diff --git a/assets/codefresh/cf-runtime-0.1.401.tgz b/assets/codefresh/cf-runtime-0.1.401.tgz new file mode 100644 index 000000000..0a4d1bbce Binary files /dev/null and b/assets/codefresh/cf-runtime-0.1.401.tgz differ diff --git a/assets/logos/codefresh.jpg b/assets/logos/codefresh.jpg new file mode 100644 index 000000000..01fe1596b Binary files /dev/null and b/assets/logos/codefresh.jpg differ diff --git a/charts/codefresh/cf-runtime/0.1.401/.helmignore b/charts/codefresh/cf-runtime/0.1.401/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/codefresh/cf-runtime/0.1.401/Chart.yaml b/charts/codefresh/cf-runtime/0.1.401/Chart.yaml new file mode 100644 index 000000000..a22598d2a --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/Chart.yaml @@ -0,0 +1,12 @@ +annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Codefresh + catalog.cattle.io/release-name: cf-runner +apiVersion: v2 +appVersion: 1.16.0 +description: Codefresh Runner +icon: https://partner-charts.rancher.io/assets/logos/codefresh.jpg +kubeVersion: 1.18 - 1.21 +name: cf-runtime +type: application +version: 0.1.401 diff --git a/charts/codefresh/cf-runtime/0.1.401/README.md b/charts/codefresh/cf-runtime/0.1.401/README.md new file mode 100644 index 000000000..909618662 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/README.md @@ -0,0 +1,28 @@ +# cf-runtime helm chart +To install the [Codefresh Runner](https://codefresh.io/docs/docs/administration/codefresh-runner/) using helm you need to follow these steps: + +1. Download the Codefresh CLI and authenticate it with your Codefresh account. Click [here](https://codefresh-io.github.io/cli/getting-started/) for more detailed instructions. +2. Install [yq](https://github.com/mikefarah/yq) +3. Run the following command on your local machine to create all of the necessary enitites in Codefresh: + + ``` + codefresh runner init --generate-helm-values-file + ``` + + * This will not install anything on your cluster, except for running cluster acceptance tests, which may be skipped using the `--skip-cluster-test` option). + * This command will also generate a `generated_values.yaml` file in your current directory, which you will need to provide to the `helm install` command later. +4. Download the default `values.yaml` file in the same path as the `generated_values.yaml` file. + ``` + curl -L https://raw.githubusercontent.com/codefresh-io/venona/release-1.0/charts/cf-runtime/values.yaml > values.yaml + ``` +5. Convert `generated_values.yaml` to yaml. + ``` + yq eval -P generated_values.yaml > generated_values_converted.yaml + ``` +6. [Merge](https://mikefarah.gitbook.io/yq/operators/reduce#merge-all-yaml-files-together) the two files together using `yq` + > **Note:** The order of the files being merged together is important. Please make sure the generated values file is in second place. + ``` + yq eval-all '. as $item ireduce ({}; . * $item)' values.yaml generated_values_converted.yaml > merged-values.yaml + ``` +7. Select a namespace to install to. If it's a new namespace it will need to be created before using the wizard (e.g. a `codefresh` namespace). Click next. +8. On the following screen: Select all text and replace with the newly created `merged-values.yaml` file and click on **Install**. diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/_helpers.tpl b/charts/codefresh/cf-runtime/0.1.401/templates/_helpers.tpl new file mode 100644 index 000000000..72f44e36a --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/_helpers.tpl @@ -0,0 +1,51 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "cf-runtime.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cf-runtime.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "cf-runtime.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cf-runtime.labels" -}} +helm.sh/chart: {{ include "cf-runtime.chart" . }} +{{ include "cf-runtime.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cf-runtime.selectorLabels" -}} +app.kubernetes.io/name: {{ include "cf-runtime.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/_helpers.tpl b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/_helpers.tpl new file mode 100644 index 000000000..9e72b87e0 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/_helpers.tpl @@ -0,0 +1,31 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "cf-app-proxy.name" -}} + {{- printf "%s-%s" (include "cf-runtime.name" .) "app-proxy" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cf-app-proxy.fullname" -}} + {{- printf "%s-%s" (include "cf-runtime.fullname" .) "app-proxy" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cf-app-proxy.labels" -}} +{{ include "cf-runtime.labels" . }} +codefresh.io/application: app-proxy +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cf-app-proxy.selectorLabels" -}} +{{ include "cf-runtime.selectorLabels" . }} +codefresh.io/application: app-proxy +{{- end }} \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/deployment.app-proxy.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/deployment.app-proxy.yaml new file mode 100644 index 000000000..94e665325 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/deployment.app-proxy.yaml @@ -0,0 +1,58 @@ +{{ if .Values.appProxy.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "cf-app-proxy.fullname" . }} + labels: {{- include "cf-app-proxy.labels" . | nindent 4 }} +spec: + selector: + matchLabels: {{- include "cf-app-proxy.selectorLabels" . | nindent 6 }} + replicas: 1 + revisionHistoryLimit: 5 + strategy: + rollingUpdate: + maxSurge: 50% + maxUnavailable: 50% + type: RollingUpdate + template: + metadata: + labels: {{- include "cf-app-proxy.labels" . | nindent 8 }} + spec: + serviceAccountName: {{ include "cf-app-proxy.fullname" . }} + containers: + - name: app-proxy + image: {{ .Values.appProxy.image }} + imagePullPolicy: Always + {{/* resources:*/}} + {{/* {{ toYaml .Values.AppProxy.resources | indent 10 }}*/}} + env: + {{- if .Values.appProxy.env }} + {{- range $key, $value := .Values.appProxy.env }} + - name: {{ $key }} + value: "{{ $value}}" + {{- end}} + {{- end}} + - name: PORT + value: "3000" + - name: CODEFRESH_HOST + value: {{ .Values.global.codefreshHost }} + {{ if .Values.appProxy.ingress.pathPrefix }} + - name: API_PATH_PREFIX + value: {{ .Values.appProxy.ingress.pathPrefix }} + {{ end }} + {{- if .Values.newRelicLicense }} + - name: NEWRELIC_LICENSE_KEY + value: {{ .Values.newRelicLicense }} + {{- end }} + ports: + - containerPort: 3000 + protocol: TCP + readinessProbe: + httpGet: + path: /health + port: 3000 + periodSeconds: 5 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 5 + {{end}} \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/ingress.app-proxy.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/ingress.app-proxy.yaml new file mode 100644 index 000000000..1b47210d3 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/ingress.app-proxy.yaml @@ -0,0 +1,27 @@ +{{ if .Values.appProxy.enabled }} +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: {{ include "cf-app-proxy.fullname" . }} + labels: {{- include "cf-app-proxy.labels" . | nindent 4 }} + annotations: + {{ if .Values.appProxy.ingress.class }}kubernetes.io/ingress.class: {{ .Values.appProxy.ingress.class }}{{ end }} + {{ range $key, $value := .Values.appProxy.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{ end }} +spec: + rules: + - host: {{ .Values.appProxy.ingress.host }} + http: + paths: + - path: {{ if .Values.appProxy.ingress.pathPrefix }}{{ .Values.appProxy.ingress.pathPrefix }}{{ else }}'/'{{end}} + backend: + serviceName: {{ include "cf-app-proxy.fullname" . }} + servicePort: 80 + {{ if .Values.appProxy.ingress.tlsSecret }} + tls: + - hosts: + - {{ .Values.appProxy.ingress.host }} + secretName: {{ .Values.appProxy.ingress.tlsSecret }} + {{ end }} + {{ end }} \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/role-binding.app-proxy.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/role-binding.app-proxy.yaml new file mode 100644 index 000000000..a0e53d154 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/role-binding.app-proxy.yaml @@ -0,0 +1,17 @@ +{{ if .Values.appProxy.enabled }} + +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "cf-app-proxy.fullname" . }} + labels: {{- include "cf-app-proxy.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ include "cf-app-proxy.fullname" . }} # this service account can get secrets cluster-wide (all namespaces) + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ include "cf-app-proxy.fullname" . }} + apiGroup: rbac.authorization.k8s.io + + {{ end }} \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/role.app-proxy.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/role.app-proxy.yaml new file mode 100644 index 000000000..91edb18d9 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/role.app-proxy.yaml @@ -0,0 +1,13 @@ +{{ if .Values.appProxy.enabled }} + +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "cf-app-proxy.fullname" . }} + labels: {{- include "cf-app-proxy.labels" . | nindent 4 }} +rules: + - apiGroups: [ "" ] + resources: [ "secrets" ] + verbs: [ "get" ] + + {{end}} \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/service-account.app-proxy.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/service-account.app-proxy.yaml new file mode 100644 index 000000000..576e00b6c --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/service-account.app-proxy.yaml @@ -0,0 +1,13 @@ +{{ if .Values.appProxy.enabled }} + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "cf-app-proxy.fullname" . }} + labels: {{- include "cf-app-proxy.labels" . | nindent 4 }} + {{/* annotations:*/}} + {{/* {{ range $key, $value := .Values.AppProxy.ServiceAccount.Annotations }}*/}} + {{/* {{ $key }}: {{ $value | quote | unescape }}*/}} + {{/* {{ end }}*/}} + + {{ end }} \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/service.app-proxy.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/service.app-proxy.yaml new file mode 100644 index 000000000..948c19410 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/app-proxy/service.app-proxy.yaml @@ -0,0 +1,13 @@ +{{ if .Values.appProxy.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "cf-app-proxy.fullname" . }} + labels: {{- include "cf-app-proxy.labels" . | nindent 4 }} +spec: + selector: {{ include "cf-app-proxy.selectorLabels" . | nindent 4 }} + ports: + - protocol: TCP + port: 80 + targetPort: 3000 + {{ end }} \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/monitor/_helpers.tpl b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/_helpers.tpl new file mode 100644 index 000000000..41220d09a --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/_helpers.tpl @@ -0,0 +1,35 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "cf-monitor.name" -}} + {{- printf "%s-%s" (include "cf-runtime.name" .) "monitor" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cf-monitor.fullname" -}} + {{- printf "%s-%s" (include "cf-runtime.fullname" .) "monitor" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{- define "cf-monitor.rollbackFullname" -}} + {{- printf "%s-%s" (include "cf-runtime.fullname" .) "monitor-rollback" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cf-monitor.labels" -}} +{{ include "cf-runtime.labels" . }} +codefresh.io/application: monitor +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cf-monitor.selectorLabels" -}} +{{ include "cf-runtime.selectorLabels" . }} +codefresh.io/application: monitor +{{- end }} \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/monitor/deployment.monitor.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/deployment.monitor.yaml new file mode 100644 index 000000000..d46976db3 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/deployment.monitor.yaml @@ -0,0 +1,67 @@ +{{- if .Values.monitor.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "cf-monitor.fullname" . }} + labels: {{- include "cf-monitor.labels" . | nindent 4 }} +spec: + replicas: 1 + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 50% + maxSurge: 50% + selector: + matchLabels: {{- include "cf-monitor.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: {{- include "cf-monitor.labels" . | nindent 8 }} + spec: + serviceAccountName: {{ include "cf-monitor.fullname" . }} + containers: + - name: monitor + {{/* resources:*/}} + {{/* {{ toYaml .Values.Monitor.resources | indent 10 }}*/}} + image: {{ .Values.monitor.image }} + imagePullPolicy: Always + env: + {{- if .Values.monitor.env }} + {{- range $key, $value := .Values.monitor.env }} + - name: {{ $key }} + value: "{{ $value}}" + {{- end}} + {{- end}} + - name: SERVICE_NAME + value: {{ include "cf-monitor.fullname" . }} +{{/* {{- if .Values.monitor.useNamespaceWithRole TODO: WTF }}*/}} +{{/* - name: ROLE_BINDING*/}} +{{/* value: "true"*/}} +{{/* {{- end }}*/}} + - name: PORT + value: "9020" + - name: API_TOKEN + value: {{ .Values.monitor.token }} + - name: CLUSTER_ID + value: {{ .Values.monitor.clusterId }} + - name: API_URL + value: {{ .Values.global.codefreshHost }}/api/k8s-monitor/events + - name: ACCOUNT_ID + value: user + - name: HELM3 + value: "{{ .Values.monitor.helm3 }}" + - name: NAMESPACE + value: "{{ .Release.Namespace }}" + - name: NODE_OPTIONS + value: "--max_old_space_size=4096" + ports: + - containerPort: 9020 + protocol: TCP + readinessProbe: + httpGet: + path: /api/ping + port: 9020 + periodSeconds: 5 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 5 + {{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/monitor/role.monitor.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/role.monitor.yaml new file mode 100644 index 000000000..8512536a5 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/role.monitor.yaml @@ -0,0 +1,40 @@ +{{- if and .Values.monitor.enabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "cf-monitor.fullname" . }} + labels: {{- include "cf-monitor.labels" . | nindent 4 }} +rules: + - apiGroups: + - "" + resources: [ "*" ] + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - "" + resources: [ "pods" ] + verbs: + - get + - list + - watch + - create + - deletecollection + - apiGroups: + - extensions + resources: [ "*" ] + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: [ "*" ] + verbs: + - get + - list + - watch + {{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/monitor/rolebinding.monitor.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/rolebinding.monitor.yaml new file mode 100644 index 000000000..695eeadac --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/rolebinding.monitor.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.monitor.enabled }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "cf-monitor.fullname" . }} + labels: {{- include "cf-monitor.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ include "cf-monitor.fullname" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "cf-monitor.fullname" . }} + {{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/monitor/rollback-role-binding.monitor.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/rollback-role-binding.monitor.yaml new file mode 100644 index 000000000..53b8cd42a --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/rollback-role-binding.monitor.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.monitor.enabled }} +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "cf-monitor.rollbackFullname" . }} + labels: {{- include "cf-monitor.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ include "cf-monitor.rollbackFullname" .}} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin + {{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/monitor/rollback-serviceaccount.monitor.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/rollback-serviceaccount.monitor.yaml new file mode 100644 index 000000000..88107b8c3 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/rollback-serviceaccount.monitor.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.monitor.enabled }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "cf-monitor.rollbackFullname" . }} + labels: {{- include "cf-monitor.labels" . | nindent 4 }} + {{/* annotations:*/}} + {{/* {{ range $key, $value := .Values.Monitor.ServiceAccount.Annotations }}*/}} + {{/* {{ $key }}: {{ $value }}*/}} + {{/* {{ end }}*/}} + {{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/monitor/service-account.monitor.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/service-account.monitor.yaml new file mode 100644 index 000000000..a610bcfa9 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/service-account.monitor.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.monitor.enabled }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "cf-monitor.fullname" . }} + labels: {{- include "cf-monitor.labels" . | nindent 4 }} + {{/* annotations:*/}} + {{/* {{ range $key, $value := .Values.monitor.serviceAccount.annotations }}*/}} + {{/* {{ $key }}: {{ $value }}*/}} + {{/* {{ end }}*/}} + {{- end }} \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/monitor/service.monitor.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/service.monitor.yaml new file mode 100644 index 000000000..915e5828c --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/monitor/service.monitor.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.monitor.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "cf-monitor.fullname" . }} + labels: {{- include "cf-monitor.labels" . | nindent 4 }} +spec: + type: ClusterIP + ports: + - name: "http" + port: 80 + protocol: TCP + targetPort: 9020 + selector: {{- include "cf-monitor.selectorLabels" . | nindent 4 }} + {{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/re/_helpers.tpl b/charts/codefresh/cf-runtime/0.1.401/templates/re/_helpers.tpl new file mode 100644 index 000000000..4e2903fe4 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/re/_helpers.tpl @@ -0,0 +1,31 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "cf-re.name" -}} + {{- printf "%s-%s" (include "cf-runtime.name" .) "re" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cf-re.fullname" -}} + {{- printf "%s-%s" (include "cf-runtime.fullname" .) "re" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cf-re.labels" -}} +{{ include "cf-runtime.labels" . }} +codefresh.io/application: runtime +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cf-re.selectorLabels" -}} +{{ include "cf-runtime.selectorLabels" . }} +codefresh.io/application: runtime +{{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/re/codefresh-certs-server-secret.re.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/re/codefresh-certs-server-secret.re.yaml new file mode 100644 index 000000000..9d0e36b47 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/re/codefresh-certs-server-secret.re.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +type: Opaque +kind: Secret +metadata: + {{/* has to be a constant */}} + name: codefresh-certs-server + labels: {{- include "cf-re.labels" . | nindent 4 }} +data: + server-cert.pem: {{ .Values.global.keys.serverCert | b64enc }} + server-key.pem: {{ .Values.global.keys.key | b64enc }} + ca.pem: {{ .Values.global.keys.ca | b64enc }} + diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/re/dind-daemon-conf.re.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/re/dind-daemon-conf.re.yaml new file mode 100644 index 000000000..1b7b8b17c --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/re/dind-daemon-conf.re.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + {{/* has to be a constant */}} + name: codefresh-dind-config +data: + daemon.json: | + { + "hosts": [ "unix:///var/run/docker.sock", + "tcp://0.0.0.0:1300"], + "storage-driver": "overlay2", + "tlsverify": true, + "tls": true, + "tlscacert": "/etc/ssl/cf-client/ca.pem", + "tlscert": "/etc/ssl/cf/server-cert.pem", + "tlskey": "/etc/ssl/cf/server-key.pem", + "insecure-registries" : ["192.168.99.100:5000"], + "metrics-addr" : "0.0.0.0:9323", + "experimental" : true + } diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/re/dind-headless-service.re.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/re/dind-headless-service.re.yaml new file mode 100644 index 000000000..8a26a04a5 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/re/dind-headless-service.re.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: dind + {{/* has to be a constant */}} + name: dind +spec: + ports: + - name: "dind-port" + port: 1300 + protocol: TCP + + # This is a headless service, Kubernetes won't assign a VIP for it. + # *.dind.default.svc.cluster.local + clusterIP: None + selector: + app: dind diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/re/role.engine.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/re/role.engine.yaml new file mode 100644 index 000000000..02baa586b --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/re/role.engine.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: codefresh-engine + labels: {{- include "cf-re.labels" . | nindent 4 }} +rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/re/rolebinding.engine.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/re/rolebinding.engine.yaml new file mode 100644 index 000000000..0f8728b25 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/re/rolebinding.engine.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: codefresh-engine + labels: {{- include "cf-re.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: codefresh-engine +subjects: + - kind: ServiceAccount + name: codefresh-engine diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/re/service-account.re.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/re/service-account.re.yaml new file mode 100644 index 000000000..ce47ec838 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/re/service-account.re.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + {{- /* has to be a constant */}} + name: codefresh-engine + labels: {{- include "cf-re.labels" . | nindent 4 }} +{{- if .Values.re.serviceAccount }} + annotations: + {{- range $key, $value := .Values.re.serviceAccount.annotations }} + {{ $key }}: {{ $value }} + {{- end}} +{{- end}} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/venona/_helpers.tpl b/charts/codefresh/cf-runtime/0.1.401/templates/venona/_helpers.tpl new file mode 100644 index 000000000..6dfc5420b --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/venona/_helpers.tpl @@ -0,0 +1,35 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "cf-venona.name" -}} + {{- printf "%s-%s" (include "cf-runtime.name" .) "venona" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cf-venona.fullname" -}} + {{- printf "%s-%s" (include "cf-runtime.fullname" .) "venona" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cf-venona.labels" -}} +{{ include "cf-runtime.labels" . }} +codefresh.io/application: venona +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cf-venona.selectorLabels" -}} +{{ include "cf-runtime.selectorLabels" . }} +codefresh.io/application: venona +{{- end }} + +{{- define "cf-venona.docker-image" -}} +{{- .Values.venona.image }} +{{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/venona/deployment.venona.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/venona/deployment.venona.yaml new file mode 100644 index 000000000..9eaa21358 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/venona/deployment.venona.yaml @@ -0,0 +1,97 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "cf-venona.fullname" . }} + labels: {{- include "cf-venona.labels" . | nindent 4 }} +spec: + selector: + matchLabels: {{- include "cf-venona.selectorLabels" . | nindent 6 }} + replicas: 1 + revisionHistoryLimit: 5 + strategy: + rollingUpdate: + maxSurge: 50% + maxUnavailable: 50% + type: RollingUpdate + template: + metadata: + labels: {{- include "cf-venona.labels" . | nindent 8 }} + spec: + serviceAccountName: {{ include "cf-venona.fullname" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: +{{ toYaml .Values.tolerations | indent 8 }} + {{- end }} + {{/* {{ if ne .Values.nodeSelector "" }}*/}} + {{/* nodeSelector:*/}} + {{/* {{ .Values.NodeSelector | nodeSelectorParamToYaml | indent 8 | unescape }}*/}} + {{/* {{ end }}*/}} + {{/* tolerations:*/}} + {{/* {{ toYaml .Values.Tolerations | indent 8 | unescape }}*/}} + containers: + - name: venona + env: + {{/* {{- if .Values.EnvVars }}*/}} + {{/* {{- range $key, $value := .Values.EnvVars }}*/}} + {{/* - name: {{ $key }}*/}} + {{/* value: "{{ $value}}"*/}} + {{/* {{- end}}*/}} + {{/* {{- end}}*/}} + {{/* {{- if .Values.AdditionalEnvVars }}*/}} + {{/* {{- range $key, $value := .Values.AdditionalEnvVars }}*/}} + {{/* - name: {{ $key }}*/}} + {{/* value: "{{ $value}}"*/}} + {{/* {{- end}}*/}} + {{/* {{- end}}*/}} + - name: SELF_DEPLOYMENT_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: CODEFRESH_TOKEN + valueFrom: + secretKeyRef: + name: {{ include "cf-venona.fullname" . }} + key: codefresh.token + - name: CODEFRESH_IN_CLUSTER_RUNTIME + value: {{ .Values.global.runtimeName }} + - name: CODEFRESH_HOST + value: {{ .Values.global.codefreshHost }} + - name: AGENT_MODE + value: InCluster + - name: "AGENT_ID" {{/* agent name */}} + value: {{ .Values.global.agentName }} + {{- if ne .Values.dockerRegistry "" }} + - name: DOCKER_REGISTRY + value: {{ .Values.dockerRegistry }} + {{- end }} + {{- if .Values.newRelicLicense }} + - name: NEWRELIC_LICENSE_KEY + value: {{ .Values.newRelicLicense }} + {{- end }} + image: {{ include "cf-venona.docker-image" . }} + ports: + - containerPort: 8080 + protocol: TCP + readinessProbe: + httpGet: + path: /health + port: 8080 + periodSeconds: 5 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 5 + {{/* volumeMounts:*/}} + {{/* - name: runnerconf*/}} + {{/* mountPath: "/etc/secrets"*/}} + {{/* readOnly: true*/}} + imagePullPolicy: Always + {{/* resources: {{ toYaml .Values.Runner.resources | nindent 10 /* todo capital change }}*/}} + securityContext: + runAsUser: 10001 + runAsGroup: 10001 + fsGroup: 10001 + restartPolicy: Always diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/venona/role-binding.venona.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/venona/role-binding.venona.yaml new file mode 100644 index 000000000..c8a3ca90f --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/venona/role-binding.venona.yaml @@ -0,0 +1,12 @@ +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "cf-venona.fullname" . }} + labels: {{- include "cf-venona.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ include "cf-venona.fullname" . }} +roleRef: + kind: Role + name: {{ include "cf-venona.fullname" . }} + apiGroup: rbac.authorization.k8s.io diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/venona/role.venona.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/venona/role.venona.yaml new file mode 100644 index 000000000..d09da8d47 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/venona/role.venona.yaml @@ -0,0 +1,8 @@ +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "cf-venona.fullname" . }} +rules: + - apiGroups: [ "" ] + resources: [ "pods", "persistentvolumeclaims" ] + verbs: [ "get", "create", "delete" ] diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/venona/secret.venona.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/venona/secret.venona.yaml new file mode 100644 index 000000000..4a7500c87 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/venona/secret.venona.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ include "cf-venona.fullname" . }} + labels: {{- include "cf-venona.labels" . | nindent 4 }} +data: + codefresh.token: {{ .Values.global.agentToken | b64enc }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/venona/service-account.venona.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/venona/service-account.venona.yaml new file mode 100644 index 000000000..8675a9a26 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/venona/service-account.venona.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "cf-venona.fullname" . }} + labels: {{- include "cf-venona.labels" . | nindent 4 }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/_helpers.tpl b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/_helpers.tpl new file mode 100644 index 000000000..b5df41440 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/_helpers.tpl @@ -0,0 +1,85 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "cf-vp.name" -}} + {{- printf "%s-%s" (include "cf-runtime.name" .) "vp" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{- define "cf-vp.fullname" -}} + {{- printf "%s-%s" (include "cf-runtime.fullname" .) "vp" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{- define "cf-vp.provisionerName" -}} + {{- printf "%s-%s" (include "cf-runtime.fullname" .) "vp-provisioner" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{- define "cf-vp.monitorName" -}} + {{- printf "%s-%s" (include "cf-runtime.fullname" .) "vp-monitor" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{- define "cf-vp.volumeProvisionerName" -}} + codefresh.io/dind-volume-provisioner-{{ include "cf-runtime.fullname" . }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cf-vp.monitorLabels" -}} +{{ include "cf-runtime.labels" . }} +codefresh.io/application: volume-provisioner-monitor +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cf-vp.monitorSelectorLabels" -}} +{{ include "cf-runtime.selectorLabels" . }} +codefresh.io/application: volume-provisioner-monitor +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cf-vp.provisionerLabels" -}} +{{ include "cf-runtime.labels" . }} +codefresh.io/application: volume-provisioner +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cf-vp.provisionerSelectorLabels" -}} +{{ include "cf-runtime.selectorLabels" . }} +codefresh.io/application: volume-provisioner +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cf-vp.cleanupLabels" -}} +{{ include "cf-runtime.labels" . }} +codefresh.io/application: cleanup +{{- end }} + + +{{- define "cf-vp.docker-image-volume-utils" -}} +{{- if ne .Values.dockerRegistry ""}} +{{- .Values.dockerRegistry }}/codefresh/dind-volume-utils:1.26.0 +{{- else }}codefresh/dind-volume-utils:1.26.0 +{{- end}} +{{- end }} + +{{- define "cf-vp.docker-image-volume-provisioner" -}} +{{ if ne .Values .dockerRegistry ""}} +{{- .dockerRegistry }}/{{ .Storage.VolumeProvisioner.Image }} +{{- else }} +{{- .Storage.VolumeProvisioner.Image }} +{{- end}} +{{- end }} + +{{- define "cf-vp.docker-image-cleanup-cron" -}} +{{- if ne .Values.dockerRegistry ""}} +{{- .Values.dockerRegistry }}/codefresh/dind-volume-utils:1.26.0 +{{- else }}codefresh/dind-volume-utils:1.26.0 +{{- end}} +{{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/cluster-role-binding.dind-volume-provisioner.vp.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/cluster-role-binding.dind-volume-provisioner.vp.yaml new file mode 100644 index 000000000..9f88b3b9b --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/cluster-role-binding.dind-volume-provisioner.vp.yaml @@ -0,0 +1,13 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "cf-vp.fullname" . }} + labels: {{- include "cf-vp.provisionerLabels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ include "cf-vp.fullname" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ include "cf-vp.fullname" . }} + apiGroup: rbac.authorization.k8s.io diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/cluster-role.dind-volume-provisioner.vp.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/cluster-role.dind-volume-provisioner.vp.yaml new file mode 100644 index 000000000..4a1eb1ad2 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/cluster-role.dind-volume-provisioner.vp.yaml @@ -0,0 +1,30 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "cf-vp.fullname" . }} + labels: {{- include "cf-vp.provisionerLabels" . | nindent 4 }} +rules: + - apiGroups: [ "" ] + resources: [ "persistentvolumes" ] + verbs: [ "get", "list", "watch", "create", "delete", "patch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumeclaims" ] + verbs: [ "get", "list", "watch", "update" ] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "storageclasses" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "list", "watch", "create", "update", "patch" ] + - apiGroups: [ "" ] + resources: [ "secrets" ] + verbs: [ "get", "list" ] + - apiGroups: [ "" ] + resources: [ "nodes" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch", "create", "delete", "patch" ] + - apiGroups: [ "" ] + resources: [ "endpoints" ] + verbs: [ "get", "list", "watch", "create", "update", "delete" ] diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/cron-job.dind-volume-cleanup.vp.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/cron-job.dind-volume-cleanup.vp.yaml new file mode 100644 index 000000000..8d2cd67ca --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/cron-job.dind-volume-cleanup.vp.yaml @@ -0,0 +1,25 @@ +{{- if not (eq .Values.storage.backend "local") }} +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: {{ include "cf-vp.fullname" . }} + labels: {{- include "cf-vp.cleanupLabels" . | nindent 4 }} +spec: + schedule: "0,10,20,30,40,50 * * * *" + concurrencyPolicy: Forbid + {{- if eq .Values.storage.backend "local" }} + suspend: true + {{- end }} + jobTemplate: + spec: + template: + spec: + serviceAccountName: {{ include "cf-vp.fullname" . }} + restartPolicy: Never + containers: + - name: dind-volume-cleanup + image: {{ include "cf-vp.docker-image-cleanup-cron" . }} + env: + - name: PROVISIONED_BY + value: {{ include "cf-vp.volumeProvisionerName" . }} + {{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/daemonset.dind-lv-monitor.vp.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/daemonset.dind-lv-monitor.vp.yaml new file mode 100644 index 000000000..6a6beb7ec --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/daemonset.dind-lv-monitor.vp.yaml @@ -0,0 +1,78 @@ +{{- if eq .Values.storage.backend "local" -}} + {{- $localVolumeParentDir := .Values.storage.local.volumeParentDir }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ include "cf-vp.monitorName" . }} + labels: {{- include "cf-vp.monitorLabels" . | nindent 4 }} +spec: + selector: + matchLabels: {{- include "cf-vp.monitorSelectorLabels" . | nindent 6 }} + template: + metadata: + labels: {{- include "cf-vp.monitorLabels" . | nindent 8 }} + annotations: + prometheus_port: "9100" + prometheus_scrape: "true" + spec: + serviceAccountName: {{ include "cf-vp.fullname" . }} + # Debug: + # hostNetwork: true + # nodeSelector: + # kubernetes.io/role: "node" + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + tolerations: + - key: 'codefresh/dind' + operator: 'Exists' + effect: 'NoSchedule' + + {{- if .Values.tolerations }} +{{ toYaml .Values.tolerations | indent 8 }} + {{- end }} + +{{/* {{ toYaml .Values.tolerations | indent 8}}*/}} + containers: + - image: {{ include "cf-vp.docker-image-volume-utils" . }} + name: lv-cleaner +{{/* todo add resources*/}} +{{/* resources: {{ toYaml .Values.storage.localVolumeMonitor | nindent 10 }}*/}} + imagePullPolicy: Always + command: + - /bin/local-volumes-agent + env: + {{/* {{- if .Values.EnvVars }}*/}} + {{/* {{- range $key, $value := .Values.EnvVars }}*/}} + {{/* - name: {{ $key }}*/}} + {{/* value: "{{ $value}}"*/}} + {{/* {{- end}}*/}} + {{/* {{- end}}*/}} + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: VOLUME_PARENT_DIR + value: {{ $localVolumeParentDir }} + # Debug: + # - name: DRY_RUN + # value: "1" + # - name: DEBUG + # value: "1" + # - name: SLEEP_INTERVAL + # value: "3" + # - name: LOG_DF_EVERY + # value: "60" + # - name: KB_USAGE_THRESHOLD + # value: "20" + + volumeMounts: + - mountPath: {{ $localVolumeParentDir }} + readOnly: false + name: dind-volume-dir + volumes: + - name: dind-volume-dir + hostPath: + path: {{ $localVolumeParentDir }} + {{- end -}} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/deployment.dind-volume-provisioner.vp.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/deployment.dind-volume-provisioner.vp.yaml new file mode 100644 index 000000000..ed78a44b6 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/deployment.dind-volume-provisioner.vp.yaml @@ -0,0 +1,122 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "cf-vp.provisionerName" . }} + labels: {{- include "cf-vp.provisionerLabels" . | nindent 4 }} +spec: + selector: + matchLabels: {{- include "cf-vp.provisionerSelectorLabels" . | nindent 6 }} + replicas: 1 + strategy: + type: Recreate + template: + metadata: + labels: {{- include "cf-vp.provisionerLabels" . | nindent 9 }} + spec: + {{/* {{ if .Values.VolumeProvisioner.NodeSelector }}*/}} + {{/* nodeSelector:*/}} + {{/*{{ .Storage.VolumeProvisioner.NodeSelector | nodeSelectorParamToYaml | indent 8 | unescape}}*/}} + {{/* {{ end }}*/}} + serviceAccountName: {{ include "cf-vp.fullname" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: "Exists" + + {{- if .Values.tolerations }} +{{ toYaml .Values.tolerations | indent 8 }} + {{- end }} + {{/* {{ toYaml .Values.tolerations | indent 8 | unescape}}*/}} + + containers: + - name: dind-volume-provisioner + {{/* resources: {{ toYaml .Values.volumeProvisioner.resources | nindent 10 }}*/}} + image: {{ .Values.volumeProvisioner.image }} + imagePullPolicy: Always + command: + - /usr/local/bin/dind-volume-provisioner + - -v=4 + - --resync-period=50s + env: + {{/* {{- if $.EnvVars }}*/}} + {{/* {{- range $key, $value := $.EnvVars }}*/}} + {{/* - name: {{ $key }}*/}} + {{/* value: "{{ $value}}"*/}} + {{/* {{- end}}*/}} + {{/* {{- end}}*/}} + - name: PROVISIONER_NAME + value: {{ include "cf-vp.volumeProvisionerName" . }} + + {{- if ne .Values.dockerRegistry "" }} + - name: DOCKER_REGISTRY + value: {{ .Values.dockerRegistry }} + {{- end }} + {{- if .Values.volumeProvisioner.createDindVolDirResouces.limits }} + {{- if .Values.volumeProvisioner.createDindVolDirResouces.limits.cpu }} + - name: CREATE_DIND_LIMIT_CPU + value: {{ .Values.volumeProvisioner.createDindVolDirResouces.limits.cpu }} + {{- end }} + {{- if .Values.volumeProvisioner.createDindVolDirResouces.limits.memory }} + - name: CREATE_DIND_LIMIT_MEMORY + value: {{ .Values.volumeProvisioner.createDindVolDirResouces.limits.memory }} + {{- end }} + {{- end }} + {{- if .Values.volumeProvisioner.createDindVolDirResouces.requests }} + {{- if .Values.volumeProvisioner.createDindVolDirResouces.requests.cpu }} + - name: CREATE_DIND_REQUESTS_CPU + value: {{ .Values.volumeProvisioner.createDindVolDirResouces.requests.cpu }} + {{- end }} + {{- if .Values.volumeProvisioner.createDindVolDirResouces.requests.memory }} + - name: CREATE_DIND_REQUESTS_MEMORY + value: {{ .Values.volumeProvisioner.createDindVolDirResouces.requests.memory }} + {{- end }} + {{- end }} + {{- if .Values.storage.ebs.accessKeyId }} + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: dind-volume-provisioner + key: aws_access_key_id + {{- end }} + {{- if .Values.storage.ebs.secretAccessKey }} + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: dind-volume-provisioner + key: aws_secret_access_key + {{- end }} + {{- if .Values.storage.gce.serviceAccountJson }} + - name: GOOGLE_APPLICATION_CREDENTIALS + value: /etc/dind-volume-provisioner/credentials/google-service-account.json + {{- end }} + {{- if .Values.volumeProvisioner.mountAzureJson }} + - name: AZURE_CREDENTIAL_FILE + value: "/etc/kubernetes/azure.json" + {{- end }} + volumeMounts: + {{- if .Values.volumeProvisioner.mountAzureJson }} + - name: azure-json + readOnly: true + mountPath: "/etc/kubernetes/azure.json" + {{- end }} + {{- if .Values.storage.gce.serviceAccountJson }} + - name: credentials + readOnly: true + mountPath: "/etc/dind-volume-provisioner/credentials" + {{- end }} + volumes: + {{- if .Values.volumeProvisioner.mountAzureJson }} + - name: azure-json + hostPath: + path: /etc/kubernetes/azure.json + type: File + {{- end }} + {{- if .Values.storage.gce.serviceAccountJson }} + - name: credentials + secret: + secretName: dind-volume-provisioner + {{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/secret.dind-volume-provisioner.vp.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/secret.dind-volume-provisioner.vp.yaml new file mode 100644 index 000000000..e8d922e55 --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/secret.dind-volume-provisioner.vp.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: dind-volume-provisioner + labels: + app: dind-volume-provisioner +data: + {{- if .Values.storage.gce.serviceAccountJson }} + google-service-account.json: {{ .Values.storage.gce.serviceAccountJson | b64enc }} + {{- end }} + {{- if .Values.storage.ebs.accessKeyId }} + aws_access_key_id: {{ .Values.storage.ebs.accessKeyId | b64enc }} + {{- end }} + {{- if .Values.storage.ebs.secretAccessKey }} + aws_secret_access_key: {{ .Values.storage.ebs.secretAccessKey | b64enc }} + {{- end }} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/service-account.dind-volume-provisioner.vp.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/service-account.dind-volume-provisioner.vp.yaml new file mode 100644 index 000000000..034e38d4e --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/service-account.dind-volume-provisioner.vp.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "cf-vp.fullname" . }} + labels: {{- include "cf-vp.provisionerLabels" . | nindent 4 }} + annotations: +{{- if .Values.volumeProvisioner.serviceAccount }} + {{- range $key, $value := .Values.volumeProvisioner.serviceAccount.annotations }} + {{ $key }}: {{ $value }} + {{- end}} +{{- end}} diff --git a/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/storageclass.dind-volume-provisioner.vp.yaml b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/storageclass.dind-volume-provisioner.vp.yaml new file mode 100644 index 000000000..828e264dd --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/templates/volume-provisioner/storageclass.dind-volume-provisioner.vp.yaml @@ -0,0 +1,63 @@ +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + {{/* has to be exactly that */}} + name: dind-local-volumes-runner-{{.Values.global.namespace}} + labels: + app: dind-volume-provisioner + {{/* annotations:*/}} + {{/* {{ range $key, $value := .Values.Storage.Annotations }}*/}} + {{/* {{ $key }}: {{ $value }}*/}} + {{/* {{ end }}*/}} +provisioner: {{ include "cf-vp.volumeProvisionerName" . }} +parameters: + {{- if eq .Values.storage.backend "local" }} + + volumeBackend: local + volumeParentDir: {{ .Values.storage.local.volumeParentDir }} + + {{- else if eq .Values.storage.backend "gcedisk" }} + + volumeBackend: {{ .Values.storage.backend }} + # pd-ssd or pd-standard + type: {{ .Values.storage.gce.volumeType | default "pd-ssd" }} + # Valid zone in GCP + zone: {{ .Values.storage.gce.availabilityZone }} + # ext4 or xfs (default to ext4 because xfs is not installed on GKE by default ) + fsType: {{ .Values.storage.fsType | default "ext4" }} + + {{- else if or (eq .Values.storage.backend "ebs") (eq .Values.storage.backend "ebs-csi")}} + # ebs or ebs-csi + volumeBackend: {{ .Values.storage.backend }} + # gp2 or io1 + VolumeType: {{ .Values.storage.ebs.volumeType | default "gp2" }} + # Valid zone in aws (us-east-1c, ...) + AvailabilityZone: {{ .Values.storage.ebs.availabilityZone }} + # ext4 or xfs (default to ext4 ) + fsType: {{ .Values.storage.fsType | default "ext4" }} + + # "true" or "false" (default - "false") + encrypted: "{{ .Values.storage.ebs.encrypted | default "false" }}" + {{ if .Values.storage.ebs.kmsKeyId }} + kmsKeyId: {{ .Values.storage.ebs.kmsKeyId }} + {{- end }} + + {{- else if or (eq .Values.storage.backend "azuredisk") (eq .Values.storage.backend "azuredisk-csi")}} + volumeBackend: {{ .Values.storage.backend }} + kind: managed + skuName: {{ .Values.storage.azure.skuName | default "Premium_LRS" }} + fsType: {{ .Values.storage.fsType | default "ext4" }} + cachingMode: {{ .Values.storage.azure.cachingMode | default "None" }} + + {{- if .Values.storage.azure.location }} + location: {{ .Values.storage.azure.location }} + {{- end }} + {{/* azure location */}} + + {{- if .Values.storage.azure.resourceGroup }} + resourceGroup: {{ .Values.storage.azure.resourceGroup }} + {{- end }} + {{/* azure resource group*/}} + + {{- end }} + {{/* if azuredisk*/}} \ No newline at end of file diff --git a/charts/codefresh/cf-runtime/0.1.401/values.yaml b/charts/codefresh/cf-runtime/0.1.401/values.yaml new file mode 100644 index 000000000..87dc3134b --- /dev/null +++ b/charts/codefresh/cf-runtime/0.1.401/values.yaml @@ -0,0 +1,108 @@ +appProxy: + enabled: false + image: "quay.io/codefresh/cf-app-proxy:latest" + env: { } + ingress: + pathPrefix: "" + class: "" + host: "" + tlsSecret: "" + annotations: { } + +newRelicLicense: "" +dockerRegistry: "" + +monitor: + image: "quay.io/codefresh/agent:stable" + clusterId: "" + enabled: false + helm3: false + token: "" + env: { } + +re: { } + # Optionally add an AWS IAM role to your pipelines + # More info: https://codefresh.io/docs/docs/administration/codefresh-runner/#injecting-aws-arn-roles-into-the-cluster + # serviceAccount: + # annotations: # will be set on codefresh-engine service account + # foo: bar + # eks.amazonaws.com/role-arn: "arn:aws:iam:::role/" + +venona: + image: "quay.io/codefresh/venona:1.6.7" + +volumeProvisioner: + resources: + image: "quay.io/codefresh/dind-volume-provisioner:1.31.1" + mountAzureJson: "" + # serviceAccount: + # annotations: # will be set on VolumeProvisioner service account + # foo: bar + # eks.amazonaws.com/role-arn: "arn:aws:iam:::role/" + createDindVolDirResouces: + requests: + cpu: + memory: + limits: + cpu: + memory: +#todo add envvars + +storage: + backend: local # local/ebs/gce/azure + + local: + volumeParentDir: /var/lib/codefresh/dind-volumes + + gce: + volumeType: "" + availabilityZone: "" + serviceAccountJson: "" + + ebs: + volumeType: "" # gp2/gp3/io1 + availabilityZone: "" # us-east-1c + encrypted: "" # true/false + kmsKeyId: "" + accessKeyId: "" + secretAccessKey: "" + + azure: + resourceGroup: "" + location: "" + cachingMode: "" + skuName: "" + + fsType: "ext4" + + # resources: + # limits: + # cpu: 400m + # memory: 1200Mi + # requests: + # cpu: 200m + # memory: 500Mi + +###NodeSelector --kube-node-selector: controls runner(vp-venona), dind-volume-provisioner(vp-provisioner), vp-monitor pods +#nodeSelector: {"kubernetes.io/arch": "amd64", "failure-domain.beta.kubernetes.io/zone": "us-east-1c"} + +### Tolerations --tolerations: controls runner(vp-venona), dind-volume-provisioner(vp-provisioner), vp-monitor pods +# tolerations: +# - key: +# operator: Equal +# value: +# effect: NoSchedule + +global: + namespace: "" + codefreshHost: "" + agentToken: "" + agentId: "" + agentName: "" + accountId: "" + runtimeName: "" + keys: + key: "" + csr: "" + ca: "" + serverCert: "" diff --git a/index.yaml b/index.yaml index 2b892cb15..6995eedf1 100755 --- a/index.yaml +++ b/index.yaml @@ -315,6 +315,23 @@ entries: urls: - assets/softiron/ceph-csi-rbd-1.3.1.tgz version: 1.3.1 + cf-runtime: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Codefresh + catalog.cattle.io/release-name: cf-runner + apiVersion: v2 + appVersion: 1.16.0 + created: "2021-12-20T11:22:45.441119-05:00" + description: Codefresh Runner + digest: 84a4c997ca28ace33b1e140c07b1b210d1dba5e321353ab63b33a918aa947b11 + icon: https://partner-charts.rancher.io/assets/logos/codefresh.jpg + kubeVersion: 1.18 - 1.21 + name: cf-runtime + type: application + urls: + - assets/codefresh/cf-runtime-0.1.401.tgz + version: 0.1.401 citrix-adc-istio-ingress-gateway: - annotations: catalog.cattle.io/certified: partner diff --git a/packages/codefresh/generated-changes/patch/Chart.yaml.patch b/packages/codefresh/generated-changes/patch/Chart.yaml.patch new file mode 100644 index 000000000..0476e31d9 --- /dev/null +++ b/packages/codefresh/generated-changes/patch/Chart.yaml.patch @@ -0,0 +1,21 @@ +--- charts-original/Chart.yaml ++++ charts/Chart.yaml +@@ -1,6 +1,11 @@ + apiVersion: v2 ++kubeVersion: 1.18 - 1.21 + name: cf-runtime +-description: A Helm chart for Kubernetes ++description: Codefresh Runner ++annotations: ++ catalog.cattle.io/certified: partner # Enables the "partner" badge in the UI for easier identification ++ catalog.cattle.io/release-name: cf-runner # Your chart's name in kebab-case, this is used for deployment ++ catalog.cattle.io/display-name: Codefresh # The chart's name you want displayed in the UI + + # A chart can be either an 'application' or a 'library' chart. + # +@@ -22,3 +27,5 @@ + # follow Semantic Versioning. They should reflect the version the application is using. + # It is recommended to use it with quotes. + appVersion: "1.16.0" ++ ++icon: https://partner-charts.rancher.io/assets/logos/codefresh.jpg diff --git a/packages/codefresh/generated-changes/patch/README.md.patch b/packages/codefresh/generated-changes/patch/README.md.patch new file mode 100644 index 000000000..02a585a6b --- /dev/null +++ b/packages/codefresh/generated-changes/patch/README.md.patch @@ -0,0 +1,42 @@ +--- charts-original/README.md ++++ charts/README.md +@@ -2,7 +2,8 @@ + To install the [Codefresh Runner](https://codefresh.io/docs/docs/administration/codefresh-runner/) using helm you need to follow these steps: + + 1. Download the Codefresh CLI and authenticate it with your Codefresh account. Click [here](https://codefresh-io.github.io/cli/getting-started/) for more detailed instructions. +-2. Run the following command to create all of the necessary enitites in Codefresh: ++2. Install [yq](https://github.com/mikefarah/yq) ++3. Run the following command on your local machine to create all of the necessary enitites in Codefresh: + + ``` + codefresh runner init --generate-helm-values-file +@@ -10,14 +11,18 @@ + + * This will not install anything on your cluster, except for running cluster acceptance tests, which may be skipped using the `--skip-cluster-test` option). + * This command will also generate a `generated_values.yaml` file in your current directory, which you will need to provide to the `helm install` command later. +-3. Now run the following to complete the installation: +- +- ``` +- helm repo add cf-runtime https://h.cfcr.io/codefresh-inc/runtime +- +- helm install cf-runtime cf-runtime/cf-runtime -f ./generated_values.yaml --create-namespace --namespace codefresh +- ``` +-4. At this point you should have a working Codefresh Runner. You can verify the installation by running: +- ``` +- codefresh runner execute-test-pipeline --runtime-name +- ``` ++4. Download the default `values.yaml` file in the same path as the `generated_values.yaml` file. ++ ``` ++ curl -L https://raw.githubusercontent.com/codefresh-io/venona/release-1.0/charts/cf-runtime/values.yaml > values.yaml ++ ``` ++5. Convert `generated_values.yaml` to yaml. ++ ``` ++ yq eval -P generated_values.yaml > generated_values_converted.yaml ++ ``` ++6. [Merge](https://mikefarah.gitbook.io/yq/operators/reduce#merge-all-yaml-files-together) the two files together using `yq` ++ > **Note:** The order of the files being merged together is important. Please make sure the generated values file is in second place. ++ ``` ++ yq eval-all '. as $item ireduce ({}; . * $item)' values.yaml generated_values_converted.yaml > merged-values.yaml ++ ``` ++7. Select a namespace to install to. If it's a new namespace it will need to be created before using the wizard (e.g. a `codefresh` namespace). Click next. ++8. On the following screen: Select all text and replace with the newly created `merged-values.yaml` file and click on **Install**. diff --git a/packages/codefresh/package.yaml b/packages/codefresh/package.yaml new file mode 100644 index 000000000..7624227ab --- /dev/null +++ b/packages/codefresh/package.yaml @@ -0,0 +1,4 @@ +url: https://github.com/codefresh-io/venona.git +subdirectory: charts/cf-runtime +commit: 6f3e712ffc6ff56c3c283e02a07c188f4e41d2fe +packageVersion: 1