fix readme up with templating

charts/README.templates.md.gotmpl

@@ -0,0 +1,70 @@
+{{- define "repository.organization" -}}
+  k8s-at-home
+{{- end -}}
+
+{{- define "repository.url" -}}
+  https://github.com/k8s-at-home/charts
+{{- end -}}
+
+{{- define "helm.url" -}}
+  https://k8s-at-home.com/charts/
+{{- end -}}
+
+{{- define "helm.path" -}}
+    {{ template "repository.organization" . }}/{{ template "chart.name" . }}
+{{- end -}}
+
+{{- define "description.multiarch" -}}
+The default values and container images used in this chart will allow for running in a multi-arch cluster (amd64, arm, arm64)
+{{- end -}}
+
+{{- define "install.tldr" -}}
+## TL;DR
+```console
+$ helm repo add {{ template "repository.organization" . }} {{ template "helm.url" . }}
+$ helm install {{ template "helm.path" . }}
+```
+{{- end -}}
+
+{{- define "install" -}}
+## Installing the Chart
+To install the chart with the release name `{{ template "chart.name" . }}`:
+```console
+helm install {{ template "chart.name" . }} {{ template "helm.path" . }}
+```
+{{- end -}}
+
+{{- define "uninstall" -}}
+## Uninstalling the Chart
+To uninstall the `{{ template "chart.name" . }}` deployment:
+```console
+helm uninstall {{ template "chart.name" . }}
+```
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+{{- end -}}
+
+{{- define "configuration.header" -}}
+## Configuration
+{{- end -}}
+
+{{- define "configuration.readValues" -}}
+Read through the [values.yaml]({{ template "repository.url" . }}/blob/master/charts/{{ template "chart.name" . }}/values.yaml)
+file. It has several commented out suggested values.
+{{- end -}}
+
+{{- define "configuration.example.set" -}}
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
+```console
+helm install {{ template "chart.name" . }} \
+  --set env.TZ="America/New York" \
+    {{ template "helm.path" . }}
+```
+{{- end -}}
+
+{{- define "configuration.example.file" -}}
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
+For example,
+```console
+helm install {{ template "chart.name" . }} {{ template "helm.path" . }} --values values.yaml
+```
+{{- end -}}

charts/traefik-forward-auth/.helmignore

@@ -21,3 +21,5 @@
 .idea/
 *.tmproj
 .vscode/
+
+README.md.gotmpl

charts/traefik-forward-auth/README.md

@@ -1,4 +1,8 @@
-# traefik-forward-auth | A minimal forward authentication service that provides OAuth/SSO login and authentication for the traefik reverse proxy/load balancer
+# traefik-forward-auth
+
+![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![AppVersion: 2.2.0](https://img.shields.io/badge/AppVersion-2.2.0-informational?style=flat-square)
+
+A minimal forward authentication service that provides OAuth/SSO login and authentication for the traefik reverse proxy/load balancer
 
 The default values and container images used in this chart will allow for running in a multi-arch cluster (amd64, arm, arm64)
 
@@ -42,3 +46,75 @@ For example,
 ```console
 helm install traefik-forward-auth k8s-at-home/traefik-forward-auth --values values.yaml
 ```
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| authHost | string | `""` | Single host to use when returning from 3rd party auth |
+| autoscaling.enabled | bool | `false` |  |
+| autoscaling.maxReplicas | int | `100` |  |
+| autoscaling.minReplicas | int | `1` |  |
+| autoscaling.targetCPUUtilizationPercentage | int | `80` |  |
+| cookie.csrfName | string | `""` | CSRF Cookie Name (default: _forward_auth_csrf) |
+| cookie.domain | string | `""` | Domain(s) to set auth cookie on. (Comma delimited) |
+| cookie.insecure | string | `""` | Use insecure cookies |
+| cookie.name | string | `""` | Cookie Name (default: _forward_auth) |
+| default.action | string | `""` | [auth|allow] Default action (default: auth) |
+| default.provider | string | `""` | [google|oidc|generic-oauth] Default provider (default: google) |
+| env | list | `[]` |  |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"thomseddon/traefik-forward-auth"` |  |
+| image.tag | string | `""` |  |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"chart-example.local"` |  |
+| ingress.hosts[0].paths | list | `[]` |  |
+| ingress.tls | list | `[]` |  |
+| lifetime | string | `""` | Lifetime in seconds (default: 43200) |
+| logging.format | string | `""` | [text|json|pretty] Log format (default: text) |
+| logging.level | string | `""` | [trace|debug|info|warn|error|fatal|panic] Log level (default: warn) |
+| logoutRedirect | string | `""` | URL to redirect to following logout |
+| middleware.enabled | bool | `false` | Enable to deploy a preconfigured middleware |
+| middleware.name | string | `""` | Name for the middleware |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| podAnnotations | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| providers.genericOauth.authUrl | string | `""` | Auth/Login URL |
+| providers.genericOauth.clientId | string | `""` | Client ID |
+| providers.genericOauth.clientSecret | string | `""` | Client Secret |
+| providers.genericOauth.enabled | bool | `false` | Enable the generic OAUTH2 provider |
+| providers.genericOauth.resource | string | `""` | Optional resource indicator |
+| providers.genericOauth.scope | string | `""` | Scopes (default: profile, email) |
+| providers.genericOauth.tokenStyle | string | `""` | How token is presented when querying the User URL |
+| providers.genericOauth.tokenUrl | string | `""` | Token URL |
+| providers.genericOauth.userUrl | string | `""` | URL used to retrieve user info |
+| providers.google.clientId | string | `""` | Client ID |
+| providers.google.clientSecret | string | `""` | Client Secret |
+| providers.google.enabled | bool | `false` | Enable the google provider |
+| providers.google.prompt | string | `""` | Space separated list of OpenID prompt options |
+| providers.oidc.clientId | string | `""` | Client ID |
+| providers.oidc.clientSecret | string | `""` | Client Secret |
+| providers.oidc.enabled | bool | `false` | Enable the generic OIDC provider |
+| providers.oidc.issuerUrl | string | `""` | Issuer URL |
+| providers.oidc.resource | string | `""` | Optional resource indicator |
+| replicaCount | int | `1` |  |
+| resources | object | `{}` |  |
+| restrictions.domain | string | `""` | Only allow given email domains. (Comma delimited) |
+| restrictions.whitelist | string | `""` | Only allow given email addresses. (Comma delimited) |
+| secret | string | `""` | Secret used for signing. If empty, one will be generated. If specifying your own in env use "-" |
+| securityContext | object | `{}` |  |
+| service.additionalSpec | object | `{}` |  |
+| service.annotations | object | `{}` |  |
+| service.labels | object | `{}` |  |
+| service.port | int | `4181` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` |  |
+| serviceAccount.create | bool | `true` |  |
+| serviceAccount.name | string | `""` |  |
+| tolerations | list | `[]` |  |
+| urlPath | string | `""` | Callback URL Path (default: /_oauth) |

charts/traefik-forward-auth/README.md.gotmpl

@@ -0,0 +1,26 @@
+{{ template "chart.header" . }}
+{{ template "chart.typeBadge" . }}{{ template "chart.versionBadge" . }}{{ template "chart.appVersionBadge" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "description.multiarch" . }}
+
+Chart that
+* Adds docker image information leveraging the [official image](https://github.com/thomseddon/traefik-forward-auth)
+* Deploys [traefik-forward-auth](https://github.com/thomseddon/traefik-forward-auth)
+
+{{ template "install.tldr" . }}
+
+{{ template "install" . }}
+
+{{ template "uninstall" . }}
+
+{{ template "configuration.header" . }}
+
+{{ template "configuration.readValues" . }}
+
+{{ template "configuration.example.set" .}}
+
+{{ template "configuration.example.file" . }}
+
+{{ template "chart.valuesSection" . }}

charts/traefik-forward-auth/values.yaml

@@ -1,4 +1,6 @@
 # Default values for traefik-forward-auth.
+
+
 replicaCount: 1
 
 image:
@@ -11,64 +13,84 @@ nameOverride: ""
 fullnameOverride: ""
 
 logging:
-  # [trace|debug|info|warn|error|fatal|panic] Log level (default: warn)
+  # logging.level -- [trace|debug|info|warn|error|fatal|panic] Log level (default: warn)
   level: ""
-  # [text|json|pretty] Log format (default: text)
+  # logging.format -- [text|json|pretty] Log format (default: text)
   format: ""
-# Single host to use when returning from 3rd party auth
+# authHost -- Single host to use when returning from 3rd party auth
 authHost: ""
 restrictions:
-  # Only allow given email domains. (Comma delimited)
+  # restrictions.domain -- Only allow given email domains. (Comma delimited)
   domain: ""
-  # Only allow given email addresses. (Comma delimited)
+  # restrictions.whitelist -- Only allow given email addresses. (Comma delimited)
   whitelist: ""
-# Lifetime in seconds (default: 43200)
+# lifetime -- Lifetime in seconds (default: 43200)
 lifetime: ""
 cookie:
-  # Domain(s) to set auth cookie on. (Comma delimited)
+  # cookie.domain -- Domain(s) to set auth cookie on. (Comma delimited)
   domain: ""
-  # Use insecure cookies
+  # cookie.insecure -- Use insecure cookies
   insecure: ""
-  # Cookie Name (default: _forward_auth)
+  # cookie.name -- Cookie Name (default: _forward_auth)
   name: ""
-  # CSRF Cookie Name (default: _forward_auth_csrf)
+  # cookie.csrfName -- CSRF Cookie Name (default: _forward_auth_csrf)
   csrfName: ""
 default:
-  # [auth|allow] Default action (default: auth)
+  # default.action -- [auth|allow] Default action (default: auth)
   action: ""
-  # [google|oidc|generic-oauth] Default provider (default: google)
+  # default.provider -- [google|oidc|generic-oauth] Default provider (default: google)
   provider: ""
-# URL to redirect to following logout
+# logoutRedirect -- URL to redirect to following logout
 logoutRedirect: ""
-# Callback URL Path (default: /_oauth)
+# urlPath -- Callback URL Path (default: /_oauth)
 urlPath: ""
-# Secret used for signing. If empty, one will be generated. If specifying your own in env use "-"
+# secret -- Secret used for signing. If empty, one will be generated. If specifying your own in env use "-"
 secret: ""
 
 middleware:
+  # middleware.enabled -- Enable to deploy a preconfigured middleware
   enabled: false
+  # middleware.name -- Name for the middleware
   name: ""
 providers:
   google:
+    # providers.google.enabled -- Enable the google provider
     enabled: false
+    # providers.google.clientId -- Client ID
     clientId: ""
+    # providers.google.clientSecret -- Client Secret
     clientSecret: ""
+    # providers.google.prompt -- Space separated list of OpenID prompt options
     prompt: ""
   oidc:
+    # providers.oidc.enabled -- Enable the generic OIDC provider
     enabled: false
+    # providers.oidc.issuerUrl -- Issuer URL
     issuerUrl: ""
+    # providers.oidc.clientId -- Client ID
     clientId: ""
+    # providers.oidc.clientSecret -- Client Secret
     clientSecret: ""
+    # providers.oidc.resource -- Optional resource indicator
     resource: ""
   genericOauth:
+    # providers.genericOauth.enabled -- Enable the generic OAUTH2 provider
     enabled: false
+    # providers.genericOauth.authUrl -- Auth/Login URL
     authUrl: ""
+    # providers.genericOauth.tokenUrl -- Token URL
     tokenUrl: ""
+    # providers.genericOauth.userUrl -- URL used to retrieve user info
     userUrl: ""
+    # providers.genericOauth.clientId -- Client ID
     clientId: ""
+    # providers.genericOauth.clientSecret -- Client Secret
     clientSecret: ""
+    # providers.genericOauth.scope -- Scopes (default: profile, email)
     scope: ""
+    # providers.genericOauth.tokenStyle -- How token is presented when querying the User URL
     tokenStyle: ""
+    # providers.genericOauth.resource -- Optional resource indicator
     resource: ""
 
 env: []