add helm cart + first try package

Author: eksrha

.github/workflows/build-helm-chart.yaml

@@ -0,0 +1,64 @@
+name: Build helm chart
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - "docker-image/**"
+      - "helm/**"
+
+jobs:
+  generate_tag:
+    runs-on: ubuntu-latest
+    outputs:
+      output: ${{ steps.tag.outputs.tag }}
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v2
+        with:
+          ref: main
+          fetch-depth: 0
+      - id: tag
+        shell: bash
+        run: |
+          echo "Tag: $(git describe --abbrev=0)"
+          echo "::set-output name=tag::$(git describe --abbrev=0)"
+ 
+  build-helm-chart:
+    runs-on: ubuntu-latest
+    needs: generate_tag
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v2
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "[email protected]"
+
+      - name: Update chart application version
+        run: |
+          sed -i -e "s/appVersion:.*/appVersion: ${{ needs.generate_tag.outputs.output }}/g" helm/Chart.yaml
+
+      - name: Run chart-releaser
+        uses: helm/[email protected]
+        with:
+          charts_dir: helm
+          config: cr.yaml
+          charts_repo_url: http://fullstack-devops.github.io/helm-charts/
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+          HELM_REPO_TOKEN: "${{ secrets.HELM_REPO_TOKEN }}"
+
+      - name: Build and push image
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./docker-image/
+          platforms: ${{ env.IMAGE_PLATFORMS }}
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository }}:latest
+            ghcr.io/${{ github.repository }}:${{ needs.generate_tag.outputs.output }}

cr.yml

@@ -0,0 +1,3 @@
+owner: fullstack-devops
+git-repo: helm-charts
+token: ${HELM_REPO_TOKEN}

helm/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

helm/Chart.yaml

@@ -0,0 +1,24 @@
+apiVersion: v2
+name: dns-bind
+description: A bind9 Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.0.5"

helm/templates/NOTES.txt

@@ -0,0 +1,16 @@
+1. Get the application URL by running these commands:
+{{- if contains "NodePort" .Values.serviceDns.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "dns-bind.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.serviceDns.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "dns-bind.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "dns-bind.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:53
+{{- else if contains "ClusterIP" .Values.serviceDns.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "dns-bind.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}

helm/templates/_helpers.tpl

@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "dns-bind.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "dns-bind.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "dns-bind.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "dns-bind.labels" -}}
+helm.sh/chart: {{ include "dns-bind.chart" . }}
+{{ include "dns-bind.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "dns-bind.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "dns-bind.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "dns-bind.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "dns-bind.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

helm/templates/configmap.yaml

@@ -0,0 +1,30 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "dns-bind.fullname" . }}
+  labels:
+    {{- include "dns-bind.labels" . | nindent 4 }}
+data:
+  DEBUG_ENTRYPOINT: {{ .Values.envValues.debug_entrypoint | quote }}
+  DOCKER_LOGS: {{ .Values.envValues.docker_logs | quote }}
+  {{- if .Values.envValues.wildcard_dns }}
+  WILDCARD_DNS: {{ .Values.envValues.wildcard_dns | quote }}
+  {{- end }}
+  {{- if .Values.envValues.extra_hosts }}
+  EXTRA_HOSTS: {{ .Values.envValues.extra_hosts | quote }}
+  {{- end }}
+  DNSSEC_VALIDATE: {{ .Values.envValues.dnssec_validate | quote }}
+  {{- if .Values.envValues.dns_forwarder }}
+  DNS_FORWARDER: {{ .Values.envValues.dns_forwarder | quote }}
+  {{- end }}
+  TTL_TIME: {{ .Values.envValues.ttl_time | quote }}
+  REFRESH_TIME: {{ .Values.envValues.refresh_time | quote }}
+  RETRY_TIME: {{ .Values.envValues.retry_time | quote }}
+  EXPIRY_TIME: {{ .Values.envValues.expiry_time | quote }}
+  MAX_CACHE_TIME: {{ .Values.envValues.max_cache_time | quote }}
+  {{- if .Values.envValues.allow_query }}
+  ALLOW_QUERY: {{ .Values.envValues.allow_query | quote }}
+  {{- end }}
+  {{- if .Values.envValues.allow_recursion }}
+  ALLOW_RECURSION: {{ .Values.envValues.allow_recursion | quote }}
+  {{- end }}

helm/templates/deployment.yaml

@@ -0,0 +1,68 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "dns-bind.fullname" . }}
+  labels:
+    {{- include "dns-bind.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.autoscaling.enabled }}
+  replicas: {{ .Values.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "dns-bind.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "dns-bind.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "dns-bind.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - containerPort: 53
+              name: dns
+              protocol: TCP
+            - containerPort: 53
+              name: dns-udp
+              protocol: UDP
+          # TODO: health checks!
+          # livenessProbe:
+          #   httpGet:
+          #     path: /
+          #     port: http
+          # readinessProbe:
+          #   httpGet:
+          #     path: /
+          #     port: http
+          envFrom:
+            - configMapRef:
+                name: {{ .Release.Name }}-dns-bind
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}

helm/templates/hpa.yaml

@@ -0,0 +1,28 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "dns-bind.fullname" . }}
+  labels:
+    {{- include "dns-bind.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "dns-bind.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}

helm/templates/service.yaml

@@ -0,0 +1,31 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "dns-bind.fullname" . }}
+  labels:
+    {{- include "dns-bind.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.serviceDns.type }}
+  {{- if .Values.serviceDns.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.serviceDns.loadBalancerIP }}
+  {{- end }}
+  {{- if or (eq .Values.serviceDns.type "NodePort") (eq .Values.serviceDns.type "LoadBalancer") }}
+  externalTrafficPolicy: {{ .Values.serviceDns.externalTrafficPolicy }}
+  {{- end }}
+  ports:
+    - port: 53
+      targetPort: dns
+      {{- if .Values.serviceDns.nodePort }}
+      nodePort: {{ .Values.serviceDns.nodePort }}
+      {{- end }}
+      protocol: TCP
+      name: dns
+    - port: 53
+      targetPort: dns-udp
+      {{- if and (.Values.serviceDns.nodePort) (eq .Values.serviceDns.type "NodePort") }}
+      nodePort: {{ .Values.serviceDns.nodePort }}
+      {{- end }}
+      protocol: UDP
+      name: dns-udp
+  selector:
+    {{- include "dns-bind.selectorLabels" . | nindent 4 }}