[stable/external-dns] Switch to use 'bitnami/external-dns' image

stable/external-dns/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v1
 name: external-dns
-version: 1.9.0
+version: 2.0.0
 appVersion: 0.5.14
 description: ExternalDNS is a Kubernetes addon that configures public DNS servers with information about exposed Kubernetes services to make them discoverable.
 keywords:
@@ -10,7 +10,9 @@ keywords:
 home: https://github.com/kubernetes-incubator/external-dns
 sources:
 - https://github.com/kubernetes-incubator/external-dns
+- https://github.com/bitnami/bitnami-docker-external-dns
 maintainers:
 - name: Bitnami
   email: [email protected]
 engine: gotpl
+icon: https://bitnami.com/assets/stacks/external-dns/img/external-dns-stack-110x117.png

stable/external-dns/templates/NOTES.txt

@@ -1,3 +1,8 @@
+** Please be patient while the chart is being deployed **
+
 To verify that external-dns has started, run:
 
-  kubectl --namespace={{ .Release.Namespace }} get pods -l "app={{ template "external-dns.name" . }},release={{ .Release.Name }}"
+  kubectl --namespace={{ .Release.Namespace }} get pods -l "app.kubernetes.io/name={{ template "external-dns.name" . }},app.kubernetes.io/instance={{ .Release.Name }}"
+
+{{ include "external-dns.validateValues" . }}
+{{ include "external-dns.checkRollingTags" . }}

stable/external-dns/templates/_helpers.tpl

@@ -24,28 +24,201 @@ If release name contains chart name it will be used as a full name.
 {{- end -}}
 {{- end -}}
 
-{{/* Generate basic labels */}}
-{{- define "external-dns.labels" }}
-app: {{ template "external-dns.name" . }}
-heritage: {{.Release.Service }}
-release: {{.Release.Name }}
-{{- if .Values.podLabels }}
-{{ toYaml .Values.podLabels }}
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "external-dns.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/* Helm required labels */}}
+{{- define "external-dns.labels" -}}
+app.kubernetes.io/name: {{ template "external-dns.name" . }}
+helm.sh/chart: {{ template "external-dns.chart" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/* matchLabels */}}
+{{- define "external-dns.matchLabels" -}}
+app.kubernetes.io/name: {{ template "external-dns.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}
+
+{{/* podAnnotations */}}
+{{- define "external-dns.podAnnotations" -}}
+{{- if .Values.podAnnotations }}
+{{- toYaml .Values.podAnnotations }}
 {{- end }}
+{{- if .Values.metrics.podAnnotations }}
+{{- toYaml .Values.metrics.podAnnotations }}
 {{- end }}
+{{- end -}}
+
+{{/*
+Return the proper External DNS image name
+*/}}
+{{- define "external-dns.image" -}}
+{{- $registryName := .Values.image.registry -}}
+{{- $repositoryName := .Values.image.repository -}}
+{{- $tag := .Values.image.tag | toString -}}
+{{/*
+Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
+but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
+Also, we can't use a single if because lazy evaluation is not an option
+*/}}
+{{- if .Values.global }}
+    {{- if .Values.global.imageRegistry }}
+        {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
+    {{- else -}}
+        {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
+    {{- end -}}
+{{- else -}}
+    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the proper Docker Image Registry Secret Names
+*/}}
+{{- define "external-dns.imagePullSecrets" -}}
+{{/*
+Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
+but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
+Also, we can not use a single if because lazy evaluation is not an option
+*/}}
+{{- if .Values.global }}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{- range .Values.global.imagePullSecrets }}
+  - name: {{ . }}
+{{- end }}
+{{- else if .Values.image.pullSecrets }}
+imagePullSecrets:
+{{- range .Values.image.pullSecrets }}
+  - name: {{ . }}
+{{- end }}
+{{- end -}}
+{{- else if .Values.image.pullSecrets }}
+imagePullSecrets:
+{{- range .Values.image.pullSecrets }}
+  - name: {{ . }}
+{{- end }}
+{{- end -}}
+{{- end -}}
 
 {{- define "external-dns.aws-credentials" }}
 [default]
-aws_access_key_id = {{ .Values.aws.accessKey }}
-aws_secret_access_key = {{ .Values.aws.secretKey }}
+aws_access_key_id = {{ .Values.aws.credentials.accessKey }}
+aws_secret_access_key = {{ .Values.aws.credentials.secretKey }}
 {{ end }}
 
-
 {{- define "external-dns.aws-config" }}
 [profile default]
-{{- if .Values.aws.roleArn }}
-role_arn = {{ .Values.aws.roleArn }}
-{{- end }}
+role_arn = {{ .Values.aws.assumeRoleArn }}
 region = {{ .Values.aws.region }}
 source_profile = default
 {{ end }}
+
+{{/*
+Compile all warnings into a single message, and call fail.
+*/}}
+{{- define "external-dns.validateValues" -}}
+{{- $messages := list -}}
+{{- $messages := append $messages (include "external-dns.validateValues.provider" .) -}}
+{{- $messages := append $messages (include "external-dns.validateValues.sources" .) -}}
+{{- $messages := append $messages (include "external-dns.validateValues.aws" .) -}}
+{{- $messages := append $messages (include "external-dns.validateValues.google" .) -}}
+{{- $messages := append $messages (include "external-dns.validateValues.infoblox.gridHost" .) -}}
+{{- $messages := append $messages (include "external-dns.validateValues.infoblox.wapiPassword" .) -}}
+{{- $messages := without $messages "" -}}
+{{- $message := join "\n" $messages -}}
+
+{{- if $message -}}
+{{-   printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Validate values of External DNS:
+- must set a provider
+*/}}
+{{- define "external-dns.validateValues.provider" -}}
+{{- if not .Values.provider -}}
+external-dns: provider
+    You must set a provider (options: aws, google, azure, cloudflare, ...)
+    Please set the provider parameter (--set provider="xxxx")
+{{- end -}}
+{{- end -}}
+
+{{/*
+Validate values of External DNS:
+- must provide sources to be observed for new DNS entries by ExternalDNS
+*/}}
+{{- define "external-dns.validateValues.sources" -}}
+{{- if empty .Values.sources -}}
+external-dns: sources
+    You must provide sources to be observed for new DNS entries by ExternalDNS
+    Please set the sources parameter (--set sources="xxxx")
+{{- end -}}
+{{- end -}}
+
+{{/*
+Validate values of External DNS:
+- The AWS Role to assume must follow ARN format when provider is "aws"
+*/}}
+{{- define "external-dns.validateValues.aws" -}}
+{{- if and (eq .Values.provider "aws") .Values.aws.assumeRoleArn -}}
+{{- if not (regexMatch "^arn:aws:iam::.*$" .Values.aws.assumeRoleArn) -}}
+external-dns: aws.assumeRoleArn
+    The AWS Role to assume must follow ARN format: `arn:aws:iam::123455567:role/external-dns`
+    Ref: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
+    Please set a valid ARN (--set aws.assumeRoleARN="xxxx")
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Validate values of External DNS:
+- must provide a service account key when provider is "google"
+*/}}
+{{- define "external-dns.validateValues.google" -}}
+{{- if and (eq .Values.provider "google") (not .Values.google.serviceAccountSecret) (not .Values.google.serviceAccountKey) -}}
+external-dns: google.serviceAccountKey google.serviceAccountSecret
+    You must provide the service account key when provider="google".
+    Please set the service account key (--set google.serviceAccountKey="xxxx")
+    or reuse an existing secret (--set google.serviceAccountSecret="xxxx")
+{{- end -}}
+{{- end -}}
+
+{{/*
+Validate values of External DNS:
+- must provide the Grid Manager host when provider is "infoblox"
+*/}}
+{{- define "external-dns.validateValues.infoblox.gridHost" -}}
+{{- if and (eq .Values.provider "infoblox") (not .Values.infoblox.gridHost) -}}
+external-dns: infoblox.gridHost
+    You must provide the the Grid Manager host when provider="infoblox".
+    Please set the gridHost parameter (--set infoblox.gridHost="xxxx")
+{{- end -}}
+{{- end -}}
+
+{{/*
+Validate values of External DNS:
+- must provide a WAPI password when provider is "infoblox"
+*/}}
+{{- define "external-dns.validateValues.infoblox.wapiPassword" -}}
+{{- if and (eq .Values.provider "infoblox") (not .Values.infoblox.wapiPassword) -}}
+external-dns: infoblox.wapiPassword
+    You must provide a WAPI password when provider="infoblox".
+    Please set the wapiPassword parameter (--set infoblox.wapiPassword="xxxx")
+{{- end -}}
+{{- end -}}
+
+{{/* Check if there are rolling tags in the images */}}
+{{- define "external-dns.checkRollingTags" -}}
+{{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }}
+WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
++info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
+{{- end }}
+{{- end -}}

stable/external-dns/templates/clusterrole.yaml

@@ -1,43 +1,42 @@
-{{- if .Values.rbac.create -}}
+{{- if .Values.rbac.create }}
 apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }}
 kind: ClusterRole
 metadata:
-  labels: {{ include "external-dns.labels" . | indent 4 }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
   name: {{ template "external-dns.fullname" . }}
+  labels: {{ include "external-dns.labels" . | nindent 4 }}
 rules:
-  - apiGroups:
-      - ""
-    resources:
-      - services
-      - pods
-      - nodes
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - extensions
-    resources:
-      - ingresses
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - networking.istio.io
-    resources:
-      - gateways
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - externaldns.k8s.io
-    resources:
-      - dnsendpoints
-    verbs:
-      - get
-      - list
-      - watch
-{{- end -}}
+- apiGroups:
+  - ""
+  resources:
+  - services
+  - pods
+  - nodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - extensions
+  resources:
+  - ingresses
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - networking.istio.io
+  resources:
+  - gateways
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - externaldns.k8s.io
+  resources:
+  - dnsendpoints
+  verbs:
+  - get
+  - list
+  - watch
+{{- end }}

stable/external-dns/templates/clusterrolebinding.yaml

@@ -1,16 +1,15 @@
-{{- if .Values.rbac.create -}}
+{{- if .Values.rbac.create }}
 apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }}
 kind: ClusterRoleBinding
 metadata:
-  labels: {{ include "external-dns.labels" . | indent 4 }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
   name: {{ template "external-dns.fullname" . }}
+  labels: {{ include "external-dns.labels" . | nindent 4 }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: {{ template "external-dns.fullname" . }}
 subjects:
-  - kind: ServiceAccount
-    name: {{ template "external-dns.fullname" . }}
-    namespace: {{ .Release.Namespace }}
-{{- end -}}
+- kind: ServiceAccount
+  name: {{ template "external-dns.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+{{- end }}

stable/external-dns/templates/configmap.yaml

@@ -3,8 +3,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: {{ template "external-dns.fullname" . }}
-  labels: {{ include "external-dns.labels" . | indent 4 }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+  labels: {{ include "external-dns.labels" . | nindent 4 }}
 data:
   {{ .Values.designate.customCA.filename }}: |
 {{ .Values.designate.customCA.content | indent 4 }}

stable/external-dns/templates/crd.yaml

@@ -1,5 +1,4 @@
 {{- if .Values.crd.create }}
----
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata: