chore(*): add charts

 - add charts/ holding all Helm charts
 - add serve/ holding all Helm chart artifacts and index.yaml
 - add Makefile

Makefile

@@ -0,0 +1,47 @@
+CHARTS_DIR := ./charts
+SERVE_DIR  := ./serve
+
+# --no-print-directory avoids verbose cd logging when invoking targets that utilize sub-makes
+MAKE_OPTS  ?= --no-print-directory
+
+ifeq ($(OS),Windows_NT)
+	SHELL  ?= cmd.exe
+	CHECK  ?= where.exe
+else
+	SHELL  ?= bash
+	CHECK  ?= command -v
+endif
+
+HAS_HELM   := $(shell $(CHECK) helm)
+
+# all-charts loops through all charts and runs the make target(s) provided
+define all-charts
+	@for chart in $$(ls -1 $(CHARTS_DIR)); do \
+		CHART=$$chart make $(MAKE_OPTS) $(1) ; \
+	done
+endef
+
+.PHONY: default
+default:
+ifndef HAS_HELM
+	$(error You must install helm)
+endif
+
+.PRECIOUS: build
+.PHONY: build
+build:
+ifndef CHART
+	$(call all-charts,build)
+	@make index
+else 
+	helm package -d $(SERVE_DIR) $(CHARTS_DIR)/$(CHART)
+endif
+
+.PHONY: index
+index:
+	helm repo index $(SERVE_DIR)
+
+.PHONY: test
+test: test
+	helm lint $(CHARTS_DIR)/*
+

README.md

@@ -3,6 +3,8 @@
 
 Helm charts for the [Azure/Brigade](https://github.com/Azure/brigade) project
 
+**Under Construction**: Charts are currently being transferred to this repository from other sources.
+
 # Contributing
 
 This project welcomes contributions and suggestions.  Most contributions require you to agree to a

charts/brigade-github-app/Chart.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+description: The Brigade GitHub App, an adnvanced gateway for GitHub
+name: brigade-github-app
+version: 0.1.1

charts/brigade-github-app/README.md

@@ -0,0 +1,5 @@
+# Brigade Kubernetes Event Gateway
+
+This gateway listens to Kubernetes events and emits them as Brigade events.
+
+Use this gateway to trigger Brigade scripts as a response to cluster events.

charts/brigade-github-app/templates/NOTES.txt

@@ -0,0 +1 @@
+Release name: {{ .Release.Name }}

charts/brigade-github-app/templates/_helpers.tpl

@@ -0,0 +1,18 @@
+{{/* vim: set filetype=mustache */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "gateway.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "gateway.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "gateway.rbac.version" }}rbac.authorization.k8s.io/v1beta1{{ end -}}

charts/brigade-github-app/templates/configmap.yaml

@@ -0,0 +1,15 @@
+{{ $fullname :=  include "gateway.fullname" . }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ $fullname }}
+  labels:
+    app: {{ $fullname }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    role: gateway
+    type: kubernetes-events
+data:
+  key.pem: |
+{{ .Values.github.key | trim | indent 8}}

charts/brigade-github-app/templates/deployment.yaml

@@ -0,0 +1,47 @@
+{{ $fullname :=  include "gateway.fullname" . }}
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ $fullname }}
+  labels:
+    app: {{ $fullname }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    role: gateway
+    type: github-app
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: {{ $fullname }}
+        role: gateway
+        release: "{{ .Release.Name }}"
+        type: github-app
+    spec:
+      serviceAccountName: {{ $fullname }}
+      containers:
+      - name: {{ .Chart.Name }}
+        image: "{{ .Values.registry }}/{{ .Values.name }}:{{ default .Chart.AppVersion .Values.tag }}"
+        imagePullPolicy: {{ default "IfNotPresent" .Values.pullPolicy }}
+        env:
+          - name: BRIGADE_NAMESPACE
+            valueFrom:
+              fieldRef:
+                fieldPath: metadata.namespace
+          - name: BRIGADE_AUTHORS
+            value: {{ if .Values.gateway.allowedAuthorRoles }}{{ join "," .Values.gateway.allowedAuthorRoles | quote }}{{ end }}
+          - name: GATEWAY_CONFIG
+            value: "/etc/brigade-github-app/key.pem"
+          - name: APP_ID
+            value: "{{ .Values.github.appID }}"
+          - name: CHECK_SUITE_ON_PR
+            value: "{{ .Values.github.checkSuiteOnPR }}"
+        volumeMounts:
+          - name: github-config
+            mountPath: /etc/brigade-github-app
+      volumes:
+        - name: github-config
+          configMap:
+            name: {{ $fullname }}

charts/brigade-github-app/templates/gateway-role.yaml

@@ -0,0 +1,46 @@
+--- {{ $fname := include "gateway.fullname" . }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ $fname }}
+  labels:
+    app: {{ template "gateway.fullname" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+{{ if .Values.rbac.enabled }}
+---
+kind: Role
+apiVersion: {{ template "gateway.rbac.version" }}
+metadata:
+  name: {{ $fname }}
+  labels:
+    app: {{ template "gateway.fullname" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+rules:
+- apiGroups: [""]
+  resources: ["secrets"]
+  verbs: ["list", "watch", "get", "create"]
+- apiGroups: [""]
+  resources: ["*"]
+  verbs: ["list", "watch"]
+---
+kind: RoleBinding
+apiVersion: {{ template "gateway.rbac.version" }}
+metadata:
+  name: {{ $fname }}
+  labels:
+    app: {{ template "gateway.fullname" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+subjects:
+- kind: ServiceAccount
+  name: {{ $fname }}
+roleRef:
+  kind: Role
+  name: {{ $fname }}
+  apiGroup: rbac.authorization.k8s.io
+{{ end }}

charts/brigade-github-app/templates/ingress.yaml

@@ -0,0 +1,32 @@
+{{- if .Values.ingress.enabled -}}
+{{- $serviceName := include "gateway.fullname" . -}}
+{{- $servicePort := .Values.service.externalPort -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ template "gateway.fullname" . }}
+  labels:
+    app: {{ template "gateway.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+  annotations:
+    {{- range $key, $value := .Values.ingress.annotations }}
+      {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+    {{- range $host := .Values.ingress.hosts }}
+    - host: {{ $host }}
+      http:
+        paths:
+          - path: /
+            backend:
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+    {{- end -}}
+  {{- if .Values.ingress.tls }}
+  tls:
+{{ toYaml .Values.ingress.tls | indent 4 }}
+  {{- end -}}
+{{- end -}}

charts/brigade-github-app/templates/service.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "gateway.fullname" . }}
+  labels:
+    app: {{ template "gateway.fullname" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      protocol: TCP
+      name: {{ .Values.service.name }}
+  selector:
+    app: {{ template "gateway.fullname" . }}
+    type: github-app

charts/brigade-github-app/values.yaml

@@ -0,0 +1,50 @@
+# Set this to true to enable Kubernetes RBAC support (recommended)
+rbac:
+  enabled: false
+
+# Image configuration
+registry: deis
+name: brigade-github-app
+tag: latest
+pullPolicy: "Always"
+
+service:
+  name: brigade-github-app
+  type: ClusterIP
+  externalPort: 80
+  internalPort: 7746
+
+ingress:
+  enabled: true
+  # Used to create an Ingress record.
+  hosts:
+    - gh-app.example.com
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    kubernetes.io/tls-acme: "true"
+  tls:
+    # Secrets must be manually created in the namespace.
+    - secretName: gh-app-tls
+      hosts:
+      - gh-app.example.com
+
+gateway:
+  # The author associations who are allowed to have PRs built
+  # Classes are: COLLABORATOR, CONTRIBUTOR, OWNER, NONE, MEMBER, FIRST_TIMER, FIRST_TME_CONTRIBUTOR
+  # See https://developer.github.com/v4/enum/commentauthorassociation/
+  # To completely disable pull request builds, leave this list blank.
+  allowedAuthorRoles:
+    - OWNER
+    - MEMBER
+    - COLLABORATOR
+
+github:
+  # The x509 PEM-formatted keyfile GitHub issued for you App.
+  key: |
+    REQUIRED: Your key goes here.
+  # This represents the unique ID for a GitHub App
+  # The value can be retrieved from the main App page or any inbound webhook payloads
+  appID:
+  # Trigger a Check Suite on Pull Requests
+  # This will need to be set to true to enable running Check Suites on PRs originating from forks
+  checkSuiteOnPR: true

charts/brigade-k8s-gateway/Chart.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+description: A Helm chart for Kubernetes
+name: brigade-k8s-gateway
+version: 0.1.0

charts/brigade-k8s-gateway/README.md

@@ -0,0 +1,5 @@
+# Brigade Kubernetes Event Gateway
+
+This gateway listens to Kubernetes events and emits them as Brigade events.
+
+Use this gateway to trigger Brigade scripts as a response to cluster events.

charts/brigade-k8s-gateway/templates/NOTES.txt

@@ -0,0 +1 @@
+Release name: {{ .Release.Name }}

charts/brigade-k8s-gateway/templates/_helpers.tpl

@@ -0,0 +1,18 @@
+{{/* vim: set filetype=mustache */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "gateway.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "gateway.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "gateway.rbac.version" }}rbac.authorization.k8s.io/v1beta1{{ end -}}

charts/brigade-k8s-gateway/templates/configmap.yaml

@@ -0,0 +1,18 @@
+{{ $fullname :=  include "gateway.fullname" . }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ $fullname }}
+  labels:
+    app: {{ $fullname }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    role: gateway
+    type: kubernetes-events
+data:
+  filters.json: |
+    {
+      "project": {{ .Values.project | quote }},
+      "filters": {{ toJson .Values.filters }}
+    }

charts/brigade-k8s-gateway/templates/deployment.yaml

@@ -0,0 +1,40 @@
+{{ $fullname :=  include "gateway.fullname" . }}
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ $fullname }}
+  labels:
+    app: {{ $fullname }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    role: gateway
+    type: kubernetes-events
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: {{ $fullname }}
+        role: gateway
+        type: kubernetes-events
+    spec:
+      serviceAccountName: {{ $fullname }}
+      containers:
+      - name: {{ .Chart.Name }}
+        image: "{{ .Values.registry }}/{{ .Values.name }}:{{ default .Chart.AppVersion .Values.tag }}"
+        imagePullPolicy: {{ default "IfNotPresent" .Values.pullPolicy }}
+        env:
+          - name: GATEWAY_NAMESPACE
+            valueFrom:
+              fieldRef:
+                fieldPath: metadata.namespace
+          - name: GATEWAY_CONFIG
+            value: "/etc/brigade-k8s-gateway/filters.json"
+        volumeMounts:
+          - name: filters-config
+            mountPath: /etc/brigade-k8s-gateway
+      volumes:
+        - name: filters-config
+          configMap:
+            name: {{ $fullname }}