add docker registry chart

Author: slamdev

charts/docker-registry/Chart.yaml

@@ -0,0 +1,12 @@
+apiVersion: v2
+name: docker-registry
+description: |-
+  Helm chart to deploy [docker-registry](https://github.com/distribution/distribution).
+type: application
+version: 0.0.1
+appVersion: 2.8.1
+home: https://github.com/slamdev/helm-charts/tree/master/charts/docker-registry
+icon: https://docs.docker.com/favicons/docs@2x.ico
+maintainers:
+  - name: slamdev
+    email: valentin.fedoskin@gmail.com

charts/docker-registry/README.md

@@ -0,0 +1,55 @@
+# docker-registry
+
+![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.8.1](https://img.shields.io/badge/AppVersion-2.8.1-informational?style=flat-square)
+
+Helm chart to deploy [docker-registry](https://github.com/distribution/distribution).
+
+**Homepage:** <https://github.com/slamdev/helm-charts/tree/master/charts/docker-registry>
+
+## Maintainers
+
+| Name | Email | Url |
+| ---- | ------ | --- |
+| slamdev | <valentin.fedoskin@gmail.com> |  |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| additionalResources | list | `[]` | list of additional resources to create (are processed via `tpl` function) |
+| affinity | object | `{}` | affinity for scheduler pod assignment |
+| config | string | `"http:\n  addr: :5000"` | docker-registry config to provision inside of the container |
+| containerPorts | list | `[{"containerPort":5000,"name":"http","protocol":"TCP"}]` | ports exposed by container |
+| env | list | `[]` | additional environment variables for the deployment |
+| fullnameOverride | string | `""` | full name of the chart. |
+| garbageCollectCronJob.deleteUntagged | bool | `true` | delete manifests that are not currently referenced via tag |
+| garbageCollectCronJob.dryRun | bool | `false` | do everything except remove the blobs |
+| garbageCollectCronJob.failedJobsHistoryLimit | int | `1` | the number of failed finished jobs to retain |
+| garbageCollectCronJob.resources | object | `{}` | custom resource configuration |
+| garbageCollectCronJob.restartPolicy | string | `"Never"` | container restart policy |
+| garbageCollectCronJob.schedule | string | `"@daily"` | the schedule in Cron format, see https://en.wikipedia.org/wiki/Cron |
+| garbageCollectCronJob.successfulJobsHistoryLimit | int | `3` | the number of successful finished jobs to retain |
+| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| image.repository | string | `"registry"` | image repository |
+| image.tag | string | `""` | image tag (chart's appVersion value will be used if not set) |
+| imagePullSecrets | list | `[]` | image pull secret for private images |
+| livenessProbe.httpGet.path | string | `"/"` | path for liveness probe |
+| livenessProbe.httpGet.port | string | `"http"` | port for liveness probe |
+| nameOverride | string | `""` | override name of the chart |
+| nodeSelector | object | `{}` | node for scheduler pod assignment |
+| podSecurityContext | object | `{}` | specifies security settings for a pod |
+| readinessProbe.httpGet.path | string | `"/"` | path for readiness probe |
+| readinessProbe.httpGet.port | string | `"http"` | port for readiness probe |
+| replicaCount | int | `1` | number of replicas for docker-registry deployment. |
+| resources | object | `{}` | custom resource configuration |
+| securityContext | object | `{}` | specifies security settings for a container |
+| service.annotations | object | `{}` | annotations to add to the service |
+| service.loadBalancerSourceRanges | list | `[]` | traffic through the load-balancer will be restricted to the specified client IPs |
+| service.ports | list | `[{"name":"http","port":80,"protocol":"TCP","targetPort":"http"}]` | service ports |
+| service.type | string | `"ClusterIP"` | service type |
+| serviceAccount.annotations | object | `{}` | annotations to add to the service account |
+| serviceAccount.create | bool | `false` | specifies whether a service account should be created |
+| serviceAccount.name | string | `nil` | the name of the service account to use; if not set and create is true, a name is generated using the fullname template |
+| tolerations | list | `[]` | tolerations for scheduler pod assignment |
+| volumeMounts | list | `[]` | additional volume mounts |
+| volumes | list | `[]` | additional volumes |

charts/docker-registry/templates/NOTES.txt

@@ -0,0 +1,15 @@
+1. Get the application URL by running these commands:
+{{- if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "docker-registry.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "docker-registry.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "docker-registry.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "docker-registry.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80
+{{- end }}

charts/docker-registry/templates/_helpers.tpl

@@ -0,0 +1,81 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "docker-registry.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "docker-registry.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "docker-registry.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "docker-registry.labels" -}}
+helm.sh/chart: {{ include "docker-registry.chart" . }}
+{{ include "docker-registry.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "docker-registry.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "docker-registry.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "docker-registry.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "docker-registry.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the tag for the docker image to use
+*/}}
+{{- define "docker-registry.tag" -}}
+{{- .Values.image.tag | default .Chart.AppVersion -}}
+{{- end -}}
+
+
+{{/*
+docker-registry.rawResource will create a resource template that can be
+merged with each item in `.Values.additionalResources`.
+*/}}
+{{- define "docker-registry.rawResource" -}}
+metadata:
+  labels:
+    {{- include "docker-registry.labels" . | nindent 4 }}
+{{- end }}

charts/docker-registry/templates/additional-resources.yaml

@@ -0,0 +1,5 @@
+{{- $template := fromYaml (include "docker-registry.rawResource" .) -}}
+{{- range $i, $t := .Values.additionalResources }}
+---
+{{ toYaml (merge (tpl $t $ | fromYaml) $template) -}}
+{{- end }}

charts/docker-registry/templates/configmap.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "docker-registry.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "docker-registry.labels" . | nindent 4 }}
+data:
+  config.yml: |-
+    {{- .Values.config | nindent 4 }}

charts/docker-registry/templates/cronjob.yaml

@@ -0,0 +1,80 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ include "docker-registry.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "docker-registry.labels" . | nindent 4 }}
+    app.kubernetes.io/component: garbage-collect
+spec:
+  concurrencyPolicy: Forbid
+  successfulJobsHistoryLimit: {{ .Values.garbageCollectCronJob.successfulJobsHistoryLimit }}
+  failedJobsHistoryLimit: {{ .Values.garbageCollectCronJob.failedJobsHistoryLimit }}
+  schedule: {{ .Values.garbageCollectCronJob.schedule | quote }}
+  jobTemplate:
+    metadata:
+      labels:
+        {{- include "docker-registry.selectorLabels" . | nindent 8 }}
+        app.kubernetes.io/component: garbage-collect
+    spec:
+      template:
+        metadata:
+          labels:
+            {{- include "docker-registry.selectorLabels" . | nindent 12 }}
+            app.kubernetes.io/component: garbage-collect
+        spec:
+          restartPolicy: {{ .Values.garbageCollectCronJob.restartPolicy }}
+        {{- with .Values.imagePullSecrets }}
+          imagePullSecrets:
+            {{- toYaml . | nindent 12 }}
+        {{- end }}
+          serviceAccountName: {{ include "docker-registry.serviceAccountName" . }}
+          securityContext:
+            {{- toYaml .Values.podSecurityContext | nindent 12 }}
+          containers:
+            - name: {{ .Chart.Name }}
+              args:
+                - garbage-collect
+                - /opt/config.yml
+                - --delete-untagged={{ .Values.garbageCollectCronJob.deleteUntagged }}
+                - --dry-run={{ .Values.garbageCollectCronJob.dryRun }}
+              securityContext:
+                {{- toYaml .Values.securityContext | nindent 16 }}
+              image: "{{ .Values.image.repository }}:{{ include "docker-registry.tag" . }}"
+              imagePullPolicy: {{ .Values.image.pullPolicy }}
+              resources:
+                {{- toYaml .Values.garbageCollectCronJob.resources | nindent 16 }}
+            {{- with .Values.env }}
+              env:
+                {{- toYaml . | nindent 16 }}
+            {{- end }}
+              volumeMounts:
+                - name: {{ include "docker-registry.fullname" . }}
+                  mountPath: /opt/config.yml
+                  subPath: config.yml
+            {{- with .Values.volumeMounts }}
+                {{- toYaml . | nindent 16 }}
+            {{- end }}
+          volumes:
+            - name: {{ include "docker-registry.fullname" . }}
+              configMap:
+                name: {{ include "docker-registry.fullname" . }}
+                items:
+                  - key: config.yml
+                    path: config.yml
+                    mode: 292 # 0444
+        {{- with .Values.volumes }}
+            {{- toYaml . | nindent 12 }}
+        {{- end }}
+        {{- with .Values.nodeSelector }}
+          nodeSelector:
+            {{- toYaml . | nindent 12 }}
+        {{- end }}
+        {{- with .Values.affinity }}
+          affinity:
+            {{- toYaml . | nindent 12 }}
+        {{- end }}
+        {{- with .Values.tolerations }}
+          tolerations:
+            {{- toYaml . | nindent 12 }}
+        {{- end }}

charts/docker-registry/templates/deployment.yaml

@@ -0,0 +1,79 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "docker-registry.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "docker-registry.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "docker-registry.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "docker-registry.selectorLabels" . | nindent 8 }}
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+    spec:
+    {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      serviceAccountName: {{ include "docker-registry.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          args:
+            - serve
+            - /opt/config.yml
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ include "docker-registry.tag" . }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+        {{- with .Values.containerPorts }}
+          ports:
+            {{- toYaml . | nindent 12 }}
+        {{- end }}
+          livenessProbe:
+            {{- toYaml .Values.livenessProbe | nindent 12 }}
+          readinessProbe:
+            {{- toYaml .Values.readinessProbe | nindent 12 }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+        {{- with .Values.env }}
+          env:
+            {{- toYaml . | nindent 12 }}
+        {{- end }}
+          volumeMounts:
+            - name: {{ include "docker-registry.fullname" . }}
+              mountPath: /opt/config.yml
+              subPath: config.yml
+        {{- with .Values.volumeMounts }}
+            {{- toYaml . | nindent 12 }}
+        {{- end }}
+      volumes:
+        - name: {{ include "docker-registry.fullname" . }}
+          configMap:
+            name: {{ include "docker-registry.fullname" . }}
+            items:
+              - key: config.yml
+                path: config.yml
+                mode: 292 # 0444
+    {{- with .Values.volumes }}
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}

charts/docker-registry/templates/service.yaml

@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "docker-registry.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "docker-registry.labels" . | nindent 4 }}
+{{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+{{- end }}
+spec:
+  type: {{ .Values.service.type }}
+{{- with .Values.service.ports }}
+  ports:
+    {{- toYaml . | nindent 4 }}
+{{- end }}
+  selector:
+    {{- include "docker-registry.selectorLabels" . | nindent 4 }}
+  loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }}

charts/docker-registry/templates/serviceaccount.yaml

@@ -0,0 +1,13 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "docker-registry.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "docker-registry.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end -}}