Merge pull request rancher#1131 from aiyengar2/fix_crd_chart

Fix CRD chart regression and fix CRDs for upgrades

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/Chart.yaml

@@ -0,0 +1,21 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: Alerting Drivers
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/release-name: rancher-alerting-drivers
+apiVersion: v2
+appVersion: 1.16.0
+dependencies:
+- condition: prom2teams.enabled
+  name: prom2teams
+  repository: file://./charts/prom2teams
+- condition: sachet.enabled
+  name: sachet
+  repository: file://./charts/sachet
+description: The manager for third-party webhook receivers used in Prometheus Alertmanager
+keywords:
+- monitoring
+- alertmanger
+- webhook
+name: rancher-alerting-drivers
+version: 1.0.100-rc03

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/app-readme.md

@@ -0,0 +1,11 @@
+# Rancher Alerting Drivers
+
+This chart installs one or more [Alertmanager Webhook Receiver Integrations](https://prometheus.io/docs/operating/integrations/#alertmanager-webhook-receiver) (i.e. Drivers).
+
+Those Drivers can be targeted by an existing deployment of Alertmanager to send alerts to notification mechanisms that are not natively supported.
+
+Currently, this chart supports the following Drivers:
+- Microsoft Teams, based on [prom2teams](https://github.com/idealista/prom2teams)
+- SMS, based on [Sachet](https://github.com/messagebird/sachet)
+
+After installing rancher-alerting-drivers, please refer to the upstream documentation for each Driver for configuration options.

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/.helmignore

@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/Chart.yaml

@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/release-name: rancher-prom2teams
+apiVersion: v1
+appVersion: 3.2.1
+description: A Helm chart for Prom2Teams based on the upstream https://github.com/idealista/prom2teams
+name: prom2teams
+version: 0.2.0

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/files/teams.j2

@@ -0,0 +1,44 @@
+{%- set
+  theme_colors = {
+    'resolved' : '2DC72D',
+    'critical' : '8C1A1A',
+    'severe' : '8C1A1A',
+    'warning' : 'FF9A0B',
+    'unknown' : 'CCCCCC'
+  }
+-%}
+
+{
+    "@type": "MessageCard",
+    "@context": "http://schema.org/extensions",
+    "themeColor": "{% if status=='resolved' %} {{ theme_colors.resolved }} {% else %} {{ theme_colors[msg_text.severity] }} {% endif %}",
+    "summary": "{% if status=='resolved' %}(Resolved) {% endif %}{{ msg_text.summary }}",
+    "title": "Prometheus alert {% if status=='resolved' %}(Resolved) {% elif status=='unknown' %} (status unknown) {% endif %}",
+    "sections": [{
+        "activityTitle": "{{ msg_text.summary }}",
+        "facts": [{% if msg_text.name %}{
+            "name": "Alert",
+            "value": "{{ msg_text.name }}"
+        },{% endif %}{% if msg_text.instance %}{
+            "name": "In host",
+            "value": "{{ msg_text.instance }}"
+        },{% endif %}{% if msg_text.severity %}{
+            "name": "Severity",
+            "value": "{{ msg_text.severity }}"
+        },{% endif %}{% if msg_text.description %}{
+            "name": "Description",
+            "value": "{{ msg_text.description }}"
+        },{% endif %}{
+            "name": "Status",
+            "value": "{{ msg_text.status }}"
+        }{% if msg_text.extra_labels %}{% for key in msg_text.extra_labels %},{
+            "name": "{{ key }}",
+            "value": "{{ msg_text.extra_labels[key] }}"
+        }{% endfor %}{% endif %}
+        {% if msg_text.extra_annotations %}{% for key in msg_text.extra_annotations %},{
+            "name": "{{ key }}",
+            "value": "{{ msg_text.extra_annotations[key] }}"
+        }{% endfor %}{% endif %}],
+          "markdown": true
+    }]
+}

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/templates/NOTES.txt

@@ -0,0 +1,2 @@
+Prom2Teams has been installed. Check its status by running:
+  kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}"

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/templates/_helpers.tpl

@@ -0,0 +1,73 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+beta.kubernetes.io/os: linux
+{{- else -}}
+kubernetes.io/os: linux
+{{- end -}}
+{{- end -}}
+
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "prom2teams.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "prom2teams.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "prom2teams.namespace" -}}
+{{ default .Release.Namespace .Values.global.namespaceOverride }}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "prom2teams.labels" -}}
+app.kubernetes.io/name: {{ include "prom2teams.name" . }}
+helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+release: {{ .Release.Name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/templates/configmap.yaml

@@ -0,0 +1,39 @@
+{{- $valid := list "DEBUG" "INFO" "WARNING" "ERROR" "CRITICAL" -}}
+{{- if not (has .Values.prom2teams.loglevel $valid) -}}
+{{- fail "Invalid log level"}}
+{{- end -}}
+{{- if and .Values.prom2teams.connector (hasKey .Values.prom2teams.connectors "Connector") -}}
+{{- fail "Invalid configuration: prom2teams.connectors can't have a connector named Connector when prom2teams.connector is set"}}
+{{- end -}}
+{{/* Create the configmap when the operation is helm install and the target configmap does not exist. */}}
+{{- if not (lookup "v1" "ConfigMap" (include "prom2teams.namespace" . ) (include "prom2teams.fullname" .)) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: {{ include "prom2teams.namespace" . }}
+  name: {{ include "prom2teams.fullname" . }}
+  labels: {{ include "prom2teams.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": pre-install, pre-upgrade
+    "helm.sh/hook-weight": "3"
+    "helm.sh/resource-policy": keep
+data:
+  config.ini: |-
+    [HTTP Server]
+    Host: {{ .Values.prom2teams.host }}
+    Port: {{ .Values.prom2teams.port }}
+    [Microsoft Teams]
+    {{- with .Values.prom2teams.connector }}
+    Connector: {{ . }}
+    {{- end }}
+    {{- range $key, $val := .Values.prom2teams.connectors }}
+    {{ $key }}: {{ $val }}
+    {{- end }}
+    [Group Alerts]
+    Field: {{ .Values.prom2teams.group_alerts_by }}
+    [Log]
+    Level: {{ .Values.prom2teams.loglevel }}
+    [Template]
+    Path: {{ .Values.prom2teams.templatepath }}
+  teams.j2: {{ .Files.Get "files/teams.j2" |  quote }}
+  {{- end -}}

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/templates/deployment.yaml

@@ -0,0 +1,77 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "prom2teams.fullname" . }}
+  namespace: {{ include "prom2teams.namespace" . }}
+  labels: {{ include "prom2teams.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "prom2teams.name" . }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "prom2teams.name" . }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+    spec:
+      serviceAccountName: {{ include "prom2teams.fullname" . }}
+    {{- with .Values.imagePullSecrets }}
+      imagePullSecrets: {{ toYaml . | nindent 8 }}
+    {{- end }}
+      volumes:
+        - name: config
+          configMap:
+            name: {{ include "prom2teams.fullname" . }}
+      containers:
+        - name: {{ .Chart.Name }}
+          image: {{ include "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 8089
+              protocol: TCP
+          volumeMounts:
+            - name: config
+              mountPath: /opt/prom2teams/helmconfig/
+          env:
+          - name: APP_CONFIG_FILE
+            value: {{ .Values.prom2teams.config | quote }}
+          - name: PROM2TEAMS_PORT
+            value: {{ .Values.prom2teams.port | quote }}
+          - name: PROM2TEAMS_HOST
+            value: {{ .Values.prom2teams.ip | quote }}
+          - name: PROM2TEAMS_CONNECTOR
+            value: {{ .Values.prom2teams.connector | quote }}
+          - name: PROM2TEAMS_GROUP_ALERTS_BY
+            value: {{ .Values.prom2teams.group_alerts_by | quote }}
+          resources: {{ toYaml .Values.resources | nindent 12 }}
+        {{- if .Values.securityContext.enabled }}
+          securityContext:
+            privileged: false
+            readOnlyRootFilesystem: false
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+              - ALL
+        {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+      {{- if .Values.nodeSelector }}
+      {{- toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+    {{- with .Values.affinity }}
+      affinity: {{ toYaml . | nindent 8 }}
+    {{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+      {{- if .Values.tolerations }}
+      {{- toYaml .Values.tolerations | nindent 8 }}
+      {{- end }}
+    {{- if .Values.securityContext.enabled }}
+      securityContext:
+        runAsNonRoot: {{ if eq (int .Values.securityContext.runAsUser) 0 }}false{{ else }}true{{ end }}
+        runAsUser: {{ .Values.securityContext.runAsUser }}
+        runAsGroup: {{ .Values.securityContext.runAsGroup }}
+        fsGroup: {{ .Values.securityContext.fsGroup }}
+    {{- end }}
+

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/templates/psp.yaml

@@ -0,0 +1,28 @@
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ include "prom2teams.fullname" . }}-psp
+  labels: {{ include "prom2teams.labels" . | nindent 4 }}
+spec:
+  privileged: false
+  allowPrivilegeEscalation: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+  volumes:
+    - 'configMap'

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/templates/role.yaml

@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "prom2teams.fullname" . }}-psp
+  namespace: {{ include "prom2teams.namespace" . }}
+  labels: {{ include "prom2teams.labels" . | nindent 4 }}
+rules:
+  - apiGroups:
+      - policy
+    resourceNames:
+      - {{ include "prom2teams.fullname" . }}-psp
+    resources:
+      - podsecuritypolicies
+    verbs:
+      - use

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/templates/rolebinding.yaml

@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ include "prom2teams.fullname" . }}-psp
+  namespace: {{ include "prom2teams.namespace" . }}
+  labels: {{ include "prom2teams.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ include "prom2teams.fullname" . }}-psp
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "prom2teams.fullname" . }}

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/templates/service-account.yaml

@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "prom2teams.fullname" . }}
+  namespace: {{ include "prom2teams.namespace" . }}
+  labels: {{ include "prom2teams.labels" . | nindent 4 }}

charts/rancher-alerting-drivers/rancher-alerting-drivers/1.0.100-rc03/charts/prom2teams/templates/service.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "prom2teams.fullname" . }}
+  namespace: {{ include "prom2teams.namespace" . }}
+  labels:
+{{ include "prom2teams.labels" . | indent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: 8089
+      protocol: TCP
+      name: http
+  selector:
+    app.kubernetes.io/name: {{ include "prom2teams.name" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}