Skip to content

Commit

Permalink
Merge branch 'main' into add_webhook_ui
Browse files Browse the repository at this point in the history
  • Loading branch information
CGoodwin90 authored Sep 21, 2023
2 parents 23462b3 + 2c10a5e commit 70c344f
Show file tree
Hide file tree
Showing 10 changed files with 133 additions and 14 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ install-mariadb:
--wait \
--timeout $(TIMEOUT) \
$$($(KUBECTL) get ns mariadb > /dev/null 2>&1 && echo --set auth.rootPassword=$$($(KUBECTL) get secret --namespace mariadb mariadb -o json | $(JQ) -r '.data."mariadb-root-password" | @base64d')) \
--version=11.5.7 \
--version=12.2.9 \
mariadb \
bitnami/mariadb

Expand Down
8 changes: 3 additions & 5 deletions charts/lagoon-build-deploy/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,11 @@ kubeVersion: ">= 1.21.0-0"

type: application

version: 0.24.0
version: 0.25.0

appVersion: v0.14.0
appVersion: v0.15.0

annotations:
artifacthub.io/changes: |
- kind: changed
description: update remote-controller appVersion to v0.14.0
- kind: changed
description: updated lagoontask crd, will require crds to be re-applied
description: update remote-controller appVersion to v0.15.0
6 changes: 3 additions & 3 deletions charts/lagoon-remote/Chart.lock
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
dependencies:
- name: lagoon-build-deploy
repository: https://uselagoon.github.io/lagoon-charts/
version: 0.24.0
version: 0.25.0
- name: dioscuri
repository: https://amazeeio.github.io/charts/
version: 0.4.1
Expand All @@ -11,5 +11,5 @@ dependencies:
- name: nats
repository: https://nats-io.github.io/k8s/helm/charts/
version: 0.19.17
digest: sha256:5bf74bd117c2e5ae31d4084a588c52dd9408bbcc54cd0c86abf763d35f583412
generated: "2023-07-28T09:49:56.393491706+08:00"
digest: sha256:f5484f77cfe25d079752ea3a19b1a93edb3c93e1262c4f310e149843359ff2c1
generated: "2023-09-20T15:20:44.302630522+10:00"
8 changes: 3 additions & 5 deletions charts/lagoon-remote/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,11 @@ type: application
# This is the chart version. This version number should be incremented each
# time you make changes to the chart and its templates, including the app
# version.
version: 0.81.0
version: 0.83.0

dependencies:
- name: lagoon-build-deploy
version: ~0.24.0
version: ~0.25.0
repository: https://uselagoon.github.io/lagoon-charts/
condition: lagoon-build-deploy.enabled
- name: dioscuri
Expand All @@ -45,6 +45,4 @@ dependencies:
annotations:
artifacthub.io/changes: |
- kind: changed
description: update lagoon-ssh-portal to v0.30.1
- kind: changed
description: update NATS chart dependency to v0.19.17
description: update lagoon-build-deploy to v0.25.0
37 changes: 37 additions & 0 deletions charts/lagoon-remote/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,43 @@ app.kubernetes.io/instance: {{ .Release.Name }}



{{/*
Create the name of the service account to use for sshCore.
*/}}
{{- define "lagoon-remote.sshCore.serviceAccountName" -}}
{{- default (include "lagoon-remote.sshCore.fullname" .) .Values.sshCore.serviceAccount.name }}
{{- end }}

{{/*
Create a default fully qualified app name for sshCore.
*/}}
{{- define "lagoon-remote.sshCore.fullname" -}}
{{- include "lagoon-remote.fullname" . }}-ssh-core
{{- end }}

{{/*
Common labels sshCore.
*/}}
{{- define "lagoon-remote.sshCore.labels" -}}
helm.sh/chart: {{ include "lagoon-remote.chart" . }}
{{ include "lagoon-remote.sshCore.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}

{{/*
Selector labels sshCore.
*/}}
{{- define "lagoon-remote.sshCore.selectorLabels" -}}
app.kubernetes.io/name: {{ include "lagoon-remote.name" . }}
app.kubernetes.io/component: {{ include "lagoon-remote.sshCore.fullname" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}



{{/*
Create the name of the service account to use for sshPortal.
*/}}
Expand Down
36 changes: 36 additions & 0 deletions charts/lagoon-remote/templates/ssh-core.clusterrole.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
{{- if .Values.sshCore.enabled -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "lagoon-remote.sshCore.fullname" . }}
labels:
{{- include "lagoon-remote.sshCore.labels" . | nindent 4 }}
rules:
- apiGroups:
- apps
resources:
- deployments/scale
verbs:
- get
- update
- apiGroups:
- apps
resources:
- deployments
verbs:
- get
- list
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
{{- end }}
16 changes: 16 additions & 0 deletions charts/lagoon-remote/templates/ssh-core.clusterrolebinding.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{{- if .Values.sshCore.enabled -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "lagoon-remote.sshCore.fullname" . }}
labels:
{{- include "lagoon-remote.sshCore.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "lagoon-remote.sshCore.serviceAccountName" . }}
namespace: {{ .Release.Namespace | quote }}
roleRef:
kind: ClusterRole
name: {{ include "lagoon-remote.sshCore.fullname" . }}
apiGroup: rbac.authorization.k8s.io
{{- end }}
11 changes: 11 additions & 0 deletions charts/lagoon-remote/templates/ssh-core.secret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{{- if .Values.sshCore.enabled -}}
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
name: {{ include "lagoon-remote.sshCore.serviceAccountName" . }}-token
labels:
{{- include "lagoon-remote.sshCore.labels" . | nindent 4 }}
annotations:
kubernetes.io/service-account.name: {{ include "lagoon-remote.sshCore.serviceAccountName" . }}
{{- end }}
12 changes: 12 additions & 0 deletions charts/lagoon-remote/templates/ssh-core.serviceaccount.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
{{- if .Values.sshCore.enabled -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "lagoon-remote.sshCore.serviceAccountName" . }}
labels:
{{- include "lagoon-remote.sshCore.labels" . | nindent 4 }}
{{- with .Values.sshCore.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
11 changes: 11 additions & 0 deletions charts/lagoon-remote/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,17 @@ kubernetesBuildDeploy:
# If not set, a name is generated using the fullname template.
name:

# sshCore creates a restricted, non-expiring ServiceAccount token for use by
# lagoon-core.
sshCore:
enabled: false
serviceAccount:
annotations: {}
# The name of the service account to use.
# If not set, a name is generated using the fullname
# template
name: ""

# sshPortal is an optional service providing low-latency SSH connectivity to
# Lagoon environments.
sshPortal:
Expand Down

0 comments on commit 70c344f

Please sign in to comment.