impl: add helm chart

This commit is contained in:
anna 2024-02-07 17:41:00 +00:00
parent ff0eedec39
commit 1a99aab121
7 changed files with 206 additions and 0 deletions

7
chart/Chart.yaml Normal file
View file

@ -0,0 +1,7 @@
apiVersion: v2
name: app
description: ''
type: application
version: 0.0.1
appVersion: "0.0.1"

View file

@ -0,0 +1,41 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "app.name" -}}
{{- .Values.devhosting.appname | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "app.fullname" -}}
{{- .Values.devhosting.appname | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "app.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "app.labels" -}}
helm.sh/chart: {{ include "app.chart" . }}
{{ include "app.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "app.selectorLabels" -}}
app.kubernetes.io/name: {{ include "app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

View file

@ -0,0 +1,39 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "app.fullname" . }}
labels:
{{- include "app.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicas }}
selector:
matchLabels:
{{- include "app.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "app.selectorLabels" . | nindent 8 }}
spec:
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.service.app_port }}
protocol: TCP
startupProbe:
initialDelaySeconds: 20
httpGet:
path: /
port: http
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
resources:
{{- toYaml .Values.resources | nindent 12 }}

View file

@ -0,0 +1,50 @@
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: {{ include "app.fullname" . }}
labels:
{{- include "app.labels" . | nindent 4 }}
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- {{ .Values.service.host }}
{{- if .Values.service.ssl.enabled }}
- port:
number: 443
name: https
protocol: HTTPS
hosts:
- {{ .Values.service.host }}
tls:
mode: SIMPLE
credentialName: {{ include "app.fullname" . }}
{{- end }}
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: {{ include "app.fullname" . }}
labels:
{{- include "app.labels" . | nindent 4 }}
spec:
hosts:
- {{ .Values.service.host }}
gateways:
- {{ include "app.fullname" . }}
http:
- name: primary
headers:
response:
set:
Cache-Control: public, max-age=31536000, immutable
route:
- destination:
host: {{ include "app.fullname" . }}
port:
number: {{ .Values.service.app_port }}

View file

@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "app.fullname" . }}
labels:
{{- include "app.labels" . | nindent 4 }}
spec:
selector:
{{- include "app.selectorLabels" . | nindent 4 }}
ports:
- port: {{ .Values.service.app_port }}
targetPort: http
name: http
protocol: TCP

27
chart/templates/ssl.yaml Normal file
View file

@ -0,0 +1,27 @@
{{- if .Values.service.ssl.enabled }}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ include "app.fullname" . }}
namespace: istio-system
spec:
secretName: {{ include "app.fullname" . }}
commonName: {{ .Values.service.host }}
duration: 2160h0m0s # 90d
renewBefore: 360h0m0s # 15d
subject:
organizations:
- DevMiner.xyz
privateKey:
algorithm: RSA
encoding: PKCS1
size: 4096
usages:
- server auth
- client auth
dnsNames:
- {{ .Values.service.host }}
issuerRef:
name: {{ .Values.service.ssl.issuer.name }}
kind: {{ .Values.service.ssl.issuer.kind }}
{{- end }}

28
chart/values.yml Normal file
View file

@ -0,0 +1,28 @@
image:
repository: git.devminer.xyz/devminer/publii-testing
pullPolicy: Always
tag: "main"
replicas: 3
service:
app_port: 80
host: publii-testing.devminer.xyz
ssl:
enabled: true
port: 443
issuer:
name: letsencrypt
kind: ClusterIssuer
resources:
limits:
cpu: 128m
memory: 128Mi
requests:
cpu: 16m
memory: 32Mi
# populated by the ArgoCD application
devhosting:
appname: ''