diff --git a/charts/onechart/charts/common-0.2.0.tgz b/charts/onechart/charts/common-0.2.0.tgz index 8ded4951..aa3953a6 100644 Binary files a/charts/onechart/charts/common-0.2.0.tgz and b/charts/onechart/charts/common-0.2.0.tgz differ diff --git a/charts/onechart/templates/_helpers.tpl b/charts/onechart/templates/_helpers.tpl index f6fe4166..89cb35d4 100644 --- a/charts/onechart/templates/_helpers.tpl +++ b/charts/onechart/templates/_helpers.tpl @@ -24,6 +24,14 @@ If release name contains chart name it will be used as a full name. {{- end }} {{- end }} +{{/* +Create a Cloud Run Revision name +*/}} +{{- define "CRrevision" -}} +{{- $name := .Release.Name }} +{{- printf "%s-%s" $name .Values.revision | trunc 63 | trimSuffix "-" }} +{{- end }} + {{/* Create chart name and version as used by the chart label. */}} @@ -31,6 +39,13 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} +{{/* +Decide chart target (k8s or cloudrun). +*/}} +{{- define "cloudrun" -}} +{{- printf "%s" .cloudrun}} +{{- end }} + {{/* Common labels */}} @@ -70,3 +85,16 @@ Create robustName that can be used as Kubernetes resource name, and as subdomain {{- define "robustName" -}} {{ regexReplaceAll "\\W+" . "-" | replace "_" "-" | lower | trunc 63 | trimSuffix "-" }} {{- end }} + + +{{/* +If there are variables defined , create env variables from them . +FIXME : this doesnt work, need to use different parsing as vars are NAME: value +*/}} +{{- define "cloudrunEnv" -}} +{{- if .Values.vars }} +env: + - name: {{ .Values.vars.name }} + value: {{ .Values.vars.value }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/onechart/templates/configmap.yaml b/charts/onechart/templates/configmap.yaml index 30578663..85bd1d72 100644 --- a/charts/onechart/templates/configmap.yaml +++ b/charts/onechart/templates/configmap.yaml @@ -1 +1,3 @@ +{{- if not .Values.cloudrun }} {{- include "common.configmap.tpl" . -}} +{{- end }} \ No newline at end of file diff --git a/charts/onechart/templates/deployment.yaml b/charts/onechart/templates/deployment.yaml index a33bf23f..ac500d7b 100644 --- a/charts/onechart/templates/deployment.yaml +++ b/charts/onechart/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.cloudrun }} apiVersion: apps/v1 kind: Deployment metadata: @@ -162,3 +163,4 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/onechart/templates/pvc.yaml b/charts/onechart/templates/pvc.yaml index b462fad5..8db5a0b1 100644 --- a/charts/onechart/templates/pvc.yaml +++ b/charts/onechart/templates/pvc.yaml @@ -1 +1,3 @@ +{{- if not .Values.cloudrun }} {{- include "common.pvc.tpl" . -}} +{{- end }} \ No newline at end of file diff --git a/charts/onechart/templates/service-cloudrun.yaml b/charts/onechart/templates/service-cloudrun.yaml new file mode 100644 index 00000000..dc901b64 --- /dev/null +++ b/charts/onechart/templates/service-cloudrun.yaml @@ -0,0 +1,146 @@ +{{- if .Values.cloudrun }} +apiVersion: serving.knative.dev/v1 +kind: Service +metadata: + name: {{ template "robustName" .Release.Name }} + namespace: {{ .Values.namespace }} + labels: + {{- if .Values.region }} + cloud.googleapis.com/location: {{ .Values.region }} + {{- end }} + annotations: + {{- if .Values.launch_stage }} + run.googleapis.com/launch-stage: {{ .Values.launch_stage }} + {{- end }} + run.googleapis.com/description: {{ .Values.description | quote }} + run.googleapis.com/ingress: {{ .Values.cr_ingress }} + {{- if .Values.policy }} + run.googleapis.com/binary-authorization: {{ .Values.policy | default "default"}} + {{- end }} + {{- if .Values.justification }} + run.googleapis.com/binary-authorization-breakglass: {{ .Values.justification | quote }} + {{- end }} +spec: + template: + metadata: + name: {{ template "CRrevision" . }} + annotations: + autoscaling.knative.dev/minScale: {{ .Values.replicas_minimum | quote}} + autoscaling.knative.dev/maxScale: {{ .Values.replicas_maximum | quote }} + run.googleapis.com/cpu-throttling: {{ .Values.cpu_allocation | quote }} + run.googleapis.com/startup-cpu-boost: {{ .Values.cpu_allocation | quote }} + run.googleapis.com/sessionAffinity: {{ .Values.cpu_allocation | quote }} + {{- if .Values.cloud_sql_connection }} + run.googleapis.com/cloudsql-instances: {{ .Values.cloud_sql_connection }} + {{- end }} + {{- if .Values.execution_environment }} + run.googleapis.com/execution-environment: {{ .Values.execution_environment }} + {{- end }} + {{- if .Values.serverless_vpc_connector }} + run.googleapis.com/vpc-access-connector: {{ .Values.serverless_vpc_connector }} + {{- end }} + {{- if .Values.egress }} + run.googleapis.com/vpc-access-egress: {{ .Values.egress }} + {{- end }} + {{- if .Values.cmek }} + run.googleapis.com/encryption-key: {{ .Values.cmek }} + {{- end }} + spec: + containerConcurrency: {{ .Values.max_concurrency }} + timeoutSeconds: {{ .Values.request_timeout }} + {{- if .Values.service_account_email }} + serviceAccountName: {{ .Values.service_account_email }} + {{- end }} + containers: + - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + {{- if .Values.command }} + command: + - {{ .Values.shell }} + - -c + - {{ .Values.command | quote }} + args: + - ARGUMENT1 + - ARGUMENT2 + {{- end }} + {{- include "cloudrunEnv" . | nindent 8 }} + ports: + {{- if not .Values.ports }} + - name: http1 + containerPort: {{ .Values.containerPort }} + protocol: TCP + {{ else }} + {{- range .Values.ports }} + - name: {{ .name }} + containerPort: {{ .containerPort }} + protocol: TCP + {{- end }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- if .Values.probe.enabled }} + startupProbe: + httpGet: + path: {{ .Values.probe.path }} + port: {{ .Values.containerPort }} + {{- if .Values.probe.httpHeaders }} + httpHeaders: + {{- with .Values.probe.httpHeaders }} + {{- toYaml . | nindent 14 }} + {{- end }} + {{- end }} + {{- if .Values.probe.tcpSocket }} + tcpSocket: + port: {{ .Values.probe.tcpSocket }} + {{- end }} + {{- if .Values.probe.grpc }} + grpc: + service: {{ .Values.probe.grpc.service }} + port: {{ .Values.probe.grpc.port }} + {{- end }} + {{- with .Values.probe.settings }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.probe.enabled }} + livenessProbe: + httpGet: + path: {{ .Values.livenessProbe.path }} + port: {{ .Values.containerPort }} + {{- if .Values.livenessProbe.httpHeaders }} + httpHeaders: + {{- with .Values.livenessProbe.httpHeaders }} + {{- toYaml . | nindent 14 }} + {{- end }} + {{- end }} + {{- if .Values.livenessProbe.tcpSocket }} + tcpSocket: + port: {{ .Values.livenessProbe.tcpSocket }} + {{- end }} + {{- if .Values.livenessProbe.grpc }} + grpc: + service: {{ .Values.livenessProbe.grpc.service }} + port: {{ .Values.livenessProbe.grpc.port }} + {{- end }} + {{- with .Values.livenessProbe.settings }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.volumeName }} + volumeMounts: + - name: {{ .Values.volumeName}} + readOnly: true + mountPath: {{ .Values.volumeMountPath}} + {{- end }} + {{- if .Values.volumeName }} + volumes: + - name: {{ .Values.volumeName}} + secret: + secretName: {{ .Values.secretName }} + items: + - key: {{ .Values.secretVersion | quote}} + path: {{ .Values.secretPath }} + {{- end }} + traffic: + - percent: 100 + latestRevision: true +{{- end }} \ No newline at end of file diff --git a/charts/onechart/templates/service.yaml b/charts/onechart/templates/service.yaml index 83965613..7482b488 100644 --- a/charts/onechart/templates/service.yaml +++ b/charts/onechart/templates/service.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.cloudrun }} apiVersion: v1 kind: Service metadata: @@ -44,3 +45,4 @@ spec: {{- end }} selector: {{- include "helm-chart.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/onechart/values-cr.yaml b/charts/onechart/values-cr.yaml new file mode 100644 index 00000000..2fd6c406 --- /dev/null +++ b/charts/onechart/values-cr.yaml @@ -0,0 +1,102 @@ +#cloudrun: true for cloud run, false for kubernetes +#please note that most kubernetes resources will be ignored in case of cloudrun +cloudrun: true + +#Belgium - low co2 dc +region: "europe-west1" + +# namespace must be project ID or quoted number for Cloud Run +namespace: "heimdall-onechart" + +description: "Human readable description of Cloud Run service - yattaa" + +# launch stage: set to BETA for preview capabilities +launch_stage: "" +# {all|internal|internal-and-cloud-load-balancing} +cr_ingress: "all" + +#binary-authorization +policy: "" +#justification for breakglass event if binary-auth policy is set +justification: "why u break glass??" + +image: + repository: nginx + tag: "latest" + pullPolicy: IfNotPresent + +replicas: 1 +replicas_minimum: 1 +replicas_maximum: 10 + +# by default CPU is only allocatd during request prosessing. You can change this by setting this to true +cpu_allocation: false +cpu_boost: false +session_affinity: false +cloud_sql_connection: "" +execution_environment: "" +serverless_vpc_connector: "" +egress: "" +cmek: "" + +# cpu cannot be lower than 1 if concurrency is > 1 +# Total memory < 512 Mi is not supported with cpu unthrottled +resources: + requests: + cpu: "1" + memory: "512Mi" + limits: + cpu: "1" + memory: "512Mi" + +#You can configure the maximum concurrent requests per instance. By default each Cloud Run container instance can receive up to 80 requests at the same time; you can increase this to a maximum of 1000. +#Although you should use the default value, if needed you can lower the maximum concurrency. For example, if your code cannot process parallel requests, set concurrency to 1. +max_concurrency: 1000 + +#For Cloud Run services, the request timeout setting specifies the time within which a response must be returned by services deployed to Cloud Run. If a response isn't returned within the time specified, the request ends and error 504 is returned. +#The timeout is set by default to 5 minutes and can be extended up to 60 minutes. +request_timeout: 60 +service_account_email: "" + +revision: "my-revision12" + +# there are no volumes data volumes in cloud run +#volumes: + +volumeName: "my-volume" +volumeMountPath: "/tmp/my-secret" +secretName: "my-secret" +secretVersion: "1" +secretPath: "secretPath" + +#vars: +# MY_VAR: "value" + +# onle one probe action shoudl be defined at a time +probe: + enabled: true + path: "/" + httpHeaders: + - name: "header-name" + value: "header-value" +# tcpSocket: 8081 + settings: + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 3 + failureThreshold: 3 +# grpc: +# service: "grpc_service" +# port: 8082 + +# Before you use a liveness probe: https://srcco.de/posts/kubernetes-liveness-probes-are-dangerous.html +livenessProbe: + enabled: false + path: "/" + settings: + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 3 + failureThreshold: 3 \ No newline at end of file