From 6b093781b79a5d4c9ec693d15c67314ae9a33342 Mon Sep 17 00:00:00 2001 From: Stefan Prodan Date: Fri, 16 Nov 2018 19:00:44 +0200 Subject: [PATCH] Remove chart museum --- charts/chartmuseum/.helmignore | 23 - charts/chartmuseum/Chart.yaml | 18 - charts/chartmuseum/OWNERS | 6 - charts/chartmuseum/README.md | 458 ------------------ charts/chartmuseum/templates/NOTES.txt | 30 -- charts/chartmuseum/templates/_helpers.tpl | 84 ---- charts/chartmuseum/templates/deployment.yaml | 123 ----- charts/chartmuseum/templates/ingress.yaml | 33 -- charts/chartmuseum/templates/pvc.yaml | 22 - charts/chartmuseum/templates/secret.yaml | 17 - charts/chartmuseum/templates/service.yaml | 31 -- .../chartmuseum/templates/serviceaccount.yaml | 9 - charts/chartmuseum/values.yaml | 196 -------- releases/museum.yaml | 25 - 14 files changed, 1075 deletions(-) delete mode 100755 charts/chartmuseum/.helmignore delete mode 100755 charts/chartmuseum/Chart.yaml delete mode 100755 charts/chartmuseum/OWNERS delete mode 100755 charts/chartmuseum/README.md delete mode 100755 charts/chartmuseum/templates/NOTES.txt delete mode 100755 charts/chartmuseum/templates/_helpers.tpl delete mode 100755 charts/chartmuseum/templates/deployment.yaml delete mode 100755 charts/chartmuseum/templates/ingress.yaml delete mode 100755 charts/chartmuseum/templates/pvc.yaml delete mode 100755 charts/chartmuseum/templates/secret.yaml delete mode 100755 charts/chartmuseum/templates/service.yaml delete mode 100755 charts/chartmuseum/templates/serviceaccount.yaml delete mode 100755 charts/chartmuseum/values.yaml delete mode 100644 releases/museum.yaml diff --git a/charts/chartmuseum/.helmignore b/charts/chartmuseum/.helmignore deleted file mode 100755 index 46fd899..0000000 --- a/charts/chartmuseum/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -# OWNERS file for Kubernetes -OWNERS diff --git a/charts/chartmuseum/Chart.yaml b/charts/chartmuseum/Chart.yaml deleted file mode 100755 index 8eb960f..0000000 --- a/charts/chartmuseum/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -description: Helm Chart Repository with support for Amazon S3 and Google Cloud Storage -name: chartmuseum -version: 1.6.2 -appVersion: 0.7.1 -home: https://github.com/chartmuseum/chartmuseum -icon: https://raw.githubusercontent.com/chartmuseum/chartmuseum/master/logo.png -keywords: -- chartmuseum -- helm -- charts repo -maintainers: -- name: codefresh-io - email: opensource@codefresh.io -- name: cloudposse - email: hello@cloudposse.com -- name: chartmuseum - email: chartmuseum@gmail.com diff --git a/charts/chartmuseum/OWNERS b/charts/chartmuseum/OWNERS deleted file mode 100755 index 75a31c6..0000000 --- a/charts/chartmuseum/OWNERS +++ /dev/null @@ -1,6 +0,0 @@ -approvers: -- jdolitsky -- goruha -reviewers: -- jdolitsky -- goruha diff --git a/charts/chartmuseum/README.md b/charts/chartmuseum/README.md deleted file mode 100755 index a47784f..0000000 --- a/charts/chartmuseum/README.md +++ /dev/null @@ -1,458 +0,0 @@ -# ChartMuseum Helm Chart - -Deploy your own private ChartMuseum. - -Please also see https://github.com/kubernetes-helm/chartmuseum - -## Table of Content - - - - - -- [Prerequisites](#prerequisites) -- [Configuration](#configuration) -- [Installation](#installation) - - [Using with Amazon S3](#using-with-amazon-s3) - - [permissions grant with access keys](#permissions-grant-with-access-keys) - - [permissions grant with IAM instance profile](#permissions-grant-with-iam-instance-profile) - - [permissions grant with IAM assumed role](#permissions-grant-with-iam-assumed-role) - - [Using with Google Cloud Storage](#using-with-google-cloud-storage) - - [Using with Microsoft Azure Blob Storage](#using-with-microsoft-azure-blob-storage) - - [Using with Alibaba Cloud OSS Storage](#using-with-alibaba-cloud-oss-storage) - - [Using with local filesystem storage](#using-with-local-filesystem-storage) - - [Example storage class](#example-storage-class) -- [Uninstall](#uninstall) - - - - -## Prerequisites - -* Kubernetes with extensions/v1beta1 available -* [If enabled] A persistent storage resource and RW access to it -* [If enabled] Kubernetes StorageClass for dynamic provisioning - -## Configuration - -By default this chart will not have persistent storage, and the API service -will be *DISABLED*. This protects against unauthorized access to the API -with default configuration values. - -For a more robust solution supply helm install with a custom values.yaml -You are also required to create the StorageClass resource ahead of time: -``` -kubectl create -f /path/to/storage_class.yaml -``` - -The following table lists common configurable parameters of the chart and -their default values. See values.yaml for all available options. - -| Parameter | Description | Default | -|----------------------------------------|---------------------------------------------|-----------------------------------------------------| -| `image.pullPolicy` | Container pull policy | `IfNotPresent` | -| `image.repository` | Container image to use | `chartmuseum/chartmuseum` | -| `image.tag` | Container image tag to deploy | `v0.7.1` | -| `persistence.accessMode` | Access mode to use for PVC | `ReadWriteOnce` | -| `persistence.enabled` | Whether to use a PVC for persistent storage | `false` | -| `persistence.size` | Amount of space to claim for PVC | `8Gi` | -| `persistence.storageClass` | Storage Class to use for PVC | `-` | -| `replicaCount` | k8s replicas | `1` | -| `resources.limits.cpu` | Container maximum CPU | `100m` | -| `resources.limits.memory` | Container maximum memory | `128Mi` | -| `resources.requests.cpu` | Container requested CPU | `80m` | -| `resources.requests.memory` | Container requested memory | `64Mi` | -| `serviceAccount.create` | If true, create the service account | `false` | -| `serviceAccount.name` | Name of the serviceAccount to create or use | `{{ chartmuseum.fullname }}` | -| `securityContext` | Map of securityContext for the pod | `{}` | -| `nodeSelector` | Map of node labels for pod assignment | `{}` | -| `tolerations` | List of node taints to tolerate | `[]` | -| `affinity` | Map of node/pod affinities | `{}` | -| `env.open.STORAGE` | Storage Backend to use | `local` | -| `env.open.ALIBABA_BUCKET` | Bucket to store charts in for Alibaba | `` | -| `env.open.ALIBABA_PREFIX` | Prefix to store charts under for Alibaba | `` | -| `env.open.ALIBABA_ENDPOINT` | Alternative Alibaba endpoint | `` | -| `env.open.ALIBABA_SSE` | Server side encryption algorithm to use | `` | -| `env.open.AMAZON_BUCKET` | Bucket to store charts in for AWS | `` | -| `env.open.AMAZON_ENDPOINT` | Alternative AWS endpoint | `` | -| `env.open.AMAZON_PREFIX` | Prefix to store charts under for AWS | `` | -| `env.open.AMAZON_REGION` | Region to use for bucket access for AWS | `` | -| `env.open.AMAZON_SSE` | Server side encryption algorithm to use | `` | -| `env.open.GOOGLE_BUCKET` | Bucket to store charts in for GCP | `` | -| `env.open.GOOGLE_PREFIX` | Prefix to store charts under for GCP | `` | -| `env.open.STORAGE_MICROSOFT_CONTAINER` | Container to store charts under for MS | `` | -| `env.open.STORAGE_MICROSOFT_PREFIX` | Prefix to store charts under for MS | `` | -| `env.open.STORAGE_OPENSTACK_CONTAINER` | Container to store charts for openstack | `` | -| `env.open.STORAGE_OPENSTACK_PREFIX` | Prefix to store charts for openstack | `` | -| `env.open.STORAGE_OPENSTACK_REGION` | Region of openstack container | `` | -| `env.open.STORAGE_OPENSTACK_CACERT` | Path to a CA cert bundle for openstack | `` | -| `env.open.CHART_POST_FORM_FIELD_NAME` | Form field to query for chart file content | `` | -| `env.open.PROV_POST_FORM_FIELD_NAME` | Form field to query for chart provenance | `` | -| `env.open.DEPTH` | levels of nested repos for multitenancy. | `0` | -| `env.open.DEBUG` | Show debug messages | `false` | -| `env.open.LOG_JSON` | Output structured logs in JSON | `true` | -| `env.open.DISABLE_STATEFILES` | Disable use of index-cache.yaml | `false` | -| `env.open.DISABLE_METRICS` | Disable Prometheus metrics | `true` | -| `env.open.DISABLE_API` | Disable all routes prefixed with /api | `true` | -| `env.open.ALLOW_OVERWRITE` | Allow chart versions to be re-uploaded | `false` | -| `env.open.CHART_URL` | Absolute url for .tgzs in index.yaml | `` | -| `env.open.AUTH_ANONYMOUS_GET` | Allow anon GET operations when auth is used | `false` | -| `env.open.CONTEXT_PATH` | Set the base context path | `` | -| `env.open.INDEX_LIMIT` | Parallel scan limit for the repo indexer | `` | -| `env.open.CACHE` | Cache store, can be one of: redis | `` | -| `env.open.CACHE_REDIS_ADDR` | Address of Redis service (host:port) | `` | -| `env.open.CACHE_REDIS_DB` | Redis database to be selected after connect | `0` | -| `env.secret.BASIC_AUTH_USER` | Username for basic HTTP authentication | `` | -| `env.secret.BASIC_AUTH_PASS` | Password for basic HTTP authentication | `` | -| `env.secret.CACHE_REDIS_PASSWORD` | Redis requirepass server configuration | `` | -| `gcp.secret.enabled` | Flag for the GCP service account | `false` | -| `gcp.secret.name` | Secret name for the GCP json file | `` | -| `gcp.secret.key` | Secret key for te GCP json file | `credentials.json` | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.clusterIP` | Static clusterIP or None for headless services| `nil` | - -Specify each parameter using the `--set key=value[,key=value]` argument to -`helm install`. - -## Installation - -```shell -helm install --name my-chartmuseum -f custom.yaml stable/chartmuseum -``` - -### Using with Amazon S3 -Make sure your environment is properly setup to access `my-s3-bucket` - -You need at least the following permissions inside your IAM Policy -```yaml -{ - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "AllowListObjects", - "Effect": "Allow", - "Action": [ - "s3:ListBucket" - ], - "Resource": "arn:aws:s3:::my-s3-bucket" - }, - { - "Sid": "AllowObjectsCRUD", - "Effect": "Allow", - "Action": [ - "s3:DeleteObject", - "s3:GetObject", - "s3:PutObject" - ], - "Resource": "arn:aws:s3:::my-s3-bucket/*" - } - ] -} -``` - -You can grant it to `chartmuseum` by several ways: - -#### permissions grant with access keys - -Grant permissions to `special user` and us it's access keys for auth on aws - -Specify `custom.yaml` with such values - -```yaml -env: - open: - STORAGE: amazon - STORAGE_AMAZON_BUCKET: my-s3-bucket - STORAGE_AMAZON_PREFIX: - STORAGE_AMAZON_REGION: us-east-1 - secret: - AWS_ACCESS_KEY_ID: "********" ## aws access key id value - AWS_SECRET_ACCESS_KEY: "********" ## aws access key secret value -``` - -Run command to install - -```shell -helm install --name my-chartmuseum -f custom.yaml stable/chartmuseum -``` - -#### permissions grant with IAM instance profile - -You can grant permissions to k8s node IAM instance profile. -For more information read this [article](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html) - -Specify `custom.yaml` with such values - -```yaml -env: - open: - STORAGE: amazon - STORAGE_AMAZON_BUCKET: my-s3-bucket - STORAGE_AMAZON_PREFIX: - STORAGE_AMAZON_REGION: us-east-1 -``` - -Run command to install - -```shell -helm install --name my-chartmuseum -f custom.yaml stable/chartmuseum -``` - -#### permissions grant with IAM assumed role - -To provide access with assumed role you need to install [kube2iam](https://github.com/kubernetes/charts/tree/master/stable/kube2iam) -and create role with granded permissions. - -Specify `custom.yaml` with such values - -```yaml -env: - open: - STORAGE: amazon - STORAGE_AMAZON_BUCKET: my-s3-bucket - STORAGE_AMAZON_PREFIX: - STORAGE_AMAZON_REGION: us-east-1 -replica: - annotations: - iam.amazonaws.com/role: "{assumed role name}" -``` - -Run command to install - -```shell -helm install --name my-chartmuseum -f custom.yaml stable/chartmuseum -``` - -### Using with Google Cloud Storage -Make sure your environment is properly setup to access `my-gcs-bucket` - -Specify `custom.yaml` with such values - -```yaml -env: - open: - STORAGE: google - STORAGE_GOOGLE_BUCKET: my-gcs-bucket - STORAGE_GOOGLE_PREFIX: -``` - -### Using with Google Cloud Storage and a Google Service Account - -A Google service account credentials are stored in a json file. There are two approaches here. Ideally you don't want to send your secrets to tiller. In that case, before installing this chart, you should create a secret with those credentials: - -```shell -kubectl create secret generic chartmuseum-secret --from-file=credentials.json="my-project-45e35d85a593.json" -``` - -Then you can either use a `VALUES` yaml with your values or set those values in the command line: - -```shell -helm install stable/chartmuseum --debug --set gcp.secret.enabled=true,env.open.STORAGE=google,env.open.DISABLE_API=false,env.open.STORAGE_GOOGLE_BUCKET=my-gcp-chartmuseum,gcp.secret.name=chartmuseum-secret -``` - -If you prefer to use a yaml file: - -```yaml -env: - open: - STORAGE: google - STORAGE_GOOGLE_BUCKET: my-gcs-bucket - STORAGE_GOOGLE_PREFIX: - -gcp: - secret: - enabled: true - name: chartmuseum-secret - key: credentials.json -``` - -Run command to install - -```shell -helm install --name my-chartmuseum -f custom.yaml stable/chartmuseum -``` - -In case that you don't mind adding your secret to tiller (you shouldn't do it), this are the commands - -```yaml -env: - open: - STORAGE: google - STORAGE_GOOGLE_BUCKET: my-gcs-bucket - STORAGE_GOOGLE_PREFIX: - secret: - GOOGLE_CREDENTIALS_JSON: my-json-file-base64-encoded -gcp: - secret: - enabled: true - -``` - -Run command to install - -```shell -helm install --name my-chartmuseum -f custom.yaml stable/chartmuseum -``` - -To set the values directly in the command line, use the follosing command. Note that we have to base64 encode the json file because we cannot pass a multi-line text as a value. - -```shell -export JSONKEY=$(cat my-project-77e35d85a593.json | base64) -helm install stable/chartmuseum --debug --set gcp.secret.enabled=true,env.secret.GOOGLE_CREDENTIALS_JSON=${JSONKEY},env.open.STORAGE=google,env.open.DISABLE_API=false,env.open.STORAGE_GOOGLE_BUCKET=my-gcp-chartmuseum -``` - -### Using with Microsoft Azure Blob Storage - -Make sure your environment is properly setup to access `mycontainer`. - -To do so, you must set the following env vars: -- `AZURE_STORAGE_ACCOUNT` -- `AZURE_STORAGE_ACCESS_KEY` - -Specify `custom.yaml` with such values - -```yaml -env: - open: - STORAGE: microsoft - STORAGE_MICROSOFT_CONTAINER: mycontainer - # prefix to store charts for microsoft storage backend - STORAGE_MICROSOFT_PREFIX: - secret: - AZURE_STORAGE_ACCOUNT: "********" ## azure storage account - AZURE_STORAGE_ACCESS_KEY: "********" ## azure storage account access key -``` - -Run command to install - -```shell -helm install --name my-chartmuseum -f custom.yaml stable/chartmuseum -``` - -### Using with Alibaba Cloud OSS Storage - -Make sure your environment is properly setup to access `my-oss-bucket`. - -To do so, you must set the following env vars: -- `ALIBABA_CLOUD_ACCESS_KEY_ID` -- `ALIBABA_CLOUD_ACCESS_KEY_SECRET` - -Specify `custom.yaml` with such values - -```yaml -env: - open: - STORAGE: alibaba - STORAGE_ALIBABA_BUCKET: my-oss-bucket - STORAGE_ALIBABA_PREFIX: - STORAGE_ALIBABA_ENDPOINT: oss-cn-beijing.aliyuncs.com - secret: - ALIBABA_CLOUD_ACCESS_KEY_ID: "********" ## alibaba OSS access key id - ALIBABA_CLOUD_ACCESS_KEY_SECRET: "********" ## alibaba OSS access key secret -``` - -Run command to install - -```shell -helm install --name my-chartmuseum -f custom.yaml stable/chartmuseum -``` - -### Using with Openstack Object Storage - -Make sure your environment is properly setup to access `mycontainer`. - -To do so, you must set the following env vars (depending on your openstack version): -- `OS_AUTH_URL` -- either `OS_PROJECT_NAME` or `OS_TENANT_NAME` or `OS_PROJECT_ID` or `OS_TENANT_ID` -- either `OS_DOMAIN_NAME` or `OS_DOMAIN_ID` -- either `OS_USERNAME` or `OS_USERID` -- `OS_PASSWORD` - -Specify `custom.yaml` with such values - -```yaml -env: - open: - STORAGE: openstack - STORAGE_OPENSTACK_CONTAINER: mycontainer - STORAGE_OPENSTACK_PREFIX: - STORAGE_OPENSTACK_REGION: YOURREGION - secret: - OS_AUTH_URL: https://myauth.url.com/v2.0/ - OS_TENANT_ID: yourtenantid - OS_USERNAME: yourusername - OS_PASSWORD: yourpassword -``` - -Run command to install - -```shell -helm install --name my-chartmuseum -f custom.yaml stable/chartmuseum -``` - -### Using with local filesystem storage -By default chartmuseum uses local filesystem storage. -But on pod recreation it will lose all charts, to prevent that enable persistent storage. - -```yaml -env: - open: - STORAGE: local -persistence: - enabled: true - accessMode: ReadWriteOnce - size: 8Gi - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - - ## Chartmuseum data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" -``` - -Run command to install - -```shell -helm install --name my-chartmuseum -f custom.yaml stable/chartmuseum -``` - -#### Example storage class - -Example storage-class.yaml provided here for use with a Ceph cluster. - -``` -kind: StorageClass -apiVersion: storage.k8s.io/v1 -metadata: - name: storage-volume -provisioner: kubernetes.io/rbd -parameters: - monitors: "10.11.12.13:4567,10.11.12.14:4567" - adminId: admin - adminSecretName: thesecret - adminSecretNamespace: default - pool: chartstore - userId: user - userSecretName: thesecret -``` - -## Uninstall - -By default, a deliberate uninstall will result in the persistent volume -claim being deleted. - -```shell -helm delete my-chartmuseum -``` - -To delete the deployment and its history: -```shell -helm delete --purge my-chartmuseum -``` diff --git a/charts/chartmuseum/templates/NOTES.txt b/charts/chartmuseum/templates/NOTES.txt deleted file mode 100755 index 5efa6be..0000000 --- a/charts/chartmuseum/templates/NOTES.txt +++ /dev/null @@ -1,30 +0,0 @@ -** Please be patient while the chart is being deployed ** - -Get the ChartMuseum URL by running: - -{{- if contains "NodePort" .Values.service.type }} - - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "chartmuseum.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT{{ .Values.env.open.CONTEXT_PATH }}/ - -{{- else if contains "LoadBalancer" .Values.service.type }} - -** Please ensure an external IP is associated to the {{ template "chartmuseum.fullname" . }} service before proceeding ** -** Watch the status using: kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "chartmuseum.fullname" . }} ** - - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "chartmuseum.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }}{{ .Values.env.open.CONTEXT_PATH }}/ - -OR - - export SERVICE_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "chartmuseum.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') - echo http://$SERVICE_HOST:{{ .Values.service.externalPort }}{{ .Values.env.open.CONTEXT_PATH }}/ - -{{- else if contains "ClusterIP" .Values.service.type }} - - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "chartmuseum.name" . }}" -l "release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo http://127.0.0.1:8080{{ .Values.env.open.CONTEXT_PATH }}/ - kubectl port-forward $POD_NAME 8080:8080 --namespace {{ .Release.Namespace }} - -{{- end }} diff --git a/charts/chartmuseum/templates/_helpers.tpl b/charts/chartmuseum/templates/_helpers.tpl deleted file mode 100755 index bd998c8..0000000 --- a/charts/chartmuseum/templates/_helpers.tpl +++ /dev/null @@ -1,84 +0,0 @@ -{{- /* -name defines a template for the name of the chartmuseum chart. - -The prevailing wisdom is that names should only contain a-z, 0-9 plus dot (.) and dash (-), and should -not exceed 63 characters. - -Parameters: - -- .Values.nameOverride: Replaces the computed name with this given name -- .Values.namePrefix: Prefix -- .Values.global.namePrefix: Global prefix -- .Values.nameSuffix: Suffix -- .Values.global.nameSuffix: Global suffix - -The applied order is: "global prefix + prefix + name + suffix + global suffix" - -Usage: 'name: "{{- template "chartmuseum.name" . -}}"' -*/ -}} -{{- define "chartmuseum.name"}} -{{- $global := default (dict) .Values.global -}} -{{- $base := default .Chart.Name .Values.nameOverride -}} -{{- $gpre := default "" $global.namePrefix -}} -{{- $pre := default "" .Values.namePrefix -}} -{{- $suf := default "" .Values.nameSuffix -}} -{{- $gsuf := default "" $global.nameSuffix -}} -{{- $name := print $gpre $pre $base $suf $gsuf -}} -{{- $name | lower | trunc 54 | trimSuffix "-" -}} -{{- end -}} - -{{- /* -fullname defines a suitably unique name for a resource by combining -the release name and the chartmuseum chart name. - -The prevailing wisdom is that names should only contain a-z, 0-9 plus dot (.) and dash (-), and should -not exceed 63 characters. - -Parameters: - -- .Values.fullnameOverride: Replaces the computed name with this given name -- .Values.fullnamePrefix: Prefix -- .Values.global.fullnamePrefix: Global prefix -- .Values.fullnameSuffix: Suffix -- .Values.global.fullnameSuffix: Global suffix - -The applied order is: "global prefix + prefix + name + suffix + global suffix" - -Usage: 'name: "{{- template "chartmuseum.fullname" . -}}"' -*/ -}} -{{- define "chartmuseum.fullname"}} -{{- $global := default (dict) .Values.global -}} -{{- $base := default (printf "%s-%s" .Release.Name .Chart.Name) .Values.fullnameOverride -}} -{{- $gpre := default "" $global.fullnamePrefix -}} -{{- $pre := default "" .Values.fullnamePrefix -}} -{{- $suf := default "" .Values.fullnameSuffix -}} -{{- $gsuf := default "" $global.fullnameSuffix -}} -{{- $name := print $gpre $pre $base $suf $gsuf -}} -{{- $name | lower | trunc 54 | trimSuffix "-" -}} -{{- end -}} - - -{{- /* -chartmuseum.labels.standard prints the standard chartmuseum Helm labels. - -The standard labels are frequently used in metadata. -*/ -}} -{{- define "chartmuseum.labels.standard" -}} -app: {{ template "chartmuseum.name" . }} -chart: {{ template "chartmuseum.chartref" . }} -heritage: {{ .Release.Service | quote }} -release: {{ .Release.Name | quote }} -{{- end -}} - -{{- /* -chartmuseum.chartref prints a chart name and version. - -It does minimal escaping for use in Kubernetes labels. - -Example output: - -chartmuseum-0.4.5 -*/ -}} -{{- define "chartmuseum.chartref" -}} -{{- replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name -}} -{{- end -}} diff --git a/charts/chartmuseum/templates/deployment.yaml b/charts/chartmuseum/templates/deployment.yaml deleted file mode 100755 index 0750b00..0000000 --- a/charts/chartmuseum/templates/deployment.yaml +++ /dev/null @@ -1,123 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "chartmuseum.fullname" . }} - annotations: -{{ toYaml .Values.deployment.annotations | indent 4 }} - labels: -{{ include "chartmuseum.labels.standard" . | indent 4 }} -spec: - replicas: {{ .Values.replicaCount }} - strategy: -{{ toYaml .Values.strategy | indent 4 }} - revisionHistoryLimit: 10 - template: - metadata: - name: {{ include "chartmuseum.fullname" . }} - annotations: -{{ toYaml .Values.replica.annotations | indent 8 }} - labels: - app: {{ template "chartmuseum.name" . }} - release: {{ .Release.Name | quote }} - spec: - containers: - - name: {{ .Chart.Name }} - image: {{ .Values.image.repository }}:{{ .Values.image.tag }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - env: -{{- range $name, $value := .Values.env.open }} -{{- if not (empty $value) }} - - name: {{ $name | quote }} - value: {{ $value | quote }} -{{- end }} -{{- end }} -{{- if .Values.gcp.secret.enabled }} - - name: GOOGLE_APPLICATION_CREDENTIALS - value: "/etc/secrets/google/credentials.json" -{{- end }} -{{- $secret_name := include "chartmuseum.fullname" . }} -{{- range $name, $value := .Values.env.secret }} -{{- if not ( empty $value) }} - - name: {{ $name | quote }} - valueFrom: - secretKeyRef: - name: {{ $secret_name }} - key: {{ $name | quote }} -{{- end }} -{{- end }} - args: - - --port=8080 -{{- if eq .Values.env.open.STORAGE "local" }} - - --storage-local-rootdir=/storage -{{- end }} - ports: - - name: http - containerPort: 8080 - livenessProbe: - httpGet: - path: {{ .Values.env.open.CONTEXT_PATH }}/health - port: http -{{ toYaml .Values.probes.liveness | indent 10 }} - readinessProbe: - httpGet: - path: {{ .Values.env.open.CONTEXT_PATH }}/health - port: http -{{ toYaml .Values.probes.readiness | indent 10 }} -{{- if eq .Values.env.open.STORAGE "local" }} - volumeMounts: - - mountPath: /storage - name: storage-volume -{{- end }} -{{- if .Values.gcp.secret.enabled }} - volumeMounts: - - mountPath: /etc/secrets/google - name: {{ include "chartmuseum.fullname" . }}-gcp -{{- end }} - {{- with .Values.resources }} - resources: -{{ toYaml . | indent 10 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: -{{ toYaml . | indent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: -{{ toYaml . | indent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: -{{ toYaml . | indent 8 }} - {{- end }} - {{- if .Values.serviceAccount.create }} - serviceAccountName: {{ include "chartmuseum.fullname" . }} - {{- else if .Values.serviceAccount.name }} - serviceAccountName: {{ .Values.serviceAccount.name }} - {{- end }} - {{- with .Values.securityContext }} - securityContext: -{{ toYaml . | indent 8 }} - {{- end }} - volumes: - - name: storage-volume - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Values.persistence.existingClaim | default (include "chartmuseum.fullname" .) }} - {{- else }} - emptyDir: {} - {{- end -}} - {{ if .Values.gcp.secret.enabled }} - - name: {{ include "chartmuseum.fullname" . }}-gcp - secret: - {{ if .Values.env.secret.GOOGLE_CREDENTIALS_JSON }} - secretName: {{ include "chartmuseum.fullname" . }} - items: - - key: GOOGLE_CREDENTIALS_JSON - path: credentials.json - {{ else }} - secretName: {{ .Values.gcp.secret.name }} - items: - - key: {{ .Values.gcp.secret.key }} - path: credentials.json - {{ end }} - {{ end }} diff --git a/charts/chartmuseum/templates/ingress.yaml b/charts/chartmuseum/templates/ingress.yaml deleted file mode 100755 index 0ae70e2..0000000 --- a/charts/chartmuseum/templates/ingress.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- $servicePort := .Values.service.externalPort -}} -{{- $serviceName := include "chartmuseum.fullname" . -}} -{{- if .Values.ingress.enabled }} ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ include "chartmuseum.fullname" . }} - annotations: -{{ toYaml .Values.ingress.annotations | indent 4 }} - labels: -{{- if .Values.ingress.labels }} -{{ toYaml .Values.ingress.labels | indent 4 }} -{{- end }} -{{ include "chartmuseum.labels.standard" . | indent 4 }} -spec: - rules: - {{- range $host, $paths := .Values.ingress.hosts }} - - host: {{ $host }} - http: - paths: - {{- range $paths }} - - path: {{ . }} - backend: - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end -}} - {{- end -}} - {{- if .Values.ingress.tls }} - tls: -{{ toYaml .Values.ingress.tls | indent 4 }} - {{- end -}} -{{- end -}} diff --git a/charts/chartmuseum/templates/pvc.yaml b/charts/chartmuseum/templates/pvc.yaml deleted file mode 100755 index b13de91..0000000 --- a/charts/chartmuseum/templates/pvc.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "chartmuseum.fullname" . }} - labels: - app: {{ include "chartmuseum.fullname" . }} - release: {{ .Release.Name | quote }} -spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/chartmuseum/templates/secret.yaml b/charts/chartmuseum/templates/secret.yaml deleted file mode 100755 index c46fd88..0000000 --- a/charts/chartmuseum/templates/secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "chartmuseum.fullname" . }} - labels: -{{ include "chartmuseum.labels.standard" . | indent 4 }} -type: Opaque -data: -{{- range $name, $value := .Values.env.secret }} -{{- if not (empty $value) }} -{{- if eq $name "GOOGLE_CREDENTIALS_JSON" }} - {{ $name }}: {{ $value }} - {{- else }} - {{ $name }}: {{ $value | b64enc }} -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/chartmuseum/templates/service.yaml b/charts/chartmuseum/templates/service.yaml deleted file mode 100755 index 6d1f02d..0000000 --- a/charts/chartmuseum/templates/service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "chartmuseum.fullname" . }} - annotations: -{{ toYaml .Values.service.annotations | indent 4 }} - labels: -{{ include "chartmuseum.labels.standard" . | indent 4 }} -{{- if .Values.service.annotations }} - annotations: -{{ toYaml .Values.service.annotations | indent 4 }} -{{- end }} -spec: - type: {{ .Values.service.type }} - {{- if eq .Values.service.type "ClusterIP" }} - {{- if .Values.service.clusterIP }} - clusterIP: {{ .Values.service.clusterIP }} - {{- end }} - {{- end }} - ports: - - port: {{ .Values.service.externalPort }} -{{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} - nodePort: {{.Values.service.nodePort}} -{{- else }} - targetPort: http -{{- end }} - protocol: TCP - name: http - selector: - app: {{ template "chartmuseum.name" . }} - release: {{ .Release.Name | quote }} diff --git a/charts/chartmuseum/templates/serviceaccount.yaml b/charts/chartmuseum/templates/serviceaccount.yaml deleted file mode 100755 index a4c4f44..0000000 --- a/charts/chartmuseum/templates/serviceaccount.yaml +++ /dev/null @@ -1,9 +0,0 @@ -{{- if .Values.serviceAccount.create -}} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "chartmuseum.fullname" . }} - labels: -{{ include "chartmuseum.labels.standard" . | indent 4 }} -{{- end -}} diff --git a/charts/chartmuseum/values.yaml b/charts/chartmuseum/values.yaml deleted file mode 100755 index 7e3b0c9..0000000 --- a/charts/chartmuseum/values.yaml +++ /dev/null @@ -1,196 +0,0 @@ -replicaCount: 1 -strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 -image: - repository: chartmuseum/chartmuseum - tag: v0.7.1 - pullPolicy: IfNotPresent -env: - open: - # storage backend, can be one of: local, alibaba, amazon, google, microsoft - STORAGE: local - # oss bucket to store charts for alibaba storage backend - STORAGE_ALIBABA_BUCKET: - # prefix to store charts for alibaba storage backend - STORAGE_ALIBABA_PREFIX: - # oss endpoint to store charts for alibaba storage backend - STORAGE_ALIBABA_ENDPOINT: - # server side encryption algorithm for alibaba storage backend, can be one - # of: AES256 or KMS - STORAGE_ALIBABA_SSE: - # s3 bucket to store charts for amazon storage backend - STORAGE_AMAZON_BUCKET: - # prefix to store charts for amazon storage backend - STORAGE_AMAZON_PREFIX: - # region of s3 bucket to store charts - STORAGE_AMAZON_REGION: - # alternative s3 endpoint - STORAGE_AMAZON_ENDPOINT: - # server side encryption algorithm - STORAGE_AMAZON_SSE: - # gcs bucket to store charts for google storage backend - STORAGE_GOOGLE_BUCKET: - # prefix to store charts for google storage backend - STORAGE_GOOGLE_PREFIX: - # container to store charts for microsoft storage backend - STORAGE_MICROSOFT_CONTAINER: - # prefix to store charts for microsoft storage backend - STORAGE_MICROSOFT_PREFIX: - # container to store charts for openstack storage backend - STORAGE_OPENSTACK_CONTAINER: - # prefix to store charts for openstack storage backend - STORAGE_OPENSTACK_PREFIX: - # region of openstack container - STORAGE_OPENSTACK_REGION: - # path to a CA cert bundle for your openstack endpoint - STORAGE_OPENSTACK_CACERT: - # form field which will be queried for the chart file content - CHART_POST_FORM_FIELD_NAME: chart - # form field which will be queried for the provenance file content - PROV_POST_FORM_FIELD_NAME: prov - # levels of nested repos for multitenancy. The default depth is 0 (singletenant server) - DEPTH: 0 - # show debug messages - DEBUG: false - # output structured logs as json - LOG_JSON: true - # disable use of index-cache.yaml - DISABLE_STATEFILES: false - # disable Prometheus metrics - DISABLE_METRICS: true - # disable all routes prefixed with /api - DISABLE_API: true - # allow chart versions to be re-uploaded - ALLOW_OVERWRITE: false - # absolute url for .tgzs in index.yaml - CHART_URL: - # allow anonymous GET operations when auth is used - AUTH_ANONYMOUS_GET: false - # sets the base context path - CONTEXT_PATH: - # parallel scan limit for the repo indexer - INDEX_LIMIT: 0 - # cache store, can be one of: redis (leave blank for inmemory cache) - CACHE: - # address of Redis service (host:port) - CACHE_REDIS_ADDR: - # Redis database to be selected after connect - CACHE_REDIS_DB: 0 - secret: - # username for basic http authentication - BASIC_AUTH_USER: - # password for basic http authentication - BASIC_AUTH_PASS: - # GCP service account json file - GOOGLE_CREDENTIALS_JSON: - # Redis requirepass server configuration - CACHE_REDIS_PASSWORD: -deployment: - ## Chartmuseum Deployment annotations - annotations: {} - # name: value -replica: - ## Chartmuseum Replicas annotations - annotations: {} - ## Read more about kube2iam to provide access to s3 https://github.com/jtblin/kube2iam - # iam.amazonaws.com/role: role-arn -service: - type: ClusterIP - # clusterIP: None - externalPort: 8080 - nodePort: - annotations: {} - -resources: {} -# limits: -# cpu: 100m -# memory: 128Mi -# requests: -# cpu: 80m -# memory: 64Mi - -probes: - liveness: - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - readiness: - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - -serviceAccount: - create: false - # name: - -securityContext: {} - -nodeSelector: {} - -tolerations: [] - -affinity: {} - -persistence: - enabled: false - accessMode: ReadWriteOnce - size: 8Gi - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - - ## Chartmuseum data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - -## Ingress for load balancer -ingress: - enabled: false -## Chartmuseum Ingress labels -## -# labels: -# dns: "route53" - -## Chartmuseum Ingress annotations -## -# annotations: -# kubernetes.io/ingress.class: nginx -# kubernetes.io/tls-acme: "true" - -## Chartmuseum Ingress hostnames -## Must be provided if Ingress is enabled -## -# hosts: -# chartmuseum.domain.com: -# - /charts -# - /index.yaml - -## Chartmuseum Ingress TLS configuration -## Secrets must be manually created in the namespace -## -# tls: -# - secretName: chartmuseum-server-tls -# hosts: -# - chartmuseum.domain.com - -# Adding secrets to tiller is not a great option, so If you want to use an existing -# secret that contains the json file, you can use the following entries -gcp: - secret: - enabled: false - # Name of the secret that contains the encoded json - name: - # Secret key that holds the json value. - key: credentials.json diff --git a/releases/museum.yaml b/releases/museum.yaml deleted file mode 100644 index 8802b0f..0000000 --- a/releases/museum.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -apiVersion: flux.weave.works/v1beta1 -kind: HelmRelease -metadata: - name: museum - namespace: demo - annotations: - flux.weave.works/automated: "true" - flux.weave.works/tag.chart-image: semver:~0.7 -spec: - releaseName: museum - chart: - git: ssh://git@github.com/weaveworks/flux-get-started - ref: master - path: charts/chartmuseum - values: - image: - repository: chartmuseum/chartmuseum - tag: v0.7.1 - env: - open: - STORAGE: local - CACHE: redis - CACHE_REDIS_ADDR: "redis-master:6379" - CACHE_REDIS_DB: 0