From c32864d6632161c16d62a01ee152f4ab111b1cdf Mon Sep 17 00:00:00 2001 From: Oleg Kunitsyn <114359669+hiddenmarten@users.noreply.github.com> Date: Sun, 9 Jun 2024 12:38:09 +0200 Subject: [PATCH] [102] Slightly update default template and add some comments (#230) --- charts/etcd-operator/README.md | 85 +++++++++----------- charts/etcd-operator/README.md.gotmpl | 19 +++++ charts/etcd-operator/values.schema.json | 8 -- charts/etcd-operator/values.yaml | 102 ++++++++++++++++++++++-- 4 files changed, 151 insertions(+), 63 deletions(-) create mode 100644 charts/etcd-operator/README.md.gotmpl diff --git a/charts/etcd-operator/README.md b/charts/etcd-operator/README.md index 729dab25..33838106 100644 --- a/charts/etcd-operator/README.md +++ b/charts/etcd-operator/README.md @@ -1,63 +1,54 @@ # etcd-operator -![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.0](https://img.shields.io/badge/AppVersion-v0.0.0-informational?style=flat-square) +![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| -| affinity | object | `{}` | | +| affinity | object | `{}` | ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity | | etcdOperator.args[0] | string | `"--health-probe-bind-address=:8081"` | | | etcdOperator.args[1] | string | `"--metrics-bind-address=127.0.0.1:8080"` | | | etcdOperator.args[2] | string | `"--leader-elect"` | | -| etcdOperator.envVars | object | `{}` | | -| etcdOperator.image.pullPolicy | string | `"IfNotPresent"` | | -| etcdOperator.image.repository | string | `"ghcr.io/aenix-io/etcd-operator"` | | -| etcdOperator.image.tag | string | `""` | | -| etcdOperator.livenessProbe.httpGet.path | string | `"/healthz"` | | -| etcdOperator.livenessProbe.httpGet.port | int | `8081` | | -| etcdOperator.livenessProbe.initialDelaySeconds | int | `15` | | -| etcdOperator.livenessProbe.periodSeconds | int | `20` | | -| etcdOperator.readinessProbe.httpGet.path | string | `"/readyz"` | | -| etcdOperator.readinessProbe.httpGet.port | int | `8081` | | -| etcdOperator.readinessProbe.initialDelaySeconds | int | `5` | | -| etcdOperator.readinessProbe.periodSeconds | int | `10` | | -| etcdOperator.resources.limits.cpu | string | `"500m"` | | -| etcdOperator.resources.limits.memory | string | `"128Mi"` | | -| etcdOperator.resources.requests.cpu | string | `"100m"` | | -| etcdOperator.resources.requests.memory | string | `"64Mi"` | | -| etcdOperator.securityContext.allowPrivilegeEscalation | bool | `false` | | -| etcdOperator.securityContext.capabilities.drop[0] | string | `"ALL"` | | -| etcdOperator.service.port | int | `9443` | | -| etcdOperator.service.type | string | `"ClusterIP"` | | -| fullnameOverride | string | `""` | | +| etcdOperator.envVars | object | `{}` | Empty environment variables section | +| etcdOperator.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | +| etcdOperator.image.repository | string | `"ghcr.io/aenix-io/etcd-operator"` | Image repository | +| etcdOperator.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| etcdOperator.livenessProbe.httpGet.path | string | `"/healthz"` | Healthcheck liveness probe path | +| etcdOperator.livenessProbe.httpGet.port | int | `8081` | Healthcheck port | +| etcdOperator.livenessProbe.initialDelaySeconds | int | `15` | ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes | +| etcdOperator.livenessProbe.periodSeconds | int | `20` | ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes | +| etcdOperator.readinessProbe.httpGet.path | string | `"/readyz"` | Healthcheck readiness probe path | +| etcdOperator.readinessProbe.httpGet.port | int | `8081` | Healthcheck port | +| etcdOperator.readinessProbe.initialDelaySeconds | int | `5` | ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes | +| etcdOperator.readinessProbe.periodSeconds | int | `10` | ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes | +| etcdOperator.resources | object | `{"limits":{"cpu":"500m","memory":"128Mi"},"requests":{"cpu":"100m","memory":"64Mi"}}` | ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | +| etcdOperator.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` | ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | +| etcdOperator.service.port | int | `9443` | Service port | +| etcdOperator.service.type | string | `"ClusterIP"` | Service type | +| fullnameOverride | string | `""` | Override a full name of helm release | | imagePullSecrets | list | `[]` | | | kubeRbacProxy.args[0] | string | `"--secure-listen-address=0.0.0.0:8443"` | | | kubeRbacProxy.args[1] | string | `"--upstream=http://127.0.0.1:8080/"` | | | kubeRbacProxy.args[2] | string | `"--logtostderr=true"` | | | kubeRbacProxy.args[3] | string | `"--v=0"` | | -| kubeRbacProxy.image.pullPolicy | string | `"IfNotPresent"` | | -| kubeRbacProxy.image.repository | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` | | -| kubeRbacProxy.image.tag | string | `"v0.16.0"` | | -| kubeRbacProxy.livenessProbe | object | `{}` | | -| kubeRbacProxy.readinessProbe | object | `{}` | | -| kubeRbacProxy.resources.limits.cpu | string | `"500m"` | | -| kubeRbacProxy.resources.limits.memory | string | `"128Mi"` | | -| kubeRbacProxy.resources.requests.cpu | string | `"100m"` | | -| kubeRbacProxy.resources.requests.memory | string | `"64Mi"` | | -| kubeRbacProxy.securityContext.allowPrivilegeEscalation | bool | `false` | | -| kubeRbacProxy.securityContext.capabilities.drop[0] | string | `"ALL"` | | -| kubeRbacProxy.service.port | int | `8443` | | -| kubeRbacProxy.service.type | string | `"ClusterIP"` | | -| kubernetesClusterDomain | string | `"cluster.local"` | | -| nameOverride | string | `""` | | -| nodeSelector | object | `{}` | | -| podAnnotations | object | `{}` | | -| podLabels | object | `{}` | | -| podSecurityContext | object | `{}` | | -| replicaCount | int | `1` | | -| securityContext.runAsNonRoot | bool | `true` | | -| serviceAccount.annotations | object | `{}` | | -| serviceAccount.create | bool | `true` | | -| tolerations | list | `[]` | | +| kubeRbacProxy.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | +| kubeRbacProxy.image.repository | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` | Image repository | +| kubeRbacProxy.image.tag | string | `"v0.16.0"` | Version of image | +| kubeRbacProxy.livenessProbe | object | `{}` | https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ | +| kubeRbacProxy.readinessProbe | object | `{}` | https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ | +| kubeRbacProxy.resources | object | `{"limits":{"cpu":"250m","memory":"128Mi"},"requests":{"cpu":"100m","memory":"64Mi"}}` | ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | +| kubeRbacProxy.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` | ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | +| kubeRbacProxy.service.port | int | `8443` | Service port | +| kubeRbacProxy.service.type | string | `"ClusterIP"` | Service type | +| kubernetesClusterDomain | string | `"cluster.local"` | Kubernetes cluster domain prefix | +| nameOverride | string | `""` | Override a name of helm release | +| nodeSelector | object | `{}` | ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ | +| podAnnotations | object | `{}` | ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ | +| podLabels | object | `{}` | ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ | +| podSecurityContext | object | `{}` | ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | +| replicaCount | int | `1` | Count of pod replicas | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| tolerations | list | `[]` | ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ | diff --git a/charts/etcd-operator/README.md.gotmpl b/charts/etcd-operator/README.md.gotmpl new file mode 100644 index 00000000..e1c25058 --- /dev/null +++ b/charts/etcd-operator/README.md.gotmpl @@ -0,0 +1,19 @@ +{{ template "chart.header" . }} + +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.typeBadge" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +{{ template "chart.maintainersSection" . }} + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +{{ template "helm-docs.versionFooter" . }} diff --git a/charts/etcd-operator/values.schema.json b/charts/etcd-operator/values.schema.json index 6fd0f134..65836a6b 100644 --- a/charts/etcd-operator/values.schema.json +++ b/charts/etcd-operator/values.schema.json @@ -256,14 +256,6 @@ "replicaCount": { "type": "integer" }, - "securityContext": { - "properties": { - "runAsNonRoot": { - "type": "boolean" - } - }, - "type": "object" - }, "serviceAccount": { "properties": { "annotations": { diff --git a/charts/etcd-operator/values.yaml b/charts/etcd-operator/values.yaml index 9c9ff75a..dcef802b 100644 --- a/charts/etcd-operator/values.yaml +++ b/charts/etcd-operator/values.yaml @@ -1,98 +1,184 @@ etcdOperator: + image: + + # -- Image repository repository: ghcr.io/aenix-io/etcd-operator + + # -- Image pull policy pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. + + # -- Overrides the image tag whose default is the chart appVersion. tag: "" + args: - --health-probe-bind-address=:8081 - --metrics-bind-address=127.0.0.1:8080 - --leader-elect + service: + + # -- Service type type: ClusterIP + + # -- Service port port: 9443 + + # -- Empty environment variables section envVars: {} + livenessProbe: + httpGet: + + # -- Healthcheck liveness probe path path: /healthz + + # -- Healthcheck port port: 8081 + + # -- ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes initialDelaySeconds: 15 + + # -- ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes periodSeconds: 20 + readinessProbe: + httpGet: + + # -- Healthcheck readiness probe path path: /readyz + + # -- Healthcheck port port: 8081 + + # -- ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes initialDelaySeconds: 5 + + # -- ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes periodSeconds: 10 + + # -- ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + + # -- ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: - ALL kubeRbacProxy: + image: + + # -- Image repository repository: gcr.io/kubebuilder/kube-rbac-proxy + + # -- Image pull policy pullPolicy: IfNotPresent + + # -- Version of image tag: v0.16.0 + args: - --secure-listen-address=0.0.0.0:8443 - --upstream=http://127.0.0.1:8080/ - --logtostderr=true - --v=0 + service: + + # -- Service type type: ClusterIP + + # -- Service port port: 8443 + + # -- https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ livenessProbe: {} + + # -- https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ readinessProbe: {} + + # -- ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ resources: + limits: - cpu: 500m + + cpu: 250m + memory: 128Mi + requests: + cpu: 100m + memory: 64Mi + + # -- ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: - - ALL + - ALL +# -- Kubernetes cluster domain prefix kubernetesClusterDomain: cluster.local +# -- Count of pod replicas replicaCount: 1 imagePullSecrets: [] +# -- Override a name of helm release nameOverride: "" +# -- Override a full name of helm release fullnameOverride: "" serviceAccount: - # Specifies whether a service account should be created + + # -- Specifies whether a service account should be created create: true - # Annotations to add to the service account + + # -- Annotations to add to the service account annotations: {} +# -- ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ podAnnotations: {} +# -- ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ podLabels: {} +# -- ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ podSecurityContext: {} # fsGroup: 2000 -securityContext: - runAsNonRoot: true - +# -- ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ nodeSelector: {} +# -- ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ tolerations: [] +# -- ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity affinity: {}