From fc12c66bb949b43357f7be5624529f88c402ecfa Mon Sep 17 00:00:00 2001 From: Eguo Wang Date: Sat, 28 Jan 2023 20:58:39 +0800 Subject: [PATCH] Use external docker image registry, removed self deps and templates --- charts/amphitheatre/Chart.yaml | 26 ++-- .../lets-encrypt-cluster-issuer.yaml | 24 ---- .../amphitheatre/templates/harbor/secret.yaml | 12 -- .../templates/kpack/cluster-builder.yaml | 23 ---- .../templates/kpack/cluster-stack.yaml | 13 -- .../templates/kpack/cluster-store.yaml | 11 -- .../templates/kpack/service-account.yaml | 11 -- charts/amphitheatre/values.yaml | 124 +++++++++++------- 8 files changed, 93 insertions(+), 151 deletions(-) delete mode 100644 charts/amphitheatre/templates/cart-manager/lets-encrypt-cluster-issuer.yaml delete mode 100644 charts/amphitheatre/templates/harbor/secret.yaml delete mode 100644 charts/amphitheatre/templates/kpack/cluster-builder.yaml delete mode 100644 charts/amphitheatre/templates/kpack/cluster-stack.yaml delete mode 100644 charts/amphitheatre/templates/kpack/cluster-store.yaml delete mode 100644 charts/amphitheatre/templates/kpack/service-account.yaml diff --git a/charts/amphitheatre/Chart.yaml b/charts/amphitheatre/Chart.yaml index ce4c1f7..42759a3 100644 --- a/charts/amphitheatre/Chart.yaml +++ b/charts/amphitheatre/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.7 +version: 0.4.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -24,22 +24,22 @@ version: 0.3.7 appVersion: "0.1.0" dependencies: - - name: cert-manager - repository: https://charts.jetstack.io - version: 1.11.0 - condition: cert-manager.enabled + # - name: cert-manager + # repository: https://charts.jetstack.io + # version: 1.11.0 + # condition: cert-manager.enabled - name: amphitheatre-crds version: 0.1.0 condition: crds.enabled - - name: harbor - repository: https://charts.bitnami.com/bitnami - version: 16.1.0 - condition: harbor.enabled + # - name: harbor + # repository: https://charts.bitnami.com/bitnami + # version: 16.1.0 + # condition: harbor.enabled - name: kpack repository: https://charts.amphitheatre.app version: 0.1.0 condition: kpack.enabled - - name: ingress-nginx - repository: https://kubernetes.github.io/ingress-nginx - version: 4.4.2 - condition: ingress-nginx.enabled + # - name: ingress-nginx + # repository: https://kubernetes.github.io/ingress-nginx + # version: 4.4.2 + # condition: ingress-nginx.enabled diff --git a/charts/amphitheatre/templates/cart-manager/lets-encrypt-cluster-issuer.yaml b/charts/amphitheatre/templates/cart-manager/lets-encrypt-cluster-issuer.yaml deleted file mode 100644 index 5109c54..0000000 --- a/charts/amphitheatre/templates/cart-manager/lets-encrypt-cluster-issuer.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- if index .Values "cert-manager" "enabled" }} -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: lets-encrypt-cluster-issuer - annotations: - "helm.sh/hook": post-install - "helm.sh/hook-weight": "1" -spec: - acme: - # The ACME server URL - #server: https://acme-v02.api.letsencrypt.org/directory - server: https://acme-staging-v02.api.letsencrypt.org/directory - # Email address used for ACME registration - email: issuer@amphitheatre.app - # Name of a secret used to store the ACME account private key - privateKeySecretRef: - name: lets-encrypt-cluster-issuer - # Enable the HTTP-01 challenge provider - solvers: - - http01: - ingress: - class: nginx -{{- end }} diff --git a/charts/amphitheatre/templates/harbor/secret.yaml b/charts/amphitheatre/templates/harbor/secret.yaml deleted file mode 100644 index e0ebede..0000000 --- a/charts/amphitheatre/templates/harbor/secret.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.harbor.enabled }} -apiVersion: v1 -kind: Secret -metadata: - name: registry-credentials - annotations: - kpack.io/docker: {{ .Values.harbor.externalURL }} -type: kubernetes.io/basic-auth -stringData: - username: admin - password: {{ .Values.harbor.adminPassword }} -{{- end }} diff --git a/charts/amphitheatre/templates/kpack/cluster-builder.yaml b/charts/amphitheatre/templates/kpack/cluster-builder.yaml deleted file mode 100644 index 321fd6b..0000000 --- a/charts/amphitheatre/templates/kpack/cluster-builder.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: kpack.io/v1alpha2 -kind: ClusterBuilder -metadata: - name: amp-default-cluster-builder - annotations: - "helm.sh/hook": post-install - "helm.sh/hook-weight": "-4" -spec: - tag: {{ .Values.registry }}/library/amp-default-cluster-builder - stack: - name: amp-default-cluster-stack - kind: ClusterStack - store: - name: amp-default-cluster-store - kind: ClusterStore - serviceAccountRef: - name: amp-default-builder-service-account - namespace: {{ .Release.Namespace }} - order: - - group: - - id: paketo-buildpacks/java - - group: - - id: paketo-buildpacks/nodejs diff --git a/charts/amphitheatre/templates/kpack/cluster-stack.yaml b/charts/amphitheatre/templates/kpack/cluster-stack.yaml deleted file mode 100644 index 56ac075..0000000 --- a/charts/amphitheatre/templates/kpack/cluster-stack.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: kpack.io/v1alpha2 -kind: ClusterStack -metadata: - name: amp-default-cluster-stack - annotations: - "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" -spec: - id: "io.buildpacks.stacks.bionic" - buildImage: - image: "paketobuildpacks/build:base-cnb" - runImage: - image: "paketobuildpacks/run:base-cnb" diff --git a/charts/amphitheatre/templates/kpack/cluster-store.yaml b/charts/amphitheatre/templates/kpack/cluster-store.yaml deleted file mode 100644 index cfb465a..0000000 --- a/charts/amphitheatre/templates/kpack/cluster-store.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: kpack.io/v1alpha2 -kind: ClusterStore -metadata: - name: amp-default-cluster-store - annotations: - "helm.sh/hook": post-install - "helm.sh/hook-weight": "-5" -spec: - sources: - - image: gcr.io/paketo-buildpacks/java - - image: gcr.io/paketo-buildpacks/nodejs diff --git a/charts/amphitheatre/templates/kpack/service-account.yaml b/charts/amphitheatre/templates/kpack/service-account.yaml deleted file mode 100644 index e5a5c01..0000000 --- a/charts/amphitheatre/templates/kpack/service-account.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: amp-default-builder-service-account - annotations: - "helm.sh/hook": post-install - "helm.sh/hook-weight": "-6" -secrets: - - name: registry-credentials -imagePullSecrets: - - name: registry-credentials diff --git a/charts/amphitheatre/values.yaml b/charts/amphitheatre/values.yaml index f3d1a94..94605aa 100644 --- a/charts/amphitheatre/values.yaml +++ b/charts/amphitheatre/values.yaml @@ -2,55 +2,91 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -registry: registry.amphitheatre.app +## Global parameters +# registry: registry.amphitheatre.app +## Amphitheatre CRDs Parameters crds: + # Switch to enable or disable the amphitheatre-crds helm chart enabled: true -cert-manager: - enabled: true - installCRDs: true - podDnsPolicy: "Default" - # podDnsConfig: - # nameservers: - # - "1.1.1.1" - # - "8.8.8.8" - -harbor: - enabled: true - fullnameOverride: harbor - adminPassword: "Harbor12345" - - # externalURL: harbor.amp-system.svc.cluster.local - # exposureType: proxy - # service: - # type: ClusterIP - # nginx: - # tls: - # enabled: false - - externalURL: registry.amphitheatre.app - exposureType: ingress - ingress: - core: - hostname: registry.amphitheatre.app - annotations: - ingress.kubernetes.io/ssl-redirect: 'true' - ingress.kubernetes.io/proxy-body-size: '0' - nginx.ingress.kubernetes.io/ssl-redirect: 'true' - nginx.ingress.kubernetes.io/proxy-body-size: '0' - kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: lets-encrypt-cluster-issuer - cert-manager.io/issue-temporary-certificate: "true" - acme.cert-manager.io/http01-edit-in-place: "true" - tls: true +# ## Cert Manager Parameters +# cert-manager: +# # Switch to enable or disable the cert-manager helm chart +# enabled: false +# installCRDs: true +# # podDnsPolicy: "Default" +# # podDnsConfig: +# # nameservers: +# # - "1.1.1.1" +# # - "8.8.8.8" + +# ## Harbor Parameters +# harbor: +# # # Switch to enable or disable the harbor helm chart +# # enabled: true +# # # String to fully override common.names.fullname template with a string +# # fullnameOverride: harbor +# # # The initial password of Harbor admin. +# # adminPassword: "Harbor12345" +# # # # The external URL for Harbor Core service +# # externalURL: https://registry.amphitheatre.app +# # # The way to expose Harbor. Allowed values are [ ingress | proxy ] +# # # Use "proxy" to use a deploy NGINX proxy in front of Harbor services +# # exposureType: proxy +# # # Service parameters +# # service: +# # # NGINX proxy service type +# # type: ClusterIP +# # # Additional custom annotations for NGINX proxy service +# # annotations: +# # # cert-manager.io/cluster-issuer: lets-encrypt-cluster-issuer +# # # cert-manager.io/issue-temporary-certificate: "true" +# # # acme.cert-manager.io/http01-edit-in-place: "true" +# # # NGINX Parameters +# # nginx: +# # # TLS parameters +# # tls: +# # # Enable TLS termination +# # enabled: true +# # # existingSecret: harbor-nginx-proxy-certificate +# # # The common name used to generate the self-signed TLS certificates +# # commonName: registry.amphitheatre.app + +# # # # The external URL for Harbor Core service +# # externalURL: https://registry.amphitheatre.app +# # # The way to expose Harbor. Allowed values are [ ingress | proxy ] +# # # Use "ingress" to use an Ingress Controller as proxy +# # exposureType: ingress +# # # Ingress parameters +# # ingress: +# # # Configure the ingress resource that allows you to access Harbor Core +# # core: +# # # Default host for the ingress record +# # hostname: registry.amphitheatre.app +# # # Additional annotations for the Ingress resource +# # annotations: +# # kubernetes.io/ingress.class: nginx +# # ingress.kubernetes.io/ssl-redirect: 'true' +# # ingress.kubernetes.io/proxy-body-size: '0' +# # nginx.ingress.kubernetes.io/ssl-redirect: 'true' +# # nginx.ingress.kubernetes.io/proxy-body-size: '0' +# # cert-manager.io/cluster-issuer: lets-encrypt-cluster-issuer +# # # cert-manager.io/issue-temporary-certificate: "true" +# # # acme.cert-manager.io/http01-edit-in-place: "true" +# # tls: true + +## Kpack Parameters kpack: + # Switch to enable or disable the kpack helm chart enabled: true -ingress-nginx: - enabled: true - controller: - kind: DaemonSet - service: - enableHttps: true +# ## Ingress Nginx Parameters +# ingress-nginx: +# # Switch to enable or disable the ingress-nginx helm chart +# enabled: false +# controller: +# kind: DaemonSet +# service: +# enableHttps: true