diff --git a/charts/common/CHANGELOG.md b/charts/common/CHANGELOG.md index 8a627487..80fd089a 100644 --- a/charts/common/CHANGELOG.md +++ b/charts/common/CHANGELOG.md @@ -4,6 +4,25 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [2.3.0] + +### Added + +- Allow overriding the main container command. +- Allow setting Helm templates as environment variables via `envTpl`. The given value is parsed through Helm's `tpl` function, allowing for powerful variable substitution. +- Support for defining volumeClaimTemplates for StatefulSet. +- Allow the following Pod spec fields to be configurable: + - `priorityClassName` + - `schedulerName` + - `hostname` + +### Fixed + +- `values.yaml` now contains the following sections, these were already functional but were previously undocumented: + - `podSecurityContext` + - `securityContext` + - `resources` + ## [2.2.1] ### Fixed diff --git a/charts/common/Chart.yaml b/charts/common/Chart.yaml index a11f0a6c..7a7cb96d 100644 --- a/charts/common/Chart.yaml +++ b/charts/common/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: common description: Function library for k8s-at-home charts type: library -version: 2.2.1 +version: 2.3.0 keywords: - k8s-at-home - common diff --git a/charts/common/templates/_statefulset.tpl b/charts/common/templates/_statefulset.tpl index 5984a3c6..ef2ec2f6 100644 --- a/charts/common/templates/_statefulset.tpl +++ b/charts/common/templates/_statefulset.tpl @@ -36,4 +36,18 @@ spec: {{- include "common.labels.selectorLabels" . | nindent 8 }} spec: {{- include "common.controller.pod" . | nindent 6 }} + volumeClaimTemplates: + {{- range $index, $vct := .Values.volumeClaimTemplates }} + - metadata: + name: {{ $vct.name }} + spec: + accessModes: + - {{ required (printf "accessMode is required for vCT %v" $vct.name) $vct.accessMode | quote }} + resources: + requests: + storage: {{ required (printf "size is required for PVC %v" $vct.name) $vct.size | quote }} + {{- if $vct.storageClass }} + storageClassName: {{ if (eq "-" $vct.storageClass) }}""{{- else }}{{ $vct.storageClass | quote }}{{- end }} + {{- end }} +{{- end }} {{- end }} diff --git a/charts/common/templates/lib/controller/_container.tpl b/charts/common/templates/lib/controller/_container.tpl index 5a2d2a6e..c8393d74 100644 --- a/charts/common/templates/lib/controller/_container.tpl +++ b/charts/common/templates/lib/controller/_container.tpl @@ -5,6 +5,9 @@ The main container included in the controller. - name: {{ include "common.names.fullname" . }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.command }} + command: {{ . }} + {{- end }} {{- with .Values.args }} args: {{ . }} {{- end }} @@ -12,12 +15,16 @@ The main container included in the controller. securityContext: {{- toYaml . | nindent 4 }} {{- end }} - {{- if .Values.env }} + {{- if or .Values.env .Values.envTpl }} env: {{- range $key, $value := .Values.env }} - name: {{ $key }} value: {{ $value | quote }} {{- end }} + {{- range $key, $value := .Values.envTpl }} + - name: {{ $key }} + value: {{ tpl $value $ | quote }} + {{- end }} {{- end }} {{- with .Values.envFrom }} envFrom: @@ -37,6 +44,15 @@ The main container included in the controller. {{- if .Values.additionalVolumeMounts }} {{- toYaml .Values.additionalVolumeMounts | nindent 2 }} {{- end }} + {{- if eq .Values.controllerType "statefulset" }} + {{- range $index, $vct := .Values.volumeClaimTemplates }} + - mountPath: {{ $vct.mountPath }} + name: {{ $vct.name }} + {{- if $vct.subPath }} + subPath: {{ $vct.subPath }} + {{- end }} + {{- end }} + {{- end }} {{- include "common.controller.probes" . | nindent 2 }} {{- with .Values.resources }} resources: diff --git a/charts/common/templates/lib/controller/_pod.tpl b/charts/common/templates/lib/controller/_pod.tpl index 8743191a..ea66503f 100644 --- a/charts/common/templates/lib/controller/_pod.tpl +++ b/charts/common/templates/lib/controller/_pod.tpl @@ -11,9 +11,18 @@ serviceAccountName: {{ include "common.names.serviceAccountName" . }} securityContext: {{- toYaml . | nindent 2 }} {{- end }} +{{- with .Values.priorityClassName }} +priorityClassName: {{ . }} +{{- end }} +{{- with .Values.schedulerName }} +schedulerName: {{ . }} +{{- end }} {{- with .Values.hostNetwork }} hostNetwork: {{ . }} {{- end }} +{{- with .Values.hostname }} +hostname: {{ . }} +{{- end }} {{- with .Values.dnsPolicy }} dnsPolicy: {{ . }} {{- end }} diff --git a/charts/common/values.yaml b/charts/common/values.yaml index 23402a44..19ccccfd 100644 --- a/charts/common/values.yaml +++ b/charts/common/values.yaml @@ -12,6 +12,8 @@ strategy: ## DaemonSets ignore this type: RollingUpdate +# Override the default command +command: [] # Override the default args args: [] @@ -33,12 +35,25 @@ serviceAccount: env: {} # TZ: UTC +## Variables with values set from templates, example +## With a release name of: demo, the example env value will be: demo-admin +envTpl: {} +# TEMPLATE_VALUE: "{{ .Release.Name }}-admin" envFrom: [] # - configMapRef: # name: config-map-name # - secretRef: # name: secret-name +# Custom priority class for different treatment by the scheduler +# priorityClassName: system-node-critical + +# Allow specifying a custom scheduler name +# schedulerName: awkward-dangerous-scheduler + +# Allow specifying explicit hostname setting +# hostname: + # When using hostNetwork make sure you set dnsPolicy to ClusterFirstWithHostNet hostNetwork: false @@ -56,6 +71,12 @@ dnsPolicy: ClusterFirst # for more information. enableServiceLinks: true +# Configure the Security Context for the Pod +podSecurityContext: {} + +# Configure the Security Context for the main container +securityContext: {} + initContainers: [] additionalContainers: [] @@ -207,6 +228,19 @@ additionalVolumes: [] additionalVolumeMounts: [] +volumeClaimTemplates: [] +# Used in statefulset to create individual disks for each instance +# - name: data +# mountPath: /data +# accessMode: "ReadWriteOnce" +# size: 1Gi +# - name: backup +# mountPath: /backup +# subPath: theSubPath +# accessMode: "ReadWriteOnce" +# size: 2Gi +# storageClass: cheap-storage-class + nodeSelector: {} affinity: {} @@ -221,6 +255,18 @@ hostAliases: [] # - "example.com" # - "www.example.com" +resources: {} +# We usually recommend not to specify default resources and to leave this as a conscious +# choice for the user. This also increases chances charts run on environments with little +# resources, such as Minikube. If you do want to specify resources, uncomment the following +# lines, adjust them as necessary, and remove the curly braces after 'resources:'. +# limits: +# cpu: 100m +# memory: 128Mi +# requests: +# cpu: 100m +# memory: 128Mi + addons: # Enable running a VPN in the pod to route traffic through a VPN diff --git a/test/charts/common-test_spec.rb b/test/charts/common-test_spec.rb index b7a198a1..3227c544 100644 --- a/test/charts/common-test_spec.rb +++ b/test/charts/common-test_spec.rb @@ -38,6 +38,53 @@ class Test < ChartTest end end + describe 'Environment settings' do + it 'Check no environment variables' do + values = {} + chart.value values + assert_nil(resource('Deployment')['spec']['template']['spec']['containers'][0]['env']) + end + + it 'set "static" environment variables' do + values = { + env: { + STATIC_ENV: 'value_of_env' + } + } + chart.value values + jq('.spec.template.spec.containers[0].env[0].name', resource('Deployment')).must_equal values[:env].keys[0].to_s + jq('.spec.template.spec.containers[0].env[0].value', resource('Deployment')).must_equal values[:env].values[0].to_s + end + + + it 'set "static" and "Dynamic/Tpl" environment variables' do + values = { + env: { + STATIC_ENV: 'value_of_env' + }, + envTpl: { + DYN_ENV: "{{ .Release.Name }}-admin" + } + } + chart.value values + jq('.spec.template.spec.containers[0].env[0].name', resource('Deployment')).must_equal values[:env].keys[0].to_s + jq('.spec.template.spec.containers[0].env[0].value', resource('Deployment')).must_equal values[:env].values[0].to_s + jq('.spec.template.spec.containers[0].env[1].name', resource('Deployment')).must_equal values[:envTpl].keys[0].to_s + jq('.spec.template.spec.containers[0].env[1].value', resource('Deployment')).must_equal 'common-test-admin' + end + + it 'set "Dynamic/Tpl" environment variables' do + values = { + envTpl: { + DYN_ENV: "{{ .Release.Name }}-admin" + } + } + chart.value values + jq('.spec.template.spec.containers[0].env[0].name', resource('Deployment')).must_equal values[:envTpl].keys[0].to_s + jq('.spec.template.spec.containers[0].env[0].value', resource('Deployment')).must_equal 'common-test-admin' + end + end + describe 'ports settings' do default_name = 'http' default_port = 8080 @@ -97,5 +144,33 @@ class Test < ChartTest assert_match("Our charts do not support named ports for targetPort. (port name #{default_name}, targetPort #{values[:service][:port][:targetPort]})", exception.message) end end + + describe 'statefulset volumeClaimTemplates' do + + it 'volumeClaimTemplates should be empty by default' do + chart.value controllerType: 'statefulset' + assert_nil(resource('StatefulSet')['spec']['volumeClaimTemplates']) + end + + it 'can set values for volumeClaimTemplates' do + values = { + controllerType: 'statefulset', + volumeClaimTemplates: [ + { + name: 'storage', + accessMode: 'ReadWriteOnce', + size: '10Gi', + storageClass: 'storage' + } + ] + } + + chart.value values + jq('.spec.volumeClaimTemplates[0].metadata.name', resource('StatefulSet')).must_equal values[:volumeClaimTemplates][0][:name] + jq('.spec.volumeClaimTemplates[0].spec.accessModes[0]', resource('StatefulSet')).must_equal values[:volumeClaimTemplates][0][:accessMode] + jq('.spec.volumeClaimTemplates[0].spec.resources.requests.storage', resource('StatefulSet')).must_equal values[:volumeClaimTemplates][0][:size] + jq('.spec.volumeClaimTemplates[0].spec.storageClassName', resource('StatefulSet')).must_equal values[:volumeClaimTemplates][0][:storageClass] + end + end end end