From 2696d1fae6f98db9a9f727da168d4c0cc53eb93a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BD=D0=B4=D1=80=D0=B5=D0=B9=20=D0=A0=D0=B5=D0=B3?= =?UTF-8?q?=D0=B5=D0=BD=D1=82=D0=BE=D0=B2?= Date: Tue, 28 Sep 2021 12:20:24 +0700 Subject: [PATCH 1/2] god-template divided => maintainability boosted --- moon/templates/configMap-config.yaml | 142 ++++++ moon/templates/configMap-quota.yaml | 20 + moon/templates/deployment.yaml | 237 ++++++++++ moon/templates/ingress.yaml | 34 ++ moon/templates/moon.yaml | 571 ------------------------- moon/templates/role.yaml | 37 ++ moon/templates/roleBinding.yaml | 14 + moon/templates/secret-credentials.yaml | 10 + moon/templates/secret-license.yaml | 8 + moon/templates/secret-users.yaml | 8 + moon/templates/service-browsers.yaml | 11 + moon/templates/service-moon.yaml | 38 ++ moon/templates/serviceAccount.yaml | 12 + 13 files changed, 571 insertions(+), 571 deletions(-) create mode 100644 moon/templates/configMap-config.yaml create mode 100644 moon/templates/configMap-quota.yaml create mode 100644 moon/templates/deployment.yaml create mode 100644 moon/templates/ingress.yaml delete mode 100644 moon/templates/moon.yaml create mode 100644 moon/templates/role.yaml create mode 100644 moon/templates/roleBinding.yaml create mode 100644 moon/templates/secret-credentials.yaml create mode 100644 moon/templates/secret-license.yaml create mode 100644 moon/templates/secret-users.yaml create mode 100644 moon/templates/service-browsers.yaml create mode 100644 moon/templates/service-moon.yaml create mode 100644 moon/templates/serviceAccount.yaml diff --git a/moon/templates/configMap-config.yaml b/moon/templates/configMap-config.yaml new file mode 100644 index 0000000..decbf19 --- /dev/null +++ b/moon/templates/configMap-config.yaml @@ -0,0 +1,142 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-config + namespace: {{ .Release.Namespace }} +data: + service.json: | + { {{ $comma := false }} + {{- if .Values.moon.browser }} + {{- if .Values.moon.browser.annotations }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "annotations": {{ .Values.moon.browser.annotations | toJson }} + {{- end }} + {{- end }} + {{- if .Values.moon.browser }} + {{- if .Values.moon.browser.labels }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "labels": {{ .Values.moon.browser.labels | toJson }} + {{- end }} + {{- end }} + {{- if .Values.moon.browser }} + {{- if .Values.moon.browser.nodeSelector }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "nodeSelector": {{ .Values.moon.browser.nodeSelector | toJson }} + {{- end }} + {{- end }} + {{- if .Values.moon.config }} + {{- if .Values.moon.config.kernelCaps }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "kernelCaps": {{ .Values.moon.config.kernelCaps | toJson }} + {{- end }} + {{- end }} + {{- if .Values.moon.config.s3 }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "s3": { + {{- if true }} + {{- $comma := false }} + {{- if .Values.moon.config.s3.endpoint }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "endpoint": {{ .Values.moon.config.s3.endpoint | quote }} + {{- end }} + {{- if .Values.moon.config.s3.bucketName }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "bucketName": {{ .Values.moon.config.s3.bucketName | quote }} + {{- end }} + {{- if .Values.moon.config.s3.version }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "version": {{ .Values.moon.config.s3.version | quote }} + {{- end }} + {{- if .Values.moon.config.s3.keyPattern }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "keyPattern": {{ .Values.moon.config.s3.keyPattern | quote }} + {{- end }} + {{- end }} + } + {{- end }} + {{- if .Values.moon.config.images }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "images": { + {{- if true }} + {{- $comma := false }} + {{- range $k,$v := .Values.moon.config.images }} + {{- if $comma }},{{ end }} + {{ $k | quote }}: { + {{- $comma = true }} + {{- if true }} + {{- $comma := false }} + {{- if $v.image }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "image": {{ $v.image | quote }} + {{- end }} + {{- if $v.resources }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "resources": { + {{- if true }} + {{- $comma := false }} + {{- if $v.resources.limits }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "limits": {{ $v.resources.limits | toJson }} + {{- end }} + {{- if $v.resources.requests }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "requests": {{ $v.resources.requests | toJson }} + {{- end }} + {{- end }} + } + {{- end }} + {{- end }} + } + {{- end }} + {{- end }} + } + {{- end }} + {{- if .Values.moon.config.runAs }} + {{- if .Values.moon.config.runAs }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "runAs": { + {{- if true }} + {{- $comma := false }} + {{- if .Values.moon.config.runAs }} + {{- if .Values.moon.config.runAs.user }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "user": {{ .Values.moon.config.runAs.user }} + {{- end }} + {{- if .Values.moon.config.runAs.group }} + {{- if $comma }},{{ end }} + {{- $comma = true }} + "group": {{ .Values.moon.config.runAs.group }} + {{- end }} + {{- end }} + {{- end }} + } + {{- end }} + {{- end }} + } + {{- if or .Values.moon.mobileDevices .Values.moon.customMobileDevices }} + devices.json: | + {{- if .Values.moon.customMobileDevices }} + {{ .Values.moon.customMobileDevices | toJson }} + {{- else }} + {{- if .Values.moon.mobileDevices }} + {{ .Values.moon.mobileDevices | toJson }} + {{- end }} + {{- end }} + {{- end }} diff --git a/moon/templates/configMap-quota.yaml b/moon/templates/configMap-quota.yaml new file mode 100644 index 0000000..c265f8a --- /dev/null +++ b/moon/templates/configMap-quota.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-quota + namespace: {{ .Release.Namespace }} +data: +{{- if .Values.moon.customQuota }} +{{- range $k,$v := .Values.moon.customQuota }} + {{ $k }}.json: | + {{ $v | toJson }} +{{- end }} +{{- else }} +{{- if .Values.moon.quota }} +{{- range $k,$v := .Values.moon.quota }} + {{ $k }}.json: | + {{ $v | toJson }} +{{- end }} +{{- end }} +{{- end }} diff --git a/moon/templates/deployment.yaml b/moon/templates/deployment.yaml new file mode 100644 index 0000000..26ca77d --- /dev/null +++ b/moon/templates/deployment.yaml @@ -0,0 +1,237 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} +spec: + replicas: {{ .Values.moon.replicas | default 2 }} + selector: + matchLabels: + app: moon + template: + metadata: + labels: + app: moon + spec: + {{- with .Values.moon.securityContext }} + securityContext: + {{ toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.moon.nodeSelector }} + nodeSelector: + {{- range $key, $value := .Values.moon.nodeSelector }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- with .Values.moon.affinity }} + affinity: + {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.moon.tolerations }} + tolerations: + {{ toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ .Release.Name }} + containers: + - name: moon + {{- if .Values.moon.image }} + image: {{ .Values.moon.image }} + {{- else }} + image: aerokube/moon:{{ .Chart.AppVersion }} + {{- end }} + args: + - -namespace + - {{ .Release.Namespace }} + - -license-file + - /license/license.key + - -service-account-name + - {{ .Release.Name }} + - -moon-url + - http://{{ .Release.Name }}:4444/wd/hub + - -domain-name + - {{ .Release.Name }}-browsers + {{- if .Values.moon.guestUser }} + - -guest-user + - {{ .Values.moon.guestUser }} + {{- end }} + {{- if .Values.moon.repository }} + {{- if .Values.moon.repository.chromeDevtools }} + - -chrome-devtools-repository + - {{ .Values.moon.repository.chromeDevtools }} + {{- end }} + {{- if .Values.moon.repository.cypress }} + - -cypress-repository + - {{ .Values.moon.repository.cypress }} + {{- end }} + {{- if .Values.moon.repository.playwright }} + - -playwright-repository + - {{ .Values.moon.repository.playwright }} + {{- end }} + {{- end }} + {{- if .Values.moon.timeouts }} + {{- if .Values.moon.timeouts.sessionTimeout }} + - -timeout + - {{ .Values.moon.timeouts.sessionTimeout }} + {{- end }} + {{- if .Values.moon.timeouts.sessionAttemptTimeout }} + - -session-attempt-timeout + - {{ .Values.moon.timeouts.sessionAttemptTimeout }} + {{- end }} + {{- end }} + {{- if .Values.moon.enabled.resources }} + {{- if .Values.moon.browser }} + {{- if .Values.moon.browser.resources }} + {{- if .Values.moon.browser.resources.cpu }} + {{- if .Values.moon.browser.resources.cpu.limits }} + - -cpu-limit + - {{ .Values.moon.browser.resources.cpu.limits | quote }} + {{- end }} + {{- if .Values.moon.browser.resources.cpu.requests }} + - -cpu-request + - {{ .Values.moon.browser.resources.cpu.requests | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- else }} + - -disable-cpu-limits + {{- end }} + {{- if .Values.moon.enabled.resources }} + {{- if .Values.moon.browser }} + {{- if .Values.moon.browser.resources }} + {{- if .Values.moon.browser.resources.memory }} + {{- if .Values.moon.browser.resources.memory.limits }} + - -memory-limit + - {{ .Values.moon.browser.resources.memory.limits | quote }} + {{- end }} + {{- if .Values.moon.browser.resources.memory.requests }} + - -memory-request + - {{ .Values.moon.browser.resources.memory.requests | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- else }} + - -disable-memory-limits + {{- end }} + {{- if .Values.moon.enabled.resources }} + {{- if .Values.moon.resources }} + resources: +{{ toYaml .Values.moon.resources | indent 10 }} + {{- end }} + {{- end }} + ports: + - containerPort: 4444 + volumeMounts: + - name: quota + mountPath: /quota + readOnly: true + - name: config + mountPath: /config + readOnly: true + - name: credentials + mountPath: /credentials + readOnly: true + - name: users + mountPath: /users + readOnly: true + - name: license-key + mountPath: /license + readOnly: true + - name: moon-api + {{- if and .Values.moon.api .Values.moon.api.image }} + image: {{ .Values.moon.api.image }} + {{- else }} + image: aerokube/moon-api:{{ .Chart.AppVersion }} + {{- end }} + args: + - -namespace + - {{ .Release.Namespace }} + - -license-file + - /license/license.key + - -listen + - ":8888" + - -domain-name + - {{ .Release.Name }}-browsers + {{- if and .Values.moon.api .Values.moon.api.guestUser }} + - -guest-user + - {{ .Values.moon.api.guestUser }} + {{- end }} + {{- if .Values.moon.enabled.resources }} + {{- if .Values.moon.api }} + {{- if .Values.moon.api.resources }} + resources: +{{ toYaml .Values.moon.api.resources | indent 10 }} + {{- end }} + {{- end }} + {{- end }} + ports: + - containerPort: 8888 + volumeMounts: + - name: quota + mountPath: /quota + readOnly: true + - name: license-key + mountPath: /license + readOnly: true + - name: moon-ui + {{- if and .Values.moon.ui .Values.moon.ui.image }} + image: {{ .Values.moon.ui.image }} + {{- else }} + image: aerokube/selenoid-ui:1.10.3 + {{- end }} + args: + - -status-uri + - http://localhost:8888 + - -webdriver-uri + - http://localhost:4444 + {{- if .Values.moon.ui }} + {{- if .Values.moon.ui.auth }} + {{- if .Values.moon.ui.auth.enabled }} + - -users + - /users/users.htpasswd + {{- end }} + {{- end }} + {{- if .Values.moon.ui.externalAccess }} + - -allowed-origin + - "*" + {{- end }} + {{- end }} + {{- if .Values.moon.enabled.resources }} + {{- if .Values.moon.ui }} + {{- if .Values.moon.ui.resources }} + resources: +{{ toYaml .Values.moon.ui.resources | indent 10 }} + {{- end }} + {{- end }} + {{- end }} + ports: + - name: moon-ui + containerPort: 8080 + {{- if .Values.moon.ui }} + {{- if .Values.moon.ui.auth }} + {{- if .Values.moon.ui.auth.enabled }} + volumeMounts: + - name: users + mountPath: /users + readOnly: true + {{- end }} + {{- end }} + {{- end }} + volumes: + - name: quota + configMap: + name: {{ .Release.Name }}-quota + - name: config + configMap: + name: {{ .Release.Name }}-config + - name: credentials + secret: + secretName: credentials + - name: users + secret: + secretName: {{ .Release.Name }}-users + - name: license-key + secret: + secretName: licensekey diff --git a/moon/templates/ingress.yaml b/moon/templates/ingress.yaml new file mode 100644 index 0000000..17aa32a --- /dev/null +++ b/moon/templates/ingress.yaml @@ -0,0 +1,34 @@ +--- +{{- if .Values.moon.ingress }} +{{- if .Values.moon.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + {{- range $key, $value := .Values.moon.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} +spec: + ingressClassName: {{ .Values.moon.ingress.ingressClassName }} +{{- if .Values.moon.ingress.tls }} + tls: +{{ toYaml .Values.moon.ingress.tls | nindent 4 }} +{{- end }} + rules: + - host: {{ .Values.moon.ingress.host }} + http: + paths: + {{- $releaseName := .Release.Name }} + {{- range $v := .Values.moon.ingress.paths }} + - path: {{ $v.path | quote }} + pathType: Prefix + backend: + service: + name: {{ $releaseName }} + port: + number: {{ $v.port }} + {{- end }} +{{- end }} +{{- end }} diff --git a/moon/templates/moon.yaml b/moon/templates/moon.yaml deleted file mode 100644 index 5ec2a88..0000000 --- a/moon/templates/moon.yaml +++ /dev/null @@ -1,571 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Release.Name }} - namespace: {{ .Release.Namespace }} - {{- if and .Values.moon.serviceaccount .Values.moon.serviceaccount.annotations }} - annotations: - {{- range $key, $value := .Values.moon.serviceaccount.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - namespace: {{ .Release.Namespace }} - name: {{ .Release.Name }} -rules: -- apiGroups: - - "" - resources: - - pods - - pods/log - - configmaps - - secrets - - resourcequotas - verbs: - - get - - watch - - list - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - resourcequotas - verbs: - - get - - watch - - list -{{- if .Values.moon.resourcequotacontrol }} - - create - - update - - patch - - delete -{{- end }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ .Release.Name }} - namespace: {{ .Release.Namespace }} -roleRef: - kind: Role - name: {{ .Release.Name }} - apiGroup: rbac.authorization.k8s.io -subjects: -- kind: ServiceAccount - namespace: {{ .Release.Namespace }} - name: {{ .Release.Name }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Release.Name }} - namespace: {{ .Release.Namespace }} - {{- if .Values.moon.service.labels }} - labels: - {{- range $key, $value := .Values.moon.service.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- if .Values.moon.service.annotations }} - annotations: - {{- range $key, $value := .Values.moon.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - selector: - app: moon - ports: - - name: "moon" - protocol: TCP - port: 4444 - - name: "moon-ui" - protocol: TCP - port: 8080 - type: {{ .Values.moon.service.type }} - {{- if .Values.moon.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.moon.service.loadBalancerIP }} - {{- end }} - {{- with .Values.moon.service.externalIPs }} - externalIPs: - {{- range . }} - - {{ . }} - {{- end }} - {{- end }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Release.Name }}-browsers - namespace: {{ .Release.Namespace }} -spec: - selector: - moon: browser - clusterIP: None - publishNotReadyAddresses: true ---- -{{- if .Values.moon.ingress }} -{{- if .Values.moon.ingress.enabled }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - {{- range $key, $value := .Values.moon.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - name: {{ .Release.Name }} - namespace: {{ .Release.Namespace }} -spec: - ingressClassName: {{ .Values.moon.ingress.ingressClassName }} -{{- if .Values.moon.ingress.tls }} - tls: -{{ toYaml .Values.moon.ingress.tls | nindent 4 }} -{{- end }} - rules: - - host: {{ .Values.moon.ingress.host }} - http: - paths: - {{- $releaseName := .Release.Name }} - {{- range $v := .Values.moon.ingress.paths }} - - path: {{ $v.path | quote }} - pathType: Prefix - backend: - service: - name: {{ $releaseName }} - port: - number: {{ $v.port }} - {{- end }} -{{- end }} -{{- end }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }} - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.moon.replicas | default 2 }} - selector: - matchLabels: - app: moon - template: - metadata: - labels: - app: moon - spec: - {{- with .Values.moon.securityContext }} - securityContext: - {{ toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.moon.nodeSelector }} - nodeSelector: - {{- range $key, $value := .Values.moon.nodeSelector }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- with .Values.moon.affinity }} - affinity: - {{ toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.moon.tolerations }} - tolerations: - {{ toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ .Release.Name }} - containers: - - name: moon - {{- if .Values.moon.image }} - image: {{ .Values.moon.image }} - {{- else }} - image: aerokube/moon:{{ .Chart.AppVersion }} - {{- end }} - args: - - -namespace - - {{ .Release.Namespace }} - - -license-file - - /license/license.key - - -service-account-name - - {{ .Release.Name }} - - -moon-url - - http://{{ .Release.Name }}:4444/wd/hub - - -domain-name - - {{ .Release.Name }}-browsers - {{- if .Values.moon.guestUser }} - - -guest-user - - {{ .Values.moon.guestUser }} - {{- end }} - {{- if .Values.moon.repository }} - {{- if .Values.moon.repository.chromeDevtools }} - - -chrome-devtools-repository - - {{ .Values.moon.repository.chromeDevtools }} - {{- end }} - {{- if .Values.moon.repository.cypress }} - - -cypress-repository - - {{ .Values.moon.repository.cypress }} - {{- end }} - {{- if .Values.moon.repository.playwright }} - - -playwright-repository - - {{ .Values.moon.repository.playwright }} - {{- end }} - {{- end }} - {{- if .Values.moon.timeouts }} - {{- if .Values.moon.timeouts.sessionTimeout }} - - -timeout - - {{ .Values.moon.timeouts.sessionTimeout }} - {{- end }} - {{- if .Values.moon.timeouts.sessionAttemptTimeout }} - - -session-attempt-timeout - - {{ .Values.moon.timeouts.sessionAttemptTimeout }} - {{- end }} - {{- end }} - {{- if .Values.moon.enabled.resources }} - {{- if .Values.moon.browser }} - {{- if .Values.moon.browser.resources }} - {{- if .Values.moon.browser.resources.cpu }} - {{- if .Values.moon.browser.resources.cpu.limits }} - - -cpu-limit - - {{ .Values.moon.browser.resources.cpu.limits | quote }} - {{- end }} - {{- if .Values.moon.browser.resources.cpu.requests }} - - -cpu-request - - {{ .Values.moon.browser.resources.cpu.requests | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- else }} - - -disable-cpu-limits - {{- end }} - {{- if .Values.moon.enabled.resources }} - {{- if .Values.moon.browser }} - {{- if .Values.moon.browser.resources }} - {{- if .Values.moon.browser.resources.memory }} - {{- if .Values.moon.browser.resources.memory.limits }} - - -memory-limit - - {{ .Values.moon.browser.resources.memory.limits | quote }} - {{- end }} - {{- if .Values.moon.browser.resources.memory.requests }} - - -memory-request - - {{ .Values.moon.browser.resources.memory.requests | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- else }} - - -disable-memory-limits - {{- end }} - {{- if .Values.moon.enabled.resources }} - {{- if .Values.moon.resources }} - resources: -{{ toYaml .Values.moon.resources | indent 10 }} - {{- end }} - {{- end }} - ports: - - containerPort: 4444 - volumeMounts: - - name: quota - mountPath: /quota - readOnly: true - - name: config - mountPath: /config - readOnly: true - - name: credentials - mountPath: /credentials - readOnly: true - - name: users - mountPath: /users - readOnly: true - - name: license-key - mountPath: /license - readOnly: true - - name: moon-api - {{- if and .Values.moon.api .Values.moon.api.image }} - image: {{ .Values.moon.api.image }} - {{- else }} - image: aerokube/moon-api:{{ .Chart.AppVersion }} - {{- end }} - args: - - -namespace - - {{ .Release.Namespace }} - - -license-file - - /license/license.key - - -listen - - ":8888" - - -domain-name - - {{ .Release.Name }}-browsers - {{- if and .Values.moon.api .Values.moon.api.guestUser }} - - -guest-user - - {{ .Values.moon.api.guestUser }} - {{- end }} - {{- if .Values.moon.enabled.resources }} - {{- if .Values.moon.api }} - {{- if .Values.moon.api.resources }} - resources: -{{ toYaml .Values.moon.api.resources | indent 10 }} - {{- end }} - {{- end }} - {{- end }} - ports: - - containerPort: 8888 - volumeMounts: - - name: quota - mountPath: /quota - readOnly: true - - name: license-key - mountPath: /license - readOnly: true - - name: moon-ui - {{- if and .Values.moon.ui .Values.moon.ui.image }} - image: {{ .Values.moon.ui.image }} - {{- else }} - image: aerokube/selenoid-ui:1.10.3 - {{- end }} - args: - - -status-uri - - http://localhost:8888 - - -webdriver-uri - - http://localhost:4444 - {{- if .Values.moon.ui }} - {{- if .Values.moon.ui.auth }} - {{- if .Values.moon.ui.auth.enabled }} - - -users - - /users/users.htpasswd - {{- end }} - {{- end }} - {{- if .Values.moon.ui.externalAccess }} - - -allowed-origin - - "*" - {{- end }} - {{- end }} - {{- if .Values.moon.enabled.resources }} - {{- if .Values.moon.ui }} - {{- if .Values.moon.ui.resources }} - resources: -{{ toYaml .Values.moon.ui.resources | indent 10 }} - {{- end }} - {{- end }} - {{- end }} - ports: - - name: moon-ui - containerPort: 8080 - {{- if .Values.moon.ui }} - {{- if .Values.moon.ui.auth }} - {{- if .Values.moon.ui.auth.enabled }} - volumeMounts: - - name: users - mountPath: /users - readOnly: true - {{- end }} - {{- end }} - {{- end }} - volumes: - - name: quota - configMap: - name: {{ .Release.Name }}-quota - - name: config - configMap: - name: {{ .Release.Name }}-config - - name: credentials - secret: - secretName: credentials - - name: users - secret: - secretName: {{ .Release.Name }}-users - - name: license-key - secret: - secretName: licensekey ---- -apiVersion: v1 -kind: Secret -metadata: - name: credentials - namespace: {{ .Release.Namespace }} - labels: -stringData: - s3.accessKey: "{{ if .Values.moon.config.s3 }}{{- if .Values.moon.config.s3.accessKey }}{{ .Values.moon.config.s3.accessKey }}{{ end }}{{ end }}" - s3.secretKey: "{{ if .Values.moon.config.s3 }}{{- if .Values.moon.config.s3.secretKey }}{{ .Values.moon.config.s3.secretKey }}{{ end }}{{ end }}" ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-config - namespace: {{ .Release.Namespace }} -data: - service.json: | - { {{ $comma := false }} - {{- if .Values.moon.browser }} - {{- if .Values.moon.browser.annotations }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "annotations": {{ .Values.moon.browser.annotations | toJson }} - {{- end }} - {{- end }} - {{- if .Values.moon.browser }} - {{- if .Values.moon.browser.labels }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "labels": {{ .Values.moon.browser.labels | toJson }} - {{- end }} - {{- end }} - {{- if .Values.moon.browser }} - {{- if .Values.moon.browser.nodeSelector }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "nodeSelector": {{ .Values.moon.browser.nodeSelector | toJson }} - {{- end }} - {{- end }} - {{- if .Values.moon.config }} - {{- if .Values.moon.config.kernelCaps }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "kernelCaps": {{ .Values.moon.config.kernelCaps | toJson }} - {{- end }} - {{- end }} - {{- if .Values.moon.config.s3 }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "s3": { - {{- if true }} - {{- $comma := false }} - {{- if .Values.moon.config.s3.endpoint }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "endpoint": {{ .Values.moon.config.s3.endpoint | quote }} - {{- end }} - {{- if .Values.moon.config.s3.bucketName }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "bucketName": {{ .Values.moon.config.s3.bucketName | quote }} - {{- end }} - {{- if .Values.moon.config.s3.version }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "version": {{ .Values.moon.config.s3.version | quote }} - {{- end }} - {{- if .Values.moon.config.s3.keyPattern }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "keyPattern": {{ .Values.moon.config.s3.keyPattern | quote }} - {{- end }} - {{- end }} - } - {{- end }} - {{- if .Values.moon.config.images }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "images": { - {{- if true }} - {{- $comma := false }} - {{- range $k,$v := .Values.moon.config.images }} - {{- if $comma }},{{ end }} - {{ $k | quote }}: { - {{- $comma = true }} - {{- if true }} - {{- $comma := false }} - {{- if $v.image }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "image": {{ $v.image | quote }} - {{- end }} - {{- if $v.resources }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "resources": { - {{- if true }} - {{- $comma := false }} - {{- if $v.resources.limits }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "limits": {{ $v.resources.limits | toJson }} - {{- end }} - {{- if $v.resources.requests }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "requests": {{ $v.resources.requests | toJson }} - {{- end }} - {{- end }} - } - {{- end }} - {{- end }} - } - {{- end }} - {{- end }} - } - {{- end }} - {{- if .Values.moon.config.runAs }} - {{- if .Values.moon.config.runAs }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "runAs": { - {{- if true }} - {{- $comma := false }} - {{- if .Values.moon.config.runAs }} - {{- if .Values.moon.config.runAs.user }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "user": {{ .Values.moon.config.runAs.user }} - {{- end }} - {{- if .Values.moon.config.runAs.group }} - {{- if $comma }},{{ end }} - {{- $comma = true }} - "group": {{ .Values.moon.config.runAs.group }} - {{- end }} - {{- end }} - {{- end }} - } - {{- end }} - {{- end }} - } - {{- if or .Values.moon.mobileDevices .Values.moon.customMobileDevices }} - devices.json: | - {{- if .Values.moon.customMobileDevices }} - {{ .Values.moon.customMobileDevices | toJson }} - {{- else }} - {{- if .Values.moon.mobileDevices }} - {{ .Values.moon.mobileDevices | toJson }} - {{- end }} - {{- end }} - {{- end }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-quota - namespace: {{ .Release.Namespace }} -data: -{{- if .Values.moon.customQuota }} -{{- range $k,$v := .Values.moon.customQuota }} - {{ $k }}.json: | - {{ $v | toJson }} -{{- end }} -{{- else }} -{{- if .Values.moon.quota }} -{{- range $k,$v := .Values.moon.quota }} - {{ $k }}.json: | - {{ $v | toJson }} -{{- end }} -{{- end }} -{{- end }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ .Release.Name }}-users - namespace: {{ .Release.Namespace }} -stringData: - users.htpasswd: "{{ .Values.moon.htpasswd }}" ---- -apiVersion: v1 -kind: Secret -metadata: - name: licensekey - namespace: {{ .Release.Namespace }} -stringData: - license.key: "{{ .Values.moon.licenseKey }}" diff --git a/moon/templates/role.yaml b/moon/templates/role.yaml new file mode 100644 index 0000000..33b00ea --- /dev/null +++ b/moon/templates/role.yaml @@ -0,0 +1,37 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: {{ .Release.Namespace }} + name: {{ .Release.Name }} +rules: +- apiGroups: + - "" + resources: + - pods + - pods/log + - configmaps + - secrets + - resourcequotas + verbs: + - get + - watch + - list + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - resourcequotas + verbs: + - get + - watch + - list +{{- if .Values.moon.resourcequotacontrol }} + - create + - update + - patch + - delete +{{- end }} diff --git a/moon/templates/roleBinding.yaml b/moon/templates/roleBinding.yaml new file mode 100644 index 0000000..f85d1d5 --- /dev/null +++ b/moon/templates/roleBinding.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: {{ .Release.Name }} + apiGroup: rbac.authorization.k8s.io +subjects: +- kind: ServiceAccount + namespace: {{ .Release.Namespace }} + name: {{ .Release.Name }} diff --git a/moon/templates/secret-credentials.yaml b/moon/templates/secret-credentials.yaml new file mode 100644 index 0000000..e3c97a5 --- /dev/null +++ b/moon/templates/secret-credentials.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: credentials + namespace: {{ .Release.Namespace }} + labels: +stringData: + s3.accessKey: "{{ if .Values.moon.config.s3 }}{{- if .Values.moon.config.s3.accessKey }}{{ .Values.moon.config.s3.accessKey }}{{ end }}{{ end }}" + s3.secretKey: "{{ if .Values.moon.config.s3 }}{{- if .Values.moon.config.s3.secretKey }}{{ .Values.moon.config.s3.secretKey }}{{ end }}{{ end }}" diff --git a/moon/templates/secret-license.yaml b/moon/templates/secret-license.yaml new file mode 100644 index 0000000..7dc0381 --- /dev/null +++ b/moon/templates/secret-license.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: licensekey + namespace: {{ .Release.Namespace }} +stringData: + license.key: "{{ .Values.moon.licenseKey }}" diff --git a/moon/templates/secret-users.yaml b/moon/templates/secret-users.yaml new file mode 100644 index 0000000..c711569 --- /dev/null +++ b/moon/templates/secret-users.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-users + namespace: {{ .Release.Namespace }} +stringData: + users.htpasswd: "{{ .Values.moon.htpasswd }}" diff --git a/moon/templates/service-browsers.yaml b/moon/templates/service-browsers.yaml new file mode 100644 index 0000000..98b6276 --- /dev/null +++ b/moon/templates/service-browsers.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-browsers + namespace: {{ .Release.Namespace }} +spec: + selector: + moon: browser + clusterIP: None + publishNotReadyAddresses: true diff --git a/moon/templates/service-moon.yaml b/moon/templates/service-moon.yaml new file mode 100644 index 0000000..cf79743 --- /dev/null +++ b/moon/templates/service-moon.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} + {{- if .Values.moon.service.labels }} + labels: + {{- range $key, $value := .Values.moon.service.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- if .Values.moon.service.annotations }} + annotations: + {{- range $key, $value := .Values.moon.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + selector: + app: moon + ports: + - name: "moon" + protocol: TCP + port: 4444 + - name: "moon-ui" + protocol: TCP + port: 8080 + type: {{ .Values.moon.service.type }} + {{- if .Values.moon.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.moon.service.loadBalancerIP }} + {{- end }} + {{- with .Values.moon.service.externalIPs }} + externalIPs: + {{- range . }} + - {{ . }} + {{- end }} + {{- end }} diff --git a/moon/templates/serviceAccount.yaml b/moon/templates/serviceAccount.yaml new file mode 100644 index 0000000..e6d09c5 --- /dev/null +++ b/moon/templates/serviceAccount.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} + {{- if and .Values.moon.serviceaccount .Values.moon.serviceaccount.annotations }} + annotations: + {{- range $key, $value := .Values.moon.serviceaccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} From a00b1cac923bd45720c0b1053219b66d5a5d92f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BD=D0=B4=D1=80=D0=B5=D0=B9=20=D0=A0=D0=B5=D0=B3?= =?UTF-8?q?=D0=B5=D0=BD=D1=82=D0=BE=D0=B2?= Date: Wed, 29 Sep 2021 08:53:26 +0700 Subject: [PATCH 2/2] on codereview comment. Don't like "service-account" and "service-browsers" similarity though --- moon/templates/{configMap-config.yaml => config-map-config.yaml} | 0 moon/templates/{configMap-quota.yaml => config-map-quota.yaml} | 0 moon/templates/{roleBinding.yaml => role-binding.yaml} | 0 moon/templates/{serviceAccount.yaml => service-account.yaml} | 0 4 files changed, 0 insertions(+), 0 deletions(-) rename moon/templates/{configMap-config.yaml => config-map-config.yaml} (100%) rename moon/templates/{configMap-quota.yaml => config-map-quota.yaml} (100%) rename moon/templates/{roleBinding.yaml => role-binding.yaml} (100%) rename moon/templates/{serviceAccount.yaml => service-account.yaml} (100%) diff --git a/moon/templates/configMap-config.yaml b/moon/templates/config-map-config.yaml similarity index 100% rename from moon/templates/configMap-config.yaml rename to moon/templates/config-map-config.yaml diff --git a/moon/templates/configMap-quota.yaml b/moon/templates/config-map-quota.yaml similarity index 100% rename from moon/templates/configMap-quota.yaml rename to moon/templates/config-map-quota.yaml diff --git a/moon/templates/roleBinding.yaml b/moon/templates/role-binding.yaml similarity index 100% rename from moon/templates/roleBinding.yaml rename to moon/templates/role-binding.yaml diff --git a/moon/templates/serviceAccount.yaml b/moon/templates/service-account.yaml similarity index 100% rename from moon/templates/serviceAccount.yaml rename to moon/templates/service-account.yaml