-
Notifications
You must be signed in to change notification settings - Fork 52
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #674 from VSIVAKALYAN/develop
[DSD-5159] Added helm for mosipcertmanager
- Loading branch information
Showing
11 changed files
with
680 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| apiVersion: v2 | ||
| name: mosipcertmanager | ||
| description: A Helm chart to deploy mosipcertmanager to test working of MOSIP modules | ||
| type: application | ||
| version: 0.0.1-develop | ||
| appVersion: "" | ||
| dependencies: | ||
| - name: common | ||
| repository: https://charts.bitnami.com/bitnami | ||
| tags: | ||
| - bitnami-common | ||
| version: 1.x.x | ||
| home: https://mosip.io | ||
| keywords: | ||
| - mosip | ||
| - mosipcertmanager | ||
| maintainers: | ||
| - email: [email protected] | ||
| name: MOSIP |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # mosipcertmanager | ||
| Helm chart for installing mosipcertmanager | ||
|
|
||
| ## Introduction | ||
| It's a cronjob that checks DBs for partner certificate expiry dates and renews the certificates if expired. | ||
|
|
||
|
|
||
| # TL;DR | ||
| ```console | ||
| $ helm repo add mosip https://mosip.github.io | ||
| $ helm install my-release mosip/mosipcertmanager | ||
| ``` | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,63 @@ | ||
| {{/* | ||
| Return the proper image name | ||
| */}} | ||
| {{- define "mosipcertmanager.image" -}} | ||
| {{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} | ||
| {{- end -}} | ||
|
|
||
| {{/* | ||
| Return the proper image name (for the init container volume-permissions image) | ||
| */}} | ||
| {{- define "mosipcertmanager.volumePermissions.image" -}} | ||
| {{- include "common.images.image" ( dict "imageRoot" .Values.volumePermissions.image "global" .Values.global ) -}} | ||
| {{- end -}} | ||
|
|
||
| {{/* | ||
| Return the proper Docker Image Registry Secret Names | ||
| */}} | ||
| {{- define "mosipcertmanager.imagePullSecrets" -}} | ||
| {{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.volumePermissions.image) "global" .Values.global) -}} | ||
| {{- end -}} | ||
|
|
||
| {{/* | ||
| Create the name of the service account to use | ||
| */}} | ||
| {{- define "mosipcertmanager.serviceAccountName" -}} | ||
| {{- if .Values.serviceAccount.create -}} | ||
| {{ default (printf "%s-foo" (include "common.names.fullname" .)) .Values.serviceAccount.name }} | ||
| {{- else -}} | ||
| {{ default "default" .Values.serviceAccount.name }} | ||
| {{- end -}} | ||
| {{- end -}} | ||
|
|
||
| {{/* | ||
| Compile all warnings into a single message. | ||
| */}} | ||
| {{- define "mosipcertmanager.validateValues" -}} | ||
| {{- $messages := list -}} | ||
| {{- $messages := append $messages (include "mosipcertmanager.validateValues.foo" .) -}} | ||
| {{- $messages := append $messages (include "mosipcertmanager.validateValues.bar" .) -}} | ||
| {{- $messages := without $messages "" -}} | ||
| {{- $message := join "\n" $messages -}} | ||
|
|
||
| {{- if $message -}} | ||
| {{- printf "\nVALUES VALIDATION:\n%s" $message -}} | ||
| {{- end -}} | ||
| {{- end -}} | ||
|
|
||
| {{/* | ||
| Return podAnnotations | ||
| */}} | ||
| {{- define "mosipcertmanager.podAnnotations" -}} | ||
| {{- if .Values.podAnnotations }} | ||
| {{ include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) }} | ||
| {{- end }} | ||
| {{- if and .Values.metrics.enabled .Values.metrics.podAnnotations }} | ||
| {{ include "common.tplvalues.render" (dict "value" .Values.metrics.podAnnotations "context" $) }} | ||
| {{- end }} | ||
| {{- end -}} | ||
|
|
||
| {{/* Create the name for restart cronjob */}} | ||
| {{- define "mosipcertmanager.cronjob" -}} | ||
| {{ default (printf "cronjob-%s" (include "common.names.fullname" .)) .Values.serviceAccount.name }} | ||
| {{- end -}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| kind: ClusterRoleBinding | ||
| apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} | ||
| metadata: | ||
| labels: {{- include "common.labels.standard" . | nindent 4 }} | ||
| {{- if .Values.commonLabels }} | ||
| {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} | ||
| {{- end }} | ||
| name: {{ template "common.names.fullname" . }} | ||
| {{- if .Values.commonAnnotations }} | ||
| annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} | ||
| {{- end }} | ||
| roleRef: | ||
| apiGroup: rbac.authorization.k8s.io | ||
| kind: ClusterRole | ||
| name: {{ template "common.names.fullname" . }} | ||
| subjects: | ||
| - kind: ServiceAccount | ||
| name: {{ template "mosipcertmanager.serviceAccountName" . }} | ||
| namespace: {{ .Release.Namespace }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| {{- if .Values.mosipcertmanager.configmaps }} | ||
| {{- range $cm_name, $cm_value := .Values.mosipcertmanager.configmaps }} | ||
| --- | ||
| apiVersion: v1 | ||
| kind: ConfigMap | ||
| metadata: | ||
| name: {{ $cm_name }} | ||
| namespace: {{ $.Release.Namespace }} | ||
| labels: {{- include "common.labels.standard" $ | nindent 8 }} | ||
| {{- if $.Values.commonLabels }} | ||
| {{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 8 }} | ||
| {{- end }} | ||
| {{- if $.Values.commonAnnotations }} | ||
| annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 8 }} | ||
| {{- end }} | ||
| data: | ||
| {{- range $key, $value := $cm_value }} | ||
| {{ $key }}: {{ $value | quote }} | ||
| {{- end }} | ||
| {{- end }} | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| --- | ||
| apiVersion: {{ include "common.capabilities.cronjob.apiVersion" $ }} | ||
| kind: CronJob | ||
| metadata: | ||
| name: {{ template "mosipcertmanager.cronjob" $ }} | ||
| namespace: {{ .Release.Namespace }} | ||
| annotations: | ||
| {{- if .Values.commonAnnotations }} | ||
| {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} | ||
| {{- end }} | ||
| labels: {{- include "common.labels.standard" $ | nindent 4 }} | ||
| {{- if .Values.commonLabels }} | ||
| {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} | ||
| {{- end }} | ||
|
|
||
| spec: | ||
| concurrencyPolicy: Forbid | ||
| successfulJobsHistoryLimit: 1 # remove jobs which are successfully executed | ||
| failedJobsHistoryLimit: 1 # except 1 recent failed job, remove jobs which are not successfully executed | ||
| #schedule: '*/3 * * * *' # cron spec of time | ||
| schedule: {{ .Values.crontime }} | ||
| jobTemplate: | ||
| spec: | ||
| backoffLimit: 0 # this has very low chance of failing, as all this does | ||
| # is prompt kubernetes to schedule new replica set for | ||
| # the deployment | ||
| # activeDeadlineSeconds: 600 # timeout, makes most sense with | ||
| # "waiting for rollout" variant specified below | ||
| template: | ||
| spec: | ||
| # account configured above | ||
| restartPolicy: Never | ||
| containers: | ||
| - name: {{ template "mosipcertmanager.serviceAccountName" $ }} | ||
| image: {{ template "mosipcertmanager.image" $ }} | ||
| imagePullPolicy: {{ .Values.image.pullPolicy }} | ||
| {{- if .Values.lifecycleHooks }} | ||
| lifecycle: {{- include "common.tpvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} | ||
| {{- end }} | ||
| {{- if .Values.containerSecurityContext.enabled }} | ||
| securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }} | ||
| {{- end }} | ||
| {{- if .Values.command }} | ||
| command: {{- include "common.tpvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }} | ||
| {{- end }} | ||
| {{- if .Values.args }} | ||
| args: {{- include "common.tpvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }} | ||
| {{- end }} | ||
| env: | ||
| - name: mosip_pms_client_secret | ||
| valueFrom: | ||
| secretKeyRef: | ||
| key: mosip_pms_client_secret | ||
| name: keycloak-client-secrets | ||
| - name: container_user | ||
| value: {{ .Values.containerSecurityContext.runAsUser }} | ||
| {{- if .Values.extraEnvVars }} | ||
| {{- include "common.tpvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} | ||
| {{- end }} | ||
| envFrom: | ||
| {{- if .Values.extraEnvVarsCM }} | ||
| {{- range .Values.extraEnvVarsCM }} | ||
| - configMapRef: | ||
| name: {{ . }} | ||
| {{- end }} | ||
| {{- end }} | ||
| {{- if .Values.extraEnvVarsSecret }} | ||
| {{- range .Values.extraEnvVarsSecret }} | ||
| - secretRef: | ||
| name: {{ . }} | ||
| {{- end }} | ||
| {{- end }} | ||
| ports: | ||
| - name: spring-service | ||
| containerPort: {{ .Values.springServicePort }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| {{- range .Values.extraDeploy }} | ||
| --- | ||
| {{ include "common.tplvalues.render" (dict "value" . "context" $) }} | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| {{- if .Values.mosipcertmanager.secrets }} | ||
| {{- range $secret_name, $secret_value := .Values.mosipcertmanager.secrets }} | ||
| apiVersion: v1 | ||
| kind: Secret | ||
| metadata: | ||
| name: {{ $secret_name }} | ||
| namespace: {{ $.Release.Namespace }} | ||
| labels: {{- include "common.labels.standard" $ | nindent 8 }} | ||
| {{- if $.Values.commonLabels }} | ||
| {{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 8 }} | ||
| {{- end }} | ||
| {{- if $.Values.commonAnnotations }} | ||
| annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 8 }} | ||
| {{- end }} | ||
| type: Opaque | ||
| data: | ||
| {{- range $key, $value := $secret_value }} | ||
| {{ $key }}: {{ $value | b64enc | quote }} | ||
| {{- end }} | ||
| {{- end }} | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| apiVersion: v1 | ||
| kind: ServiceAccount | ||
| metadata: | ||
| labels: {{- include "common.labels.standard" . | nindent 4 }} | ||
| {{- if .Values.commonLabels }} | ||
| {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} | ||
| {{- end }} | ||
| name: {{ template "mosipcertmanager.serviceAccountName" . }} | ||
| {{- if .Values.commonAnnotations }} | ||
| annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} | ||
| {{- end }} | ||
| namespace: {{ .Release.Namespace }} |
Oops, something went wrong.