From 7899bea281865dcf37b0ce085b0132394972f06e Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Tue, 14 Sep 2021 12:33:18 -0400
Subject: [PATCH 01/12] updated code
---
chart/templates/_helpers.tpl | 149 ----------------------------
chart/templates/bigbang/vs.yaml | 3 +-
chart/templates/db-secrets.yaml | 12 +--
chart/templates/deployment.yaml | 45 +++++----
chart/templates/efs-pv.yaml | 5 +-
chart/templates/hpa.yaml | 7 +-
chart/templates/ingress.yaml | 6 +-
chart/templates/pdb.yaml | 9 +-
chart/templates/pvc.yaml | 9 +-
chart/templates/serviceaccount.yaml | 8 +-
chart/templates/svc.yaml | 26 ++++-
chart/values.yaml | 8 +-
12 files changed, 91 insertions(+), 196 deletions(-)
diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl
index b80550b..9abbab8 100644
--- a/chart/templates/_helpers.tpl
+++ b/chart/templates/_helpers.tpl
@@ -1,16 +1,7 @@
-
-{{- define "odoo.labels.standard" -}}
-app.kubernetes.io/name: {{ include "odoo.name" . }}
-helm.sh/chart: {{ include "odoo.chart" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
{{- define "odoo.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
-
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
@@ -46,146 +37,6 @@ Create chart name and version as used by the chart label.
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
-{{/*
-Common labels
-*/}}
-{{- define "odoo.labels" -}}
-helm.sh/chart: {{ include "odoo.chart" . }}
-{{ include "odoo.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "odoo.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "odoo.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "odoo.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "odoo.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-
-{{/*
-Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
-*/}}
-{{- define "odoo.labels.matchLabels" -}}
-app.kubernetes.io/name: {{ include "odoo.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Return a soft nodeAffinity definition
-{{ include "odoo.affinities.nodes.soft" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}}
-*/}}
-{{- define "odoo.affinities.nodes.soft" -}}
-preferredDuringSchedulingIgnoredDuringExecution:
- - preference:
- matchExpressions:
- - key: {{ .key }}
- operator: In
- values:
- {{- range .values }}
- - {{ . | quote }}
- {{- end }}
- weight: 1
-{{- end -}}
-
-{{/*
-Return a hard nodeAffinity definition
-{{ include "odoo.affinities.nodes.hard" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}}
-*/}}
-{{- define "odoo.affinities.nodes.hard" -}}
-requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: {{ .key }}
- operator: In
- values:
- {{- range .values }}
- - {{ . | quote }}
- {{- end }}
-{{- end -}}
-
-{{/*
-Return a nodeAffinity definition
-{{ include "odoo.affinities.nodes" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}}
-*/}}
-{{- define "odoo.affinities.nodes" -}}
- {{- if eq .type "soft" }}
- {{- include "odoo.affinities.nodes.soft" . -}}
- {{- else if eq .type "hard" }}
- {{- include "odoo.affinities.nodes.hard" . -}}
- {{- end -}}
-{{- end -}}
-
-{{/*
-Return a soft podAffinity/podAntiAffinity definition
-{{ include "odoo.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
-*/}}
-{{- define "odoo.affinities.pods.soft" -}}
-{{- $component := default "" .component -}}
-{{- $extraMatchLabels := default (dict) .extraMatchLabels -}}
-preferredDuringSchedulingIgnoredDuringExecution:
- - podAffinityTerm:
- labelSelector:
- matchLabels: {{- (include "odoo.labels.matchLabels" .context) | nindent 10 }}
- {{- if not (empty $component) }}
- {{ printf "app.kubernetes.io/component: %s" $component }}
- {{- end }}
- {{- range $key, $value := $extraMatchLabels }}
- {{ $key }}: {{ $value | quote }}
- {{- end }}
- namespaces:
- - {{ .context.Release.Namespace | quote }}
- topologyKey: kubernetes.io/hostname
- weight: 1
-{{- end -}}
-
-{{/*
-Return a hard podAffinity/podAntiAffinity definition
-{{ include "odoo.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
-*/}}
-{{- define "odoo.affinities.pods.hard" -}}
-{{- $component := default "" .component -}}
-{{- $extraMatchLabels := default (dict) .extraMatchLabels -}}
-requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchLabels: {{- (include "odoo.labels.matchLabels" .context) | nindent 8 }}
- {{- if not (empty $component) }}
- {{ printf "app.kubernetes.io/component: %s" $component }}
- {{- end }}
- {{- range $key, $value := $extraMatchLabels }}
- {{ $key }}: {{ $value | quote }}
- {{- end }}
- namespaces:
- - {{ .context.Release.Namespace | quote }}
- topologyKey: kubernetes.io/hostname
-{{- end -}}
-
-{{/*
-Return a podAffinity/podAntiAffinity definition
-{{ include "odoo.affinities.pods" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}}
-*/}}
-{{- define "odoo.affinities.pods" -}}
- {{- if eq .type "soft" }}
- {{- include "odoo.affinities.pods.soft" . -}}
- {{- else if eq .type "hard" }}
- {{- include "odoo.affinities.pods.hard" . -}}
- {{- end -}}
-{{- end -}}
Usage:
{{ include "common.ingress.backend" (dict "serviceName" "backendName" "servicePort" "backendPort" "context" $) }}
diff --git a/chart/templates/bigbang/vs.yaml b/chart/templates/bigbang/vs.yaml
index 3ee1dc1..952dcb3 100644
--- a/chart/templates/bigbang/vs.yaml
+++ b/chart/templates/bigbang/vs.yaml
@@ -6,9 +6,10 @@ metadata:
name: {{ template "odoo.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
- app.kubernetes.io/part-of: odoo
spec:
gateways:
{{- range .Values.istio.gateways }}
diff --git a/chart/templates/db-secrets.yaml b/chart/templates/db-secrets.yaml
index 75e2935..123ac3a 100644
--- a/chart/templates/db-secrets.yaml
+++ b/chart/templates/db-secrets.yaml
@@ -3,13 +3,11 @@ kind: Secret
metadata:
name: {{ printf "%s-db" (include "odoo.fullname" .) }}
namespace: {{ .Release.Namespace | quote }}
- labels: {{- include "odoo.labels.standard" . | nindent 4 }}
- {{- if .Values.odooLabels }}
- {{- include "odoo.tplvalues.render" ( dict "value" .Values.odooLabels "context" $ ) | nindent 4 }}
- {{- end }}
- {{- if .Values.odooAnnotations }}
- annotations: {{- include "odoo.tplvalues.render" ( dict "value" .Values.odooAnnotations "context" $ ) | nindent 4 }}
- {{- end }}
+ labels:
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
type: Opaque
data:
{{- if .Values.postgresql.enabled }}
diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml
index 4b66787..2289413 100644
--- a/chart/templates/deployment.yaml
+++ b/chart/templates/deployment.yaml
@@ -3,16 +3,19 @@ kind: Deployment
metadata:
name: {{ template "odoo.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
- labels: {{- include "odoo.labels.standard" . | nindent 4 }}
- {{- if .Values.odooLabels }}
- {{- include "odoo.tplvalues.render" ( dict "value" .Values.odooLabels "context" $ ) | nindent 4 }}
- {{- end }}
- {{- if .Values.odooAnnotations }}
- annotations: {{- include "odoo.tplvalues.render" ( dict "value" .Values.odooAnnotations "context" $ ) | nindent 4 }}
- {{- end }}
+ labels:
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+ app.kubernetes.io/part-of: odoo
+ app.kubernetes.io/component: {{ template "odoo.name" . }}
+ app.kubernetes.io/version: {{ .Values.image.tag | quote }}
spec:
selector:
- matchLabels: {{- include "odoo.labels.matchLabels" . | nindent 6 }}
+ matchLabels:
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Values.updateStrategy }}
strategy: {{- toYaml .Values.updateStrategy | nindent 4 }}
{{- end }}
@@ -21,13 +24,19 @@ spec:
{{- end }}
template:
metadata:
- labels: {{- include "odoo.labels.standard" . | nindent 8 }}
- {{- if .Values.podLabels }}
- {{- include "odoo.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }}
- {{- end }}
+ labels:
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- with .Values.podLabels }}
+{{ toYaml . | indent 8 }}
+{{- end }}
{{- if .Values.podAnnotations }}
annotations:
- {{- include "odoo.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
+{{- with .Values.podAnnotations }}
+{{ toYaml . | indent 8 }}
+{{- end }}
{{- end }}
spec:
imagePullSecrets:
@@ -35,19 +44,15 @@ spec:
{{- if .Values.schedulerName }}
schedulerName: {{ .Values.schedulerName | quote }}
{{- end }}
- serviceAccountName: {{ template "odoo.serviceAccountName" . }}
+ serviceAccountName: {{ include "odoo.name" . }}-ServiceAccount
{{- if .Values.hostAliases }}
# yamllint disable rule:indentation
hostAliases: {{- include "odoo.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }}
# yamllint enable rule:indentation
{{- end }}
{{- if .Values.affinity }}
- affinity: {{- include "odoo.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }}
- {{- else }}
- affinity:
- podAffinity: {{- include "odoo.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }}
- podAntiAffinity: {{- include "odoo.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }}
- nodeAffinity: {{- include "odoo.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }}
+ affinity:
+{{ toYaml .Values.affinity | indent 8 }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector:
diff --git a/chart/templates/efs-pv.yaml b/chart/templates/efs-pv.yaml
index 3aebe1b..9766b25 100644
--- a/chart/templates/efs-pv.yaml
+++ b/chart/templates/efs-pv.yaml
@@ -4,7 +4,10 @@ kind: PersistentVolume
metadata:
name: {{ template "odoo.fullname" . }}-data
labels:
-{{ include "odoo.labels" . | indent 4 }}
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
capacity:
storage: {{ .Values.persistence.size }}
diff --git a/chart/templates/hpa.yaml b/chart/templates/hpa.yaml
index f3117e4..411dce0 100644
--- a/chart/templates/hpa.yaml
+++ b/chart/templates/hpa.yaml
@@ -4,7 +4,12 @@ kind: HorizontalPodAutoscaler
metadata:
name: {{ template "odoo.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
- labels: {{- include "odoo.labels.standard" . | nindent 4 }}
+ labels:
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+
spec:
scaleTargetRef:
apiVersion: apps/v1
diff --git a/chart/templates/ingress.yaml b/chart/templates/ingress.yaml
index 519f708..7afe274 100644
--- a/chart/templates/ingress.yaml
+++ b/chart/templates/ingress.yaml
@@ -4,7 +4,11 @@ kind: Ingress
metadata:
name: {{ include "odoo.fullname" . }}
labels:
- {{- include "odoo.labels" . | nindent 4 }}
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+ #{{- include "odoo.labels" . | nindent 4 }}
annotations:
{{ if .Values.ingress.nginx }}
"kubernetes.io/ingress.class": "nginx"
diff --git a/chart/templates/pdb.yaml b/chart/templates/pdb.yaml
index c37a3d0..e24f7ea 100644
--- a/chart/templates/pdb.yaml
+++ b/chart/templates/pdb.yaml
@@ -4,10 +4,11 @@ kind: PodDisruptionBudget
metadata:
name: {{ template "common.names.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
- labels: {{- include "common.labels.standard" . | nindent 4 }}
- {{- if .Values.commonLabels }}
- {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
- {{- end }}
+ labels:
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
diff --git a/chart/templates/pvc.yaml b/chart/templates/pvc.yaml
index fd7ca96..d422697 100644
--- a/chart/templates/pvc.yaml
+++ b/chart/templates/pvc.yaml
@@ -4,10 +4,11 @@ apiVersion: v1
metadata:
name: {{ template "odoo.fullname" . }}-data
namespace: {{ .Release.Namespace | quote }}
- labels: {{- include "odoo.labels.standard" . | nindent 4 }}
- {{- if .Values.odooLabels }}
- {{- include "odoo.tplvalues.render" ( dict "value" .Values.odooLabels "context" $ ) | nindent 4 }}
- {{- end }}
+ labels:
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.odooAnnotations }}
annotations: {{- include "odoo.tplvalues.render" ( dict "value" .Values.odooAnnotations "context" $ ) | nindent 4 }}
{{- end }}
diff --git a/chart/templates/serviceaccount.yaml b/chart/templates/serviceaccount.yaml
index 3452b52..9ff14f2 100644
--- a/chart/templates/serviceaccount.yaml
+++ b/chart/templates/serviceaccount.yaml
@@ -2,9 +2,13 @@
apiVersion: v1
kind: ServiceAccount
metadata:
- name: {{ include "odoo.serviceAccountName" . }}
+ name: {{ include "odoo.name" . }}-ServiceAccount
namespace: {{ .Release.Namespace | quote }}
- labels: {{- include "common.labels.standard" . | nindent 4 }}
+ labels:
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
diff --git a/chart/templates/svc.yaml b/chart/templates/svc.yaml
index 639b416..a907cbc 100644
--- a/chart/templates/svc.yaml
+++ b/chart/templates/svc.yaml
@@ -2,9 +2,16 @@ apiVersion: v1
kind: Service
metadata:
name: {{ template "odoo.fullname" . }}
- labels: {{- include "odoo.labels.standard" . | nindent 4 }}
+ labels:
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.commonAnnotations }}
- annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ annotations:
+ {{- range $key, $value := .Values.service.annotations }}
+ {{ $key }}: {{ $value | quote }}
+ {{- end }}
{{- end }}
spec:
ports:
@@ -14,4 +21,17 @@ spec:
targetPort: http
type: {{ .Values.service.type }}
selector:
- {{- include "odoo.selectorLabels" . | nindent 4 }}
+ app: {{ template "odoo.name" . }}
+ release: {{ .Release.Name }}
+ {{- if eq .Values.service.type "LoadBalancer"}}
+ {{- if .Values.service.loadBalancerSourceRanges }}
+ loadBalancerSourceRanges:
+ {{- range .Values.service.loadBalancerSourceRanges }}
+ - {{ . }}
+ {{- end }}
+ {{- end -}}
+ {{- if .Values.service.loadBalancerIP}}
+ loadBalancerIP: {{.Values.service.loadBalancerIP}}
+ {{- end }}
+ {{- end }}
+
diff --git a/chart/values.yaml b/chart/values.yaml
index 3d3b68a..eb7ad0a 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -3,8 +3,10 @@ fullnameOverride: ""
commonLabels: {}
commonAnnotations: {}
hostAliases: []
-podLabels: {}
-podAnnotations: {}
+podLabels:
+ keycloak: protect
+podAnnotations:
+ foo: bar
podAffinityPreset: ""
podAntiAffinityPreset: soft
extraLabels : {}
@@ -120,7 +122,7 @@ customStartupProbe: {}
service:
type: ClusterIP
-
+ annotatins: {}
persistence:
enabled: true
efs:
--
GitLab
From 0d5a8204ad01eaa1a81d8b4525b375c24fd9af6a Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Tue, 14 Sep 2021 12:37:56 -0400
Subject: [PATCH 02/12] updated code
---
chart/templates/bigbang/vs.yaml | 1 +
chart/templates/deployment.yaml | 2 +-
chart/templates/serviceaccount.yaml | 2 +-
3 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/chart/templates/bigbang/vs.yaml b/chart/templates/bigbang/vs.yaml
index 952dcb3..8c6d6cc 100644
--- a/chart/templates/bigbang/vs.yaml
+++ b/chart/templates/bigbang/vs.yaml
@@ -10,6 +10,7 @@ metadata:
helm.sh/chart: {{ include "odoo.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
+ app.kubernetes.io/part-of: odoo
spec:
gateways:
{{- range .Values.istio.gateways }}
diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml
index 2289413..16bb2ad 100644
--- a/chart/templates/deployment.yaml
+++ b/chart/templates/deployment.yaml
@@ -44,7 +44,7 @@ spec:
{{- if .Values.schedulerName }}
schedulerName: {{ .Values.schedulerName | quote }}
{{- end }}
- serviceAccountName: {{ include "odoo.name" . }}-ServiceAccount
+ serviceAccountName: {{ include "odoo.name" . }}-serviceaccount
{{- if .Values.hostAliases }}
# yamllint disable rule:indentation
hostAliases: {{- include "odoo.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }}
diff --git a/chart/templates/serviceaccount.yaml b/chart/templates/serviceaccount.yaml
index 9ff14f2..03defcf 100644
--- a/chart/templates/serviceaccount.yaml
+++ b/chart/templates/serviceaccount.yaml
@@ -2,7 +2,7 @@
apiVersion: v1
kind: ServiceAccount
metadata:
- name: {{ include "odoo.name" . }}-ServiceAccount
+ name: {{ include "odoo.name" . }}-serviceaccount
namespace: {{ .Release.Namespace | quote }}
labels:
app.kubernetes.io/name: {{ include "odoo.name" . }}
--
GitLab
From 868ce575de8698f9b6166f6fcaa39d34ffb755b8 Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Tue, 14 Sep 2021 12:49:31 -0400
Subject: [PATCH 03/12] updated code
---
chart/templates/deployment.yaml | 2 ++
chart/values.yaml | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml
index 16bb2ad..6ad0309 100644
--- a/chart/templates/deployment.yaml
+++ b/chart/templates/deployment.yaml
@@ -44,7 +44,9 @@ spec:
{{- if .Values.schedulerName }}
schedulerName: {{ .Values.schedulerName | quote }}
{{- end }}
+ {{- if .Values.serviceAccount.create }}
serviceAccountName: {{ include "odoo.name" . }}-serviceaccount
+ {{- end }}
{{- if .Values.hostAliases }}
# yamllint disable rule:indentation
hostAliases: {{- include "odoo.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }}
diff --git a/chart/values.yaml b/chart/values.yaml
index eb7ad0a..fe3fa50 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -170,7 +170,7 @@ externalDatabase:
# odoo-postgresql
postgresql:
- enabled: false
+ enabled: true
postgresqlUsername: odoouser
postgresqlPassword: odoosecret
postgresqlDatabase: postgres
--
GitLab
From 1c9a98c6a2d59bf3c5057d7791b40c381e61350f Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Tue, 14 Sep 2021 12:56:58 -0400
Subject: [PATCH 04/12] update matchlabels
---
chart/templates/svc.yaml | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/chart/templates/svc.yaml b/chart/templates/svc.yaml
index a907cbc..8d986a3 100644
--- a/chart/templates/svc.yaml
+++ b/chart/templates/svc.yaml
@@ -21,8 +21,10 @@ spec:
targetPort: http
type: {{ .Values.service.type }}
selector:
- app: {{ template "odoo.name" . }}
- release: {{ .Release.Name }}
+ app.kubernetes.io/name: {{ include "odoo.name" . }}
+ helm.sh/chart: {{ include "odoo.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if eq .Values.service.type "LoadBalancer"}}
{{- if .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
--
GitLab
From 41f88467b3b21c16bee961c519cc295f9da39801 Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Tue, 14 Sep 2021 13:49:33 -0400
Subject: [PATCH 05/12] updated code after review
---
chart/values.yaml | 32 ++------------------------------
1 file changed, 2 insertions(+), 30 deletions(-)
diff --git a/chart/values.yaml b/chart/values.yaml
index fe3fa50..a1350d3 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -3,10 +3,8 @@ fullnameOverride: ""
commonLabels: {}
commonAnnotations: {}
hostAliases: []
-podLabels:
- keycloak: protect
-podAnnotations:
- foo: bar
+podLabels: {}
+podAnnotations: {}
podAffinityPreset: ""
podAntiAffinityPreset: soft
extraLabels : {}
@@ -21,15 +19,6 @@ image:
## NOTE: ReadWriteMany PVC(s) are required if replicaCount > 1
replicaCount: 1
-## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
-## NOTE: Set it to `Recreate` if you use a PV that cannot be mounted on multiple pods
-## e.g:
-## updateStrategy:
-## type: RollingUpdate
-## rollingUpdate:
-## maxSurge: 25%
-## maxUnavailable: 25%
-##
updateStrategy:
type: RollingUpdate
rollingUpdate: {}
@@ -38,23 +27,6 @@ serviceAccount:
create: false
name: ""
-nodeAffinityPreset:
- ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
- type: ""
- ## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set
- key: ""
- ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set
- ## E.g.
- ## values:
- ## - e2e-az1
- ## - e2e-az2
- ##
- values: []
-
-## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
-## NOTE: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
-##
-
affinity: {}
## ref: https://kubernetes.io/docs/user-guide/node-selection/
--
GitLab
From 8322e8b27bbb066e9330af9e05eef3cbcd266763 Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Tue, 14 Sep 2021 13:49:49 -0400
Subject: [PATCH 06/12] updated code after review
---
chart/Chart.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 7a1ff56..5602ac1 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -18,7 +18,7 @@ name: odoo
sources:
- https://www.odoo.com/
- https://repo1.dso.mil/dsop/opensource/odoo/odoo
-version: 0.1.0
+version: 0.1.1
dependencies:
- name: postgresql
version: 8.6.4
--
GitLab
From 6402e9816b2a7fa16680b7ad0d213b9e30180e71 Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Tue, 28 Sep 2021 12:32:44 -0400
Subject: [PATCH 07/12] added netpolicies for testing
---
.../networkpolicies/egress-deny-all.yaml | 12 +++++++++++
.../bigbang/networkpolicies/egress-dns.yaml | 16 +++++++++++++++
.../bigbang/networkpolicies/egress.yaml | 17 ++++++++++++++++
.../networkpolicies/ingress-deny-all.yaml | 13 ++++++++++++
.../networkpolicies/ingress-istio.yaml | 20 +++++++++++++++++++
.../networkpolicies/ingress-namespace.yaml | 14 +++++++++++++
6 files changed, 92 insertions(+)
create mode 100644 chart/templates/bigbang/networkpolicies/egress-deny-all.yaml
create mode 100644 chart/templates/bigbang/networkpolicies/egress-dns.yaml
create mode 100644 chart/templates/bigbang/networkpolicies/egress.yaml
create mode 100644 chart/templates/bigbang/networkpolicies/ingress-deny-all.yaml
create mode 100644 chart/templates/bigbang/networkpolicies/ingress-istio.yaml
create mode 100644 chart/templates/bigbang/networkpolicies/ingress-namespace.yaml
diff --git a/chart/templates/bigbang/networkpolicies/egress-deny-all.yaml b/chart/templates/bigbang/networkpolicies/egress-deny-all.yaml
new file mode 100644
index 0000000..3bdf366
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/egress-deny-all.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.networkPolicies.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+ name: egress-default-deny
+ namespace: "{{ .Release.Namespace }}"
+spec:
+ podSelector: {}
+ policyTypes:
+ - Egress
+ egress: []
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/bigbang/networkpolicies/egress-dns.yaml b/chart/templates/bigbang/networkpolicies/egress-dns.yaml
new file mode 100644
index 0000000..689d5dc
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/egress-dns.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.networkPolicies.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+ name: egress-dns
+ namespace: "{{ .Release.Namespace }}"
+spec:
+ podSelector: {} # all pods in Release namespace
+ policyTypes:
+ - Egress
+ egress:
+ - to:
+ ports:
+ - port: 53
+ protocol: UDP
+{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/egress.yaml b/chart/templates/bigbang/networkpolicies/egress.yaml
new file mode 100644
index 0000000..f258d75
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/egress.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.networkPolicies.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+ name: internet-egress
+ namespace: "{{ .Release.Namespace }}"
+spec:
+ podSelector: {}
+ policyTypes:
+ - Egress
+ egress:
+ - to:
+ - ipBlock:
+ cidr: 0.0.0.0/0
+ except:
+ - 169.254.169.254/32
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/bigbang/networkpolicies/ingress-deny-all.yaml b/chart/templates/bigbang/networkpolicies/ingress-deny-all.yaml
new file mode 100644
index 0000000..28d12fe
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/ingress-deny-all.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.networkPolicies.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+ name: ingress-default-deny
+ namespace: "{{ .Release.Namespace }}"
+spec:
+ podSelector: {}
+ policyTypes:
+ - Ingress
+ ingress: []
+{{- end }}
+
\ No newline at end of file
diff --git a/chart/templates/bigbang/networkpolicies/ingress-istio.yaml b/chart/templates/bigbang/networkpolicies/ingress-istio.yaml
new file mode 100644
index 0000000..e06ac33
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/ingress-istio.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.networkPolicies.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+ name: ingress-istio-web
+ namespace: "{{ .Release.Namespace }}"
+spec:
+ podSelector: {}
+ policyTypes:
+ - Ingress
+ ingress:
+ - from:
+ - namespaceSelector:
+ matchLabels:
+ app.kubernetes.io/name: istio-controlplane
+ podSelector: {}
+ ports:
+ - port: 8069
+ protocol: TCP
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/bigbang/networkpolicies/ingress-namespace.yaml b/chart/templates/bigbang/networkpolicies/ingress-namespace.yaml
new file mode 100644
index 0000000..7bd162b
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/ingress-namespace.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.networkPolicies.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+ name: ingress-in-namespace
+ namespace: "{{ .Release.Namespace }}"
+spec:
+ podSelector: {}
+ policyTypes:
+ - Ingress
+ ingress:
+ - from:
+ - podSelector: {}
+{{- end }}
\ No newline at end of file
--
GitLab
From a3ec609e535dd70cb9c5f578dcaf10b865fa56b3 Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Tue, 28 Sep 2021 12:34:02 -0400
Subject: [PATCH 08/12] updated code
---
chart/values.yaml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/chart/values.yaml b/chart/values.yaml
index a1350d3..cf1ec51 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -173,3 +173,5 @@ postgresql:
enabled: false
serviceAccount:
enabled: false
+networkPolicies:
+ enabled: false
\ No newline at end of file
--
GitLab
From b7959cfba80cec336952985a0a0492a65f08e260 Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Thu, 30 Sep 2021 11:02:33 -0400
Subject: [PATCH 09/12] version bump
---
chart/Chart.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 5602ac1..13269c5 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -18,7 +18,7 @@ name: odoo
sources:
- https://www.odoo.com/
- https://repo1.dso.mil/dsop/opensource/odoo/odoo
-version: 0.1.1
+version: 0.1.2
dependencies:
- name: postgresql
version: 8.6.4
--
GitLab
From ca9bf9f8626326d3b87ed03e863c58d97f6e909c Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Thu, 4 Nov 2021 10:31:40 -0400
Subject: [PATCH 10/12] updated pvc storage class
---
chart/templates/pvc.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/chart/templates/pvc.yaml b/chart/templates/pvc.yaml
index d422697..d1c2522 100644
--- a/chart/templates/pvc.yaml
+++ b/chart/templates/pvc.yaml
@@ -24,7 +24,7 @@ spec:
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
- storageClassName: {{ .Values.persistence.storageClassName }}
+ storageClassName: {{ .Values.persistence.storageClass }}
{{- if .Values.persistence.dataSource }}
dataSource: {{- include "odoo.tplvalues.render" (dict "value" .Values.persistence.dataSource "context" $) | nindent 4 }}
{{- end }}
--
GitLab
From 1ff0d0355625e8aea2fbe01e88cc03593dee3f96 Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Thu, 4 Nov 2021 10:33:47 -0400
Subject: [PATCH 11/12] version bump
---
chart/Chart.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 13269c5..6132b1f 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -18,7 +18,7 @@ name: odoo
sources:
- https://www.odoo.com/
- https://repo1.dso.mil/dsop/opensource/odoo/odoo
-version: 0.1.2
+version: 0.2.0
dependencies:
- name: postgresql
version: 8.6.4
--
GitLab
From ef20597812e8c179f5ec8085e9a901b166bfc05a Mon Sep 17 00:00:00 2001
From: Arun <asanna@vivsoft.io>
Date: Thu, 4 Nov 2021 17:23:06 -0400
Subject: [PATCH 12/12] updated vs to block a url
---
chart/templates/bigbang/vs.yaml | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/chart/templates/bigbang/vs.yaml b/chart/templates/bigbang/vs.yaml
index 8c6d6cc..3b0b493 100644
--- a/chart/templates/bigbang/vs.yaml
+++ b/chart/templates/bigbang/vs.yaml
@@ -18,7 +18,18 @@ spec:
{{- end }}
hosts:
- {{ .Values.hostname }}
+
http:
+ - match:
+ - uri:
+ exact: "/web/database/manager"
+ rewrite:
+ uri: /
+ route:
+ - destination:
+ host: {{ $serviceName }}
+ port:
+ number: {{ .Values.containerPort }}
- route:
- destination:
host: {{ $serviceName }}
--
GitLab