add seaweedfs-operator

2026-02-05 00:15:51 +00:00 · 2024-08-02 13:48:42 +02:00
35 changed files with 6547 additions and 0 deletions
--- a/packages/system/seaweedfs-operator/.dockerignore
+++ b/packages/system/seaweedfs-operator/.dockerignore
@@ -0,0 +1,3 @@
 # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
 # Ignore build and test binaries.
 bin/
--- a/packages/system/seaweedfs-operator/.github/workflows/helm_chart_release.yml
+++ b/packages/system/seaweedfs-operator/.github/workflows/helm_chart_release.yml
@@ -0,0 +1,44 @@
 name: Release Helm Chart
 on:
  push:
    branches:
      - master
    paths:
      - 'deploy/helm/**'
 permissions:
  contents: write
  pages: write
 jobs:
  release:
    environment: helm-release
    permissions:
      contents: write
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Configure Git
        run: |
          git config user.name "$GITHUB_ACTOR"
          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
      - name: Install Helm
        uses: azure/setup-helm@v3.5
        id: helm-install
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
      - name: Run chart-releaser
        id: helm-release
        uses: helm/chart-releaser-action@v1.6.0
        with:
          charts_dir: deploy/helm
        env:
          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
          CR_GENERATE_RELEASE_NOTES: true
--- a/packages/system/seaweedfs-operator/.github/workflows/image.yml
+++ b/packages/system/seaweedfs-operator/.github/workflows/image.yml
@@ -0,0 +1,52 @@
 name: Create and publish Docker image
 on:
  push:
    branches:
    - master
    tags:
    - v*
 jobs:
  build-and-push-image:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    steps:
    - name: Checkout repository
      uses: actions/checkout@v3
    - name: Login into GitHub Container Registry
      uses: docker/login-action@v2
      with:
        registry: ghcr.io
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}
    - name: Login into Docker Hub
      uses: docker/login-action@v2
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_TOKEN }}
    - name: Extract metadata (tags, labels) for Docker
      id: meta
      uses: docker/metadata-action@v4
      with:
        images: |
          chrislusf/seaweedfs-operator
          ghcr.io/seaweedfs/seaweedfs-operator
        tags: |
          type=ref,event=branch
          type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }}
    - name: Build and push Docker image
      uses: docker/build-push-action@v3
      with:
        context: .
        push: true
        tags: ${{ steps.meta.outputs.tags }}
        labels: ${{ steps.meta.outputs.labels }}
--- a/packages/system/seaweedfs-operator/.github/workflows/make-test-e2e.yaml
+++ b/packages/system/seaweedfs-operator/.github/workflows/make-test-e2e.yaml
@@ -0,0 +1,42 @@
 #name: Make run tests e2e
 #
 #on:
 #  pull_request:
 #    types:
 #      - opened
 #      - labeled
 #      - synchronize
 #
 #jobs:
 #  test-e2e:
 #    name: test-e2e on k8s ${{ matrix.k8s.attribute }} version
 #    # Pull request has label 'ok-to-test' or the author is a member of the organization
 #    if: contains(github.event.pull_request.labels.*.name, 'ok-to-test') || contains(fromJSON('["COLLABORATOR", "MEMBER", "OWNER"]'), github.event.pull_request.author_association)
 #    strategy:
 #      matrix:
 #        k8s:
 #          - version: v1.28.0
 #            attribute: penultimate
 #          - version: v1.29.0
 #            attribute: previous
 #          - version: default
 #            attribute: latest
 #    runs-on: ubuntu-22.04
 #    steps:
 #      - uses: actions/checkout@v4.1.7
 #      - uses: actions/setup-go@v5.0.1
 #        with:
 #          go-version: 1.22.4
 #      - uses: docker/setup-buildx-action@v3.3.0
 #      - uses: tale/kubectl-action@v1.4.0
 #        with:
 #          kubectl-version: v1.30.0
 #          # Empty kubeconfig file
 #          base64-kube-config: "YXBpVmVyc2lvbjogdjEKa2luZDogQ29uZmlnCnByZWZlcmVuY2VzOiB7fQo="
 #      - run: |
 #          if [ "${{ matrix.k8s.version }}" = "default" ]; then
 #            # For latest version use default from Makefile
 #            make test-e2e
 #          else
 #            K8S_VERSION=${{ matrix.k8s.version }} make test-e2e
 #          fi
--- a/packages/system/seaweedfs-operator/.github/workflows/make-test.yaml
+++ b/packages/system/seaweedfs-operator/.github/workflows/make-test.yaml
@@ -0,0 +1,36 @@
 #name: Make run tests
 #
 #on:
 #  pull_request:
 #    types:
 #      - opened
 #      - labeled
 #      - synchronize
 #
 #jobs:
 #  test:
 #    name: test on k8s ${{ matrix.k8s.attribute }} version
 #    # Pull request has label 'ok-to-test' or the author is a member of the organization
 #    if: contains(github.event.pull_request.labels.*.name, 'ok-to-test') || contains(fromJSON('["COLLABORATOR", "MEMBER", "OWNER"]'), github.event.pull_request.author_association)
 #    strategy:
 #      matrix:
 #        k8s:
 #          - version: v1.28.0
 #            attribute: penultimate
 #          - version: v1.29.0
 #            attribute: previous
 #          - version: default
 #            attribute: latest
 #    runs-on: ubuntu-22.04
 #    steps:
 #      - uses: actions/checkout@v4.1.7
 #      - uses: actions/setup-go@v5.0.1
 #        with:
 #          go-version: 1.22.4
 #      - run: |
 #          if [ "${{ matrix.k8s.version }}" = "default" ]; then
 #            # For latest version use default from Makefile
 #            make test
 #          else
 #            K8S_VERSION=${{ matrix.k8s.version }} make test
 #          fi
--- a/packages/system/seaweedfs-operator/.github/workflows/pre-commit.yaml
+++ b/packages/system/seaweedfs-operator/.github/workflows/pre-commit.yaml
@@ -0,0 +1,14 @@
 name: Pre-commit
 on:
  pull_request:
 jobs:
  pre-commit:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v4.1.7
      - uses: actions/setup-go@v5.0.1
        with:
          go-version: 1.22.4
      - uses: pre-commit/action@v3.0.1
--- a/packages/system/seaweedfs-operator/.gitignore
+++ b/packages/system/seaweedfs-operator/.gitignore
@@ -0,0 +1,84 @@
 # Temporary Build Files
 build/_output
 build/_test
 # Created by https://www.gitignore.io/api/go,vim,emacs,visualstudiocode
 ### Emacs ###
 # -*- mode: gitignore; -*-
 *~
 \#*\#
 /.emacs.desktop
 /.emacs.desktop.lock
 *.elc
 auto-save-list
 tramp
 .\#*
 # Org-mode
 .org-id-locations
 *_archive
 # flymake-mode
 *_flymake.*
 # eshell files
 /eshell/history
 /eshell/lastdir
 # elpa packages
 /elpa/
 # reftex files
 *.rel
 # AUCTeX auto folder
 /auto/
 # cask packages
 .cask/
 dist/
 # Flycheck
 flycheck_*.el
 # server auth directory
 /server/
 # projectiles files
 .projectile
 projectile-bookmarks.eld
 # directory configuration
 .dir-locals.el
 # saveplace
 places
 # url cache
 url/cache/
 # cedet
 ede-projects.el
 # smex
 smex-items
 # company-statistics
 company-statistics-cache.el
 # anaconda-mode
 anaconda-mode/
 ### Go ###
 # Binaries for programs and plugins
 *.exe
 *.exe~
 *.dll
 *.so
 *.dylib
 # Test binary, build with 'go test -c'
 *.test
 # Output of the go coverage tool, specifically when used with LiteIDE
 *.out
 ### Vim ###
 # swap
 .sw[a-p]
 .*.sw[a-p]
 # session
 Session.vim
 # temporary
 .netrwhist
 # auto-generated tag files
 tags
 ### VisualStudioCode ###
 .vscode/*
 .history
 # End of https://www.gitignore.io/api/go,vim,emacs,visualstudiocode
 ### GoLand ###
 .idea
 testbin
 bin
 dist
--- a/packages/system/seaweedfs-operator/.golangci.yml
+++ b/packages/system/seaweedfs-operator/.golangci.yml
@@ -0,0 +1,40 @@
 run:
  deadline: 5m
  allow-parallel-runners: true
 issues:
  # don't skip warning about doc comments
  # don't exclude the default set of lint
  exclude-use-default: false
  # restore some of the defaults
  # (fill in the rest as needed)
  exclude-rules:
    - path: "api/*"
      linters:
        - lll
    - path: "internal/*"
      linters:
        - dupl
        - lll
 linters:
  disable-all: true
  enable:
    - dupl
    - errcheck
    - exportloopref
    - goconst
    - gocyclo
    - gofmt
    - goimports
    - gosimple
    - govet
    - ineffassign
    - lll
    - misspell
    - nakedret
    - prealloc
    - staticcheck
    - typecheck
    - unconvert
    - unparam
    - unused
--- a/packages/system/seaweedfs-operator/.pre-commit-config.yaml
+++ b/packages/system/seaweedfs-operator/.pre-commit-config.yaml
@@ -0,0 +1,61 @@
 # See https://pre-commit.com for more information
 # See https://pre-commit.com/hooks.html for more hooks
 repos:
 - repo: https://github.com/pre-commit/pre-commit-hooks
  rev: v3.2.0
  hooks:
    - id: trailing-whitespace
    - id: end-of-file-fixer
      exclude: "^deploy/helm/(values.schema.json|README.md)$"
    - id: check-added-large-files
 - repo: local
  hooks:
    - id: make-fmt
      name: make-fmt
      entry: sh -c "make fmt"
      language: system
    - id: make-vet
      name: make-vet
      entry: sh -c "make vet"
      language: system
      require_serial: true
    - id: make-nilaway-lint
      name: make-nilaway-lint
      entry: sh -c "make nilaway-lint"
      language: system
      require_serial: true
 #    - id: make-lint-fix
 #      name: make-lint-fix
 #      entry: sh -c "make lint-fix"
 #      language: system
 #      require_serial: true
 #    - id: make-generate-docs
 #      name: make-generate-docs
 #      entry: sh -c "make generate-docs"
 #      language: system
 #      require_serial: true
 #    - id: make-mod-tidy
 #      name: make-mod-tidy
 #      entry: sh -c "make mod-tidy"
 #      language: system
 #      require_serial: true
 #    - id: make-helm-lint
 #      name: make-helm-lint
 #      entry: sh -c "make helm-lint"
 #      language: system
 #      require_serial: true
 #    - id: make-helm-schema-run
 #      name: make-helm-schema-run
 #      entry: sh -c "make helm-schema-run"
 #      language: system
 #      require_serial: true
 #    - id: make-helm-docs-run
 #      name: make-helm-docs-run
 #      entry: sh -c "make helm-docs-run"
 #      language: system
 #      require_serial: true
 #    - id: make-helm-crd-copy
 #      name: make-helm-crd-copy
 #      entry: sh -c "make helm-crd-copy"
 #      language: system
 #      require_serial: true
--- a/packages/system/seaweedfs-operator/1.yaml
+++ b/packages/system/seaweedfs-operator/1.yaml
@@ -0,0 +1,23 @@
 apiVersion: seaweed.seaweedfs.com/v1
 kind: Seaweed
 metadata:
  name: seaweed1
  namespace: default
 spec:
  # Add fields here
  image: chrislusf/seaweedfs:latest
  volumeServerDiskCount: 1
  hostSuffix: seaweed.abcdefg.com
  master:
    replicas: 3
    volumeSizeLimitMB: 1024
  volume:
    replicas: 1
    requests:
      storage: 4Gi
  filer:
    replicas: 2
    config: |
      [leveldb2]
      enabled = true
      dir = "/data/filerldb2"
--- a/packages/system/seaweedfs-operator/Chart.yaml
+++ b/packages/system/seaweedfs-operator/Chart.yaml
@@ -0,0 +1,3 @@
 apiVersion: v2
 name: cozy-seaweedfs
 version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
--- a/packages/system/seaweedfs-operator/Makefile
+++ b/packages/system/seaweedfs-operator/Makefile
@@ -0,0 +1,14 @@
 export NAME=seaweedfs-operator
 export NAMESPACE=cozy-$(NAME)
 include ../../../scripts/package-system.mk
 update:
 	rm -rf charts
 	mkdir -p charts/seaweedfs-operator
 	curl -sSL https://github.com/seaweedfs/seaweedfs-operator/archive/refs/heads/master.tar.gz | \
 	tar -C charts/seaweedfs-operator -xzvf - --strip 3 seaweedfs-operator-master/deploy/helm
 show-locally:
 	helm template --dry-run=server --post-renderer ../../../scripts/fluxcd-kustomize.sh -n $(NAMESPACE) $(NAME) . -f -
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/.helmignore
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/.helmignore
@@ -0,0 +1,23 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/Chart.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/Chart.yaml
@@ -0,0 +1,9 @@
 apiVersion: v2
 name: seaweedfs-operator
 description: A Helm chart for the seaweedfs-operator
 type: application
 version: 0.0.2
 appVersion: "0.0.1"
 maintainers:
  - name: chrislusf
    url: https://github.com/chrislusf
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/README.md
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/README.md
@@ -0,0 +1,45 @@
 # seaweedfs-operator
 ![Version: 0.0.2](https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square)
 A Helm chart for the seaweedfs-operator
 ## Maintainers
 | Name | Email | Url |
 | ---- | ------ | --- |
 | chrislusf |  | <https://github.com/chrislusf> |
 ## Values
 | Key                             | Type   | Default                         | Description                                                                                                                                                                                                          |
 |---------------------------------|--------|---------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | commonAnnotations               | object | `{}`                            | Annotations for all the deployed objects                                                                                                                                                                             |
 | commonLabels                    | object | `{}`                            | Labels for all the deployed objects                                                                                                                                                                                  |
 | fullnameOverride                | string | `""`                            | String to fully override common.names.fullname template                                                                                                                                                              |
 | global                          | object | `{"imageRegistry":"chrislusf"}` | Global Docker image parameters Please, note that this will override the image parameters, including dependencies, configured to use the global value Current available global Docker image parameters: imageRegistry |
 | grafanaDashboard.enabled        | bool   | `true`                          | Enable or disable Grafana Dashboard configmap                                                                                                                                                                        |
 | image.pullPolicy                | string | `"Always"`                      | Specify a imagePullPolicy # Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' # ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images                                         |
 | image.registry                  | string | `"chrislusf"`                   |                                                                                                                                                                                                                      |
 | image.repository                | string | `"seaweedfs-operator"`          |                                                                                                                                                                                                                      |
 | image.tag                       | string | `""`                            | tag of image to use. Defaults to appVersion in Chart.yaml                                                                                                                                                            |
 | nameOverride                    | string | `""`                            | String to partially override common.names.fullname template (will maintain the release name)                                                                                                                         |
 | port.name                       | string | `"http"`                        | name of the container port to use for the Kubernete service and ingress                                                                                                                                              |
 | port.number                     | int    | `8080`                          | container port number to use for the Kubernete service and ingress                                                                                                                                                   |
 | rbac.serviceAccount.name        | string | `"default"`                     | name of the Kubernetes service account to create                                                                                                                                                                     |
 | replicaCount                    | int    | `1`                             | Set number of pod replicas                                                                                                                                                                                           |
 | resources.limits.cpu            | string | `"500m"`                        | seaweedfs-operator containers' cpu limit (maximum allowes CPU)                                                                                                                                                       |
 | resources.limits.memory         | string | `"500Mi"`                       | seaweedfs-operator containers' memory limit (maximum allowes memory)                                                                                                                                                 |
 | resources.requests.cpu          | string | `"100m"`                        | seaweedfs-operator containers' cpu request (how much is requested by default)                                                                                                                                        |
 | resources.requests.memory       | string | `"50Mi"`                        | seaweedfs-operator containers' memory request (how much is requested by default)                                                                                                                                     |
 | service.port                    | int    | `8080`                          | port to use for Kubernetes service                                                                                                                                                                                   |
 | service.portName                | string | `"http"`                        | name of the port to use for Kubernetes service                                                                                                                                                                       |
 | serviceMonitor.additionalLabels | object | `{}`                            | Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with                                                                                                |
 | serviceMonitor.enabled          | bool   | `true`                          | Enable or disable ServiceMonitor for prometheus metrics                                                                                                                                                              |
 | serviceMonitor.honorLabels      | bool   | `true`                          | Specify honorLabels parameter to add the scrape endpoint                                                                                                                                                             |
 | serviceMonitor.interval         | string | `"10s"`                         | Specify the interval at which metrics should be scraped                                                                                                                                                              |
 | serviceMonitor.scrapeTimeout    | string | `"10s"`                         | Specify the timeout after which the scrape is ended                                                                                                                                                                  |
 | webhook.enabled                 | bool   | `true`                          | Enable or disable webhooks                                                                                                                                                                                           |
 ----------------------------------------------
 Autogenerated from chart metadata using [helm-docs v1.11.3](https://github.com/norwoodj/helm-docs/releases/v1.11.3)
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/crds/seaweed.seaweedfs.com_seaweeds.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/crds/seaweed.seaweedfs.com_seaweeds.yaml
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/dashboard/seaweedfs-grafana-dashboard.json
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/dashboard/seaweedfs-grafana-dashboard.json
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/_helpers.tpl
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/_helpers.tpl
@@ -0,0 +1,74 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "seaweedfs-operator.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "seaweedfs-operator.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "seaweedfs-operator.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "seaweedfs-operator.labels" -}}
 helm.sh/chart: {{ include "seaweedfs-operator.chart" . }}
 {{ include "seaweedfs-operator.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "seaweedfs-operator.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "seaweedfs-operator.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Docker registry image pull secret
 */}}
 {{- define "seaweedfs-operator.imagePullSecret" }}
 {{- $auth := printf "%s:%s" .username .password | b64enc -}}
 {{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .registry $auth | b64enc }}
 {{- end }}
 {{- define "seaweedfs-operator.createPullSecret" -}}
 {{- if and .Values.image.credentials (not .Values.image.pullSecrets) }}
  {{- true -}}
 {{- else -}}
 {{- end -}}
 {{- end -}}
 {{- define "seaweedfs-operator.pullSecretName" -}}
 {{- if .Values.image.pullSecrets -}}
  {{- printf "%s" (tpl .Values.image.pullSecrets .) -}}
 {{- else -}}
  {{- printf "%s-container-registry" (include "seaweedfs-operator.fullname" .) -}}
 {{- end -}}
 {{- end -}}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/configmap-grafana-dashboard.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/configmap-grafana-dashboard.yaml
@@ -0,0 +1,14 @@
 {{- if .Values.grafanaDashboard.enabled }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-grafana-dashboard
  labels:
    app: {{ include "seaweedfs-operator.fullname" . }}
    grafana_dashboard: {{ include "seaweedfs-operator.fullname" . }}
 data:
  seaweedfs.json: |
    {{- $.Files.Get "dashboard/seaweedfs-grafana-dashboard.json" | nindent 4 }}
 {{- end }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/container-registry-secret.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/container-registry-secret.yaml
@@ -0,0 +1,11 @@
 {{ if (include "seaweedfs-operator.createPullSecret" .) }}
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-container-registry
  labels:
    app: {{ include "seaweedfs-operator.fullname" . }}
 type: kubernetes.io/dockerconfigjson
 data:
  .dockerconfigjson: {{ include "seaweedfs-operator.imagePullSecret" .Values.image.credentials }}
 {{ end }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/deployment.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/deployment.yaml
@@ -0,0 +1,63 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}
  labels:
    app: {{ include "seaweedfs-operator.fullname" . }}
 spec:
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
      app: {{ include "seaweedfs-operator.fullname" . }}
  template:
    metadata:
      labels:
        app: {{ include "seaweedfs-operator.fullname" . }}
    spec:
      {{ if or .Values.image.credentials .Values.image.pullSecrets }}
      imagePullSecrets:
        - name: {{ include "seaweedfs-operator.pullSecretName" . }}
      {{ end }}
      containers:
      - name: seaweedfs-operator
        image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ default .Chart.AppVersion .Values.image.tag }}"
        imagePullPolicy: {{ .Values.image.pullPolicy }}
        command:
        - /manager
        args:
        - --leader-elect
        env:
        {{- if eq .Values.webhook.enabled false }}
        - name: ENABLE_WEBHOOKS
          value: "false"
        {{- end }}
        ports:
        - name: {{ .Values.port.name }}
          containerPort: {{ .Values.port.number }}
          protocol: TCP
        {{- if .Values.resources }}
        resources: {{- toYaml .Values.resources | nindent 12 }}
        {{- end }}
        {{- if .Values.webhook.enabled }}
        ports:
        - name: https
          containerPort: 443
          protocol: TCP
        volumeMounts:
        - mountPath: /tmp/k8s-webhook-server/serving-certs
          name: cert
          readOnly: true
        {{- end }}
      terminationGracePeriodSeconds: 10
      {{- if .Values.webhook.enabled }}
      volumes:
      - name: cert
        secret:
          defaultMode: 420
          secretName: {{ include "seaweedfs-operator.fullname" . }}-webhook-server-cert
          items:
          - key: cert
            path: tls.crt
          - key: key
            path: tls.key
      {{- end }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/leader_election_role.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/leader_election_role.yaml
@@ -0,0 +1,42 @@
 # permissions to do leader election.
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  name: leader-election-role
 rules:
 - apiGroups:
  - ""
  resources:
  - configmaps
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
 - apiGroups:
  - ""
  resources:
  - configmaps/status
  verbs:
  - get
  - update
  - patch
 - apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
  - patch
 - apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - create
  - get
  - list
  - update
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/leader_election_role_binding.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/leader_election_role_binding.yaml
@@ -0,0 +1,12 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: leader-election-rolebinding
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: leader-election-role
 subjects:
 - kind: ServiceAccount
  name: {{ .Values.rbac.serviceAccount.name }}
  namespace: {{ .Release.Namespace }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/role.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/role.yaml
@@ -0,0 +1,95 @@
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  creationTimestamp: null
  name: manager-role
 rules:
 - apiGroups:
  - apps
  resources:
  - statefulsets
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
 - apiGroups:
  - ""
  resources:
  - configmaps
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
 - apiGroups:
  - ""
  resources:
  - pods
  verbs:
  - get
  - list
 - apiGroups:
  - ""
  resources:
  - services
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
 - apiGroups:
  - extensions
  resources:
  - ingresses
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
 - apiGroups:
  - networking.k8s.io
  resources:
  - ingresses
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
 - apiGroups:
  - seaweed.seaweedfs.com
  resources:
  - seaweeds
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
 - apiGroups:
  - seaweed.seaweedfs.com
  resources:
  - seaweeds/status
  verbs:
  - get
  - patch
  - update
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/role_binding.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/role_binding.yaml
@@ -0,0 +1,12 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  name: manager-rolebinding
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: manager-role
 subjects:
 - kind: ServiceAccount
  name: {{ .Values.rbac.serviceAccount.name }}
  namespace: {{ .Release.Namespace }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/seaweed_editor_role.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/seaweed_editor_role.yaml
@@ -0,0 +1,24 @@
 # permissions for end users to edit seaweeds.
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: seaweed-editor-role
 rules:
 - apiGroups:
  - seaweed.seaweedfs.com
  resources:
  - seaweeds
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
 - apiGroups:
  - seaweed.seaweedfs.com
  resources:
  - seaweeds/status
  verbs:
  - get
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/seaweed_viewer_role.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/rbac/seaweed_viewer_role.yaml
@@ -0,0 +1,20 @@
 # permissions for end users to view seaweeds.
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: seaweed-viewer-role
 rules:
 - apiGroups:
  - seaweed.seaweedfs.com
  resources:
  - seaweeds
  verbs:
  - get
  - list
  - watch
 - apiGroups:
  - seaweed.seaweedfs.com
  resources:
  - seaweeds/status
  verbs:
  - get
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/service.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/service.yaml
@@ -0,0 +1,15 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}
  labels:
    app: {{ include "seaweedfs-operator.fullname" . }}
    app.kubernetes.io/component: metrics
 spec:
  type: ClusterIP
  ports:
    - name: {{ .Values.service.portName }}
      port: {{ .Values.service.port }}
      targetPort: {{ .Values.port.number }}
  selector:
    app: {{ include "seaweedfs-operator.fullname" . }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/servicemonitor.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/servicemonitor.yaml
@@ -0,0 +1,24 @@
 {{- if .Values.serviceMonitor.enabled }}
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-metrics-monitor
 spec:
  endpoints:
    - port: {{ .Values.service.portName }}
      {{- if .Values.serviceMonitor.interval }}
      interval: {{ .Values.serviceMonitor.interval }}
      {{- end }}
      {{- if .Values.serviceMonitor.scrapeTimeout }}
      scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }}
      {{- end }}
      {{- if .Values.serviceMonitor.honorLabels }}
      honorLabels: {{ .Values.serviceMonitor.honorLabels }}
      {{- end }}
      path: /metrics
  selector:
    matchLabels:
      app: {{ include "seaweedfs-operator.fullname" . }}
 {{- end }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/webhook/job-update-webhook-certificates.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/webhook/job-update-webhook-certificates.yaml
@@ -0,0 +1,149 @@
 ---
 apiVersion: batch/v1
 kind: Job
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-create-webhook-certificates
  namespace: {{ .Release.Namespace }}
  annotations:
    "helm.sh/hook": post-install,post-upgrade
    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
 spec:
  template:
    spec:
      serviceAccountName: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
      containers:
      - name: certgen
        image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20231011-8b53cabe0
        args:
          - create
          - --host={{ include "seaweedfs-operator.fullname" . }}-webhook,{{ include "seaweedfs-operator.fullname" . }}-webhook.{{ .Release.Namespace }}.svc
          - --namespace=$(POD_NAMESPACE)
          - --secret-name={{ include "seaweedfs-operator.fullname" . }}-webhook-server-cert
        env:
          - name: POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
      restartPolicy: OnFailure
 ---
 apiVersion: batch/v1
 kind: Job
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-patch-mutating-webhook
  namespace: {{ .Release.Namespace }}
  annotations:
    "helm.sh/hook": post-install,post-upgrade
    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
 spec:
  template:
    spec:
      serviceAccountName: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
      containers:
      - name: certgen
        image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20231011-8b53cabe0
        args:
          - patch
          - --webhook-name=mutating-webhook-configuration
          - --namespace=$(POD_NAMESPACE)
          - --patch-mutating=true
          - --patch-validating=false
          - --secret-name={{ include "seaweedfs-operator.fullname" . }}-webhook-server-cert
          - --patch-failure-policy=Fail
        env:
          - name: POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
      restartPolicy: OnFailure
 ---
 apiVersion: batch/v1
 kind: Job
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-patch-validating-webhook
  namespace: {{ .Release.Namespace }}
  annotations:
    "helm.sh/hook": post-install,post-upgrade
    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
 spec:
  template:
    spec:
      serviceAccountName: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
      containers:
      - name: certgen
        image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20231011-8b53cabe0
        args:
          - patch
          - --webhook-name=validating-webhook-configuration
          - --namespace=$(POD_NAMESPACE)
          - --patch-mutating=false
          - --patch-validating=true
          - --secret-name={{ include "seaweedfs-operator.fullname" . }}-webhook-server-cert
          - --patch-failure-policy=Fail
        env:
          - name: POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
      restartPolicy: OnFailure
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
 rules:
  - apiGroups:
      - ""
    resources:
      - secrets
    verbs:
      - get
      - create
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
 subjects:
  - kind: ServiceAccount
    name: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
    namespace: {{ .Release.Namespace }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
 rules:
  - apiGroups:
      - admissionregistration.k8s.io
    resources:
      - validatingwebhookconfigurations
      - mutatingwebhookconfigurations
    verbs:
      - get
      - update
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
 subjects:
  - kind: ServiceAccount
    name: {{ include "seaweedfs-operator.fullname" . }}-update-webhook-certificates
    namespace: {{ .Release.Namespace }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/webhook/mutating-webhook.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/webhook/mutating-webhook.yaml
@@ -0,0 +1,31 @@
 {{- if .Values.webhook.enabled }}
 apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
 metadata:
  creationTimestamp: null
  name: mutating-webhook-configuration
 webhooks:
 - clientConfig:
    service:
      name: {{ include "seaweedfs-operator.fullname" . }}-webhook
      namespace: {{ .Release.Namespace }}
      port: 443
      path: /mutate-seaweed-seaweedfs-com-v1-seaweed
  name: mseaweed.kb.io
  sideEffects: None
  admissionReviewVersions:
  - v1
  - v1beta1
  rules:
  - apiGroups:
    - seaweed.seaweedfs.com
    apiVersions:
    - v1
    operations:
    - CREATE
    - UPDATE
    resources:
    - seaweeds
 {{- end }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/webhook/service.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/webhook/service.yaml
@@ -0,0 +1,18 @@
 {{- if .Values.webhook.enabled }}
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "seaweedfs-operator.fullname" . }}-webhook
  labels:
    app: {{ include "seaweedfs-operator.fullname" . }}
 spec:
  type: ClusterIP
  ports:
    - name: https
      port: 443
      targetPort: 9443
  selector:
    app: {{ include "seaweedfs-operator.fullname" . }}
 {{- end }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/webhook/validating-webhook.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/templates/webhook/validating-webhook.yaml
@@ -0,0 +1,31 @@
 {{- if .Values.webhook.enabled }}
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingWebhookConfiguration
 metadata:
  creationTimestamp: null
  name: validating-webhook-configuration
 webhooks:
 - clientConfig:
    service:
      name: {{ include "seaweedfs-operator.fullname" . }}-webhook
      namespace: {{ .Release.Namespace }}
      port: 443
      path: /validate-seaweed-seaweedfs-com-v1-seaweed
  name: vseaweed.kb.io
  sideEffects: None
  admissionReviewVersions:
  - v1
  - v1beta1
  rules:
  - apiGroups:
    - seaweed.seaweedfs.com
    apiVersions:
    - v1
    operations:
    - CREATE
    - UPDATE
    resources:
    - seaweeds
 {{- end }}
--- a/packages/system/seaweedfs-operator/charts/seaweedfs-operator/values.yaml
+++ b/packages/system/seaweedfs-operator/charts/seaweedfs-operator/values.yaml
@@ -0,0 +1,100 @@
 # -- Global Docker image parameters
 # Please, note that this will override the image parameters, including dependencies, configured to use the global value
 # Current available global Docker image parameters: imageRegistry
 global:
  imageRegistry: "chrislusf"
 # -- String to partially override common.names.fullname template (will maintain the release name)
 nameOverride: ""
 # -- String to fully override common.names.fullname template
 fullnameOverride: ""
 # -- Annotations for all the deployed objects
 commonAnnotations: {}
 # -- Labels for all the deployed objects
 commonLabels: {}
 ## Configure Kubernetes Rbac parameters
 rbac:
  serviceAccount:
    # -- name of the Kubernetes service account to create
    name: default
 image:
  registry: chrislusf
  repository: seaweedfs-operator
  # -- tag of image to use. Defaults to appVersion in Chart.yaml
  tag: ""
  # -- Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
  pullPolicy: Always
  ## Specify credentials to authorize in docker registry or set existing secrets in pullSecrets
  # credentials:
  #  registry: private-registry
  #  username: username
  #  password: password
  ## Optionally specify imagePullSecret.
  ## Secrets must be manually created in the namespace.
  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  ##
  # pullSecrets: myRegistryKeySecretName
 # -- Set number of pod replicas
 replicaCount: 1
 ## Configure container port
 port:
  # -- name of the container port to use for the Kubernete service and ingress
  name: http
  # -- container port number to use for the Kubernete service and ingress
  number: 8080
 ## Configure Service
 service:
  # -- name of the port to use for Kubernetes service
  portName: http
  # -- port to use for Kubernetes service
  port: 8080
 grafanaDashboard:
  # -- Enable or disable Grafana Dashboard configmap
  enabled: true
 serviceMonitor:
  # -- Enable or disable ServiceMonitor for prometheus metrics
  enabled: true
  # -- Specify the interval at which metrics should be scraped
  interval: 10s
  # -- Specify the timeout after which the scrape is ended
  scrapeTimeout: 10s
  ## Specify Metric Relabellings to add to the scrape endpoint
  # -- Specify honorLabels parameter to add the scrape endpoint
  honorLabels: true
  ## Specify the release for ServiceMonitor. Sometimes it should be custom for prometheus operator to work
  # release: ""
  ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
  # -- Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
  additionalLabels: {}
 webhook:
  # -- Enable or disable webhooks
  enabled: true
 ## seaweedfs-operator containers' resource requests and limits.
 ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
 resources:
  limits:
    # -- seaweedfs-operator containers' cpu limit (maximum allowes CPU)
    cpu: 500m
    # -- seaweedfs-operator containers' memory limit (maximum allowes memory)
    memory: 500Mi
  requests:
    # -- seaweedfs-operator containers' cpu request (how much is requested by default)
    cpu: 100m
    # -- seaweedfs-operator containers' memory request (how much is requested by default)
    memory: 50Mi
--- a/packages/system/seaweedfs-operator/values.yaml
+++ b/packages/system/seaweedfs-operator/values.yaml
@@ -0,0 +1,4 @@
 seaweedfs-operator:
  fullnameOverride: "seaweedfs-operator"
  image:
    tag: "latest@sha256:f35b62f4b09043a88bbb6bee3335b5a1357df1bc7ff8124f4762c6ec833eb1e4"