Merge pull request #16 from MakerOps/TECH-1902

TECH-1902 - Adding ability to mount AWS EBS and AWS EFS as Persistent…
techops-services · Jul 25, 2023 · 4df6a05 · 4df6a05
2 parents 76f6079 + c129baa
commit 4df6a05
Show file tree

Hide file tree

Showing 7 changed files with 320 additions and 2 deletions.
diff --git a/charts/common/Chart.yaml b/charts/common/Chart.yaml
@@ -15,11 +15,11 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.0.13
+version: 0.0.14
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.0.13"
+appVersion: "0.0.14"
 icon: https://cncf-branding.netlify.app/img/projects/helm/horizontal/color/helm-horizontal-color.png
diff --git a/charts/common/README.md b/charts/common/README.md
@@ -0,0 +1,7 @@
+# common TechOps Helm Chart
+
+## Testing
+
+```bash
+helm lint charts/common --values charts/common/test-values.yaml
+```
diff --git a/charts/common/templates/deployment.yaml b/charts/common/templates/deployment.yaml
@@ -40,11 +40,26 @@ spec:
       {{- end }}
       securityContext:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      {{- if .Values.deployment.volumes }}
+      volumes:
+        {{- range $volume := .Values.deployment.volumes }}
+        - name: {{ $fullName }}-{{ $volume.name }}-volume
+          persistentVolumeClaim:
+            claimName: {{ $fullName }}-{{ $volume.name }}-pvc
+        {{- end }}
+      {{- end }}
       containers:
         - name:  {{ include "common.fullname" . }}
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          {{- if .Values.deployment.volumes }}
+          volumeMounts:
+            {{- range $volume := .Values.deployment.volumes }}
+            - name: {{ $fullName }}-{{ $volume.name }}-volume
+              mountPath: {{ $volume.mountPath }}
+            {{- end }}
+          {{- end }}
           {{- if .Values.command }}
           command:
             {{ toYaml .Values.command | nindent 12 }}

diff --git a/charts/common/templates/pvc.yaml b/charts/common/templates/pvc.yaml
@@ -0,0 +1,24 @@
+{{- if .Values.deployment.volumes }}
+{{- $fullName := include "common.fullname" . -}}
+{{- range $volume := .Values.deployment.volumes }}
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ $fullName }}-{{ $volume.name }}-pvc
+  {{- with .annotations }}
+  annotations:
+  {{ toYaml . | indent 4 }}
+  {{- end }}
+spec:
+  {{- with .accessModes }}
+  accessModes:
+  {{ toYaml . | indent 4 }}
+  {{- end }}
+  storageClassName: {{ $fullName }}-{{ $volume.name }}-sc
+  {{- if .resources }}
+  resources:
+    {{- toYaml .resources | nindent 4 }}
+  {{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/common/templates/storageclass.yaml b/charts/common/templates/storageclass.yaml
@@ -0,0 +1,22 @@
+{{- if .Values.deployment.volumes }}
+{{- $fullName := include "common.fullname" . -}}
+{{- range $volume := .Values.deployment.volumes }}
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: {{ $fullName }}-{{ $volume.name }}-sc
+  {{- with .annotations }}
+  annotations:
+  {{ toYaml . | indent 4 }}
+  {{- end }}
+provisioner: {{ $volume.provisioner }}
+{{- if $volume.bindingMode }}
+volumeBindingMode: {{ $volume.bindingMode }}
+{{- end }}
+{{- with $volume.parameters }}
+parameters:
+{{ toYaml . | indent 2 }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/common/test-values.yaml b/charts/common/test-values.yaml
@@ -0,0 +1,204 @@
+# Default values for Helm Chart testing.
+
+replicaCount: 1
+
+service:
+  enabled: true
+  name: "test"
+  port: 80
+  type: ClusterIP
+  containerPort: 5000
+  tls:
+    enabled: false
+    issuerName: "test"
+
+deployment:
+  enabled: true
+  volumes:
+    - name: data
+      mountPath: /data
+      provisioner: ebs.csi.aws.com
+      annotations:
+        storageclass.kubernetes.io/some-annotation: "some-value"
+      bindingMode: WaitForFirstConsumer
+      accessModes:
+        - ReadWriteOnce
+      parameters:
+        type: gp3
+      resources:
+        requests:
+          storage: 4Gi
+
+    - name: config
+      mountPath: /config
+      provisioner: ebs.csi.aws.com
+      annotations:
+        storageclass.kubernetes.io/some-annotation: "some-value"
+      bindingMode: WaitForFirstConsumer
+      accessModes:
+        - ReadWriteOnce
+      parameters:
+        type: gp3
+
+    - name: shared
+      mountPath: /shared
+      provisioner: efs.csi.aws.com
+      annotations:
+        storageclass.kubernetes.io/some-annotation: "some-value"
+      parameters:
+        provisioningMode: efs-ap
+        fileSystemId: fs-92107410
+        directoryPerms: "700"
+        gidRangeStart: "1000" # optional
+        gidRangeEnd: "2000" # optional
+        basePath: "/dynamic_provisioning" # optional
+
+cronjob:
+  enabled: false
+  jobs:
+    - name: hello-world
+      securityContext:
+        runAsUser: 1000
+        runAsGroup: 1000
+        fsGroup: 2000
+      image:
+        repository: busybox
+        tag: latest
+        imagePullPolicy: Always
+      # optional env vars
+      env:
+        - name: ECHO_VAR
+          value: "busybox"
+      envFrom:
+        - secretRef:
+            name: secret_data
+        - configMapRef:
+            name: config_data
+      schedule: "* * * * *"
+      command: ["/bin/sh"]
+      args:
+        - "-c"
+        - "echo $(date) - hello from $ECHO_VAR"
+        - "echo $(date) - loaded secret $secret_data"
+        - "echo $(date) - loaded config $config_data"
+      serviceAccount:
+        name: "busybox-serviceaccount"
+      resources:
+        limits:
+          cpu: 50m
+          memory: 256Mi
+        requests:
+          cpu: 50m
+          memory: 256Mi
+      failedJobsHistoryLimit: 1
+      successfulJobsHistoryLimit: 3
+      concurrencyPolicy: Forbid
+      restartPolicy: Never
+      backoffLimit: 2
+      nodeSelector:
+        type: infra
+      tolerations:
+        - effect: NoSchedule
+          operator: Exists
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: kubernetes.io/e2e-az-name
+                    operator: In
+                    values:
+                      - e2e-az1
+                      - e2e-az2
+
+image:
+  repository: organization/name
+  pullPolicy: IfNotPresent
+  tag: "latest"
+
+command:
+  - /bin/sh
+args:
+  - -c
+  - echo Hello, World!
+
+imagePullSecrets: []
+nameOverride: "test"
+fullnameOverride: "test"
+
+livenessProbe: {}
+readinessProbe: {}
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: false
+  # The name of the service account to use.
+  name: ""
+  # Annotations to add to the service account
+  annotations:
+#    eks.amazonaws.com/role-arn: arn:aws:iam::000000000000:role/name
+
+podAnnotations: {}
+
+podSecurityContext:
+  {}
+  # fsGroup: 2000
+
+securityContext:
+  {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+ingress:
+  enabled: true
+  className: ""
+  annotations:
+    {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  host: example.com
+
+  tls:
+    - secretName: chart-example-tls
+      hosts:
+        - chart-example.local
+
+resources:
+  limits:
+    cpu: 100m
+    memory: 128Mi
+  requests:
+    cpu: 100m
+    memory: 128Mi
+
+autoscaling:
+  enabled: true
+  minReplicas: 1
+  maxReplicas: 5
+  targetCPUUtilizationPercentage: 80
+  targetMemoryUtilizationPercentage: 80
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+externalSecrets:
+  clusterSecretStoreName: "test"
+
+env:
+  DB_NAME:
+    type: kv
+    value: example-db
+  DB_USER_NAME:
+    type: kv
+    value: example
+  DB_USER_PASSWORD:
+    type: parameterStore
+    name: example-db
+    parameter_name: DB_PASSWORD
diff --git a/charts/common/values.yaml b/charts/common/values.yaml
@@ -16,6 +16,52 @@ service:
 
 deployment:
   enabled: true
+  volumes: []
+#    - name: data
+#      mountPath: /data
+#      provisioner: ebs.csi.aws.com
+#      annotations:
+#        storageclass.kubernetes.io/some-annotation: "some-value"
+#      bindingMode: WaitForFirstConsumer
+#      accessModes:
+#        - ReadWriteOnce
+#      parameters:
+#         type: gp3
+#      resources:
+#        requests:
+#          storage: 4Gi
+#
+#    - name: config
+#      mountPath: /config
+#      provisioner: ebs.csi.aws.com
+#      annotations:
+#        storageclass.kubernetes.io/some-annotation: "some-value"
+#      bindingMode: WaitForFirstConsumer
+#      accessModes:
+#        - ReadWriteOnce
+#      parameters:
+#         type: gp3
+#      resources:
+#        requests:
+#          storage: 4Gi
+#
+#    - name: shared
+#      mountPath: /shared
+#      provisioner: efs.csi.aws.com
+#      annotations:
+#        storageclass.kubernetes.io/some-annotation: "some-value"
+#      accessModes:
+#        - ReadWriteMany
+#      parameters:
+#        provisioningMode: efs-ap
+#        fileSystemId: fs-12345678
+#        directoryPerms: "700"
+#        gidRangeStart: "1000" # optional
+#        gidRangeEnd: "2000" # optional
+#        basePath: "/dynamic_provisioning" # optional
+#      resources:
+#        requests:
+#          storage: 4Gi
 
 cronjob:
   enabled: false