From aaadfbba7e6ab8d9d3e03c935cc090f9337617e6 Mon Sep 17 00:00:00 2001 From: warjiang <1096409085@qq.com> Date: Tue, 7 Nov 2023 13:42:45 +0800 Subject: [PATCH 1/2] update helm charts for helm-dashboard 1. fix `imagePullSecrets` bug in deployment.yaml 2. add `global` config 3. optimize image field with global registry config --- charts/helm-dashboard/templates/_commons.tpl | 51 +++++++++++++++++++ charts/helm-dashboard/templates/_helpers.tpl | 28 ++++++++++ .../helm-dashboard/templates/deployment.yaml | 7 +-- .../templates/tests/test-connection.yaml | 3 +- charts/helm-dashboard/values.yaml | 23 ++++++++- 5 files changed, 105 insertions(+), 7 deletions(-) create mode 100644 charts/helm-dashboard/templates/_commons.tpl diff --git a/charts/helm-dashboard/templates/_commons.tpl b/charts/helm-dashboard/templates/_commons.tpl new file mode 100644 index 00000000..bc7824d0 --- /dev/null +++ b/charts/helm-dashboard/templates/_commons.tpl @@ -0,0 +1,51 @@ +{{/* +Return the proper image name +{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }} +*/}} +{{- define "common.images.image" -}} +{{- $registryName := .imageRoot.registry -}} +{{- $repositoryName := .imageRoot.repository -}} +{{- $separator := ":" -}} +{{- $termination := .imageRoot.tag | toString -}} +{{- if .global }} + {{- if .global.imageRegistry }} + {{- $registryName = .global.imageRegistry -}} + {{- end -}} +{{- end -}} +{{- if .imageRoot.digest }} + {{- $separator = "@" -}} + {{- $termination = .imageRoot.digest | toString -}} +{{- end -}} +{{- if $registryName }} + {{- printf "%s/%s%s%s" $registryName $repositoryName $separator $termination -}} +{{- else -}} + {{- printf "%s%s%s" $repositoryName $separator $termination -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names (deprecated: use common.images.renderPullSecrets instead) +{{ include "common.images.pullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global) }} +*/}} +{{- define "common.images.pullSecrets" -}} + {{- $pullSecrets := list }} + + {{- if .global }} + {{- range .global.imagePullSecrets -}} + {{- $pullSecrets = append $pullSecrets . -}} + {{- end -}} + {{- end -}} + + {{- range .images -}} + {{- range .pullSecrets -}} + {{- $pullSecrets = append $pullSecrets . -}} + {{- end -}} + {{- end -}} + + {{- if (not (empty $pullSecrets)) }} +imagePullSecrets: + {{- range $pullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} +{{- end -}} \ No newline at end of file diff --git a/charts/helm-dashboard/templates/_helpers.tpl b/charts/helm-dashboard/templates/_helpers.tpl index d7188c30..2d479978 100644 --- a/charts/helm-dashboard/templates/_helpers.tpl +++ b/charts/helm-dashboard/templates/_helpers.tpl @@ -60,3 +60,31 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Return the proper image Registry Secret Names +*/}} +{{- define "helm-dashboard.imagePullSecrets" -}} +{{ include "common.images.pullSecrets" (dict "images" (list .Values.image) "global" .Values.global) }} +{{- end -}} + + +{{/* +Return the proper image name +*/}} +{{- define "helm-dashboard.image" -}} +{{- $image := .Values.image -}} +{{- $tag := .Chart.AppVersion -}} +{{- if $image.tag -}} +{{- $tag = $image.tag -}} +{{- end -}} +{{- $_ := set $image "tag" $tag -}} +{{ include "common.images.image" (dict "imageRoot" $_ "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper image name +*/}} +{{- define "test.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.testImage "global" .Values.global) }} +{{- end -}} \ No newline at end of file diff --git a/charts/helm-dashboard/templates/deployment.yaml b/charts/helm-dashboard/templates/deployment.yaml index 8c62c48c..11151083 100644 --- a/charts/helm-dashboard/templates/deployment.yaml +++ b/charts/helm-dashboard/templates/deployment.yaml @@ -21,10 +21,7 @@ spec: labels: {{- include "helm-dashboard.selectorLabels" . | nindent 8 }} spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "helm-dashboard.imagePullSecrets" . | nindent 6 }} serviceAccountName: {{ include "helm-dashboard.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} @@ -38,7 +35,7 @@ spec: {{- end }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + image: "{{ include "helm-dashboard.image" . }}" imagePullPolicy: {{ .Values.image.pullPolicy }} env: - name: HELM_CACHE_HOME diff --git a/charts/helm-dashboard/templates/tests/test-connection.yaml b/charts/helm-dashboard/templates/tests/test-connection.yaml index 08efbf5e..9d0af584 100644 --- a/charts/helm-dashboard/templates/tests/test-connection.yaml +++ b/charts/helm-dashboard/templates/tests/test-connection.yaml @@ -7,9 +7,10 @@ metadata: annotations: "helm.sh/hook": test spec: + {{- include "helm-dashboard.imagePullSecrets" . | nindent 2 }} containers: - name: wget - image: busybox + image: {{ include "test.image" . }} command: ['wget'] args: ['--timeout=5', '{{ include "helm-dashboard.fullname" . }}:{{ .Values.service.port }}'] restartPolicy: Never diff --git a/charts/helm-dashboard/values.yaml b/charts/helm-dashboard/values.yaml index 15a308cf..5a94ffd7 100644 --- a/charts/helm-dashboard/values.yaml +++ b/charts/helm-dashboard/values.yaml @@ -3,13 +3,22 @@ replicaCount: 1 # Flag for setting environment to debug mode debug: false +global: + ## @param global.imageRegistry Global Docker image registry + imageRegistry: "" + ## Optionally specify an array of imagePullSecrets. + ## Example: + ## imagePullSecrets: + ## - myRegistryKeySecretName + imagePullSecrets: [] + image: repository: komodorio/helm-dashboard pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. tag: "" + imagePullSecrets: [] -imagePullSecrets: [] nameOverride: "" fullnameOverride: "" @@ -119,3 +128,15 @@ tolerations: [] affinity: {} + +testImage: + repository: busybox + tag: latest + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + # tag: "" + ## Optionally specify an array of imagePullSecrets. + ## Example: + ## imagePullSecrets: + ## - myRegistryKeySecretName + imagePullSecrets: [] From 6de199bf707ed55db3d35e38c1a8866c6d32da08 Mon Sep 17 00:00:00 2001 From: warjiang <1096409085@qq.com> Date: Tue, 7 Nov 2023 13:59:57 +0800 Subject: [PATCH 2/2] doc: update doc for charts --- charts/helm-dashboard/README.md | 58 ++++++++++++++++++--------------- 1 file changed, 32 insertions(+), 26 deletions(-) diff --git a/charts/helm-dashboard/README.md b/charts/helm-dashboard/README.md index 7cbc0ff6..e57db250 100644 --- a/charts/helm-dashboard/README.md +++ b/charts/helm-dashboard/README.md @@ -50,32 +50,38 @@ For instance, you can place authentication proxy in front of Helm Dashboard, lik The following table lists the configurable parameters of the chart and their default values. -| Parameter | Description | Default | -| ------------------------------------ | ---------------------------------------------------------------------------------------------- | ------------------------------------ | -| `image.repository` | Image registry/name | `docker.io/komodorio/helm-dashboard` | -| `image.tag` | Image tag | | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `replicaCount` | Number of dashboard Pods to run | `1` | -| `dashboard.allowWriteActions` | Enables write actions. Allow modifying, deleting and creating charts and kubernetes resources. | `true` | -| `resources.requests.cpu` | CPU resource requests | `200m` | -| `resources.limits.cpu` | CPU resource limits | `1` | -| `resources.requests.memory` | Memory resource requests | `256Mi` | -| `resources.limits.memory` | Memory resource limits | `1Gi` | -| `service.type ` | Kubernetes service type | `ClusterIP` | -| `service.port ` | Kubernetes service port | `8080` | -| `serviceAccount.create` | Creates a service account | `true` | -| `serviceAccount.name` | Optional name for the service account | `{RELEASE_FULLNAME}` | -| `nodeSelector` | Node labels for pod assignment | | -| `affinity` | Affinity settings for pod assignment | | -| `tolerations` | Tolerations for pod assignment | | -| `dashboard.persistence.enabled` | Enable helm data persistene using PVC | `true` | -| `dashboard.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | -| `dashboard.persistence.storageClass` | Persistent Volume storage class | `""` | -| `dashboard.persistence.size` | Persistent Volume size | `100M` | -| `dashboard.persistence.hostPath` | Set path in case you want to use local host path volumes (not recommended in production) | `""` -| `updateStrategy.type` | Set up update strategy for helm-dashboard installation. | `RollingUpdate` | -| `extraArgs` | Set the arguments to be supplied to the helm-dashboard binary | `[--no-browser, --bind=0.0.0.0]` - +| Parameter | Description | Default | +|---------------------------------------|------------------------------------------------------------------------------------------------|----------------------------------| +| `global.imageRegistry` | Registry for all images, useful for private registry | `""` | +| `global.imagePullSecrets` | Specify Docker-registry secret names as an array | `[]` | +| `image.repository` | Image registry/name | `komodorio/helm-dashboard` | +| `image.tag` | Image tag | | +| `image.imagePullSecrets` | Specify Docker-registry secret names as an array | `[]` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `replicaCount` | Number of dashboard Pods to run | `1` | +| `dashboard.allowWriteActions` | Enables write actions. Allow modifying, deleting and creating charts and kubernetes resources. | `true` | +| `resources.requests.cpu` | CPU resource requests | `200m` | +| `resources.limits.cpu` | CPU resource limits | `1` | +| `resources.requests.memory` | Memory resource requests | `256Mi` | +| `resources.limits.memory` | Memory resource limits | `1Gi` | +| `service.type ` | Kubernetes service type | `ClusterIP` | +| `service.port ` | Kubernetes service port | `8080` | +| `serviceAccount.create` | Creates a service account | `true` | +| `serviceAccount.name` | Optional name for the service account | `{RELEASE_FULLNAME}` | +| `nodeSelector` | Node labels for pod assignment | | +| `affinity` | Affinity settings for pod assignment | | +| `tolerations` | Tolerations for pod assignment | | +| `dashboard.persistence.enabled` | Enable helm data persistene using PVC | `true` | +| `dashboard.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | +| `dashboard.persistence.storageClass` | Persistent Volume storage class | `""` | +| `dashboard.persistence.size` | Persistent Volume size | `100M` | +| `dashboard.persistence.hostPath` | Set path in case you want to use local host path volumes (not recommended in production) | `""` | +| `updateStrategy.type` | Set up update strategy for helm-dashboard installation. | `RollingUpdate` | +| `extraArgs` | Set the arguments to be supplied to the helm-dashboard binary | `[--no-browser, --bind=0.0.0.0]` | +| `testImage.repository` | Test image registry/name | `busybox` | +| `testImage.tag` | Test image tag | `lastest` | +| `testImage.imagePullSecrets` | Specify Docker-registry secret names as an array | `[]` | +| `testImage.pullPolicy` | Test image pull policy | `IfNotPresent` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. ```bash