diff --git a/.zuul.yaml b/.zuul.yaml new file mode 100644 index 0000000..0792bb0 --- /dev/null +++ b/.zuul.yaml @@ -0,0 +1,8 @@ +--- + - project: + check: + jobs: + - openstack-tox-linters + gate: + jobs: + - openstack-tox-linters \ No newline at end of file diff --git a/centos_build_layer.cfg b/centos_build_layer.cfg new file mode 100644 index 0000000..c581999 --- /dev/null +++ b/centos_build_layer.cfg @@ -0,0 +1 @@ +flock diff --git a/centos_iso_image.inc b/centos_iso_image.inc new file mode 100644 index 0000000..4aa6b80 --- /dev/null +++ b/centos_iso_image.inc @@ -0,0 +1 @@ +stx-metrics-server-helm diff --git a/centos_pkg_dirs b/centos_pkg_dirs new file mode 100644 index 0000000..4aa6b80 --- /dev/null +++ b/centos_pkg_dirs @@ -0,0 +1 @@ +stx-metrics-server-helm diff --git a/centos_pkg_dirs_containers b/centos_pkg_dirs_containers new file mode 100644 index 0000000..4aa6b80 --- /dev/null +++ b/centos_pkg_dirs_containers @@ -0,0 +1 @@ +stx-metrics-server-helm diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..c01ade2 --- /dev/null +++ b/requirements.txt @@ -0,0 +1 @@ +# Nothing diff --git a/stx-metrics-server-helm/centos/build_srpm.data b/stx-metrics-server-helm/centos/build_srpm.data new file mode 100644 index 0000000..eab950b --- /dev/null +++ b/stx-metrics-server-helm/centos/build_srpm.data @@ -0,0 +1,7 @@ +SRC_DIR="stx-metrics-server-helm" + +TIS_PATCH_VER=GITREVCOUNT +SRC_BASE_SRCREV=9fa1ccbdbae09c9726642bfbb5b20e27cd729f2c +COPY_LIST_TO_TAR="\ + $STX_BASE/helm-charts/psp-rolebinding/psp-rolebinding/helm-charts \ +" diff --git a/stx-metrics-server-helm/centos/stx-metrics-server-helm.spec b/stx-metrics-server-helm/centos/stx-metrics-server-helm.spec new file mode 100644 index 0000000..6f37ddf --- /dev/null +++ b/stx-metrics-server-helm/centos/stx-metrics-server-helm.spec @@ -0,0 +1,76 @@ +# Application tunables (maps to metadata) +%global app_name metrics-server +%global helm_repo stx-platform +%global helm_folder /usr/lib/helm +%global armada_folder /usr/lib/armada +%global app_folder /usr/local/share/applications/helm +%global helmchart_version 0.1.0 + + +Summary: StarlingX Metrics Server Armada Helm Charts +Name: stx-metrics-server-helm +Version: 1.0 +Release: %{tis_patch_ver}%{?_tis_dist} +License: Apache-2.0 +Group: base +Packager: Wind River +URL: unknown + +Source0: %{name}-%{version}.tar.gz + +BuildArch: noarch + +BuildRequires: helm +BuildRequires: chartmuseum + +%description +StarlingX Metrics Server Armada Helm Charts + +%prep +%setup + +%build +# Host a server for the charts +chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="." & +sleep 2 +helm repo add local http://localhost:8879/charts + +# Make the charts. These produce a tgz file +cd helm-charts +make +cd - + +# terminate helm server (the last backgrounded task) +kill %1 + +# Create a chart tarball compliant with sysinv kube-app.py +%define app_staging %{_builddir}/staging +%define app_tarball %{app_name}-%{version}-%{tis_patch_ver}.tgz + +# Setup staging +mkdir -p %{app_staging} +cp files/metadata.yaml %{app_staging} +cp manifests/*.yaml %{app_staging} +mkdir -p %{app_staging}/charts +cp helm-charts/*.tgz %{app_staging}/charts +cd %{app_staging} + +# Populate metadata +sed -i 's/@APP_NAME@/%{app_name}/g' %{app_staging}/metadata.yaml +sed -i 's/@APP_VERSION@/%{version}-%{tis_patch_ver}/g' %{app_staging}/metadata.yaml +sed -i 's/@HELM_REPO@/%{helm_repo}/g' %{app_staging}/metadata.yaml + +# package it up +find . -type f ! -name '*.md5' -print0 | xargs -0 md5sum > checksum.md5 +tar -zcf %{_builddir}/%{app_tarball} -C %{app_staging}/ . + +# Cleanup staging +rm -fr %{app_staging} + +%install +install -d -m 755 %{buildroot}/%{app_folder} +install -p -D -m 755 %{_builddir}/%{app_tarball} %{buildroot}/%{app_folder} + +%files +%defattr(-,root,root,-) +%{app_folder}/* diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/files/index.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/files/index.yaml new file mode 100644 index 0000000..36db709 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/files/index.yaml @@ -0,0 +1,3 @@ +apiVersion: v1 +entries: {} +generated: 2019-01-07T12:33:46.098166523-06:00 diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/files/metadata.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/files/metadata.yaml new file mode 100644 index 0000000..d2c6295 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/files/metadata.yaml @@ -0,0 +1,5 @@ +maintain_user_overrides: true + +app_name: @APP_NAME@ +app_version: @APP_VERSION@ +helm_repo: @HELM_REPO@ diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/files/repositories.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/files/repositories.yaml new file mode 100644 index 0000000..e613b63 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/files/repositories.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +generated: 2019-01-02T15:19:36.215111369-06:00 +repositories: +- caFile: "" + cache: /builddir/.helm/repository/cache/local-index.yaml + certFile: "" + keyFile: "" + name: local + password: "" + url: http://127.0.0.1:8879/charts + username: "" + diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/Makefile b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/Makefile new file mode 100644 index 0000000..5cf4447 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/Makefile @@ -0,0 +1,43 @@ +# +# Copyright 2017 The Openstack-Helm Authors. +# +# Copyright (c) 2018 Wind River Systems, Inc. +# +# SPDX-License-Identifier: Apache-2.0 +# +# It's necessary to set this because some environments don't link sh -> bash. +SHELL := /bin/bash +TASK := build + +EXCLUDES := helm-toolkit doc tests tools logs tmp +CHARTS := helm-toolkit $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.))) + +.PHONY: $(EXCLUDES) $(CHARTS) + +all: $(CHARTS) + +$(CHARTS): + @if [ -d $@ ]; then \ + echo; \ + echo "===== Processing [$@] chart ====="; \ + make $(TASK)-$@; \ + fi + +init-%: + if [ -f $*/Makefile ]; then make -C $*; fi + if [ -f $*/requirements.yaml ]; then helm dep up $*; fi + +lint-%: init-% + if [ -d $* ]; then helm lint $*; fi + +build-%: lint-% + if [ -d $* ]; then helm package $*; fi + +clean: + @echo "Clean all build artifacts" + rm -f */templates/_partials.tpl */templates/_globals.tpl + rm -f *tgz */charts/*tgz */requirements.lock + rm -rf */charts */tmpcharts + +%: + @: diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/Chart.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/Chart.yaml new file mode 100644 index 0000000..b3f8203 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v2 +name: metrics-server +description: Helm chart for the Kubernetes Metrics Server. +type: application +version: 1.0.0 +appVersion: 0.4.1 +keywords: + - kubernetes + - metrics-server + - metrics +home: https://github.com/kubernetes-sigs/metrics-server +icon: https://avatars.githubusercontent.com/u/36015203?s=400&v=4 +sources: + - https://github.com/kubernetes-sigs/metrics-server diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/_helpers.tpl b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/_helpers.tpl new file mode 100644 index 0000000..a1ab9dc --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "metrics-server.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "metrics-server.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "metrics-server.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "metrics-server.labels" -}} +helm.sh/chart: {{ include "metrics-server.chart" . }} +{{ include "metrics-server.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "metrics-server.selectorLabels" -}} +app.kubernetes.io/name: {{ include "metrics-server.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "metrics-server.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "metrics-server.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/apiservice.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/apiservice.yaml new file mode 100644 index 0000000..dd37b5d --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/apiservice.yaml @@ -0,0 +1,17 @@ +{{- if .Values.apiService.create -}} +apiVersion: apiregistration.k8s.io/v1 +kind: APIService +metadata: + name: v1beta1.metrics.k8s.io + labels: + {{- include "metrics-server.labels" . | nindent 4 }} +spec: + group: metrics.k8s.io + groupPriorityMinimum: 100 + insecureSkipTLSVerify: true + service: + name: {{ include "metrics-server.fullname" . }} + namespace: {{ .Release.Namespace }} + version: v1beta1 + versionPriority: 100 +{{- end -}} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrole-aggregated-reader.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrole-aggregated-reader.yaml new file mode 100644 index 0000000..d5e8fe1 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrole-aggregated-reader.yaml @@ -0,0 +1,21 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ printf "system:%s-aggregated-reader" (include "metrics-server.name" .) }} + labels: + {{- include "metrics-server.labels" . | nindent 4 }} + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: + - apiGroups: + - metrics.k8s.io + resources: + - pods + - nodes + verbs: + - get + - list + - watch +{{- end -}} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrole.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrole.yaml new file mode 100644 index 0000000..0636414 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrole.yaml @@ -0,0 +1,32 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ printf "system:%s" (include "metrics-server.fullname" .) }} + labels: + {{- include "metrics-server.labels" . | nindent 4 }} +rules: + - apiGroups: + - "" + resources: + - pods + - nodes + - nodes/stats + - namespaces + - configmaps + verbs: + - get + - list + - watch + {{- if .Values.rbac.pspEnabled }} + - apiGroups: + - extensions + - policy + resources: + - podsecuritypolicies + resourceNames: + - {{ printf "privileged-%s" (include "metrics-server.fullname" .) }} + verbs: + - use + {{- end -}} +{{- end -}} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrolebinding-auth-delegator.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrolebinding-auth-delegator.yaml new file mode 100644 index 0000000..826c3b7 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrolebinding-auth-delegator.yaml @@ -0,0 +1,16 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ printf "%s:system:auth-delegator" (include "metrics-server.fullname" .) }} + labels: + {{- include "metrics-server.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:auth-delegator +subjects: + - kind: ServiceAccount + name: {{ include "metrics-server.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end -}} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrolebinding.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrolebinding.yaml new file mode 100644 index 0000000..512cb65 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ printf "system:%s" (include "metrics-server.fullname" .) }} + labels: + {{- include "metrics-server.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:{{ template "metrics-server.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "metrics-server.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end -}} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/deployment.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/deployment.yaml new file mode 100644 index 0000000..7894a21 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/deployment.yaml @@ -0,0 +1,79 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "metrics-server.fullname" . }} + labels: + {{- include "metrics-server.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicas }} + selector: + matchLabels: + {{- include "metrics-server.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "metrics-server.selectorLabels" . | nindent 8 }} + app: metrics-server + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "metrics-server.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- with .Values.priorityClassName }} + priorityClassName: {{ . | quote }} + {{- end }} + {{- if .Values.hostNetwork.enabled }} + hostNetwork: true + {{- end }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: {{ printf "%s:%s" .Values.image.repository (.Values.image.tag | default (printf "v%s" .Chart.AppVersion)) }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - --cert-dir=/tmp + - --secure-port=4443 + - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname + - --kubelet-use-node-status-port + - --logtostderr + {{- range .Values.args }} + - {{ . }} + {{- end }} + ports: + - name: https + containerPort: 4443 + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | trim | nindent 12 }} + volumeMounts: + - name: tmp + mountPath: /tmp + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + - name: tmp + emptyDir: {} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/pdb.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/pdb.yaml new file mode 100644 index 0000000..cda6b4e --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/pdb.yaml @@ -0,0 +1,18 @@ +{{- if .Values.podDisruptionBudget.enabled -}} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ include "metrics-server.fullname" . }} + labels: + {{- include "metrics-server.labels" . | nindent 4 }} +spec: + {{- if .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "metrics-server.name" . }} +{{- end -}} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/psp.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/psp.yaml new file mode 100644 index 0000000..bf8ace1 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/psp.yaml @@ -0,0 +1,28 @@ +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ printf "privileged-%s" (include "metrics-server.fullname" .) }} + labels: + {{- include "metrics-server.labels" . | nindent 4 }} +spec: + allowedCapabilities: + - '*' + fsGroup: + rule: RunAsAny + privileged: true + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + volumes: + - '*' + hostPID: true + hostIPC: true + hostNetwork: true + hostPorts: + - min: 1 + max: 65536 +{{- end }} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/rolebinding.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/rolebinding.yaml new file mode 100644 index 0000000..3fda743 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/rolebinding.yaml @@ -0,0 +1,17 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ printf "%s-auth-reader" (include "metrics-server.fullname" .) }} + namespace: kube-system + labels: + {{- include "metrics-server.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: + - kind: ServiceAccount + name: {{ include "metrics-server.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end -}} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-cluster-role-binding.yml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-cluster-role-binding.yml new file mode 100644 index 0000000..ad4e316 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-cluster-role-binding.yml @@ -0,0 +1,16 @@ +{{- if .Values.sampleApp.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app: metric-server-test-app + name: access-metrics-api +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: access-metrics-api +subjects: +- kind: ServiceAccount + name: metric-server-test-app + namespace: metric-server-test-app +{{- end }} \ No newline at end of file diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-cluster-role.yml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-cluster-role.yml new file mode 100644 index 0000000..c78fb28 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-cluster-role.yml @@ -0,0 +1,17 @@ +{{- if .Values.sampleApp.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app: metric-server-test-app + name: access-metrics-api +rules: +- apiGroups: + - metrics.k8s.io + resources: + - pods + - nodes + verbs: + - get + - list +{{- end }} \ No newline at end of file diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-deployment.yml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-deployment.yml new file mode 100644 index 0000000..c318dd9 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-deployment.yml @@ -0,0 +1,25 @@ +{{- if .Values.sampleApp.create -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: metric-server-test-app-deployment + namespace: metric-server-test-app +spec: + selector: + matchLabels: + app: metric-server-test-app + replicas: 1 + template: + metadata: + labels: + app: metric-server-test-app + spec: + containers: + - name: sample-app + image: docker.io/starlingx/stx-metrics-server-sample-app + imagePullPolicy: IfNotPresent + env: + - name: TOKEN_PATH + value: /var/run/secrets/kubernetes.io/serviceaccount/token + serviceAccountName: metric-server-test-app +{{- end -}} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-namespace.yml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-namespace.yml new file mode 100644 index 0000000..5a83759 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-namespace.yml @@ -0,0 +1,6 @@ +{{- if .Values.sampleApp.create -}} +apiVersion: v1 +kind: Namespace +metadata: + name: metric-server-test-app +{{- end }} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-service-account.yml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-service-account.yml new file mode 100644 index 0000000..5e116c0 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/sample-app-service-account.yml @@ -0,0 +1,9 @@ +{{- if .Values.sampleApp.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: metric-server-test-app + name: metric-server-test-app + namespace: metric-server-test-app +{{- end }} \ No newline at end of file diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/service.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/service.yaml new file mode 100644 index 0000000..abbb659 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/service.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "metrics-server.fullname" . }} + {{- with .Values.service.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "metrics-server.labels" . | nindent 4 }} + {{- with .Values.service.labels -}} + {{ toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - name: https + port: {{ .Values.service.port }} + protocol: TCP + targetPort: https + selector: + {{- include "metrics-server.selectorLabels" . | nindent 4 }} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/serviceaccount.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/serviceaccount.yaml new file mode 100644 index 0000000..12f7724 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "metrics-server.serviceAccountName" . }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "metrics-server.labels" . | nindent 4 }} +{{- end -}} diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/values.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/values.yaml new file mode 100644 index 0000000..ed14027 --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/helm-charts/metrics-server/values.yaml @@ -0,0 +1,106 @@ +# Default values for metrics-server. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + repository: k8s.gcr.io/metrics-server/metrics-server + # Overrides the image tag whose default is jetty-v{{ .Chart.AppVersion }} + tag: "" + pullPolicy: IfNotPresent + +imagePullSecrets: [] +# - registrySecretName + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +rbac: + # Specifies whether RBAC resources should be created + create: true + pspEnabled: false + +apiService: + # Specifies if the v1beta1.metrics.k8s.io API service should be created. + # + # You typically want this enabled! If you disable API service creation you have to + # manage it outside of this chart for e.g horizontal pod autoscaling to + # work with this release. + create: true + +podAnnotations: {} + +podSecurityContext: {} + +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["all"] + readOnlyRootFilesystem: true + runAsGroup: 10001 + runAsNonRoot: true + runAsUser: 10001 + +priorityClassName: "system-cluster-critical" + +hostNetwork: + # Specifies if metrics-server should be started in hostNetwork mode. + # + # You would require this enabled if you use alternate overlay networking for pods and + # API server unable to communicate with metrics-server. As an example, this is required + # if you use Weave network on EKS + enabled: false + +replicas: 1 + +args: [] + +livenessProbe: + httpGet: + path: /healthz + port: https + scheme: HTTPS + initialDelaySeconds: 20 + +readinessProbe: + httpGet: + path: /healthz + port: https + scheme: HTTPS + initialDelaySeconds: 20 + +service: + annotations: {} + labels: {} + # Add these labels to have metrics-server show up in `kubectl cluster-info` + # kubernetes.io/cluster-service: "true" + # kubernetes.io/name: "Metrics-server" + port: 443 + type: ClusterIP + +resources: {} + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +podDisruptionBudget: + # https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + enabled: false + minAvailable: + maxUnavailable: + +# If you want to deploy a sample app application to test metrics server +# Set the create value to true +sampleApp: + create: false diff --git a/stx-metrics-server-helm/stx-metrics-server-helm/manifests/metrics-server_manifest.yaml b/stx-metrics-server-helm/stx-metrics-server-helm/manifests/metrics-server_manifest.yaml new file mode 100644 index 0000000..1dfb62d --- /dev/null +++ b/stx-metrics-server-helm/stx-metrics-server-helm/manifests/metrics-server_manifest.yaml @@ -0,0 +1,88 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: metrics-server-psp-rolebinding +data: + chart_name: psp-rolebinding + release: metrics-server-psp-rolebinding + namespace: metrics-server + values: + rolebindingNamespace: metrics-server + serviceAccount: metrics-server + source: + location: http://172.17.0.1:8080/helm_charts/stx-platform/psp-rolebinding-0.1.0.tgz + subpath: psp-rolebinding + type: tar + reference: master + upgrade: + no_hooks: false + pre: + delete: + - labels: + release_group: metrics-server-psp-rolebinding + type: job + wait: + labels: + release_group: metrics-server-psp-rolebinding + resources: [] + timeout: 1800 + dependencies: [] +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: metrics-server +data: + chart_name: metrics-server + release: metrics-server + namespace: metrics-server + wait: + timeout: 1800 + labels: + app: metrics-server + install: + no_hooks: false + upgrade: + no_hooks: false + pre: + delete: + - type: job + labels: + app: metrics-server + values: + imagePullSecrets: [{"name": "default-registry-key"}] + args: + - --kubelet-insecure-tls + replicas: 1 + image: + repository: k8s.gcr.io/metrics-server/metrics-server + tag: "v0.4.1" + nodeSelector: + node-role.kubernetes.io/master: "" + source: + type: tar + location: http://172.17.0.1/helm_charts/stx-platform/metrics-server-1.0.0.tgz + subpath: metrics-server + reference: master + dependencies: [] +--- +schema: armada/ChartGroup/v1 +metadata: + schema: metadata/Document/v1 + name: metrics-server +data: + description: "StarlingX metrics-server" + sequenced: true + chart_group: + - metrics-server + - metrics-server-psp-rolebinding +--- +schema: armada/Manifest/v1 +metadata: + schema: metadata/Document/v1 + name: metrics-server-manifest +data: + release_prefix: ms + chart_groups: + - metrics-server \ No newline at end of file diff --git a/test-requirements.txt b/test-requirements.txt new file mode 100644 index 0000000..8ae3e22 --- /dev/null +++ b/test-requirements.txt @@ -0,0 +1,3 @@ +# hacking pulls in flake8 +hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0 +bashate >= 0.2 diff --git a/tox.ini b/tox.ini new file mode 100644 index 0000000..cede375 --- /dev/null +++ b/tox.ini @@ -0,0 +1,35 @@ +[tox] +envlist = linters +minversion = 2.3 +skipsdist = True +sitepackages=False + +[testenv] +install_command = pip install -U {opts} {packages} +setenv = + VIRTUAL_ENV={envdir} + OS_STDOUT_CAPTURE=1 + OS_STDERR_CAPTURE=1 + OS_DEBUG=1 + OS_LOG_CAPTURE=1 +deps = + -r{toxinidir}/requirements.txt + -r{toxinidir}/test-requirements.txt +whitelist_externals = + bash + +[testenv:bashate] +# Treat all E* codes as Errors rather than warnings using: -e 'E*' +commands = + bash -c "find {toxinidir} \ + -not \( -type d -name .?\* -prune \) \ + -type f \ + -not -name \*~ \ + -not -name \*.md \ + -name \*.sh \ + -print0 | xargs -r -n 1 -0 bashate -v \ + -e 'E*'" + +[testenv:linters] +commands = + {[testenv:bashate]commands}