From ab944cd0b7a8cde6c0c9d37e4195e099d2a467d1 Mon Sep 17 00:00:00 2001 From: knmsk Date: Sat, 11 Mar 2023 12:16:44 -0300 Subject: [PATCH] apply suggestions --- charts/README.md | 10 ++- .../samples/customAnnotationsAndLabels.yaml | 27 +++++++ charts/templates/_helpers.tpl | 78 +++++++++++++++++-- charts/templates/clusterRole.yaml | 23 +++--- charts/templates/clusterRoleBinding.yaml | 26 ++++--- charts/templates/crds/k6.yaml | 7 +- charts/templates/deployment.yaml | 32 +++++--- charts/templates/namespace.yaml | 6 +- .../templates/prometheus/serviceMonitor.yaml | 9 ++- charts/templates/role.yaml | 10 ++- charts/templates/roleBinding.yaml | 14 ++-- charts/templates/service.yaml | 12 +-- charts/templates/serviceAccount.yaml | 10 ++- charts/values.yaml | 16 +++- config/crd/bases/k6.io_k6s.yaml | 1 - config/rbac/role.yaml | 1 - 16 files changed, 207 insertions(+), 75 deletions(-) diff --git a/charts/README.md b/charts/README.md index cb46533b..b6440997 100644 --- a/charts/README.md +++ b/charts/README.md @@ -10,7 +10,7 @@ A Helm chart to install the k6 operator | Name | Email | Url | | ---- | ------ | --- | -| yorugac | yorugac@gmail.com | | +| yorugac | | | ## Source Code @@ -24,6 +24,7 @@ Kubernetes: `>=1.16.0-0` | Key | Type | Default | Description | |-----|------|---------|-------------| +| affinity | object | `{}` | Affinity to be applied on all containers | | authProxy.enabled | bool | `true` | enables the protection of /metrics endpoint. (https://github.com/brancz/kube-rbac-proxy) | | authProxy.image.name | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` | rbac-proxy image name | | authProxy.image.pullPolicy | string | `"IfNotPresent"` | pull policy for the image can be Always, Never, IfNotPresent (default: IfNotPresent) | @@ -45,9 +46,12 @@ Kubernetes: `>=1.16.0-0` | manager.resources.limits.memory | string | `"100Mi"` | controller-manager Memory limit (Max) | | manager.resources.requests.cpu | string | `"100m"` | controller-manager CPU request (Min) | | manager.resources.requests.memory | string | `"50Mi"` | controller-manager Memory request (Min) | -| manager.serviceAccount | string | `"k6-operator-controller"` | kubernetes service account for the manager | +| manager.serviceAccount.create | bool | `true` | create the service account (default: true) | +| manager.serviceAccount.name | string | `"k6-operator-controller"` | kubernetes service account for the k6 manager | | namespace.create | bool | `true` | create the namespace (default: true) | +| nodeSelector | object | `{}` | Node Selector to be applied on all containers | | prometheus.enabled | bool | `false` | enables the prometheus metrics scraping (default: false) | +| tolerations | object | `{}` | Tolerations to be applied on all containers | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) \ No newline at end of file +Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) \ No newline at end of file diff --git a/charts/samples/customAnnotationsAndLabels.yaml b/charts/samples/customAnnotationsAndLabels.yaml index 38842aaa..ce3738c3 100644 --- a/charts/samples/customAnnotationsAndLabels.yaml +++ b/charts/samples/customAnnotationsAndLabels.yaml @@ -7,6 +7,33 @@ customLabels: certManager: enabled: true +nodeSelector: + disktype: ssd + +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: topology.kubernetes.io/zone + operator: In + values: + - antarctica-east1 + - antarctica-west1 + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + preference: + matchExpressions: + - key: another-node-label-key + operator: In + values: + - another-node-label-value + +tolerations: + - key: "key1" + operator: "Exists" + effect: "NoSchedule" + authProxy: resources: limits: diff --git a/charts/templates/_helpers.tpl b/charts/templates/_helpers.tpl index 21594aae..5eba025b 100644 --- a/charts/templates/_helpers.tpl +++ b/charts/templates/_helpers.tpl @@ -1,14 +1,80 @@ -{{- define "operator.labels" -}} +{{/* +Expand the name of the chart. +*/}} +{{- define "k6-operator.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "k6-operator.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "k6-operator.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "k6-operator.labels" -}} +helm.sh/chart: {{ include "k6-operator.chart" . }} +{{ include "k6-operator.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/part-of: k6-operator +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "k6-operator.selectorLabels" -}} +app.kubernetes.io/name: {{ include "k6-operator.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "k6-operator.serviceAccountName" -}} +{{- if .Values.manager.serviceAccount.create }} +{{- default (include "k6-operator.fullname" .) .Values.manager.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.manager.serviceAccount.name }} +{{- end }} +{{- end }} + + +{{- define "k6-operator.customLabels" -}} {{- if .Values.customLabels }} {{- with .Values.customLabels }} - {{- toYaml . | nindent 4 }} + {{- toYaml . }} {{- end }} {{- else}} {{ print "{}" }} {{- end }} {{- end -}} -{{- define "operator.annotations" -}} +{{- define "k6-operator.customAnnotations" -}} {{- if .Values.customAnnotations }} {{- with .Values.customAnnotations }} {{- toYaml . }} @@ -16,7 +82,7 @@ {{- end }} {{- end -}} -{{- define "operator.namespace" -}} +{{- define "k6-operator.namespace" -}} {{- if eq .Release.Namespace "default" }} {{- printf "%v-system" .Release.Name | indent 1 }} {{- else }} @@ -25,14 +91,14 @@ {{- end -}} -{{- define "operator.livenessProbe" -}} +{{- define "k6-operator.livenessProbe" -}} {{- if .Values.authProxy.livenessProbe }} livenessProbe: {{- toYaml .Values.authProxy.livenessProbe | nindent 12 }} {{- end }} {{- end -}} -{{- define "operator.readinessProbe" -}} +{{- define "k6-operator.readinessProbe" -}} {{- if .Values.authProxy.readinessProbe }} readinessProbe: {{- toYaml .Values.authProxy.readinessProbe | nindent 12 }} diff --git a/charts/templates/clusterRole.yaml b/charts/templates/clusterRole.yaml index 72c96bef..f9c5da96 100644 --- a/charts/templates/clusterRole.yaml +++ b/charts/templates/clusterRole.yaml @@ -1,12 +1,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null - name: {{ .Release.Name }}-manager-role + name: {{ include "k6-operator.fullname" . }}-manager-role labels: - {{- include "operator.labels" . }} + app.kubernetes.io/component: controller + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | default "{}" | nindent 4 }} annotations: - {{- include "operator.annotations" . | default "{}" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "{}" | nindent 4 }} rules: - apiGroups: - apps @@ -87,11 +88,12 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-metrics-reader + name: {{ include "k6-operator.fullname" . }}-metrics-reader labels: - {{- include "operator.labels" . }} + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | default "" | nindent 4 }} annotations: - {{- include "operator.annotations" . | default "" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "" | nindent 4 }} rules: - nonResourceURLs: - /metrics @@ -101,11 +103,12 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ .Release.Name }}-proxy-role + name: {{ include "k6-operator.fullname" . }}-proxy-role labels: - {{- include "operator.labels" . }} + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | default "{}" | nindent 4 }} annotations: - {{- include "operator.annotations" . | default "" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "{}" | nindent 4 }} rules: - apiGroups: - authentication.k8s.io diff --git a/charts/templates/clusterRoleBinding.yaml b/charts/templates/clusterRoleBinding.yaml index 350d166c..c703ac1d 100644 --- a/charts/templates/clusterRoleBinding.yaml +++ b/charts/templates/clusterRoleBinding.yaml @@ -1,35 +1,37 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ .Release.Name }}-manager-rolebinding + name: {{ include "k6-operator.fullname" . }}-manager-rolebinding labels: - {{- include "operator.labels" . }} + app.kubernetes.io/component: controller + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | default "{}" | nindent 4 }} annotations: - {{- include "operator.annotations" . | default "" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "" | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ .Release.Name }}-manager-role + name: {{ include "k6-operator.fullname" . }}-manager-role subjects: - kind: ServiceAccount - name: {{ .Values.manager.serviceAccount }} - namespace: {{- include "operator.namespace" . -}} + name: {{- include "k6-operator.serviceAccountName" . -}} + namespace: {{- include "k6-operator.namespace" . -}} {{- if .Values.authProxy.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ .Release.Name }}-proxy-rolebinding + name: {{ include "k6-operator.fullname" . }}-proxy-rolebinding labels: - {{- include "operator.labels" . }} + {{- include "k6-operator.customLabels" . }} annotations: - {{- include "operator.annotations" . | default "" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "" | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ .Release.Name }}-proxy-role + name: {{ include "k6-operator.fullname" . }}-proxy-role subjects: - kind: ServiceAccount - name: {{ .Values.manager.serviceAccount }} - namespace: {{- include "operator.namespace" . -}} + name: {{- include "k6-operator.serviceAccountName" . -}} + namespace: {{- include "k6-operator.namespace" . -}} {{- end }} diff --git a/charts/templates/crds/k6.yaml b/charts/templates/crds/k6.yaml index 608d0a6c..e7aff535 100644 --- a/charts/templates/crds/k6.yaml +++ b/charts/templates/crds/k6.yaml @@ -2,11 +2,12 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: - {{- include "operator.labels" . }} + app.kubernetes.io/component: controller + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | nindent 4 }} annotations: - {{- include "operator.annotations" . | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | nindent 4 }} controller-gen.kubebuilder.io/version: v0.3.0 - creationTimestamp: null name: k6s.k6.io spec: group: k6.io diff --git a/charts/templates/deployment.yaml b/charts/templates/deployment.yaml index 1cf8f713..e1690a6e 100644 --- a/charts/templates/deployment.yaml +++ b/charts/templates/deployment.yaml @@ -1,24 +1,24 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ .Release.Name }}-controller-manager - namespace: {{- include "operator.namespace" . }} + name: {{ include "k6-operator.fullname" . }}-controller-manager + namespace: {{- include "k6-operator.namespace" . }} labels: control-plane: {{ .Values.controlPlane }} - {{- with .Values.customLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} + app.kubernetes.io/component: controller + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | default "{}" | nindent 4 }} annotations: - {{- include "operator.annotations" . | default "" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "{}" | nindent 4 }} spec: replicas: 1 selector: matchLabels: - control-plane: {{ .Values.controlPlane }} + {{- include "k6-operator.selectorLabels" . | nindent 6 }} template: metadata: labels: - control-plane: {{ .Values.controlPlane }} + {{- include "k6-operator.selectorLabels" . | nindent 8 }} spec: containers: {{- if .Values.authProxy.enabled }} @@ -42,7 +42,7 @@ spec: - --upstream=http://127.0.0.1:8080/ - --logtostderr=true - --v=10 - {{- include "operator.readinessProbe" . }} + {{- include "k6-operator.readinessProbe" . }} ports: - containerPort: 8443 name: https @@ -73,5 +73,17 @@ spec: {{- if .Values.authProxy.enabled }} - --metrics-addr=127.0.0.1:8080 {{- end }} - serviceAccount: {{ .Values.manager.serviceAccount }} + serviceAccount: {{ include "k6-operator.serviceAccountName" . }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} terminationGracePeriodSeconds: 10 diff --git a/charts/templates/namespace.yaml b/charts/templates/namespace.yaml index abc3bec0..6f5d7886 100644 --- a/charts/templates/namespace.yaml +++ b/charts/templates/namespace.yaml @@ -2,13 +2,13 @@ apiVersion: v1 kind: Namespace metadata: - name: {{ .Release.Name }}-system + name: {{ include "k6-operator.fullname" . }}-system labels: - app.kubernetes.io/name: {{ .Release.Name }} + app.kubernetes.io/name: {{ include "k6-operator.fullname" . }} control-plane: {{ .Values.controlPlane }} {{- with .Values.customLabels }} {{- toYaml . | nindent 4 }} {{- end }} annotations: - {{- include "operator.annotations" . | default "{}" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "{}" | nindent 4 }} {{- end }} diff --git a/charts/templates/prometheus/serviceMonitor.yaml b/charts/templates/prometheus/serviceMonitor.yaml index f8bdd2de..8fc1348c 100644 --- a/charts/templates/prometheus/serviceMonitor.yaml +++ b/charts/templates/prometheus/serviceMonitor.yaml @@ -5,11 +5,12 @@ kind: ServiceMonitor metadata: labels: control-plane: {{ .Values.controlPlane }} - {{- with .Values.customLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} + namespace: {{- include "k6-operator.namespace" . }} + app.kubernetes.io/component: monitoring + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | default "{}" | nindent 4 }} annotations: - {{- include "operator.annotations" . | default "{}" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "{}" | nindent 4 }} name: controller-manager-metrics-monitor namespace: system spec: diff --git a/charts/templates/role.yaml b/charts/templates/role.yaml index a2fd0c87..8dbb5f79 100644 --- a/charts/templates/role.yaml +++ b/charts/templates/role.yaml @@ -1,12 +1,14 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ .Release.Name }}-leader-election-role - namespace: {{- include "operator.namespace" . }} + name: {{ include "k6-operator.fullname" . }}-leader-election-role + namespace: {{- include "k6-operator.namespace" . }} labels: - {{- include "operator.labels" . }} + app.kubernetes.io/component: controller + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | default "{}" | nindent 4 }} annotations: - {{- include "operator.annotations" . | default "" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "" | nindent 4 }} rules: - apiGroups: - "" diff --git a/charts/templates/roleBinding.yaml b/charts/templates/roleBinding.yaml index 5edf5365..3b89dcbf 100644 --- a/charts/templates/roleBinding.yaml +++ b/charts/templates/roleBinding.yaml @@ -1,17 +1,19 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ .Release.Name }}-leader-election-rolebinding - namespace: {{- include "operator.namespace" . }} + name: {{ include "k6-operator.fullname" . }}-leader-election-rolebinding + namespace: {{- include "k6-operator.namespace" . }} labels: - {{- include "operator.labels" . }} + app.kubernetes.io/component: controller + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | default "{}" | nindent 4 }} annotations: - {{- include "operator.annotations" . | default "" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "" | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ .Release.Name }}-leader-election-role + name: {{ include "k6-operator.fullname" . }}-leader-election-role subjects: - kind: ServiceAccount name: {{ .Values.manager.serviceAccount }} - namespace: {{- include "operator.namespace" . }} + namespace: {{- include "k6-operator.namespace" . }} diff --git a/charts/templates/service.yaml b/charts/templates/service.yaml index cd6aa54c..a0f8de79 100644 --- a/charts/templates/service.yaml +++ b/charts/templates/service.yaml @@ -2,15 +2,15 @@ apiVersion: v1 kind: Service metadata: + name: {{ include "k6-operator.fullname" . }}-controller-manager-metrics-service + namespace: {{- include "k6-operator.namespace" . }} labels: control-plane: {{ .Values.controlPlane }} - {{- with .Values.customLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} + app.kubernetes.io/component: controller + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | default "{}" | nindent 4 }} annotations: - {{- include "operator.annotations" . | default "{}" | nindent 4 }} - name: {{ .Release.Name }}-controller-manager-metrics-service - namespace: {{- include "operator.namespace" . }} + {{- include "k6-operator.customAnnotations" . | default "{}" | nindent 4 }} spec: ports: - name: https diff --git a/charts/templates/serviceAccount.yaml b/charts/templates/serviceAccount.yaml index bcc3ab32..c608ba65 100644 --- a/charts/templates/serviceAccount.yaml +++ b/charts/templates/serviceAccount.yaml @@ -1,9 +1,11 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.manager.serviceAccount }} - namespace: {{- include "operator.namespace" . }} + name: {{ include "k6-operator.serviceAccountName" . }} + namespace: {{- include "k6-operator.namespace" . }} labels: - {{- include "operator.labels" . }} + app.kubernetes.io/component: controller + {{- include "k6-operator.labels" . | nindent 4 }} + {{- include "k6-operator.customLabels" . | default "{}" | nindent 4 }} annotations: - {{- include "operator.annotations" . | default "" | nindent 4 }} + {{- include "k6-operator.customAnnotations" . | default "" | nindent 4 }} diff --git a/charts/values.yaml b/charts/values.yaml index 38f35eb6..11b8c485 100644 --- a/charts/values.yaml +++ b/charts/values.yaml @@ -4,6 +4,15 @@ customAnnotations: {} # customLabels -- Custom Label to be applied on all resources customLabels: {} +# nodeSelector -- Node Selector to be applied on all containers +nodeSelector: {} + +# affinity -- Affinity to be applied on all containers +affinity: {} + +# tolerations -- Tolerations to be applied on all containers +tolerations: {} + namespace: # namespace.create -- create the namespace (default: true) create: true @@ -32,8 +41,11 @@ authProxy: controlPlane: "controller-manager" manager: - # manager.serviceAccount -- kubernetes service account for the manager - serviceAccount: k6-operator-controller + serviceAccount: + # manager.serviceAccount.name -- kubernetes service account for the k6 manager + name: k6-operator-controller + # manager.serviceAccount.create -- create the service account (default: true) + create: true image: # manager.image.name -- controller-manager image name name: ghcr.io/grafana/operator diff --git a/config/crd/bases/k6.io_k6s.yaml b/config/crd/bases/k6.io_k6s.yaml index 4a3303e7..1d7c0746 100644 --- a/config/crd/bases/k6.io_k6s.yaml +++ b/config/crd/bases/k6.io_k6s.yaml @@ -5,7 +5,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.3.0 - creationTimestamp: null name: k6s.k6.io spec: group: k6.io diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 1be289c2..25791064 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null name: manager-role rules: - apiGroups: