diff options
Diffstat (limited to 'kubernetes/dcaegen2-services/common')
| -rw-r--r-- | kubernetes/dcaegen2-services/common/Makefile | 22 | ||||
| -rw-r--r-- | kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl | 104 |
2 files changed, 120 insertions, 6 deletions
diff --git a/kubernetes/dcaegen2-services/common/Makefile b/kubernetes/dcaegen2-services/common/Makefile index bf267b7720..db8704c2ca 100644 --- a/kubernetes/dcaegen2-services/common/Makefile +++ b/kubernetes/dcaegen2-services/common/Makefile @@ -1,4 +1,5 @@ # Copyright © 2020 Samsung Electronics +# Copyright (c) 2021 AT&T. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,13 +18,22 @@ OUTPUT_DIR := $(ROOT_DIR)/../../dist PACKAGE_DIR := $(OUTPUT_DIR)/packages SECRET_DIR := $(OUTPUT_DIR)/secrets +HELM_REPO := local + EXCLUDES := HELM_BIN := helm +# Helm v2 and helm v3 uses different version format so we first try in helm v3 format +# and if it fails then we fallback to helm v2 one +HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}" 2>/dev/null) +ifneq "$(findstring v3,$(HELM_VER))" "v3" + HELM_VER := $(shell $(HELM_BIN) version -c --template "{{.Client.SemVer}}") +endif + HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) .PHONY: $(EXCLUDES) $(HELM_CHARTS) -all: $(HELM_CHARTS) +all: $(HELM_CHARTS) helm-repo-update $(HELM_CHARTS): @echo "\n[$@]" @@ -40,12 +50,18 @@ lint-%: dep-% package-%: lint-% @mkdir -p $(PACKAGE_DIR) - @if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi - @$(HELM_BIN) repo index $(PACKAGE_DIR) + @if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME $(HELM_REPO); fi + @sleep 3 clean: @rm -f */requirements.lock @rm -f *tgz */charts/*tgz @rm -rf $(PACKAGE_DIR) + +helm-repo-update: +ifeq "$(findstring v3,$(HELM_VER))" "v3" + @$(HELM_BIN) repo update +endif + %: @: diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index 10a63ebbcf..328a4c625f 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -69,6 +69,83 @@ the the literal string "An example value". {{- end }} {{- end -}} {{/* +For internal use only! + +dcaegen2-services-common._externalVolumes: +This template generates a list of volumes associated with the pod, +based on information provided in .Values.externalVolumes. This +template works in conjunction with dcaegen2-services-common._externalVolumeMounts +to give the microservice access to data in volumes created else. +This initial implementation supports ConfigMaps only, as this is the only +external volume mounting required by current microservices. + +.Values.externalValues is a list of objects. Each object has 3 required fields and 1 optional field: + - name: the name of the resource (in the current implementation, it must be a ConfigMap) + that is to be set up as a volume. The value is a case sensitive string. Because the + names of resources are sometimes set at deployment time (for instance, to prefix the Helm + release to the name), the string can be a Helm template fragment that will be expanded at + deployment time. + - type: the type of the resource (in the current implementation, only "ConfigMap" is supported). + The value is a case-INsensitive string. + - mountPoint: the path to the mount point for the volume in the container file system. The + value is a case-sensitive string. + - readOnly: (Optional) Boolean flag. Set to true to mount the volume as read-only. + Defaults to false. + +Here is an example fragment from a values.yaml file for a microservice: + +externalVolumes: + - name: my-example-configmap + type: configmap + mountPath: /opt/app/config + - name: '{{ include "common.release" . }}-another-example' + type: configmap + mountPath: /opt/app/otherconfig +*/}} +{{- define "dcaegen2-services-common._externalVolumes" -}} + {{- $global := . -}} + {{- if .Values.externalVolumes }} + {{- range $vol := .Values.externalVolumes }} + {{- if eq (lower $vol.type) "configmap" }} + {{- $vname := (tpl $vol.name $global) }} +- configMap: + defaultMode: 420 + name: {{ $vname }} + name: {{ $vname }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} +{{/* +For internal use only! + +dcaegen2-services-common._externalVolumeMounts: +This template generates a list of volume mounts for the microservice container, +based on information provided in .Values.externalVolumes. This +template works in conjunction with dcaegen2-services-common._externalVolumes +to give the microservice access to data in volumes created else. +This initial implementation supports ConfigMaps only, as this is the only +external volume mounting required by current microservices. + +See the documentation for dcaegen2-services-common._externalVolumes for +details on how external volumes are specified in the values.yaml file for +the microservice. +*/}} +{{- define "dcaegen2-services-common._externalVolumeMounts" -}} + {{- $global := . -}} + {{- if .Values.externalVolumes }} + {{- range $vol := .Values.externalVolumes }} + {{- if eq (lower $vol.type) "configmap" }} + {{- $vname := (tpl $vol.name $global) -}} + {{- $readOnly := $vol.readOnly | default false }} +- mountPath: {{ $vol.mountPath }} + name: {{ $vname }} + readOnly: {{ $readOnly }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} +{{/* dcaegen2-services-common.microserviceDeployment: This template produces a Kubernetes Deployment for a DCAE microservice. @@ -197,6 +274,10 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }} env: + {{- range $cred := .Values.credentials }} + - name: {{ $cred.name }} + {{- include "common.secret.envFromSecretFast" (dict "global" $ "uid" $cred.uid "key" $cred.key) | indent 10 }} + {{- end }} {{- if $certDir }} - name: DCAE_CA_CERTPATH value: {{ $certDir }}/cacert.pem @@ -240,6 +321,8 @@ spec: volumeMounts: - mountPath: /app-config name: app-config + - mountPath: /app-config-input + name: app-config-input {{- if $logDir }} - mountPath: {{ $logDir}} name: component-log @@ -247,7 +330,7 @@ spec: {{- if $certDir }} - mountPath: {{ $certDir }} name: tls-info - {{- if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}} + {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} {{- include "common.certManager.volumeMountsReadOnly" . | nindent 8 -}} {{- end -}} {{- end }} @@ -255,6 +338,7 @@ spec: - name: policy-shared mountPath: /etc/policies {{- end }} + {{- include "dcaegen2-services-common._externalVolumeMounts" . | nindent 8 }} {{- if $logDir }} - image: {{ include "repositoryGenerator.image.logging" . }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -344,7 +428,7 @@ spec: {{- if $certDir }} - emptyDir: {} name: tls-info - {{ if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}} + {{ if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} {{ include "common.certManager.volumesReadOnly" . | nindent 6 }} {{- end }} {{- end }} @@ -352,6 +436,7 @@ spec: - name: policy-shared emptyDir: {} {{- end }} + {{- include "dcaegen2-services-common._externalVolumes" . | nindent 6 }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" {{ end -}} @@ -364,7 +449,7 @@ spec: */}} {{- define "dcaegen2-services-common._certPostProcessor" -}} {{- $certDir := default "" .Values.certDirectory . -}} - {{- if and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}} + {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} {{- $cmpv2Certificate := (index .Values.certificates 0) -}} {{- $cmpv2CertificateDir := $cmpv2Certificate.mountPath -}} {{- $certType := "pem" -}} @@ -401,3 +486,16 @@ spec: value: {{ $keystoreDestinationPaths | quote }} {{- end }} {{- end -}} + +{{/* + Template returns string "true" if CMPv2 certificates should be used and nothing (so it can be used in with statements) + when they shouldn't. Example use: + {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}} + +*/}} +{{- define "dcaegen2-services-common.shouldUseCmpv2Certificates" -}} + {{- $certDir := default "" .Values.certDirectory . -}} + {{- if (and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.useCmpv2Certificates) -}} + true + {{- end -}} +{{- end -}} |