[Common] Cert and Storage rework (#191)

* Add IX-Cert to Common
and:
- split storage
- merge custom into common chart

* Integrate most of the Bitnami Common Chart into ours
This commit is contained in:
Kjeld Schouten-Lebbing
2021-02-28 16:53:33 +01:00
committed by kjeld Schouten-Lebbing
parent 14c9d393b5
commit 236ec00b2d
43 changed files with 211 additions and 178 deletions

View File

@@ -4,7 +4,7 @@ for chart in charts/*; do
maxchartversion=$(cat ${chart}/${maxfolderversion}/Chart.yaml | grep "^version: " | awk -F" " '{ print $2 }')
chartname=$(basename ${chart})
echo "Processing: ${chart} - folder: ${maxfolderversion} - version: ${maxchartversion}"
helm dependency update ${chart}/${maxfolderversion}
helm dependency update --skip-refresh ${chart}/${maxfolderversion}
if [ "${maxfolderversion}" != "${maxchartversion}" ]; then
mv -f ${chart}/${maxfolderversion} ${chart}/${maxchartversion}
echo "renamed ${chart}/${maxfolderversion} to ${chart}/${maxchartversion}"

View File

@@ -22,5 +22,13 @@
"definitions/nodeIP": {
"stable": {"min": "20.12-ALPHA"},
"nightlies": {"min": "20.12-MASTER"}
},
"definitions/certificate": {
"stable": {"min": "21.02-ALPHA"},
"nightlies": {"min": "21.02-MASTER"}
},
"definitions/certificateAuthority": {
"stable": {"min": "21.02-ALPHA"},
"nightlies": {"min": "21.02-MASTER"}
}
}

View File

@@ -1,8 +1,8 @@
apiVersion: v2
kubeVersion: ">=1.16.0-0"
name: common
version: 1.3.2
# upstream_version:
version: 1.4.0
# upstream_version: 3.0.1
# appVersion:
description: Function library for TrueCharts
type: library

View File

@@ -31,10 +31,11 @@ Main entrypoint for the common library chart. It will render all underlying temp
{{- end -}}
{{- print "---" | nindent 0 -}}
{{ include "common.service" . | nindent 0 }}
{{ include "common.custom.appService" . | nindent 0 }}
{{ include "common.appService" . | nindent 0 }}
{{- print "---" | nindent 0 -}}
{{ include "common.ingress" . | nindent 0 }}
{{- print "---" | nindent 0 -}}
{{ include "common.custom.appIngress" . | nindent 0 }}
{{ include "common.custom.mountpermissions" . | nindent 0 }}
{{ include "common.appIngress" . | nindent 0 }}
{{ include "common.storage.permissions" . | nindent 0 }}
{{ include "common.resources.cert.secret" . | nindent 0 }}
{{- end -}}

View File

@@ -1,73 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the target Kubernetes version
*/}}
{{- define "common.capabilities.kubeVersion" -}}
{{- if .Values.global }}
{{- if .Values.global.kubeVersion }}
{{- .Values.global.kubeVersion -}}
{{- else }}
{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}}
{{- end -}}
{{- else }}
{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for deployment.
*/}}
{{- define "common.capabilities.deployment.apiVersion" -}}
{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "extensions/v1beta1" -}}
{{- else -}}
{{- print "apps/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for statefulset.
*/}}
{{- define "common.capabilities.statefulset.apiVersion" -}}
{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "apps/v1beta1" -}}
{{- else -}}
{{- print "apps/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for ingress.
*/}}
{{- define "common.capabilities.ingress.apiVersion" -}}
{{- if .Values.ingress -}}
{{- if .Values.ingress.apiVersion -}}
{{- .Values.ingress.apiVersion -}}
{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "extensions/v1beta1" -}}
{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "networking.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "networking.k8s.io/v1" -}}
{{- end }}
{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "extensions/v1beta1" -}}
{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "networking.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "networking.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Returns true if the used Helm version is 3.3+.
A way to check the used Helm version was not introduced until version 3.3.0 with .Capabilities.HelmVersion, which contains an additional "{}}" structure.
This check is introduced as a regexMatch instead of {{ if .Capabilities.HelmVersion }} because checking for the key HelmVersion in <3.3 results in a "interface not found" error.
**To be removed when the catalog's minimun Helm version is 3.3**
*/}}
{{- define "common.capabilities.supportsHelmVersion" -}}
{{- if regexMatch "{(v[0-9])*[^}]*}}$" (.Capabilities | toString ) }}
{{- true -}}
{{- end -}}
{{- end -}}

View File

@@ -1,18 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Kubernetes standard labels
*/}}
{{- define "common.labels.standard" -}}
app.kubernetes.io/name: {{ include "common.names.name" . }}
helm.sh/chart: {{ include "common.names.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
*/}}
{{- define "common.labels.matchLabels" -}}
app.kubernetes.io/name: {{ include "common.names.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}

View File

@@ -1,32 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "common.names.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "common.names.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "common.names.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -35,6 +35,6 @@ spec:
requests:
storage: {{ required (printf "size is required for PVC %v" $pvcName) $values.size | quote }}
{{- if $values.storageClass }}
storageClassName: {{ if (eq "-" $values.storageClass) }}""{{- else }}{{ $values.storageClass | quote }}{{- end }}
storageClassName: {{ include "common.storage.class" . }}
{{- end }}
{{- end -}}

View File

@@ -1,7 +1,7 @@
{{/*
Renders the additioanl authForward objects from appAuthForward
*/}}
{{- define "common.custom.classes.appAuthForward" -}}
{{- define "common.classes.appAuthForward" -}}
{{- /* Generate TrueNAS SCALE app services as required v1 */ -}}
{{- $values := .Values.appIngress -}}
{{- if hasKey . "ObjectValues" -}}

View File

@@ -2,7 +2,7 @@
This template serves as a blueprint for all appIngress objects that are created
within the common library.
*/}}
{{- define "common.custom.classes.appIngressHTTP" -}}
{{- define "common.classes.appIngressHTTP" -}}
{{- $values := .Values.appIngress -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.appIngress -}}
@@ -47,8 +47,11 @@ spec:
- {{ .host | quote }}
{{- end }}
{{- if eq $values.certType "selfsigned" -}}
secretName:
{{ else if eq $values.certType "existingcert" }}
secretName: {{ $values.existingcert }}
{{ else if eq $values.certType "ixcert" }}
secretName: {{ include "common.names.fullname" . }}-ix-cert
{{ else if eq $values.certType "wildcard" }}
secretName: wildcardcert
{{ else }}

View File

@@ -2,7 +2,7 @@
This template serves as a blueprint for all appIngressTCP objects that are created
within the common library.
*/}}
{{- define "common.custom.classes.appIngressTCP" -}}
{{- define "common.classes.appIngressTCP" -}}
{{- $values := .Values.appIngress -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.appIngress -}}
@@ -48,8 +48,11 @@ spec:
- {{ .host | quote }}
{{- end }}
{{- if eq $values.certType "selfsigned" -}}
secretName:
{{ else if eq $values.certType "existingcert" }}
secretName: {{ $values.existingcert }}
{{ else if eq $values.certType "ixcert" }}
secretName: {{ include "common.names.fullname" . }}-ix-cert
{{ else if eq $values.certType "wildcard" }}
secretName: wildcardcert
{{ else }}

View File

@@ -2,7 +2,7 @@
This template serves as a blueprint for all appIngressTCP objects that are created
within the common library.
*/}}
{{- define "common.custom.classes.appIngressUDP" -}}
{{- define "common.classes.appIngressUDP" -}}
{{- $values := .Values.appIngress -}}
{{- if hasKey . "ObjectValues" -}}
{{- with .ObjectValues.appIngress -}}

View File

@@ -1,3 +1,5 @@
## Currently only used as Bitnami Compatibility layer, may want to integrate more later
{{/* vim: set filetype=mustache: */}}
{{/*

View File

@@ -1,3 +1,6 @@
## Currently only used as Bitnami compatibility Layer, needs more integration during the Ingress integration project.
{{/* vim: set filetype=mustache: */}}
{{/*

View File

@@ -1,3 +1,4 @@
## Currently only used as Bitnami Compatibility layer, may want to integrate more later
{{/* vim: set filetype=mustache: */}}
{{/*
Generate secret name.

View File

@@ -1,3 +1,5 @@
## Currently only used as Bitnami Compatibility layer, may want to integrate more later
{{/* vim: set filetype=mustache: */}}
{{/*
Renders a value that contains template.

View File

@@ -69,7 +69,9 @@ Return the appropriate apiVersion for Ingress objects.
*/}}
{{- define "common.capabilities.ingress.apiVersion" -}}
{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
{{- if .Values.ingress.apiVersion -}}
{{- .Values.ingress.apiVersion -}}
{{- else if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
{{- print "extensions/v1beta1" -}}
{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.GitVersion -}}
{{- print "networking.k8s.io/v1beta1" -}}
@@ -90,3 +92,37 @@ Waiting on https://github.com/helm/helm/pull/8608
{{- end }}
{{- end -}}
*/}}
{{/*
Return the appropriate apiVersion for RBAC resources.
*/}}
{{- define "common.capabilities.rbac.apiVersion" -}}
{{- if semverCompare "<1.17-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "rbac.authorization.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "rbac.authorization.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for CRDs.
*/}}
{{- define "common.capabilities.crd.apiVersion" -}}
{{- if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "apiextensions.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "apiextensions.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Returns true if the used Helm version is 3.3+.
A way to check the used Helm version was not introduced until version 3.3.0 with .Capabilities.HelmVersion, which contains an additional "{}}" structure.
This check is introduced as a regexMatch instead of {{ if .Capabilities.HelmVersion }} because checking for the key HelmVersion in <3.3 results in a "interface not found" error.
**To be removed when the catalog's minimun Helm version is 3.3**
*/}}
{{- define "common.capabilities.supportsHelmVersion" -}}
{{- if regexMatch "{(v[0-9])*[^}]*}}$" (.Capabilities | toString ) }}
{{- true -}}
{{- end -}}
{{- end -}}

View File

@@ -12,7 +12,11 @@ Return the proper image name
{{- $registryName = .global.imageRegistry -}}
{{- end -}}
{{- end -}}
{{- if $registryName }}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- else -}}
{{- printf "%s:%s" $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*

View File

@@ -17,3 +17,21 @@ Selector labels shared across objects.
app.kubernetes.io/name: {{ include "common.names.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
## Bitnami Compatibility links
{{/* vim: set filetype=mustache: */}}
{{/*
Kubernetes standard labels
*/}}
{{- define "common.labels.standard" -}}
{{ include "common.labels" . }}
{{- end -}}
{{/*
Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
*/}}
{{- define "common.labels.matchLabels" -}}
{{ include "common.labels.selectorLabels" . }}
{{- end -}}

View File

@@ -1,9 +1,10 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "common.names.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
@@ -11,17 +12,18 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
If release name contains chart name it will be used as a full name.
*/}}
{{- define "common.names.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.

View File

@@ -1,3 +1,6 @@
## We might want to include more repositories in this warnings
## This is mostly used to prevent chart maintainers using "latest" when version is available
{{/* vim: set filetype=mustache: */}}
{{/*
Warning about using rolling tag.

View File

@@ -3,7 +3,8 @@ The main container included in the controller.
*/ -}}
{{- define "common.controller.mainContainer" -}}
- name: {{ include "common.names.fullname" . }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
image: "{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }}"
{{ include "common.warnings.rollingTag" .Values.image }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- with .Values.command }}
command: {{ . }}
@@ -64,7 +65,7 @@ The main container included in the controller.
{{- end }}
{{- end }}
{{- end }}
{{- include "common.custom.configuredAppVolumeMounts" . | indent 2 }}
{{- include "common.storage.configuredAppVolumeMounts" . | indent 2 }}
{{- if .Values.additionalVolumeMounts }}
{{- toYaml .Values.additionalVolumeMounts | nindent 2 }}
{{- end }}

View File

@@ -25,7 +25,7 @@ Volumes included by the controller.
{{- end }}
{{- end }}
{{- end }}
{{- include "common.custom.configuredAppVolumes" . }}
{{- include "common.storage.configuredAppVolumes" . }}
{{- if .Values.additionalVolumes }}
{{- toYaml .Values.additionalVolumes | nindent 0 }}
{{- end }}

View File

@@ -1,7 +1,7 @@
{{/*
Renders the additioanl Service objects from appAdditionalServices
*/}}
{{- define "common.custom.appService" -}}
{{- define "common.appService" -}}
{{- /* Generate TrueNAS SCALE app services as required v1 */ -}}
{{- if and .Values.appAdditionalServicesEnabled .Values.appAdditionalServices -}}
{{- range $name, $srv := .Values.appAdditionalServices }}

View File

@@ -1,7 +1,7 @@
{{/*
Renders the additional ingress objects from appIngress
*/}}
{{- define "common.custom.appIngress" -}}
{{- define "common.appIngress" -}}
{{- /* Generate TrueNAS SCALE app services as required v1 */ -}}
{{- if .Values.appIngress -}}
{{- range $name, $ingr := .Values.appIngress }}
@@ -14,19 +14,19 @@ Renders the additional ingress objects from appIngress
{{- $_ := set $ "ObjectValues" (dict "appIngress" $ingressValues) -}}
{{- if $ingressValues.type -}}
{{- if eq $ingressValues.type "UDP" -}}
{{- include "common.custom.classes.appIngressUDP" $ }}
{{- include "common.classes.appIngressUDP" $ }}
{{- else if eq $ingressValues.type "TCP" -}}
{{- include "common.custom.classes.appIngressTCP" $ }}
{{- include "common.classes.appIngressTCP" $ }}
{{- else }}
{{- include "common.custom.classes.appIngressHTTP" $ }}
{{- include "common.classes.appIngressHTTP" $ }}
{{- if $ingressValues.authForwardURL }}
{{- include "common.custom.classes.appAuthForward" $ }}
{{- include "common.classes.appAuthForward" $ }}
{{- end }}
{{- end }}
{{- else }}
{{- include "common.custom.classes.appIngressHTTP" $ }}
{{- include "common.classes.appIngressHTTP" $ }}
{{- if $ingressValues.authForwardURL }}
{{- include "common.custom.classes.appAuthForward" $ }}
{{- include "common.classes.appAuthForward" $ }}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -0,0 +1,32 @@
{{/*
Retrieve true/false if certificate is configured
*/}}
{{- define "common.resources.cert.available" -}}
{{- if .Values.certificate -}}
{{- $values := (. | mustDeepCopy) -}}
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}}
{{- template "common.resources.cert_present" $values -}}
{{- else -}}
{{- false -}}
{{- end -}}
{{- end -}}
{{/*
Retrieve public key of certificate
*/}}
{{- define "common.resources.cert.publicKey" -}}
{{- $values := (. | mustDeepCopy) -}}
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate "publicKey" true) -}}
{{ include "common.resources.cert" $values }}
{{- end -}}
{{/*
Retrieve private key of certificate
*/}}
{{- define "common.resources.cert.privateKey" -}}
{{- $values := (. | mustDeepCopy) -}}
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}}
{{ include "common.resources.cert" $values }}
{{- end -}}

View File

@@ -0,0 +1,14 @@
{{- define "common.resources.cert.secret" -}}
{{ if eq (include "common.resources.cert.available" .) "true" }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-ix-cert
labels: {{ include "common.labels" . | nindent 4 }}
type: kubernetes.io/tls
data:
tls.crt: {{ (include "common.resources.cert.publicKey" .) | toString | b64enc | quote }}
tls.key: {{ (include "common.resources.cert.privateKey" .) | toString | b64enc | quote }}
{{ end }}
{{- end }}

View File

@@ -0,0 +1,24 @@
{{/*
Retrieve true/false if certificate is available in ixCertificates
*/}}
{{- define "common.resources.cert_present" -}}
{{- $values := . -}}
{{- hasKey $values.Values.ixCertificates ($values.commonCertOptions.certKeyName | toString) -}}
{{- end -}}
{{/*
Retrieve certificate from variable name
*/}}
{{- define "common.resources.cert" -}}
{{- $values := . -}}
{{- $certKey := ($values.commonCertOptions.certKeyName | toString) -}}
{{- if hasKey $values.Values.ixCertificates $certKey -}}
{{- $cert := get $values.Values.ixCertificates $certKey -}}
{{- if $values.commonCertOptions.publicKey -}}
{{ $cert.certificate }}
{{- else -}}
{{ $cert.privatekey }}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -1,19 +1,7 @@
{{/*
Retrieve host path from ix volumes based on dataset name
*/}}
{{- define "common.custom.retrieveHostPathFromiXVolume" -}}
{{- range $index, $hostPathConfiguration := $.ixVolumes }}
{{- $dsName := base $hostPathConfiguration.hostPath -}}
{{- if eq $.datasetName $dsName -}}
{{- $hostPathConfiguration.hostPath -}}
{{- end }}
{{- end }}
{{- end -}}
{{/*
Define appVolumeMounts for container
*/}}
{{- define "common.custom.configuredAppVolumeMounts" -}}
{{- define "common.storage.configuredAppVolumeMounts" -}}
{{- if .Values.appVolumeMounts }}
{{- range $name, $avm := .Values.appVolumeMounts -}}
{{- if $avm.enabled }}
@@ -30,7 +18,7 @@ Define appVolumeMounts for container
{{/*
Define hostPath for appVolumes
*/}}
{{- define "common.custom.configuredAppVolumes" -}}
{{- define "common.storage.configuredAppVolumes" -}}
{{- if .Values.appVolumeMounts }}
{{- range $name, $av := .Values.appVolumeMounts -}}
{{- if $av.enabled }}
@@ -43,7 +31,7 @@ Define hostPath for appVolumes
path: {{ required "hostPath not set" $av.hostPath }}
{{- else }}
{{- $volDict := dict "datasetName" $av.datasetName "ixVolumes" $.Values.ixVolumes -}}
path: {{ include "common.custom.retrieveHostPathFromiXVolume" $volDict }}
path: {{ include "common.storage.retrieveHostPathFromiXVolume" $volDict }}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -0,0 +1,11 @@
{{/*
Retrieve host path from ix volumes based on dataset name
*/}}
{{- define "common.storage.retrieveHostPathFromiXVolume" -}}
{{- range $index, $hostPathConfiguration := $.ixVolumes }}
{{- $dsName := base $hostPathConfiguration.hostPath -}}
{{- if eq $.datasetName $dsName -}}
{{- $hostPathConfiguration.hostPath -}}
{{- end }}
{{- end }}
{{- end -}}

View File

@@ -2,7 +2,7 @@
This template serves as the blueprint for the mountPermissions job that is run
before chart installation.
*/}}
{{- define "common.custom.mountpermissions" -}}
{{- define "common.storage.permissions" -}}
{{- if and .Values.appVolumeMounts .Values.fixMountPermissions }}
{{- range $name, $avm := .Values.appVolumeMounts -}}
{{- if and $avm.enabled $avm.setPermissions}}
@@ -14,7 +14,7 @@ before chart installation.
{{ end -}}
{{- $_ := set $ "ObjectValues" (dict "appVolumeMounts" $VMValues) -}}
{{ include "common.custom.mountpermissions.job" $ | nindent 0 }}
{{ include "common.storage.permissions.job" $ | nindent 0 }}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -2,7 +2,7 @@
This template serves as the blueprint for the mountPermissions job that is run
before chart installation.
*/}}
{{- define "common.custom.mountpermissions.job" -}}
{{- define "common.storage.permissions.job" -}}
{{- $values := .Values.appVolumeMounts -}}
{{- if hasKey . "ObjectValues" -}}
@@ -55,7 +55,7 @@ spec:
#securityContext:
#
volumeMounts:
{{- include "common.custom.configuredAppVolumeMounts" . | indent 12 }}
{{- include "common.storage.configuredAppVolumeMounts" . | indent 12 }}
{{- with (include "common.controller.volumes" . | trim) }}
volumes:
{{- . | nindent 8 }}