Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backporting #521 #524

Merged
merged 2 commits into from
Dec 12, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions changelog/v0.35.1/readinessprobe-scheme-field.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
changelog:
- type: NEW_FEATURE
issueLink: https://github.com/solo-io/skv2/issues/521
resolvesIssue: false
description: |
Support scheme field for readiness probes. By default it is HTTP and an optional field.
skipCI: false
73 changes: 73 additions & 0 deletions codegen/cmd_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -2520,6 +2520,79 @@ roleRef:
Entry("sidecar service port name with hyphen", "foo-bar"),
)

It("render readiness probe when scheme is specified", func() {
cmd := &Command{
Chart: &Chart{
Operators: []Operator{
{
Name: "painter",
Deployment: Deployment{
Container: Container{
Image: Image{
Tag: "v0.0.0",
Repository: "painter",
Registry: "quay.io/solo-io",
PullPolicy: "IfNotPresent",
},
ReadinessProbe: &ReadinessProbe{
Path: "/",
Port: "8080",
Scheme: "HTTPS",
PeriodSeconds: 10,
InitialDelaySeconds: 5,
},
},
},
},
},

Values: nil,
Data: Data{
ApiVersion: "v1",
Description: "",
Name: "Painting Operator",
Version: "v0.0.1",
Home: "https://docs.solo.io/skv2/latest",
Sources: []string{
"https://github.com/solo-io/skv2",
},
},
},

ManifestRoot: "codegen/test/chart-readiness",
}

err := cmd.Execute()
Expect(err).NotTo(HaveOccurred())

helmValues := map[string]interface{}{}

renderedManifests := helmTemplate("codegen/test/chart-readiness", helmValues)

var renderedDeployment *appsv1.Deployment
decoder := kubeyaml.NewYAMLOrJSONDecoder(bytes.NewBuffer(renderedManifests), 4096)
for {
obj := &unstructured.Unstructured{}
err := decoder.Decode(obj)
if err != nil {
break
}
if obj.GetName() != "painter" || obj.GetKind() != "Deployment" {
continue
}

bytes, err := obj.MarshalJSON()
Expect(err).NotTo(HaveOccurred())
renderedDeployment = &appsv1.Deployment{}
err = json.Unmarshal(bytes, renderedDeployment)
Expect(err).NotTo(HaveOccurred())
}
Expect(renderedDeployment).NotTo(BeNil())
renderedReadinessProbe := renderedDeployment.Spec.Template.Spec.Containers[0].ReadinessProbe.HTTPGet
Expect(string(renderedReadinessProbe.Scheme)).To(Equal("HTTPS"))
Expect(int(renderedReadinessProbe.Port.IntVal)).To(Equal(8080))
})

It("can configure cluster-scoped and namespace-scoped RBAC", func() {
cmd := &Command{
RenderProtos: false,
Expand Down
1 change: 1 addition & 0 deletions codegen/model/chart.go
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,7 @@ type ReadinessProbe struct {
Exec []string // optional: if specified, the readiness probe will be an exec probe with the specified commands
Path string // Path to access on the HTTP server. Either specify Path and Port for httpGet probes, or specify Exec
Port string
Scheme string // optional scheme: HTTP or HTTPS ((kasunt): imo better to keep it as a non-enum field)
PeriodSeconds int
InitialDelaySeconds int
}
Expand Down
3 changes: 3 additions & 0 deletions codegen/templates/chart/operator-deployment.yamltmpl
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,9 @@ spec:
httpGet:
path: [[ $container.ReadinessProbe.Path ]]
port: [[ $container.ReadinessProbe.Port ]]
[[- if $container.ReadinessProbe.Scheme ]]
scheme: [[ $container.ReadinessProbe.Scheme ]]
[[- end ]]
[[- end ]]
[[- if $container.ReadinessProbe.InitialDelaySeconds ]]
initialDelaySeconds: [[ $container.ReadinessProbe.InitialDelaySeconds ]]
Expand Down
8 changes: 8 additions & 0 deletions codegen/test/chart-readiness/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
# Code generated by skv2. DO NOT EDIT.

apiVersion: v1
home: https://docs.solo.io/skv2/latest
name: Painting Operator
sources:
- https://github.com/solo-io/skv2
version: v0.0.1
54 changes: 54 additions & 0 deletions codegen/test/chart-readiness/templates/_helpers.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
# Code generated by skv2. DO NOT EDIT.



{{/* Below are library functions provided by skv2 */}}

{{- /*

"skv2.utils.merge" takes an array of three values:
- the top context
- the yaml block that will be merged in (override)
- the name of the base template (source)

note: the source must be a named template (helm partial). This is necessary for the merging logic.

The behaviour is as follows, to align with already existing helm behaviour:
- If no source is found (template is empty), the merged output will be empty
- If no overrides are specified, the source is rendered as is
- If overrides are specified and source is not empty, overrides will be merged in to the source.

Overrides can replace / add to deeply nested dictionaries, but will completely replace lists.
Examples:

┌─────────────────────┬───────────────────────┬────────────────────────┐
│ Source (template) │ Overrides │ Result │
├─────────────────────┼───────────────────────┼────────────────────────┤
│ metadata: │ metadata: │ metadata: │
│ labels: │ labels: │ labels: │
│ app: gloo │ app: gloo1 │ app: gloo1 │
│ cluster: useast │ author: infra-team │ author: infra-team │
│ │ │ cluster: useast │
├─────────────────────┼───────────────────────┼────────────────────────┤
│ lists: │ lists: │ lists: │
│ groceries: │ groceries: │ groceries: │
│ - apple │ - grapes │ - grapes │
│ - banana │ │ │
└─────────────────────┴───────────────────────┴────────────────────────┘

skv2.utils.merge is a fork of a helm library chart function (https://github.com/helm/charts/blob/master/incubator/common/templates/_util.tpl).
This includes some optimizations to speed up chart rendering time, and merges in a value (overrides) with a named template, unlike the upstream
version, which merges two named templates.

*/ -}}
{{- define "skv2.utils.merge" -}}
{{- $top := first . -}}
{{- $overrides := (index . 1) -}}
{{- $tpl := fromYaml (include (index . 2) $top) -}}
{{- if or (empty $overrides) (empty $tpl) -}}
{{ include (index . 2) $top }} {{/* render source as is */}}
{{- else -}}
{{- $merged := merge $overrides $tpl -}}
{{- toYaml $merged -}} {{/* render source with overrides as YAML */}}
{{- end -}}
{{- end -}}
134 changes: 134 additions & 0 deletions codegen/test/chart-readiness/templates/deployment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,134 @@
# Code generated by skv2. DO NOT EDIT.



{{- $painter := $.Values.painter }}
---

{{- define "painter.deploymentSpec" }}
# Deployment manifest for painter

apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: painter
annotations:
app.kubernetes.io/name: painter
name: painter
namespace: {{ default .Release.Namespace $.Values.painter.namespace }}
spec:
selector:
matchLabels:
app: painter
template:
metadata:
labels:
app: painter
annotations:
app.kubernetes.io/name: painter
spec:
serviceAccountName: painter
containers:
{{- $painter := $.Values.painter }}
{{- $painterImage := $painter.image }}
- name: painter
image: {{ $painterImage.registry }}/{{ $painterImage.repository }}:{{ $painterImage.tag }}
imagePullPolicy: {{ $painterImage.pullPolicy }}
{{- if $painter.env }}
env:
{{ toYaml $painter.env | indent 10 }}
{{- else if $painter.extraEnvs }}
env:
{{- end }}
{{- range $name, $item := $painter.extraEnvs }}
- name: {{ $name }}
{{- $item | toYaml | nindent 12 }}
{{- end }}
resources:
{{- if $painter.resources }}
{{ toYaml $painter.resources | indent 10}}
{{- else}}
requests:
cpu: 500m
memory: 256Mi
{{- end }}
{{- /*
Render securityContext configs if it is set.
If securityContext is not set, render the default securityContext.
If securityContext is set to 'false', render an empty map.
*/}}
securityContext:
{{- if or ($painter.securityContext) (eq "map[]" (printf "%v" $painter.securityContext)) }}
{{ toYaml $painter.securityContext | indent 10}}
{{/* Because securityContext is nil by default we can only perform following conversion if it is a boolean. Skip conditional otherwise. */}}
{{- else if eq (ternary $painter.securityContext true (eq "bool" (printf "%T" $painter.securityContext))) false }}
{}
{{- else}}
runAsNonRoot: true
{{- if not $painter.floatingUserId }}
runAsUser: {{ printf "%.0f" (float64 $painter.runAsUser) }}
{{- end }}
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
{{- end }}
readinessProbe:
httpGet:
path: /
port: 8080
scheme: HTTPS
initialDelaySeconds: 5
periodSeconds: 10
{{- if $painterImage.pullSecret }}
imagePullSecrets:
- name: {{ $painterImage.pullSecret }}
{{- end}}
{{- end }} {{/* define "painter.deploymentSpec" */}}

{{/* Render painter deployment template with overrides from values*/}}
{{ if $painter.enabled }}
{{- $painterDeploymentOverrides := dict }}
{{- if $painter.deploymentOverrides }}
{{- $painterDeploymentOverrides = $painter.deploymentOverrides }}
{{- end }}
---
{{ include "skv2.utils.merge" (list . $painterDeploymentOverrides "painter.deploymentSpec") }}
{{- end }}
---
{{ if $painter.enabled }}
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app: painter
{{- if $painter.serviceAccount}}
{{- if $painter.serviceAccount.extraAnnotations }}
annotations:
{{- range $key, $value := $painter.serviceAccount.extraAnnotations }}
{{ $key }}: {{ $value }}
{{- end }}
{{- end }}
{{- end}}
name: painter
namespace: {{ default .Release.Namespace $.Values.painter.namespace }}
{{- end }}


{{- define "painter.serviceSpec"}}

{{- end }} {{/* define "painter.serviceSpec" */}}
{{ if $painter.enabled }}
{{/* Render painter service template with overrides from values*/}}
{{- $painterServiceOverrides := dict }}
{{- if $painter.serviceOverrides }}
{{- $painterServiceOverrides = $painter.serviceOverrides }}
{{- end }}

---

{{ include "skv2.utils.merge" (list . $painterServiceOverrides "painter.serviceSpec") }}
{{- end }}

2 changes: 2 additions & 0 deletions codegen/test/chart-readiness/templates/rbac.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# Code generated by skv2. DO NOT EDIT.

19 changes: 19 additions & 0 deletions codegen/test/chart-readiness/values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# Code generated by skv2. DO NOT EDIT.

painter:
deploymentOverrides: null
enabled: true
env: null
extraEnvs: {}
floatingUserId: false
image:
pullPolicy: IfNotPresent
registry: quay.io/solo-io
repository: painter
tag: v0.0.0
ports: {}
runAsUser: 10101
serviceOverrides: null
serviceType: ""
sidecars: {}