feat: values.yaml example

AtomiCloud · Sep 30, 2023 · dbe8553 · dbe8553
1 parent 4afcafa
commit dbe8553
Show file tree

Hide file tree

Showing 4 changed files with 83 additions and 155 deletions.
diff --git a/chart/README.md b/chart/README.md
@@ -15,73 +15,10 @@ Helm chart to deploy AtomiCloud's Cluster policy engine, Kyverno
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| kyverno.config.webhooks[0].namespaceSelector.matchExpressions[0].key | string | `"kubernetes.io/metadata.name"` |  |
-| kyverno.config.webhooks[0].namespaceSelector.matchExpressions[0].operator | string | `"NotIn"` |  |
-| kyverno.config.webhooks[0].namespaceSelector.matchExpressions[0].values[0] | string | `"kube-system"` |  |
-| kyverno.config.webhooks[0].namespaceSelector.matchExpressions[0].values[1] | string | `"kube-node-lease"` |  |
-| kyverno.config.webhooks[0].namespaceSelector.matchExpressions[0].values[2] | string | `"kube-public"` |  |
-| kyverno.config.webhooks[0].namespaceSelector.matchExpressions[0].values[3] | string | `"kyverno"` |  |
-| kyverno.customLabels."atomi.cloud/landscape" | string | `"pichu"` |  |
-| kyverno.customLabels."atomi.cloud/layer" | string | `"1"` |  |
-| kyverno.customLabels."atomi.cloud/module" | string | `"operator"` |  |
-| kyverno.customLabels."atomi.cloud/platform" | string | `"systems"` |  |
-| kyverno.customLabels."atomi.cloud/service" | string | `"policy-engine"` |  |
-| kyverno.podAnnotations."atomi.cloud/landscape" | string | `"pichu"` |  |
-| kyverno.podAnnotations."atomi.cloud/layer" | string | `"1"` |  |
-| kyverno.podAnnotations."atomi.cloud/module" | string | `"operator"` |  |
-| kyverno.podAnnotations."atomi.cloud/platform" | string | `"systems"` |  |
-| kyverno.podAnnotations."atomi.cloud/service" | string | `"policy-engine"` |  |
-| kyverno.replicaCount | int | `3` |  |
-| kyverno.resources.limits.cpu | int | `1` |  |
-| kyverno.resources.limits.memory | string | `"1Gi"` |  |
-| kyverno.resources.requests.cpu | string | `"100m"` |  |
-| kyverno.resources.requests.memory | string | `"128Mi"` |  |
-| kyverno.templating.enabled | bool | `false` |  |
-| kyverno.topologySpreadConstraints[0].labelSelector.matchLabels."atomi.cloud/module" | string | `"operator"` |  |
-| kyverno.topologySpreadConstraints[0].labelSelector.matchLabels."atomi.cloud/service" | string | `"policy-engine"` |  |
-| kyverno.topologySpreadConstraints[0].maxSkew | int | `1` |  |
-| kyverno.topologySpreadConstraints[0].topologyKey | string | `"topology.kubernetes.io/zone"` |  |
-| kyverno.topologySpreadConstraints[0].whenUnsatisfiable | string | `"ScheduleAnyway"` |  |
-| policy-reporter.podAnnotations."atomi.cloud/landscape" | string | `"pichu"` |  |
-| policy-reporter.podAnnotations."atomi.cloud/layer" | string | `"1"` |  |
-| policy-reporter.podAnnotations."atomi.cloud/module" | string | `"reporter"` |  |
-| policy-reporter.podAnnotations."atomi.cloud/platform" | string | `"systems"` |  |
-| policy-reporter.podAnnotations."atomi.cloud/service" | string | `"policy-engine"` |  |
-| policy-reporter.podLabels."atomi.cloud/landscape" | string | `"pichu"` |  |
-| policy-reporter.podLabels."atomi.cloud/layer" | string | `"1"` |  |
-| policy-reporter.podLabels."atomi.cloud/module" | string | `"reporter"` |  |
-| policy-reporter.podLabels."atomi.cloud/platform" | string | `"systems"` |  |
-| policy-reporter.podLabels."atomi.cloud/service" | string | `"policy-engine"` |  |
-| policy-reporter.resources.limits.cpu | int | `1` |  |
-| policy-reporter.resources.limits.memory | string | `"1Gi"` |  |
-| policy-reporter.resources.requests.cpu | string | `"100m"` |  |
-| policy-reporter.resources.requests.memory | string | `"128Mi"` |  |
-| policy-reporter.topologySpreadConstraints[0].labelSelector.matchLabels."atomi.cloud/module" | string | `"reporter"` |  |
-| policy-reporter.topologySpreadConstraints[0].labelSelector.matchLabels."atomi.cloud/service" | string | `"policy-engine"` |  |
-| policy-reporter.topologySpreadConstraints[0].maxSkew | int | `1` |  |
-| policy-reporter.topologySpreadConstraints[0].topologyKey | string | `"topology.kubernetes.io/zone"` |  |
-| policy-reporter.topologySpreadConstraints[0].whenUnsatisfiable | string | `"ScheduleAnyway"` |  |
-| policy-reporter.ui.enabled | bool | `true` |  |
-| policy-reporter.ui.podAnnotations."atomi.cloud/landscape" | string | `"pichu"` |  |
-| policy-reporter.ui.podAnnotations."atomi.cloud/layer" | string | `"1"` |  |
-| policy-reporter.ui.podAnnotations."atomi.cloud/module" | string | `"ui"` |  |
-| policy-reporter.ui.podAnnotations."atomi.cloud/platform" | string | `"systems"` |  |
-| policy-reporter.ui.podAnnotations."atomi.cloud/service" | string | `"policy-engine"` |  |
-| policy-reporter.ui.podLabels."atomi.cloud/landscape" | string | `"pichu"` |  |
-| policy-reporter.ui.podLabels."atomi.cloud/layer" | string | `"1"` |  |
-| policy-reporter.ui.podLabels."atomi.cloud/module" | string | `"ui"` |  |
-| policy-reporter.ui.podLabels."atomi.cloud/platform" | string | `"systems"` |  |
-| policy-reporter.ui.podLabels."atomi.cloud/service" | string | `"policy-engine"` |  |
-| policy-reporter.ui.resources.limits.cpu | int | `1` |  |
-| policy-reporter.ui.resources.limits.memory | string | `"1Gi"` |  |
-| policy-reporter.ui.resources.requests.cpu | string | `"100m"` |  |
-| policy-reporter.ui.resources.requests.memory | string | `"128Mi"` |  |
-| serviceTree.cluster | string | `"opal"` |  |
-| serviceTree.landscape | string | `"pichu"` |  |
-| serviceTree.layer | string | `"1"` |  |
-| serviceTree.module | string | `"operator"` |  |
-| serviceTree.platform | string | `"systems"` |  |
-| serviceTree.service | string | `"policy-engine"` |  |
+| kyverno | object | `{"config":{"webhooks":[{"namespaceSelector":{"matchExpressions":[{"key":"kubernetes.io/metadata.name","operator":"NotIn","values":["kube-system","kube-node-lease","kube-public","kyverno"]}]}}]},"customLabels":{"<<":{"atomi.cloud/layer":"1","atomi.cloud/platform":"sulfoxide","atomi.cloud/service":"argon"},"atomi.cloud/module":"operator"},"podAnnotations":{"<<":{"atomi.cloud/layer":"1","atomi.cloud/platform":"sulfoxide","atomi.cloud/service":"argon"},"atomi.cloud/module":"operator"},"replicaCount":3,"resources":{"limits":{"cpu":1,"memory":"1Gi"},"requests":{"cpu":"100m","memory":"128Mi"}},"templating":{"enabled":false},"topologySpreadConstraints":[{"labelSelector":{"matchLabels":{"<<":{"atomi.cloud/layer":"1","atomi.cloud/platform":"sulfoxide","atomi.cloud/service":"argon"},"atomi.cloud/module":"operator"}},"maxSkew":1,"topologyKey":"topology.kubernetes.io/zone","whenUnsatisfiable":"ScheduleAnyway"}]}` | Kyverno Configuration. See [Kyverno](https://github.com/kyverno/kyverno/tree/main/charts/kyverno) |
+| policy-reporter | object | `{"podAnnotations":{"<<":{"atomi.cloud/layer":"1","atomi.cloud/platform":"sulfoxide","atomi.cloud/service":"argon"},"atomi.cloud/module":"reporter"},"podLabels":{"<<":{"atomi.cloud/layer":"1","atomi.cloud/platform":"sulfoxide","atomi.cloud/service":"argon"},"atomi.cloud/module":"reporter"},"resources":{"limits":{"cpu":1,"memory":"1Gi"},"requests":{"cpu":"100m","memory":"128Mi"}},"topologySpreadConstraints":[{"labelSelector":{"matchLabels":{"<<":{"atomi.cloud/layer":"1","atomi.cloud/platform":"sulfoxide","atomi.cloud/service":"argon"},"atomi.cloud/module":"reporter"}},"maxSkew":1,"topologyKey":"topology.kubernetes.io/zone","whenUnsatisfiable":"ScheduleAnyway"}],"ui":{"enabled":true,"podAnnotations":{"<<":{"atomi.cloud/layer":"1","atomi.cloud/platform":"sulfoxide","atomi.cloud/service":"argon"},"atomi.cloud/module":"ui"},"podLabels":{"<<":{"atomi.cloud/layer":"1","atomi.cloud/platform":"sulfoxide","atomi.cloud/service":"argon"},"atomi.cloud/module":"ui"},"resources":{"limits":{"cpu":1,"memory":"1Gi"},"requests":{"cpu":"100m","memory":"128Mi"}}}}` | Kyverno Policy Reporter Configuration. See [Policy Reporter](https://github.com/kyverno/policy-reporter) |
+| serviceTree | object | `{"layer":"1","platform":"sulfoxide","service":"argon"}` | AtomiCloud Service Tree. See [ServiceTree](https://atomicloud.larksuite.com/wiki/OkfJwTXGFiMJkrk6W3RuwRrZs64?theme=DARK&contentTheme=DARK#MHw5d76uDo2tBLx86cduFQMRsBb) |
+| tags | object | `{"atomi.cloud/layer":"1","atomi.cloud/platform":"sulfoxide","atomi.cloud/service":"argon"}` | Kubernetes labels and annotations, following Service Tree |
 
 ----------------------------------------------
 Autogenerated from chart metadata using [helm-docs v1.11.1](https://github.com/norwoodj/helm-docs/releases/v1.11.1)
diff --git a/chart/values.example.yaml b/chart/values.example.yaml
@@ -0,0 +1,57 @@
+serviceTree:
+  landscape: &landscape lapras
+  cluster: &cluster opal
+
+tags: &tags
+  atomi.cloud/landscape: *landscape
+  atomi.cloud/cluster: *cluster
+
+kyverno:
+  replicaCount: 3
+  topologySpreadConstraints:
+    - maxSkew: 1
+      labelSelector:
+        matchLabels:
+          <<: *tags
+  resources:
+    limits:
+      cpu: 1
+      memory: 1Gi
+    requests:
+      cpu: 100m
+      memory: 128Mi
+  podAnnotations:
+    <<: *tags
+  customLabels:
+    <<: *tags
+
+# -- Kyverno Policy Reporter Configuration. See [Policy Reporter](https://github.com/kyverno/policy-reporter)
+policy-reporter:
+  topologySpreadConstraints:
+    - maxSkew: 1
+      labelSelector:
+        matchLabels:
+          <<: *tags
+  resources:
+    limits:
+      cpu: 1
+      memory: 1Gi
+    requests:
+      cpu: 100m
+      memory: 128Mi
+  podLabels:
+    <<: *tags
+  podAnnotations:
+    <<: *tags
+  ui:
+    resources:
+      limits:
+        cpu: 1
+        memory: 1Gi
+      requests:
+        cpu: 100m
+        memory: 128Mi
+    podLabels:
+      <<: *tags
+    podAnnotations:
+      <<: *tags
diff --git a/chart/values.pichu.opal.yaml b/chart/values.pichu.opal.yaml
diff --git a/chart/values.yaml b/chart/values.yaml
@@ -1,12 +1,18 @@
+# -- AtomiCloud Service Tree. See [ServiceTree](https://atomicloud.larksuite.com/wiki/OkfJwTXGFiMJkrk6W3RuwRrZs64?theme=DARK&contentTheme=DARK#MHw5d76uDo2tBLx86cduFQMRsBb)
 serviceTree:
-  landscape: pichu
-  platform: systems
-  service: policy-engine
-  module: operator
-  cluster: opal
-  layer: "1"
+  platform: &platform sulfoxide
+  service: &service argon
+  layer: &layer "1"
 
+# -- Kubernetes labels and annotations, following Service Tree
+tags: &tags
+  atomi.cloud/platform: *platform
+  atomi.cloud/service: *service
+  atomi.cloud/layer: *layer
+
+# -- Kyverno Configuration. See [Kyverno](https://github.com/kyverno/kyverno/tree/main/charts/kyverno)
 kyverno:
+  replicaCount: 3
   templating:
     enabled: false
   topologySpreadConstraints:
@@ -15,7 +21,7 @@ kyverno:
       whenUnsatisfiable: ScheduleAnyway
       labelSelector:
         matchLabels:
-          atomi.cloud/service: policy-engine
+          <<: *tags
           atomi.cloud/module: operator
   resources:
     limits:
@@ -25,18 +31,11 @@ kyverno:
       cpu: 100m
       memory: 128Mi
   podAnnotations:
-    atomi.cloud/landscape: pichu
-    atomi.cloud/platform: systems
-    atomi.cloud/service: policy-engine
+    <<: *tags
     atomi.cloud/module: operator
-    atomi.cloud/layer: "1"
   customLabels:
-    atomi.cloud/landscape: pichu
-    atomi.cloud/platform: systems
-    atomi.cloud/service: policy-engine
+    <<: *tags
     atomi.cloud/module: operator
-    atomi.cloud/layer: "1"
-  replicaCount: 3
   config:
     webhooks:
       - namespaceSelector:
@@ -48,15 +47,15 @@ kyverno:
                 - kube-node-lease
                 - kube-public
                 - kyverno
-
+# -- Kyverno Policy Reporter Configuration. See [Policy Reporter](https://github.com/kyverno/policy-reporter)
 policy-reporter:
   topologySpreadConstraints:
     - maxSkew: 1
       topologyKey: "topology.kubernetes.io/zone"
       whenUnsatisfiable: ScheduleAnyway
       labelSelector:
         matchLabels:
-          atomi.cloud/service: policy-engine
+          <<: *tags
           atomi.cloud/module: reporter
   resources:
     limits:
@@ -66,35 +65,23 @@ policy-reporter:
       cpu: 100m
       memory: 128Mi
   podLabels:
-    atomi.cloud/landscape: pichu
-    atomi.cloud/platform: systems
-    atomi.cloud/service: policy-engine
+    <<: *tags
     atomi.cloud/module: reporter
-    atomi.cloud/layer: "1"
   podAnnotations:
-    atomi.cloud/landscape: pichu
-    atomi.cloud/platform: systems
-    atomi.cloud/service: policy-engine
+    <<: *tags
     atomi.cloud/module: reporter
-    atomi.cloud/layer: "1"
   ui:
+    enabled: true
     resources:
       limits:
         cpu: 1
         memory: 1Gi
       requests:
         cpu: 100m
         memory: 128Mi
-    enabled: true
     podLabels:
-      atomi.cloud/landscape: pichu
-      atomi.cloud/platform: systems
-      atomi.cloud/service: policy-engine
+      <<: *tags
       atomi.cloud/module: ui
-      atomi.cloud/layer: "1"
     podAnnotations:
-      atomi.cloud/landscape: pichu
-      atomi.cloud/platform: systems
-      atomi.cloud/service: policy-engine
+      <<: *tags
       atomi.cloud/module: ui
-      atomi.cloud/layer: "1"