[common] 2.0.0 (#316)

Co-authored-by: Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs <6213398+bjw-s@users.noreply.github.com>

.github/ct.yaml

@@ -5,6 +5,7 @@ chart-dirs:
   - charts
 excluded-charts:
   - common
+  - common-test
 chart-repos:
   - bitnami=https://charts.bitnami.com/bitnami
   - k8s-at-home=https://k8s-at-home.com/charts

.github/renovate.json

@@ -1,27 +0,0 @@
-{
-  "enabled": true,
-  "commitMessagePrefix": "[{{{parentDir}}}]",
-  "branchTopic": "{{{parentDir}}}-{{{depNameSanitized}}}-{{{newMajor}}}{{#if isPatch}}.{{{newMinor}}}{{/if}}.x{{#if isLockfileUpdate}}-lockfile{{/if}}",
-  "assigneesFromCodeOwners": true,
-  "reviewersFromCodeOwners": true,
-  "suppressNotifications": ["prIgnoreNotification"],
-  "rebaseWhen": "conflicted",
-  "helm-values": {
-    "enabled": false
-  },
-  "helmv3": {
-    "fileMatch": ["charts/.+/Chart\\.yaml$"]
-  },
-  "packageRules": [
-    {
-      "updateTypes": ["major"],
-      "bumpVersion": "major",
-      "labels": ["dependency/major"]
-    },
-    {
-      "updateTypes": ["minor", "patch"],
-      "bumpVersion": "minor",
-      "labels": ["dependency/minor"]
-    }
-  ]
-}

.github/renovate.json5

@@ -0,0 +1,89 @@
+{
+  "enabled": true,
+  "dependencyDashboard": true,
+  "dependencyDashboardTitle": "Renovate Dashboard",
+  "commitMessagePrefix": "[{{{parentDir}}}]",
+  "branchTopic": "{{{parentDir}}}-{{{depNameSanitized}}}-{{{newMajor}}}{{#if isPatch}}.{{{newMinor}}}{{/if}}.x{{#if isLockfileUpdate}}-lockfile{{/if}}",
+  "assigneesFromCodeOwners": true,
+  "reviewersFromCodeOwners": true,
+  "suppressNotifications": ["prIgnoreNotification"],
+  "rebaseWhen": "conflicted",
+  "prConcurrentLimit": 5,
+  "helm-values": {
+    "enabled": false
+  },
+  "helmv3": {
+    "fileMatch": ["charts/.+/Chart\\.yaml$"]
+  },
+  "packageRules": [
+    //
+    // Common library dep
+    //
+    {
+      "datasources": ["helmv3"],
+      "updateTypes": ["major"],
+      "bumpVersion": "major",
+      "labels": ["dependency/major"],
+      "packageNames": [
+        "common"
+      ]
+    },
+    {
+      "datasources": ["helmv3"],
+      "updateTypes": ["minor"],
+      "bumpVersion": "minor",
+      "labels": ["dependency/minor"],
+      "packageNames": [
+        "common"
+      ]
+    },
+    {
+      "datasources": ["helmv3"],
+      "updateTypes": ["patch"],
+      "bumpVersion": "patch",
+      "labels": ["dependency/patch"],
+      "packageNames": [
+        "common"
+      ]
+    },
+    //
+    // Other library deps
+    //
+    {
+      "datasources": ["helmv3"],
+      "updateTypes": ["major"],
+      "bumpVersion": "major",
+      "labels": ["dependency/major"],
+      "excludePackageNames": [
+        "common"
+      ],
+      "schedule": [
+        "every 3 months on the first day of the month"
+      ]
+    },
+    {
+      "datasources": ["helmv3"],
+      "updateTypes": ["minor"],
+      "bumpVersion": "minor",
+      "labels": ["dependency/minor"],
+      "excludePackageNames": [
+        "common"
+      ],
+      "schedule": [
+        "every 2 months on the first day of the month"
+      ]
+    },
+    {
+      "datasources": ["helmv3"],
+      "updateTypes": ["patch"],
+      "bumpVersion": "patch",
+      "labels": ["dependency/patch"],
+      "excludePackageNames": [
+        "common"
+      ],
+      "schedule": [
+        "every 1 months on the first day of the month"
+      ]
+    }
+  ]
+}

.github/workflows/lint-test.yaml

@@ -31,6 +31,11 @@ jobs:
             echo "::set-output name=changed::true"
           fi
 
+          changed_unfiltered=$(ct list-changed --config .github/ct.yaml --excluded-charts "")
+          if [[ $(grep -E "^charts/common(-test)?$" <<< "$changed_unfiltered") ]]; then
+            echo "::set-output name=common::true"
+          fi
+
       - name: Run chart-testing (lint)
         id: lint
         run: ct lint --config .github/ct.yaml
@@ -38,8 +43,13 @@ jobs:
 
       - name: Create kind cluster
         uses: helm/kind-action@v1.1.0
-        if: steps.list-changed.outputs.changed == 'true'
+        if: steps.list-changed.outputs.changed == 'true' || steps.list-changed.outputs.common == 'true'
 
       - name: Run chart-testing (install)
         run: ct install --config .github/ct.yaml
         if: steps.list-changed.outputs.changed == 'true'
+
+      - name: Run chart-testing (common-test)
+        run: |
+          ct install --config .github/ct.yaml --charts 'charts/common-test'
+        if: steps.list-changed.outputs.common == 'true'

.github/workflows/release.yaml

@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 5
     steps:
-      - name: Block concurrent releases
+      - name: Block concurrent jobs
         uses: softprops/turnstyle@v1
         with:
           continue-after-seconds: 180
@@ -23,6 +23,13 @@ jobs:
     needs: pre-release
     runs-on: ubuntu-latest
     steps:
+      - name: Block concurrent jobs
+        uses: softprops/turnstyle@v1
+        with:
+          continue-after-seconds: 180
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Checkout
         uses: actions/checkout@v2
         with:
@@ -52,6 +59,13 @@ jobs:
     needs: release
     runs-on: ubuntu-latest
     steps:
+      - name: Block concurrent jobs
+        uses: softprops/turnstyle@v1
+        with:
+          continue-after-seconds: 180
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Checkout
         uses: actions/checkout@v2
         with:
@@ -66,6 +80,7 @@ jobs:
       - name: Commit and push timestamp updates
         run: |
           if [[ -f index.yaml ]]; then
+            git pull
             export generated_date=$(date --utc +%FT%T.%9NZ)
             sed -i -e "s/^generated:.*/generated: \"$generated_date\"/" index.yaml
             git add index.yaml

charts/common-test/Chart.yaml

@@ -0,0 +1,14 @@
+apiVersion: v2
+name: common-test
+description: Helper chart to test different use cases of the common library
+version: 1.0.0
+keywords:
+  - k8s-at-home
+  - common
+home: https://github.com/k8s-at-home/charts/tree/master/charts/common-test
+maintainers:
+  - name: bjw-s
+    email: me@bjw-s.dev
+dependencies:
+  - name: common
+    repository: file://../common

charts/common-test/ci/basic-values.yaml

@@ -0,0 +1,11 @@
+image:
+  repository: b4bz/homer
+  tag: latest
+  pullPolicy: IfNotPresent
+
+service:
+  port:
+    port: 8080
+
+ingress:
+  enabled: true

charts/common-test/ci/codeserver-values.yaml

@@ -0,0 +1,27 @@
+image:
+  repository: b4bz/homer
+  tag: latest
+  pullPolicy: IfNotPresent
+
+service:
+  port:
+    port: 8080
+
+ingress:
+  enabled: true
+
+persistence:
+  config:
+    enabled: true
+    emptyDir: true
+    mountPath: /www/assets
+
+addons:
+  codeserver:
+    enabled: true
+    workingDir: "/www/assets"
+    ingress:
+      enabled: true
+    volumeMounts:
+    - name: config
+      mountPath: /www/assets

charts/common-test/templates/common.yaml

@@ -0,0 +1 @@
+{{ include "common.all" . }}

charts/common/CHANGELOG.md

@@ -0,0 +1,29 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [2.0.0]
+
+### Changed
+
+- :warning: Updated `probes` logic to support custom probes, it is now possible to set your own custom probes by setting the `probes.[liveness|readiness|startup].custom` value to `true` and configuring them. Default is `false`.
+- :warning: `addon.vpn.imagePullPolicy` is now `addon.vpn.[openvpn|wireguard].image.pullPolicy`. Default is `IfNotPresent`
+- [code-server](https://github.com/cdr/code-server) is now an `addon` like `vpn`. This enables a code-server container inside the pod which allows you to modify a configuration in a volume attached to the pod. Default for `addons.codeserver.enabled` is `false`
+- Added `envFrom` for more configuration with environment variables
+- Added `dnsConfig` to be configurable
+- Added support for 1.19+ ingress spec
+- Added this [CHANGELOG.md](CHANGELOG.md)
+
+### Fixed
+
+- `nameOverride` and `fullNameOverride` not in `values.yaml`
+
+## [1.7.0]
+
+This is the last version before starting this changelog. All sorts of cool stuff was changed, but only `git log` remembers what that was :slightly_frowning_face:
+
+[2.0.0]: https://github.com/k8s-at-home/charts/tree/common-2.0.0/charts/common
+
+[1.7.0]: https://github.com/k8s-at-home/charts/tree/common-1.7.0/charts/common

charts/common/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: common
 description: Function library for k8s-at-home charts
 type: library
-version: 1.7.0
+version: 2.0.0
 keywords:
   - k8s-at-home
   - common

charts/common/README.md

@@ -10,6 +10,10 @@ Since a lot of charts follow the same pattern this library was built to reduce m
 
 This chart provides common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager.
 
+## :star2: Changelog
+
+Please refer to [CHANGELOG.md](CHANGELOG.md) for an overview of notable changes to the chart. **This is especially important for major version updates!**
+
 ## TL;DR
 
 When using one of the many charts that uses this library be sure to view this [values.yaml](./values.yaml) for configuration options. Any setting here can be used to define what values your helm deployment will use.

charts/common/templates/_all.tpl

@@ -5,7 +5,12 @@ Main entrypoint for the common library chart. It will render all underlying temp
   {{- /* Merge the local chart values and the common chart defaults */ -}}
   {{- include "common.values.setup" . }}
   
-  {{- /* Enable OpenVPN VPN add-on if required */ -}}
+  {{- /* Enable code-server add-on if required */ -}}
+  {{- if .Values.addons.codeserver.enabled }}
+    {{- include "common.addon.codeserver" . }}
+  {{- end -}}
+
+  {{- /* Enable VPN add-on if required */ -}}
   {{- if .Values.addons.vpn.enabled }}
     {{- include "common.addon.vpn" . }}
   {{- end -}}

charts/common/templates/_daemonset.tpl

@@ -29,48 +29,5 @@ spec:
       labels:
       {{- include "common.labels.selectorLabels" . | nindent 8 }}
     spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      serviceAccountName: {{ include "common.names.serviceAccountName" . }}
-      {{- with .Values.podSecurityContext }}
-      securityContext:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.hostNetwork }}
-      hostNetwork: {{ . }}
-      {{- end }}
-      {{- with .Values.dnsPolicy }}
-      dnsPolicy: {{ . }}
-      {{- end }}
-      {{- with .Values.initContainers }}
-      initContainers:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      containers:
-      {{- include "common.controller.mainContainer" . | nindent 6 }}
-      {{- with .Values.additionalContainers }}
-        {{- toYaml . | nindent 6 }}
-      {{- end }}
-      {{- with (include "common.controller.volumes" . | trim) }}
-      volumes:
-        {{- . | nindent 6 }}
-      {{- end }}
-      {{- with .Values.hostAliases }}
-      hostAliases:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
+      {{- include "common.controller.pod" . | nindent 6 }}
 {{- end }}

charts/common/templates/_deployment.tpl

@@ -34,48 +34,5 @@ spec:
       labels:
       {{- include "common.labels.selectorLabels" . | nindent 8 }}
     spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      serviceAccountName: {{ include "common.names.serviceAccountName" . }}
-      {{- with .Values.podSecurityContext }}
-      securityContext:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.hostNetwork }}
-      hostNetwork: {{ . }}
-      {{- end }}
-      {{- with .Values.dnsPolicy }}
-      dnsPolicy: {{ . }}
-      {{- end }}
-      {{- with .Values.initContainers }}
-      initContainers:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      containers:
-      {{- include "common.controller.mainContainer" . | nindent 6 }}
-      {{- with .Values.additionalContainers }}
-        {{- toYaml . | nindent 6 }}
-      {{- end }}
-      {{- with (include "common.controller.volumes" . | trim) }}
-      volumes:
-        {{- . | nindent 6 }}
-      {{- end }}
-      {{- with .Values.hostAliases }}
-      hostAliases:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
+      {{- include "common.controller.pod" . | nindent 6 }}
 {{- end }}

charts/common/templates/_statefulset.tpl

@@ -35,38 +35,5 @@ spec:
       labels:
       {{- include "common.labels.selectorLabels" . | nindent 8 }}
     spec:
-      {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      serviceAccountName: {{ include "common.names.serviceAccountName" . }}
-      {{- with .Values.podSecurityContext }}
-      securityContext:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.initContainers }}
-      initContainers:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      containers:
-      {{- include "common.controller.mainContainer" . | nindent 6 }}
-      {{- with .Values.additionalContainers }}
-        {{- toYaml . | nindent 6 }}
-      {{- end }}
-      {{- with (include "common.controller.volumes" . | trim) }}
-      volumes:
-        {{- . | nindent 6 }}
-      {{- end }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
+      {{- include "common.controller.pod" . | nindent 6 }}
 {{- end }}

charts/common/templates/addons/code-server/_codeserver.tpl

@@ -0,0 +1,44 @@
+{{/*
+Template to render code-server addon
+It will include / inject the required templates based on the given values.
+*/}}
+{{- define "common.addon.codeserver" -}}
+{{- if .Values.addons.codeserver.enabled -}}
+  {{/* Append the code-server container to the additionalContainers */}}
+  {{- $container := include "common.addon.codeserver.container" . | fromYaml -}}
+  {{- if $container -}}
+    {{- $additionalContainers := append .Values.additionalContainers $container -}}
+    {{- $_ := set .Values "additionalContainers" $additionalContainers -}}
+  {{- end -}}
+
+  {{/* Add the code-server service */}}
+  {{- if .Values.addons.codeserver.service.enabled -}}
+    {{- print ("---") | nindent 0 -}}
+    {{- $serviceValues := .Values.addons.codeserver.service -}}
+    {{- if not $serviceValues.nameSuffix -}}
+        {{- $_ := set $serviceValues "nameSuffix" "codeserver" -}}
+    {{ end -}}
+    {{- $_ := set $ "ObjectValues" (dict "service" $serviceValues) -}}
+    {{- include "common.classes.service" $ -}}
+    {{- $_ := unset $ "ObjectValues" -}}
+  {{- end -}}
+
+  {{/* Add the code-server ingress */}}
+  {{- if .Values.addons.codeserver.ingress.enabled -}}
+    {{- print ("---") | nindent 0 -}}
+    {{- $ingressValues := .Values.addons.codeserver.ingress -}}
+    {{- if not $ingressValues.nameSuffix -}}
+        {{- $_ := set $ingressValues "nameSuffix" "codeserver" -}}
+    {{ end -}}
+
+    {{/* Determine the target service name & port */}}
+    {{- $svcName := printf "%v-%v" (include "common.names.fullname" .) .Values.addons.codeserver.service.nameSuffix -}}
+    {{- $_ := set $ingressValues "serviceName" $svcName -}}
+    {{- $_ := set $ingressValues "servicePort" .Values.addons.codeserver.service.port.port -}}
+
+    {{- $_ := set $ "ObjectValues" (dict "ingress" $ingressValues) -}}
+    {{- include "common.classes.ingress" $ -}}
+    {{- $_ := unset $ "ObjectValues" -}}
+  {{- end -}}
+{{- end -}}
+{{- end -}}

charts/common/templates/addons/code-server/_container.tpl

@@ -0,0 +1,40 @@
+{{/*
+The code-server sidecar container to be inserted.
+*/}}
+{{- define "common.addon.codeserver.container" -}}
+{{- if lt (len .Values.addons.codeserver.volumeMounts) 1 }}
+{{- fail "At least 1 volumeMount is required for codeserver container" }}
+{{- end -}}
+name: codeserver
+image: "{{ .Values.addons.codeserver.image.repository }}:{{ .Values.addons.codeserver.image.tag }}"
+imagePullPolicy: {{ .Values.addons.codeserver.pullPolicy }}
+{{- with .Values.addons.codeserver.securityContext }}
+securityContext:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.addons.codeserver.env }}
+env:
+{{- range $k, $v := . }}
+  - name: {{ $k }}
+    value: {{ $v | quote }}
+{{- end }}
+{{- end }}
+ports:
+- name: {{ .Values.addons.codeserver.service.port.name }}
+  containerPort: {{ .Values.addons.codeserver.service.port.port }}
+  protocol: TCP
+args:
+- "--port"
+- "{{ .Values.addons.codeserver.service.port.port }}"
+- "--auth"
+- "none"
+- {{ .Values.addons.codeserver.workingDir | default (first .Values.addons.codeserver.volumeMounts).mountPath }}
+{{- with .Values.addons.codeserver.volumeMounts }}
+volumeMounts:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.addons.codeserver.resources }}
+resources:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end -}}

charts/common/templates/addons/vpn/openvpn/_container.tpl

@@ -4,7 +4,7 @@ The OpenVPN sidecar container to be inserted.
 {{- define "common.addon.openvpn.container" -}}
 name: openvpn
 image: "{{ .Values.addons.vpn.openvpn.image.repository }}:{{ .Values.addons.vpn.openvpn.image.tag }}"
-imagePullPolicy: {{ .Values.addons.vpn.imagePullPolicy }}
+imagePullPolicy: {{ .Values.addons.vpn.openvpn.pullPolicy }}
 {{- with .Values.addons.vpn.securityContext }}
 securityContext:
   {{- toYaml . | nindent 2 }}

charts/common/templates/addons/vpn/wireguard/_container.tpl

@@ -4,7 +4,7 @@ The Wireguard sidecar container to be inserted.
 {{- define "common.addon.wireguard.container" -}}
 name: wireguard
 image: "{{ .Values.addons.vpn.wireguard.image.repository }}:{{ .Values.addons.vpn.wireguard.image.tag }}"
-imagePullPolicy: {{ .Values.addons.vpn.imagePullPolicy }}
+imagePullPolicy: {{ .Values.addons.vpn.wireguard.pullPolicy }}
 {{- with .Values.addons.vpn.securityContext }}
 securityContext:
   {{- toYaml . | nindent 2 }}

charts/common/templates/classes/_ingress.tpl

@@ -43,9 +43,19 @@ spec:
         paths:
           {{- range .paths }}
           - path: {{ .path }}
+            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }}
+            pathType: Prefix
+            {{- end }}
             backend:
+            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }}
+              service:
+                name: {{ $svcName }}
+                port:
+                  number: {{ $svcPort }}
+            {{- else }}
               serviceName: {{ $svcName }}
               servicePort: {{ $svcPort }}
+            {{- end }}
           {{- end }}
   {{- end }}
 {{- end }}

charts/common/templates/lib/chart/_capabilities.tpl

@@ -2,10 +2,10 @@
 Return the appropriate apiVersion for DaemonSet objects.
 */}}
 {{- define "common.capabilities.daemonset.apiVersion" -}}
-{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-{{- print "extensions/v1beta1" -}}
-{{- else -}}
+{{- if .Capabilities.APIVersions.Has "apps/v1/DaemonSet" -}}
 {{- print "apps/v1" -}}
+{{- else -}}
+{{- print "extensions/v1beta1" -}}
 {{- end -}}
 {{- end -}}
 
@@ -13,10 +13,10 @@ Return the appropriate apiVersion for DaemonSet objects.
 Return the appropriate apiVersion for Deployment objects.
 */}}
 {{- define "common.capabilities.deployment.apiVersion" -}}
-{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-{{- print "extensions/v1beta1" -}}
-{{- else -}}
+{{- if .Capabilities.APIVersions.Has "apps/v1/Deployment" -}}
 {{- print "apps/v1" -}}
+{{- else -}}
+{{- print "extensions/v1beta1" -}}
 {{- end -}}
 {{- end -}}
 
@@ -24,10 +24,10 @@ Return the appropriate apiVersion for Deployment objects.
 Return the appropriate apiVersion for StatefulSet objects.
 */}}
 {{- define "common.capabilities.statefulset.apiVersion" -}}
-{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-{{- print "apps/v1beta1" -}}
-{{- else -}}
+{{- if .Capabilities.APIVersions.Has "apps/v1/StatefulSet" -}}
 {{- print "apps/v1" -}}
+{{- else -}}
+{{- print "apps/v1beta1" -}}
 {{- end -}}
 {{- end -}}
 
@@ -35,9 +35,11 @@ Return the appropriate apiVersion for StatefulSet objects.
 Return the appropriate apiVersion for Ingress objects.
 */}}
 {{- define "common.capabilities.ingress.apiVersion" -}}
-{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-{{- print "extensions/v1beta1" -}}
-{{- else -}}
+{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}}
+{{- print "networking.k8s.io/v1" -}}
+{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress" -}}
 {{- print "networking.k8s.io/v1beta1" -}}
-{{- end -}}
+{{- else -}}
+{{- print "extensions/v1beta1" -}}
+{{- end }}
 {{- end -}}

charts/common/templates/lib/controller/_container.tpl

@@ -19,6 +19,10 @@ The main container included in the controller.
     value: {{ $value | quote }}
   {{- end }}
   {{- end }}
+  {{- with .Values.envFrom }}
+  envFrom:
+    {{- toYaml . | nindent 12 }}
+  {{- end }}
   {{- include "common.controller.ports" . | trim | nindent 2 }}
   volumeMounts:
   {{- range $index, $PVC := .Values.persistence }}
@@ -30,9 +34,7 @@ The main container included in the controller.
   {{- if .Values.additionalVolumeMounts }}
     {{- toYaml .Values.additionalVolumeMounts | nindent 2 }}
   {{- end }}
-
-  {{- include "common.controller.probes.tcpSocket" . | nindent 2 }}
-
+  {{- include "common.controller.probes" . | nindent 2 }}
   {{- with .Values.resources }}
   resources:
     {{- toYaml . | nindent 4 }}

charts/common/templates/lib/controller/_pod.tpl

@@ -0,0 +1,53 @@
+{{- /*
+The pod definition included in the controller.
+*/ -}}
+{{- define "common.controller.pod" -}}
+{{- with .Values.imagePullSecrets }}
+imagePullSecrets:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+serviceAccountName: {{ include "common.names.serviceAccountName" . }}
+{{- with .Values.podSecurityContext }}
+securityContext:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.hostNetwork }}
+hostNetwork: {{ . }}
+{{- end }}
+{{- with .Values.dnsPolicy }}
+dnsPolicy: {{ . }}
+{{- end }}
+{{- with .Values.dnsConfig }}
+dnsConfig:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.initContainers }}
+initContainers:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+containers:
+  {{- include "common.controller.mainContainer" . | nindent 0 }}
+  {{- with .Values.additionalContainers }}
+    {{- toYaml . | nindent 0 }}
+  {{- end }}
+{{- with (include "common.controller.volumes" . | trim) }}
+volumes:
+  {{- . | nindent 0 }}
+{{- end }}
+{{- with .Values.hostAliases }}
+hostAliases:
+{{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.nodeSelector }}
+nodeSelector:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.affinity }}
+affinity:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .Values.tolerations }}
+tolerations:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end -}}

charts/common/templates/lib/controller/_probes.tpl

@@ -1,29 +1,21 @@
 {{/*
-Liveness/readiness/startup probes based on tcpSocket checks.
+Probes selection logic.
 */}}
-{{- define "common.controller.probes.tcpSocket" -}}
-{{- if .Values.probes.liveness.enabled -}}
-livenessProbe:
-  tcpSocket:
-    port: {{ .Values.service.port.name }}
-  initialDelaySeconds: {{ .Values.probes.liveness.initialDelaySeconds }}
-  failureThreshold: {{ .Values.probes.liveness.failureThreshold }}
-  timeoutSeconds: {{ .Values.probes.liveness.timeoutSeconds }}
-{{- end }}
-{{- if .Values.probes.readiness.enabled }}
-readinessProbe:
-  tcpSocket:
-    port: {{ .Values.service.port.name }}
-  initialDelaySeconds: {{ .Values.probes.readiness.initialDelaySeconds }}
-  failureThreshold: {{ .Values.probes.readiness.failureThreshold }}
-  timeoutSeconds: {{ .Values.probes.readiness.timeoutSeconds }}
-{{- end }}
-{{- if .Values.probes.startup.enabled }}
-startupProbe:
-  tcpSocket:
-    port: {{ .Values.service.port.name }}
-  initialDelaySeconds: {{ .Values.probes.startup.initialDelaySeconds }}
-  failureThreshold: {{ .Values.probes.startup.failureThreshold }}
-  periodSeconds: {{ .Values.probes.startup.periodSeconds }}
+{{- define "common.controller.probes" -}}
+{{- $svcPort := .Values.service.port.name -}}
+{{- range $probeName, $probe := .Values.probes }}
+  {{- if $probe.enabled -}}
+    {{- "" | nindent 0 }}
+    {{- $probeName }}Probe:
+    {{- if $probe.custom -}}
+      {{- $probe.spec | toYaml | nindent 2 }}  
+    {{- else }}
+      {{- "tcpSocket:" | nindent 2 }}
+        {{- printf "port: %v" $svcPort  | nindent 4 }}
+      {{- printf "initialDelaySeconds: %v" $probe.spec.initialDelaySeconds  | nindent 2 }}
+      {{- printf "failureThreshold: %v" $probe.spec.failureThreshold  | nindent 2 }}
+      {{- printf "timeoutSeconds: %v" $probe.spec.timeoutSeconds  | nindent 2 }}
+    {{- end }}
+  {{- end }}
 {{- end }}
 {{- end }}

charts/common/values.yaml

@@ -15,6 +15,9 @@ strategy:
 # Override the default args
 args: []
 
+nameOverride: ""
+fullnameOverride: ""
+
 # Set annotations on the pod
 podAnnotations: {}
 
@@ -28,33 +31,64 @@ serviceAccount:
   name: ""
 
 env: {}
+# TZ: UTC
+
+envFrom: []
+# - configMapRef:
+#     name: config-map-name
+# - secretRef:
+#     name: secret-name
 
 # When using hostNetwork make sure you set dnsPolicy to ClusterFirstWithHostNet
 hostNetwork: false
 
 dnsPolicy: ClusterFirst
 
+# Optional DNS settings, configuring the ndots option may resolve
+# nslookup issues on some Kubernetes setups.
+# dnsConfig:
+#   options:
+#     - name: ndots
+#       value: "1"
+
 initContainers: []
 
 additionalContainers: []
 
-# Probes configuration
+## Probes configuration
 probes:
   liveness:
     enabled: true
-    initialDelaySeconds: 30
-    failureThreshold: 5
-    timeoutSeconds: 10
+    ## Set this to true if you wish to specify your own livenessProbe
+    custom: false
+    ## The spec field contains the values for the default livenessProbe. 
+    ## If you selected custom: true, this field holds the definition of the livenessProbe.
+    spec:
+      initialDelaySeconds: 30
+      failureThreshold: 5
+      timeoutSeconds: 10
+
   readiness:
     enabled: true
-    initialDelaySeconds: 30
-    failureThreshold: 5
-    timeoutSeconds: 10
+    ## Set this to true if you wish to specify your own readinessProbe
+    custom: false
+    ## The spec field contains the values for the default readinessProbe. 
+    ## If you selected custom: true, this field holds the definition of the readinessProbe.
+    spec:
+      initialDelaySeconds: 30
+      failureThreshold: 5
+      timeoutSeconds: 10
+
   startup:
     enabled: false
-    initialDelaySeconds: 5
-    failureThreshold: 30
-    periodSeconds: 10
+    ## Set this to true if you wish to specify your own startupProbe
+    custom: false
+    ## The spec field contains the values for the default startupProbe. 
+    ## If you selected custom: true, this field holds the definition of the startupProbe.
+    spec:
+      initialDelaySeconds: 5
+      failureThreshold: 30
+      periodSeconds: 10
 
 service:
   enabled: true
@@ -150,7 +184,7 @@ persistence:
     # subPath: some-subpath
     accessMode: ReadWriteOnce
     size: 1Gi
-    ## Do not delete the pvc upon helm uninstall
+    ## Set to true to retain the PVC upon helm uninstall
     skipuninstall: false
 
   # Create an emptyDir volume to share between all containers
@@ -178,6 +212,8 @@ hostAliases: []
 #   - "www.example.com"
 
 addons:
+
+  # Enable running a VPN in the pod to route traffic through a VPN
   vpn:
     enabled: false
 
@@ -188,6 +224,7 @@ addons:
     openvpn:
       image:
         repository: dperson/openvpn-client
+        pullPolicy: IfNotPresent
         tag: latest
 
       # Credentials to connect to the VPN Service (used with -a)
@@ -200,10 +237,9 @@ addons:
     wireguard:
       image:
         repository: k8sathome/wireguard
+        pullPolicy: IfNotPresent
         tag: 1.0.20200827
 
-    imagePullPolicy: IfNotPresent
-
     # Set the VPN container securityContext
     securityContext:
       capabilities:
@@ -265,3 +301,64 @@ addons:
         #     protocol: UDP
         #   - port: 53
         #     protocol: TCP
+
+  # Enable running a code-server container in the pod to access files
+  codeserver:
+    enabled: false
+
+    image:
+      repository: codercom/code-server
+      pullPolicy: IfNotPresent
+      tag: 3.7.4
+
+    # Specify a list of volumes that get mounted in the code-server container.
+    # At least 1 volumeMount is required!
+    volumeMounts: []
+    # - name: config
+    #   mountPath: /data/config
+
+    # Specify the working dir that will be opened when code-server starts
+    # If not given, the app will default to the mountpah of the first specified volumeMount
+    workingDir: ""
+
+    service:
+      enabled: true
+      type: ClusterIP
+      # Specify the default port information
+      port:
+        port: 12321
+        name: codeserver
+        protocol: TCP
+        targetPort: codeserver
+        ## Specify the nodePort value for the LoadBalancer and NodePort service types.
+        ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+        ##
+        # nodePort:
+
+      ## Provide any additional annotations which may be required. This can be used to
+      ## set the LoadBalancer service type to internal only.
+      ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
+      ##
+      annotations: {}
+      labels: {}
+
+    ingress:
+      enabled: false
+      nameSuffix: codeserver
+      annotations: {}
+        # kubernetes.io/ingress.class: nginx
+        # kubernetes.io/tls-acme: "true"
+      labels: {}
+      hosts:
+        - host: code.chart-example.local
+          paths:
+            - path: /
+              # Ignored if not kubeVersion >= 1.14-0
+              pathType: Prefix
+      tls: []
+      #  - secretName: chart-example-tls
+      #    hosts:
+      #      - code.chart-example.local
+
+    securityContext:
+      runAsUser: 0