refactor cf-argocd-extras

Author: mikhail-klimko

charts/gitops-runtime/templates/argo-api-gateway/_env.yaml

@@ -0,0 +1,84 @@
+{{- define "argo-api-gateway.resources.environment-variables.calculated" }}
+HTTP_PROXY: {{ .Values.global.httpProxy | squote}}
+HTTPS_PROXY: {{ .Values.global.httpsProxy | squote }}
+NO_PROXY: {{ .Values.global.noProxy | squote }}
+{{- end }}
+
+{{- define "argo-api-gateway.resources.environment-variables.defaults" -}}
+ARGOCD_SERVER:
+  valueFrom:
+    configMapKeyRef:
+      name: argo-api-gateway-cmd-params-cm
+      key: argocd.server
+ARGO_CD_TOKEN_SECRET_NAME: argocd-token
+ARGO_CD_TOKEN_SECRET_KEY: token
+ARGOCD_SERVER_ROOTPATH:
+  valueFrom:
+    configMapKeyRef:
+      name: argocd-cmd-params-cm
+      key: server.rootpath
+      optional: true
+BINARY_NAME: sources-server
+CODEFRESH_SSL_CERT_PATH: ""
+CODEFRESH_TLS_INSECURE:
+  valueFrom:
+    configMapKeyRef:
+      name: argocd-cmd-params-cm
+      key: codefresh.tls.insecure
+      optional: true
+CODEFRESH_TOKEN:
+  valueFrom:
+    secretKeyRef:
+      key: token
+      name: codefresh-token
+CODEFRESH_URL:
+  valueFrom:
+    configMapKeyRef:
+      key: base-url
+      name: codefresh-cm
+LISTEN_ADDRESS:
+  valueFrom:
+    configMapKeyRef:
+      name: argo-api-gateway-cmd-params-cm
+      key: server.listen.address
+      optional: true
+REDISDB:
+  valueFrom:
+    configMapKeyRef:
+      name: argocd-cmd-params-cm
+      key: redis.db
+      optional: true
+REDIS_COMPRESSION:
+  valueFrom:
+    configMapKeyRef:
+      name: argocd-cmd-params-cm
+      key: redis.compression
+      optional: true
+REDIS_PASSWORD:
+  valueFrom:
+    secretKeyRef:
+      name: argocd-redis
+      key: auth
+REDIS_SERVER:
+  valueFrom:
+    configMapKeyRef:
+      name: argocd-cmd-params-cm
+      key: redis.server
+REDIS_USERNAME:
+  valueFrom:
+    secretKeyRef:
+      name: argocd-redis
+      key: redis-username
+      optional: true
+REPO_SERVER:
+  valueFrom:
+    configMapKeyRef:
+      name: argo-api-gateway-cmd-params-cm
+      key: repo.server
+REPO_SERVER_TIMEOUT_SECONDS:
+  valueFrom:
+    configMapKeyRef:
+      name: argo-api-gateway-cmd-params-cm
+      key: repo.server.timeout.seconds
+      optional: true
+{{- end -}}

charts/gitops-runtime/templates/argo-api-gateway/_helpers.tpl

@@ -0,0 +1,47 @@
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "argo-api-gateway.fullname" -}}
+{{- print "argo-api-gateway" }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "argo-api-gateway.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "argo-api-gateway.labels" -}}
+helm.sh/chart: {{ include "argo-api-gateway.chart" . }}
+{{ include "argo-api-gateway.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/part-of: argo-api-gateway
+codefresh.io/internal: "true"
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "argo-api-gateway.selectorLabels" -}}
+app.kubernetes.io/name: argo-api-gateway
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "argo-api-gateway.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "argo-api-gateway.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

charts/gitops-runtime/templates/argo-api-gateway/configmap.yaml

@@ -0,0 +1,16 @@
+{{- define "argo-api-gateway.resources.configmap.defaults"}}
+argocd.server: argo-cd-server:80
+repo.server: argo-cd-repo-server:8081
+{{- end }}
+
+{{- $defaultConfig := (include "argo-api-gateway.resources.configmap.defaults" . | fromYaml ) }}
+{{- $overrides := index .Values "argo-api-gateway" "config" | default dict }}
+{{- $mergedConfig := mergeOverwrite $defaultConfig $overrides }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: argo-api-gateway-cmd-params-cm
+  labels:
+    {{- include "argo-api-gateway.labels" . | nindent 4 }}
+data:
+  {{- $mergedConfig | toYaml | nindent 2 }}

charts/gitops-runtime/templates/argo-api-gateway/deployment.yaml

@@ -0,0 +1,107 @@
+{{- $cfCommonTplSemver := printf "cf-common-%s" (index .Subcharts "cf-common").Chart.Version }}
+{{- $context := deepCopy . }}
+{{- $_ := set $context "Values" (deepCopy (get .Values "argo-api-gateway")) }}
+{{- $_ := set $context.Values "global" (deepCopy (get .Values "global")) }}
+{{/* Merge environment variables from calculated, defaults and overwrites */}}
+{{- $defaults := (include "argo-api-gateway.resources.environment-variables.defaults" . | fromYaml) }}
+{{- $calculated := (include "argo-api-gateway.resources.environment-variables.calculated" . | fromYaml) }}
+{{- $overrides := $context.Values.env }}
+{{- $mergedValues := mergeOverwrite $defaults $calculated $overrides }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "argo-api-gateway.fullname" . }}
+  labels:
+    {{- include "argo-api-gateway.labels" . | nindent 4 }}
+spec:
+  replicas: {{ $context.Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "argo-api-gateway.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with $context.Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "argo-api-gateway.selectorLabels" . | nindent 8 }}
+        {{- with $context.Values.podLabels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with $context.Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "argo-api-gateway.serviceAccountName" $context }}
+      securityContext:
+      {{- toYaml $context.Values.podSecurityContext | nindent 8 }}
+      containers:
+      - name: {{ include "argo-api-gateway.fullname" . }}
+        securityContext:
+          {{- toYaml $context.Values.securityContext | nindent 12 }}
+        {{- $imageContext := deepCopy $context.Values.image }}
+        image: {{ include (printf "%s.image.name" $cfCommonTplSemver ) (dict "image" $imageContext "context" .) }}
+        env: {{- include (printf "%s.env-vars" $cfCommonTplSemver ) (dict "Values" $mergedValues "context" .) | nindent 8 }}
+        imagePullPolicy: {{ $context.Values.image.pullPolicy }}
+        {{- if $context.Values.command }}
+        command:
+        {{- $context.Values.command | toYaml | nindent 8 }}
+        {{- end }}
+        {{- with $context.Values.extraArgs }}
+        args:
+        {{- . | toYaml | nindent 8 }}
+        {{- end }}
+        ports:
+        - name: http
+          containerPort: 8090
+        readinessProbe:
+          initialDelaySeconds: {{ $context.Values.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ $context.Values.readinessProbe.periodSeconds }}
+          timeoutSeconds: {{ $context.Values.readinessProbe.timeoutSeconds }}
+          successThreshold: {{ $context.Values.readinessProbe.successThreshold }}
+          failureThreshold: {{ $context.Values.readinessProbe.failureThreshold }}
+          httpGet:
+            port: http
+            path: /healthz
+        livenessProbe:
+          initialDelaySeconds: {{ $context.Values.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ $context.Values.livenessProbe.periodSeconds }}
+          timeoutSeconds: {{ $context.Values.livenessProbe.timeoutSeconds }}
+          successThreshold: {{ $context.Values.livenessProbe.successThreshold }}
+          failureThreshold: {{ $context.Values.livenessProbe.failureThreshold }}
+          httpGet:
+            port: http
+            path: /healthz?full=true
+        resources:
+          {{- toYaml $context.Values.resources | nindent 10 }}
+        volumeMounts:
+        {{- if $context.Values.global.codefresh.tls.caCerts.secretKeyRef }}
+        - name: codefresh-tls
+          mountPath: /app/config/codefresh-tls
+        {{- end }}
+        {{- with $context.Values.extraVolumeMounts }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- with $context.Values.nodeSelector | default $context.Values.global.nodeSelector }}
+      nodeSelector: {{ toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with $context.Values.tolerations | default $context.Values.global.tolerations }}
+      tolerations: {{ toYaml . | nindent 6 }}
+      {{- end }}
+      {{- with $context.Values.affinity }}
+      affinity: {{ toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with $context.Values.topologySpreadConstraints }}
+      topologySpreadConstraints: {{- include (printf "%s.tplrender" $cfCommonTplSemver ) (dict "Values" . "context" .) | nindent 8 }}
+      {{- end }}
+      volumes:
+        {{- if $context.Values.global.codefresh.tls.caCerts.secretKeyRef }}
+        - name: codefresh-tls
+          secret:
+            secretName: {{ $context.Values.global.codefresh.tls.caCerts.secretKeyRef.name }}
+        {{- end }}
+        {{- with $context.Values.extraVolumes }}
+            {{- toYaml . | nindent 6 }}
+        {{- end }}

charts/gitops-runtime/templates/argo-api-gateway/hpa.yaml

@@ -0,0 +1,38 @@
+{{- $context := deepCopy . }}
+{{- $_ := set $context "Values" (deepCopy (get .Values "argo-api-gateway")) }}
+{{- $_ := set $context.Values "global" (deepCopy (get .Values "global")) }}
+{{- if and $context.Values.hpa.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "argo-api-gateway.fullname" . }}
+  labels:
+    {{- include "argo-api-gateway.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "argo-api-gateway.fullname" . }}
+  minReplicas: {{ $context.Values.hpa.minReplicas | default 1 }}
+  maxReplicas: {{ $context.Values.hpa.maxReplicas | default 10 }}
+  metrics:
+  {{- if $context.Values.hpa.metrics }}
+  {{- toYaml $context.Values.hpa.metrics | indent 4 }}
+  {{- end }}
+  {{- with $context.Values.hpa.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: {{ . | int }}
+  {{- end }}
+  {{- with $context.Values.hpa.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ . | int }}
+  {{- end }}
+{{- end -}}

charts/gitops-runtime/templates/argo-api-gateway/pdb.yaml

@@ -0,0 +1,20 @@
+{{- $context := deepCopy . }}
+{{- $_ := set $context "Values" (deepCopy (get .Values "argo-api-gateway")) }}
+{{- $_ := set $context.Values "global" (deepCopy (get .Values "global")) }}
+
+{{- if and $context.Values.pdb.enabled }}
+apiVersion: policy/v1beta1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "argo-api-gateway.fullname" . }}
+spec:
+  {{- with $context.Values.pdb.minAvailable }}
+  minAvailable: {{ . }}
+  {{- end }}
+  {{- with $context.Values.pdb.maxUnavailable }}
+  maxUnavailable: {{ . }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "argo-api-gateway.selectorLabels" . | nindent 6 }}
+{{- end }}

charts/gitops-runtime/templates/argo-api-gateway/rbac.yaml

@@ -0,0 +1,64 @@
+{{- $context := deepCopy . }}
+{{- $_ := set $context "Values" (deepCopy (get .Values "argo-api-gateway")) }}
+{{- $_ := set $context.Values "global" (deepCopy (get .Values "global")) }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "argo-api-gateway.serviceAccountName" $context }}
+  labels:
+    {{- include "argo-api-gateway.labels" . | nindent 4 }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "argo-api-gateway.fullname" . }}
+  labels:
+    {{- include "argo-api-gateway.labels" . | nindent 4 }}
+rules:
+  - apiGroups:
+    - ''
+    resources:
+    - configmaps
+    - secrets
+    verbs:
+    - get
+    - list
+    - watch
+  - apiGroups:
+    - ''
+    - apps
+    resources:
+    - deployments
+    - podtemplates
+    verbs:
+    - patch
+  - apiGroups:
+    - apps
+    resources:
+    - replicasets
+    verbs:
+    - list
+    - patch
+  - apiGroups:
+    - argoproj.io
+    resources:
+    - rollouts
+    - rollouts/status
+    verbs:
+    - get
+    - patch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "argo-api-gateway.fullname" . }}
+  labels:
+    {{- include "argo-api-gateway.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "argo-api-gateway.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "argo-api-gateway.serviceAccountName" $context }}
+    namespace: {{ .Release.Namespace }}