: ServiceAccount - name: {{ include "kube-vip-cloud-provider.name" . }} - namespace: {{ .Release.Namespace }} diff --git a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/values.yaml b/packages/apps/kube-vip/charts/kube-vip-cloud-provider/values.yaml deleted file mode 100644 index ee63e870..00000000 --- a/packages/apps/kube-vip/charts/kube-vip-cloud-provider/values.yaml +++ /dev/null @@ -1,39 +0,0 @@ -# Default values for kube-vip-cloud-provider. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicasCount: 1 - -image: - repository: kubevip/kube-vip-cloud-provider - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "v0.0.4" - -resources: - requests: - cpu: 50m - memory: 64Mi - limits: - cpu: 100m - memory: 128Mi - -tolerations: - - key: node-role.kubernetes.io/master - effect: NoSchedule - - key: node-role.kubernetes.io/control-plane - effect: NoSchedule - -affinity: - nodeAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 10 - preference: - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - weight: 10 - preference: - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists diff --git a/packages/apps/kube-vip/charts/kube-vip/.helmignore b/packages/apps/kube-vip/charts/kube-vip/.helmignore deleted file mode 100644 index 0e8a0eb3..00000000 --- a/packages/apps/kube-vip/charts/kube-vip/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/packages/apps/kube-vip/charts/kube-vip/Chart.yaml b/packages/apps/kube-vip/charts/kube-vip/Chart.yaml deleted file mode 100644 index 2c4511f1..00000000 --- a/packages/apps/kube-vip/charts/kube-vip/Chart.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v2 -appVersion: v0.4.1 -description: A Helm chart for kube-vip -icon: https://github.com/kube-vip/kube-vip/raw/main/kube-vip.png -maintainers: -- name: kube-vip -name: kube-vip -type: application -version: 0.4.4 diff --git a/packages/apps/kube-vip/charts/kube-vip/templates/_helpers.tpl b/packages/apps/kube-vip/charts/kube-vip/templates/_helpers.tpl deleted file mode 100644 index bc58a99a..00000000 --- a/packages/apps/kube-vip/charts/kube-vip/templates/_helpers.tpl +++ /dev/null @@ -1,63 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "kube-vip.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "kube-vip.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "kube-vip.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "kube-vip.labels" -}} -helm.sh/chart: {{ include "kube-vip.chart" . }} -{{ include "kube-vip.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "kube-vip.selectorLabels" -}} -app.kubernetes.io/name: {{ include "kube-vip.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "kube-vip.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "kube-vip.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/packages/apps/kube-vip/charts/kube-vip/templates/daemonset.yaml b/packages/apps/kube-vip/charts/kube-vip/templates/daemonset.yaml deleted file mode 100644 index 518dc0c4..00000000 --- a/packages/apps/kube-vip/charts/kube-vip/templates/daemonset.yaml +++ /dev/null @@ -1,64 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: {{ include "kube-vip.name" . }} - namespace: {{ .Release.Namespace | default "kube-system" }} -spec: - selector: - matchLabels: - {{- include "kube-vip.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - {{- include "kube-vip.selectorLabels" . | nindent 8 }} - spec: - containers: - - args: - - manager - env: - {{- if eq .Values.env.cp_enable "true" }} - - name: vip_address - value: {{ required "A valid config.address required!" .Values.config.address}} - {{- end }} - {{- with .Values.env }} - {{- range $k, $v := . }} - {{- $name := $k }} - {{- $value := $v }} - - name: {{ quote $name }} - value: {{ quote $value }} - {{- end }} - {{- end }} - {{- with .Values.envValueFrom }} - {{- range $k, $v := . }} - {{- $name := $k }} - {{- $value := $v }} - - name: {{ quote $name }} - valueFrom: - {{- toYaml $value | nindent 14 }} - {{- end }} - {{- end }} - {{- with .Values.envFrom }} - envFrom: - {{- toYaml . | nindent 8 }} - {{- end }} - image: {{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - name: kube-vip - resources: - {{- toYaml .Values.resources | nindent 10 }} - securityContext: - {{- toYaml .Values.securityContext | nindent 10 }} - hostNetwork: true - serviceAccountName: {{ include "kube-vip.name" . }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/packages/apps/kube-vip/charts/kube-vip/templates/rbac.yaml b/packages/apps/kube-vip/charts/kube-vip/templates/rbac.yaml deleted file mode 100644 index 0aee28c9..00000000 --- a/packages/apps/kube-vip/charts/kube-vip/templates/rbac.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "kube-vip.name" . }} - namespace: {{ .Release.Namespace }} - labels: - {{- include "kube-vip.labels" . | nindent 4 }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - rbac.authorization.kubernetes.io/autoupdate: "true" - name: {{ include "kube-vip.name" . }} -rules: - - apiGroups: [""] - resources: ["services", "services/status", "nodes"] - verbs: ["list","get","watch", "update"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["list", "get", "watch", "update", "create"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "kube-vip.name" . }} - labels: - {{- include "kube-vip.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "kube-vip.name" . }} -subjects: -- kind: ServiceAccount - name: {{ include "kube-vip.name" . }} - namespace: {{ .Release.Namespace }} diff --git a/packages/apps/kube-vip/charts/kube-vip/values.yaml b/packages/apps/kube-vip/charts/kube-vip/values.yaml deleted file mode 100644 index 2b4021d0..00000000 --- a/packages/apps/kube-vip/charts/kube-vip/values.yaml +++ /dev/null @@ -1,98 +0,0 @@ -# Default values for kube-vip. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -image: - repository: ghcr.io/kube-vip/kube-vip - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "v0.5.11" - -config: - address: "" - -env: - vip_interface: "" - vip_arp: "true" - lb_enable: "true" - lb_port: "6443" - vip_cidr: "32" - cp_enable: "false" - svc_enable: "true" - svc_election: "true" - vip_leaderelection: "false" - -envValueFrom: {} - # Specify environment variables using valueFrom references (EnvVarSource) - # For example we can use the IP address of the pod itself as a unique value for the routerID -#bgp_routerid: -# fieldRef: -# fieldPath: status.podIP - -envFrom: [] - # Specify an externally created Secret(s) or ConfigMap(s) to inject environment variables - # For example an externally provisioned secret could contain the password for your upstream BGP router, such as - # - # apiVersion: v1 - # data: - # bgp_peers: "" - # kind: Secret - # name: kube-vip - # namespace: kube-system - # type: Opaque - # -#- secretKeyRef: -# name: kube-vip - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - -serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -podSecurityContext: {} -# fsGroup: 2000 - -securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. -# limits: -# cpu: 100m -# memory: 128Mi -# requests: -# cpu: 100m -# memory: 128Mi - -nodeSelector: {} - -tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists -affinity: {} - # nodeAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: node-role.kubernetes.io/master - # operator: Exists - # - matchExpressions: - # - key: node-role.kubernetes.io/control-plane - # operator: Exists diff --git a/packages/apps/kube-vip/values.yaml b/packages/apps/kube-vip/values.yaml deleted file mode 100644 index d3082d52..00000000 --- a/packages/apps/kube-vip/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ -_helm: - name: kube-vip - namespace: kube-vip - createNamespace: true - crds: CreateReplace diff --git a/packages/apps/monitoring-hub/Chart.yaml b/packages/apps/monitoring-hub/Chart.yaml index 29d365da..cd176a5a 100644 --- a/packages/apps/monitoring-hub/Chart.yaml +++ b/packages/apps/monitoring-hub/Chart.yaml @@ -1,2 +1,2 @@ -name: cozystack +name: monitoring-hub version: 0.0.0 diff --git a/packages/apps/virtual-machine/Chart.yaml b/packages/apps/virtual-machine/Chart.yaml index 8946d850..52869983 100644 --- a/packages/apps/virtual-machine/Chart.yaml +++ b/packages/apps/virtual-machine/Chart.yaml @@ -23,4 +23,4 @@ version: 0.1.3 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "1.16.0" +appVersion: "1.16.1" diff --git a/packages/apps/virtual-machine/templates/vm.yaml b/packages/apps/virtual-machine/templates/vm.yaml index bf83d73f..bad148be 100644 --- a/packages/apps/virtual-machine/templates/vm.yaml +++ b/packages/apps/virtual-machine/templates/vm.yaml @@ -5,6 +5,8 @@ metadata: name: {{ include "virtual-machine.fullname" . }} labels: {{- include "virtual-machine.labels" . | nindent 4 }} + annotations: + a: b spec: running: true template: diff --git a/packages/core/installer/images/installer/Dockerfile b/packages/core/installer/images/installer/Dockerfile index 1ce19668..64fd25ce 100644 --- a/packages/core/installer/images/installer/Dockerfile +++ b/packages/core/installer/images/installer/Dockerfile @@ -5,6 +5,7 @@ RUN apk add helm kubectl --repository=https://dl-cdn.alpinelinux.org/alpine/edge COPY packages /cozystack/packages RUN make -C /cozystack/packages/system repo +RUN make -C /cozystack/packages/apps repo RUN ln -s /cozystack/packages/core/installer/images/installer/scripts /scripts diff --git a/packages/core/platform/templates/helmrepos.yaml b/packages/core/platform/templates/helmrepos.yaml index e24436fb..cce16809 100644 --- a/packages/core/platform/templates/helmrepos.yaml +++ b/packages/core/platform/templates/helmrepos.yaml @@ -7,3 +7,12 @@ metadata: spec: interval: 5m0s url: http://cozystack.cozy-system.svc/system +--- +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: cozystack-apps + namespace: cozy-public +spec: + interval: 5m0s + url: http://cozystack.cozy-system.svc/apps diff --git a/packages/core/platform/values.yaml b/packages/core/platform/values.yaml index c1bbdb89..151069e2 100644 --- a/packages/core/platform/values.yaml +++ b/packages/core/platform/values.yaml @@ -1,4 +1,5 @@ namespaces: +- name: cozy-public - name: cozy-system privileged: true - name: cozy-cert-manager diff --git a/packages/system/kubeapps/2.yaml b/packages/system/kubeapps/2.yaml new file mode 100644 index 00000000..e2fc27ca --- /dev/null +++ b/packages/system/kubeapps/2.yaml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: tenant-client1 +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: client1 + namespace: tenant-client1 +--- +apiVersion: v1 +kind: Secret +metadata: + name: client1-token + namespace: tenant-client1 + annotations: + kubernetes.io/service-account.name: client1 +type: kubernetes.io/service-account-token +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: tenant-admin + namespace: tenant-client1 +rules: +- apiGroups: [""] + resources: ["*"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +- apiGroups: ["helm.toolkit.fluxcd.io"] + resources: ["helmreleases"] + verbs: ["*"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: tenant-admin-binding + namespace: tenant-client1 +subjects: +- kind: ServiceAccount + name: client1 + namespace: tenant-client1 +roleRef: + kind: Role + name: tenant-admin + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: list-apps + namespace: cozy-public +rules: +- apiGroups: ["source.toolkit.fluxcd.io"] + resources: ["helmrepositories"] + verbs: ["get", "list"] +- apiGroups: ["source.toolkit.fluxcd.io"] + resources: ["helmcharts"] + verbs: ["*"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: tenant-admin-binding + namespace: cozy-public +subjects: +- kind: ServiceAccount + name: client1 + namespace: tenant-client1 +roleRef: + kind: Role + name: list-apps + apiGroup: rbac.authorization.k8s.io