From 1f99c26e78fa7967f76ba5813fd9484cae05f65c Mon Sep 17 00:00:00 2001 From: Julien Rouvier Date: Wed, 20 Sep 2023 10:07:11 +0200 Subject: [PATCH] Add helm chart --- chart/stirling-pdf/Chart.yaml | 15 ++ chart/stirling-pdf/templates/NOTES.txt | 30 +++ chart/stirling-pdf/templates/_helpers.tpl | 129 ++++++++++ chart/stirling-pdf/templates/deployment.yaml | 129 ++++++++++ chart/stirling-pdf/templates/ingress.yaml | 85 +++++++ chart/stirling-pdf/templates/pv.yaml | 16 ++ chart/stirling-pdf/templates/pvc.yaml | 27 ++ chart/stirling-pdf/templates/service.yaml | 48 ++++ .../templates/serviceaccount.yaml | 13 + .../templates/servicemonitor.yaml | 31 +++ chart/stirling-pdf/values.yaml | 239 ++++++++++++++++++ 11 files changed, 762 insertions(+) create mode 100644 chart/stirling-pdf/Chart.yaml create mode 100644 chart/stirling-pdf/templates/NOTES.txt create mode 100644 chart/stirling-pdf/templates/_helpers.tpl create mode 100644 chart/stirling-pdf/templates/deployment.yaml create mode 100644 chart/stirling-pdf/templates/ingress.yaml create mode 100644 chart/stirling-pdf/templates/pv.yaml create mode 100644 chart/stirling-pdf/templates/pvc.yaml create mode 100644 chart/stirling-pdf/templates/service.yaml create mode 100644 chart/stirling-pdf/templates/serviceaccount.yaml create mode 100644 chart/stirling-pdf/templates/servicemonitor.yaml create mode 100644 chart/stirling-pdf/values.yaml diff --git a/chart/stirling-pdf/Chart.yaml b/chart/stirling-pdf/Chart.yaml new file mode 100644 index 00000000..3482b36d --- /dev/null +++ b/chart/stirling-pdf/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 +appVersion: 0.14.2 +description: locally hosted web application that allows you to perform various operations on PDF files +home: https://github.com/Frooodle/Stirling-PDF +keywords: +- stirling-pdf +- helm +- charts repo +maintainers: +- name: Frooodle + url: https://github.com/Frooodle/Stirling-PDF +name: stirling-pdf +sources: +- https://github.com/Frooodle/Stirling-PDF +version: 1.0.0 diff --git a/chart/stirling-pdf/templates/NOTES.txt b/chart/stirling-pdf/templates/NOTES.txt new file mode 100644 index 00000000..3b432f00 --- /dev/null +++ b/chart/stirling-pdf/templates/NOTES.txt @@ -0,0 +1,30 @@ +** Please be patient while the chart is being deployed ** + +Get the stirlingpdf URL by running: + +{{- if contains "NodePort" .Values.service.type }} + + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "stirlingpdf.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT/ + +{{- else if contains "LoadBalancer" .Values.service.type }} + +** Please ensure an external IP is associated to the {{ template "stirlingpdf.fullname" . }} service before proceeding ** +** Watch the status using: kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "stirlingpdf.fullname" . }} ** + + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "stirlingpdf.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }}/ + +OR + + export SERVICE_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "stirlingpdf.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') + echo http://$SERVICE_HOST:{{ .Values.service.externalPort }}/ + +{{- else if contains "ClusterIP" .Values.service.type }} + + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "stirlingpdf.name" . }}" -l "release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo http://127.0.0.1:8080/ + kubectl port-forward $POD_NAME 8080:8080 --namespace {{ .Release.Namespace }} + +{{- end }} diff --git a/chart/stirling-pdf/templates/_helpers.tpl b/chart/stirling-pdf/templates/_helpers.tpl new file mode 100644 index 00000000..4c862604 --- /dev/null +++ b/chart/stirling-pdf/templates/_helpers.tpl @@ -0,0 +1,129 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "stirlingpdf.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "stirlingpdf.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{- /* +Create chart name and version as used by the chart label. + +It does minimal escaping for use in Kubernetes labels. + +Example output: + +stirlingpdf-0.4.5 +*/ -}} +{{- define "stirlingpdf.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "stirlingpdf.labels" -}} +helm.sh/chart: {{ include "stirlingpdf.chart" . }} +{{ include "stirlingpdf.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +{{- if .Values.commonLabels}} +{{ toYaml .Values.commonLabels }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "stirlingpdf.selectorLabels" -}} +app.kubernetes.io/name: {{ include "stirlingpdf.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "stirlingpdf.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "stirlingpdf.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Return the proper image name to change the volume permissions +*/}} +{{- define "stirlingpdf.volumePermissions.image" -}} +{{- $registryName := .Values.volumePermissions.image.registry -}} +{{- $repositoryName := .Values.volumePermissions.image.repository -}} +{{- $tag := .Values.volumePermissions.image.tag | toString -}} +{{/* +Helm 2.11 supports the assignment of a value to a variable defined in a different scope, +but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic. +Also, we can't use a single if because lazy evaluation is not an option +*/}} +{{- if .Values.global }} + {{- if .Values.global.imageRegistry }} + {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}} + {{- else -}} + {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} + {{- end -}} +{{- else -}} + {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "stirlingpdf.imagePullSecrets" -}} +{{/* +Helm 2.11 supports the assignment of a value to a variable defined in a different scope, +but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic. +Also, we can not use a single if because lazy evaluation is not an option +*/}} +{{- if .Values.global }} +{{- if .Values.global.imagePullSecrets }} +imagePullSecrets: +{{- range .Values.global.imagePullSecrets }} + - name: {{ . }} +{{- end }} +{{- else if or .Values.image.pullSecrets .Values.volumePermissions.image.pullSecrets }} +imagePullSecrets: +{{- range .Values.image.pullSecrets }} + - name: {{ . }} +{{- end }} +{{- range .Values.volumePermissions.image.pullSecrets }} + - name: {{ . }} +{{- end }} +{{- end -}} +{{- else if or .Values.image.pullSecrets .Values.volumePermissions.image.pullSecrets }} +imagePullSecrets: +{{- range .Values.image.pullSecrets }} + - name: {{ . }} +{{- end }} +{{- range .Values.volumePermissions.image.pullSecrets }} + - name: {{ . }} +{{- end }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/chart/stirling-pdf/templates/deployment.yaml b/chart/stirling-pdf/templates/deployment.yaml new file mode 100644 index 00000000..290a56c9 --- /dev/null +++ b/chart/stirling-pdf/templates/deployment.yaml @@ -0,0 +1,129 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "stirlingpdf.fullname" . }} + {{- with .Values.deployment.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "stirlingpdf.labels" . | nindent 4 }} + {{- if .Values.deployment.labels }} + {{- toYaml .Values.deployment.labels | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "stirlingpdf.selectorLabels" . | nindent 6 }} + replicas: {{ .Values.replicaCount }} + strategy: +{{ toYaml .Values.strategy | indent 4 }} + revisionHistoryLimit: 10 + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "stirlingpdf.selectorLabels" . | nindent 8 }} + {{- if .Values.podLabels }} + {{- toYaml .Values.podLabels | nindent 8 }} + {{- end }} + spec: + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + {{- if .Values.securityContext.enabled }} + securityContext: + fsGroup: {{ .Values.securityContext.fsGroup }} + {{- if .Values.securityContext.runAsNonRoot }} + runAsNonRoot: {{ .Values.securityContext.runAsNonRoot }} + {{- end }} + {{- if .Values.securityContext.supplementalGroups }} + supplementalGroups: {{ .Values.securityContext.supplementalGroups }} + {{- end }} + {{- else if .Values.persistence.enabled }} + initContainers: + - name: volume-permissions + image: {{ template "stirlingpdf.volumePermissions.image" . }} + imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}" + securityContext: + {{- toYaml .Values.containerSecurityContext | nindent 10 }} + command: ['sh', '-c', 'chown -R {{ .Values.securityContext.fsGroup }}:{{ .Values.securityContext.fsGroup }} {{ .Values.persistence.path }}'] + volumeMounts: + - mountPath: {{ .Values.persistence.path }} + name: storage-volume + {{- end }} +{{- include "stirlingpdf.imagePullSecrets" . | indent 6 }} + containers: + - name: {{ .Chart.Name }} + image: {{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + {{- toYaml .Values.containerSecurityContext | nindent 10 }} +{{- if .Values.envs }} + env: +{{ toYaml .Values.envs | indent 8 }} +{{- end }} +{{- if .Values.extraArgs }} + args: +{{ toYaml .Values.extraArgs | indent 8 }} +{{- end }} + ports: + - name: http + containerPort: 8080 + livenessProbe: + httpGet: + path: / + port: http +{{ toYaml .Values.probes.livenessHttpGetConfig | indent 12 }} +{{ toYaml .Values.probes.liveness | indent 10 }} + readinessProbe: + httpGet: + path: / + port: http +{{ toYaml .Values.probes.readinessHttpGetConfig | indent 12 }} +{{ toYaml .Values.probes.readiness | indent 10 }} + volumeMounts: +{{- if .Values.deployment.extraVolumeMounts }} + {{- toYaml .Values.deployment.extraVolumeMounts | nindent 8 }} +{{- end }} +{{- if .Values.deployment.sidecarContainers }} +{{- range $name, $spec := .Values.deployment.sidecarContainers }} + - name: {{ $name }} +{{- toYaml $spec | nindent 8 }} +{{- end }} +{{- end }} + {{- with .Values.resources }} + resources: +{{ toYaml . | indent 10 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + {{- if .Values.schedulerName }} + schedulerName: {{ .Values.schedulerName }} + {{- end }} + serviceAccountName: {{ include "stirlingpdf.serviceAccountName" . }} + automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} + volumes: + {{- if .Values.deployment.extraVolumes }} + {{- toYaml .Values.deployment.extraVolumes | nindent 6 }} + {{- end }} + - name: storage-volume + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "stirlingpdf.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} diff --git a/chart/stirling-pdf/templates/ingress.yaml b/chart/stirling-pdf/templates/ingress.yaml new file mode 100644 index 00000000..c09fef68 --- /dev/null +++ b/chart/stirling-pdf/templates/ingress.yaml @@ -0,0 +1,85 @@ +{{- if .Values.ingress.enabled }} +{{- $servicePort := .Values.service.externalPort -}} +{{- $serviceName := include "stirlingpdf.fullname" . -}} +{{- $ingressExtraPaths := .Values.ingress.extraPaths -}} +--- +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion }} +apiVersion: extensions/v1beta1 +{{- else if semverCompare "<1.19-0" .Capabilities.KubeVersion.GitVersion }} +apiVersion: networking.k8s.io/v1beta1 +{{- else }} +apiVersion: networking.k8s.io/v1 +{{- end }} +kind: Ingress +metadata: + name: {{ include "stirlingpdf.fullname" . }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "stirlingpdf.labels" . | nindent 4 }} + {{- with .Values.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.ingress.ingressClassName }} + ingressClassName: {{ . }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .name }} + http: + paths: + {{- range $ingressExtraPaths }} + - path: {{ default "/" .path | quote }} + backend: + {{- if semverCompare "<1.19-0" $.Capabilities.KubeVersion.GitVersion }} + {{- if $.Values.service.servicename }} + serviceName: {{ $.Values.service.servicename }} + {{- else }} + serviceName: {{ default $serviceName .service }} + {{- end }} + servicePort: {{ default $servicePort .port }} + {{- else }} + service: + {{- if $.Values.service.servicename }} + name: {{ $.Values.service.servicename }} + {{- else }} + name: {{ default $serviceName .service }} + {{- end }} + port: + number: {{ default $servicePort .port }} + pathType: {{ default $.Values.ingress.pathType .pathType }} + {{- end }} + {{- end }} + - path: {{ default "/" .path | quote }} + backend: + {{- if semverCompare "<1.19-0" $.Capabilities.KubeVersion.GitVersion }} + {{- if $.Values.service.servicename }} + serviceName: {{ $.Values.service.servicename }} + {{- else }} + serviceName: {{ default $serviceName .service }} + {{- end }} + servicePort: {{ default $servicePort .servicePort }} + {{- else }} + service: + {{- if $.Values.service.servicename }} + name: {{ $.Values.service.servicename }} + {{- else }} + name: {{ default $serviceName .service }} + {{- end }} + port: + number: {{ default $servicePort .port }} + pathType: {{ $.Values.ingress.pathType }} + {{- end }} + {{- end }} + tls: + {{- range .Values.ingress.hosts }} + {{- if .tls }} + - hosts: + - {{ .name }} + secretName: {{ .tlsSecret }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/chart/stirling-pdf/templates/pv.yaml b/chart/stirling-pdf/templates/pv.yaml new file mode 100644 index 00000000..aa99c6a9 --- /dev/null +++ b/chart/stirling-pdf/templates/pv.yaml @@ -0,0 +1,16 @@ +{{- if .Values.persistence.pv.enabled -}} +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ .Values.persistence.pv.pvname | default (include "stirlingpdf.fullname" .) }} + labels: + {{- include "stirlingpdf.labels" . | nindent 4 }} +spec: + capacity: + storage: {{ .Values.persistence.pv.capacity.storage }} + accessModes: + - {{ .Values.persistence.pv.accessMode | quote }} + nfs: + server: {{ .Values.persistence.pv.nfs.server }} + path: {{ .Values.persistence.pv.nfs.path | quote }} +{{- end }} \ No newline at end of file diff --git a/chart/stirling-pdf/templates/pvc.yaml b/chart/stirling-pdf/templates/pvc.yaml new file mode 100644 index 00000000..f7a21722 --- /dev/null +++ b/chart/stirling-pdf/templates/pvc.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "stirlingpdf.fullname" . }} + labels: + {{- include "stirlingpdf.labels" . | nindent 4 }} + {{- with .Values.persistence.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- if .Values.persistence.volumeName }} + volumeName: "{{ .Values.persistence.volumeName }}" +{{- end }} +{{- end }} +{{- end }} diff --git a/chart/stirling-pdf/templates/service.yaml b/chart/stirling-pdf/templates/service.yaml new file mode 100644 index 00000000..a529c3f2 --- /dev/null +++ b/chart/stirling-pdf/templates/service.yaml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.servicename | default (include "stirlingpdf.fullname" .) }} + {{- with .Values.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "stirlingpdf.labels" . | nindent 4 }} + {{- with .Values.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + {{- if (or (eq .Values.service.type "LoadBalancer") (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort)))) }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} + {{- end }} + {{- if (and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerIP) }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if (and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges) }} + loadBalancerSourceRanges: + {{- with .Values.service.loadBalancerSourceRanges }} +{{ toYaml . | indent 2 }} + {{- end }} + {{- end }} + {{- if eq .Values.service.type "ClusterIP" }} + {{- if .Values.service.clusterIP }} + clusterIP: {{ .Values.service.clusterIP }} + {{- end }} + {{- end }} + ports: + - port: {{ .Values.service.externalPort }} +{{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} + nodePort: {{.Values.service.nodePort}} +{{- end }} +{{- if .Values.service.targetPort }} + targetPort: {{ .Values.service.targetPort }} + name: {{ .Values.service.targetPort }} +{{- else }} + targetPort: http + name: http +{{- end }} + protocol: TCP + + selector: + {{- include "stirlingpdf.selectorLabels" . | nindent 4 }} diff --git a/chart/stirling-pdf/templates/serviceaccount.yaml b/chart/stirling-pdf/templates/serviceaccount.yaml new file mode 100644 index 00000000..7156e4a4 --- /dev/null +++ b/chart/stirling-pdf/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "stirlingpdf.serviceAccountName" . }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "stirlingpdf.labels" . | nindent 4 }} +{{- end }} diff --git a/chart/stirling-pdf/templates/servicemonitor.yaml b/chart/stirling-pdf/templates/servicemonitor.yaml new file mode 100644 index 00000000..ca0d31bb --- /dev/null +++ b/chart/stirling-pdf/templates/servicemonitor.yaml @@ -0,0 +1,31 @@ +{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) ( .Values.serviceMonitor.enabled ) }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "stirlingpdf.fullname" . }} + namespace: {{ .Values.serviceMonitor.namespace | default .Release.Namespace }} + labels: + {{- include "stirlingpdf.labels" . | nindent 4 }} + {{- with .Values.serviceMonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - targetPort: 8080 +{{- if .Values.serviceMonitor.interval }} + interval: {{ .Values.serviceMonitor.interval }} +{{- end }} +{{- if .Values.serviceMonitor.metricsPath }} + path: {{ .Values.serviceMonitor.metricsPath }} +{{- end }} +{{- if .Values.serviceMonitor.timeout }} + scrapeTimeout: {{ .Values.serviceMonitor.timeout }} +{{- end }} + jobLabel: {{ include "stirlingpdf.fullname" . }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "stirlingpdf.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/chart/stirling-pdf/values.yaml b/chart/stirling-pdf/values.yaml new file mode 100644 index 00000000..3c4ca888 --- /dev/null +++ b/chart/stirling-pdf/values.yaml @@ -0,0 +1,239 @@ +extraArgs: [] + # - --storage-timestamp-tolerance 1s +replicaCount: 1 +strategy: + type: RollingUpdate +image: + repository: frooodle/s-pdf + # took Chart appVersion by default + tag: ~ + pullPolicy: IfNotPresent +secret: + labels: {} +## Labels to apply to all resources +## +commonLabels: {} +# team_name: dev + +envs: [] +# - name: PP_HOME_NAME +# value: "Stirling PDF" +# - name: APP_HOME_DESCRIPTION +# value: "Your locally hosted one-stop-shop for all your PDF needs." +# - name: APP_NAVBAR_NAME +# value: "Stirling PDF" +# - name: ALLOW_GOOGLE_VISIBILITY +# value: "true" +# - name: APP_ROOT_PATH +# value: "/" +# - name: APP_LOCALE +# value: "en_GB" + +deployment: + ## stirling-pdf Deployment annotations + annotations: {} + # name: value + labels: {} + # name: value + # additional volumes + extraVolumes: [] + # - name: nginx-config + # secret: + # secretName: nginx-config + # additional volumes to mount + extraVolumeMounts: [] + ## sidecarContainers for the stirling-pdf + # Can be used to add a proxy to the pod that does + # scanning for secrets, signing, authentication, validation + # of the chart's content, send notifications... + sidecarContainers: {} + ## Example sidecarContainer which uses an extraVolume from above and + ## a named port that can be referenced in the service as targetPort. + # proxy: + # image: nginx:latest + # ports: + # - name: proxy + # containerPort: 8081 + # volumeMounts: + # - name: nginx-config + # readOnly: true + # mountPath: /etc/nginx + +## Pod annotations +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## Read more about kube2iam to provide access to s3 https://github.com/jtblin/kube2iam +## +podAnnotations: {} + # iam.amazonaws.com/role: role-arn + +## Pod labels +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +podLabels: {} + # name: value + +service: + servicename: + type: ClusterIP + externalTrafficPolicy: Local + ## Uses pre-assigned IP address from cloud provider + ## Only valid if service.type: LoadBalancer + loadBalancerIP: + ## Limits which cidr blocks can connect to service's load balancer + ## Only valid if service.type: LoadBalancer + loadBalancerSourceRanges: [] + # clusterIP: None + externalPort: 8080 + ## targetPort of the container to use. If a sidecar should handle the + ## requests first, use the named port from the sidecar. See sidecar example + ## from deployment above. Leave empty to use stirling-pdf directly. + targetPort: + nodePort: + annotations: {} + labels: {} + +serviceMonitor: + enabled: false + # namespace: prometheus + labels: {} + metricsPath: "/metrics" + # timeout: 60 + # interval: 60 + +resources: {} +# limits: +# cpu: 100m +# memory: 128Mi +# requests: +# cpu: 80m +# memory: 64Mi + +probes: + liveness: + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + livenessHttpGetConfig: + scheme: HTTP + readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + readinessHttpGetConfig: + scheme: HTTP + +serviceAccount: + create: true + name: "" + automountServiceAccountToken: false + ## Annotations for the Service Account + annotations: {} + +# UID/GID 1000 is the default user "stirling-pdf" used in +# the container image starting in v0.8.0 and above. This +# is required for local persistent storage. If your cluster +# does not allow this, try setting securityContext: {} +securityContext: + enabled: true + fsGroup: 1000 + ## Optionally, specify supplementalGroups and/or + ## runAsNonRoot for security purposes + # runAsNonRoot: true + # supplementalGroups: [1000] + +containerSecurityContext: {} + +priorityClassName: "" + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +persistence: + enabled: false + accessMode: ReadWriteOnce + size: 8Gi + labels: {} + # name: value + path: /tmp + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + + ## stirling-pdf data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + # volumeName: + pv: + enabled: false + pvname: + capacity: + storage: 8Gi + accessMode: ReadWriteOnce + nfs: + server: + path: + +## Init containers parameters: +## volumePermissions: Change the owner of the persistent volume mountpoint to RunAsUser:fsGroup +## +volumePermissions: + image: + registry: docker.io + repository: bitnami/minideb + tag: buster + pullPolicy: Always + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + # pullSecrets: + # - myRegistryKeySecretName + +## Ingress for load balancer +ingress: + enabled: false + pathType: "ImplementationSpecific" + ## stirling-pdf Ingress labels + ## + labels: {} + # dns: "route53" + + ## stirling-pdf Ingress annotations + ## + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + + ## stirling-pdf Ingress hostnames + ## Must be provided if Ingress is enabled + ## + hosts: [] + # - name: stirling-pdf.domain1.com + # path: / + # tls: false + # - name: stirling-pdf.domain2.com + # path: / + # + # ## Set this to true in order to enable TLS on the ingress record + # tls: true + # + # ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS + # ## Secrets must be added manually to the namespace + # tlsSecret: stirling-pdf.domain2-tls + + # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName + # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress + ingressClassName: +