From 3de646edd49374f773698269d5be1aa6ea00059b Mon Sep 17 00:00:00 2001 From: Alex Chapellon Date: Mon, 7 Aug 2023 14:44:33 +0200 Subject: [PATCH] OPSEXP-1862: named templates to help chart plumbing (#93) --- charts/alfresco-common/Chart.yaml | 2 +- charts/alfresco-common/README.md | 2 +- .../templates/_helpers-checksums.tpl | 19 ---- .../templates/_helpers-utils.tpl | 90 +++++++++++++++++++ 4 files changed, 92 insertions(+), 21 deletions(-) delete mode 100644 charts/alfresco-common/templates/_helpers-checksums.tpl create mode 100644 charts/alfresco-common/templates/_helpers-utils.tpl diff --git a/charts/alfresco-common/Chart.yaml b/charts/alfresco-common/Chart.yaml index 5d65cc15..b79879a9 100644 --- a/charts/alfresco-common/Chart.yaml +++ b/charts/alfresco-common/Chart.yaml @@ -5,7 +5,7 @@ description: | A helper subchart to avoid duplication in alfresco charts and set common external dependencies type: library -version: 2.1.0-alpha.3 +version: 2.1.0-alpha.4 dependencies: - name: common repository: >- diff --git a/charts/alfresco-common/README.md b/charts/alfresco-common/README.md index e6f55e29..db27e145 100644 --- a/charts/alfresco-common/README.md +++ b/charts/alfresco-common/README.md @@ -1,6 +1,6 @@ # alfresco-common -![Version: 2.1.0-alpha.3](https://img.shields.io/badge/Version-2.1.0--alpha.3-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) +![Version: 2.1.0-alpha.4](https://img.shields.io/badge/Version-2.1.0--alpha.4-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) A helper subchart to avoid duplication in alfresco charts and set common external dependencies diff --git a/charts/alfresco-common/templates/_helpers-checksums.tpl b/charts/alfresco-common/templates/_helpers-checksums.tpl deleted file mode 100644 index d2c0c052..00000000 --- a/charts/alfresco-common/templates/_helpers-checksums.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{/* -Compute Secret checksum whether it's read from values or from secrets - -Usage: include "alfresco-common.secret-checksum" (dict "ns" $.Release.Namespace "context" (dict "some-key" (dict "existingSecret" (dict "keys" (dict "username" "" "password" "")))) "configKey" "some-key") - -*/}} -{{- define "alfresco-common.secret-checksum" -}} -{{- $ns := required "template needs to be given the release namepace" .ns }} -{{- with (index .context .configKey) }} -{{- if .existingSecret.name }} -checksum.config.alfresco.org/{{ $.configKey }}-existing: - {{- $defaultLookup := dict "data" dict }} - {{- $lookup := lookup "v1" "Secret" $ns (.existingSecret.name) | default $defaultLookup }} - {{- pick $lookup.data .existingSecret.keys.username .existingSecret.keys.password | toJson | sha256sum | indent 1}} -{{- else }} -checksum.config.alfresco.org/{{ $.configKey }}-values: {{ omit . "existingSecret" | toJson | sha256sum }} -{{- end }} -{{- end }} -{{- end -}} diff --git a/charts/alfresco-common/templates/_helpers-utils.tpl b/charts/alfresco-common/templates/_helpers-utils.tpl new file mode 100644 index 00000000..4d6523ac --- /dev/null +++ b/charts/alfresco-common/templates/_helpers-utils.tpl @@ -0,0 +1,90 @@ +{{/* +Read from either a Configmap entry or a value (in this order) + +Usage: include "alfresco-common.read.cm.then.value" (dict "ns" "" "key" "" "context" (dict "existingConfigMap" (dict "name" "" "keys" dict ...))) + +*/}} +{{- define "alfresco-common.read.cm.then.value" -}} +{{- $ns := .ns }} +{{- $key := .key }} +{{- with .context }} + {{- if .existingConfigMap.name }} + {{- $defaultLookup := (dict "data" dict) }} + {{- $lookup := lookup "v1" "ConfigMap" $ns .existingConfigMap.name | default $defaultLookup }} + {{- get $lookup.data (index .existingConfigMap.keys $key) }} + {{- else -}} + {{- index . $key }} + {{- end }} +{{- end }} +{{- end -}} + +{{/* +Read from either a Configmap entry or a value (in this order) and fail if returns empty + +Usage: include "alfresco-common.reqRead.cm.then.value" (dict "ns" "" "key" "" "context" (dict "existingConfigMap" (dict "name" "" "keys" dict ...))) + +*/}} +{{- define "alfresco-common.reqRead.cm.then.value" -}} +{{- $ns := .ns }} +{{- $key := .key }} +{{- $result := include "alfresco-common.read.cm.then.value" . }} +{{- required (printf "key %s not found in provided context neither in ConfigMap %s/%s" $key $ns .context.existingConfigMap.name) $result }} +{{- end -}} + +{{/* +Check whether a secret has a specific entry (don't read it). Return "true" if entry is present in secret or value, otherwise "false" + +Usage: include "alfresco-common.haskey.secret" (dict "ns" "" "key" "" "context" (dict "existingSecret" (dict "name" "" "keys" (dict ...)))) + +*/}} +{{- define "alfresco-common.haskey.secret" -}} +{{- $ns := .ns }} +{{- $key := .key }} +{{- with .context }} + {{- if .existingSecret.name }} + {{- $defaultLookup := (dict "data" dict) }} + {{- $lookup := lookup "v1" "Secret" $ns .existingSecret.name | default $defaultLookup }} + {{- hasKey $lookup.data (index .existingSecret.keys $key) }} + {{- end }} +{{- end }} +{{- end -}} + +{{/* +Compute Secret checksum whether it's read from values or from secrets + +Usage: include "alfresco-common.secret-checksum" (dict "ns" "" "configKey" "somekey" "context" (dict "somekey" (dict "existingConfigMap" (dict "keys" dict))(dict "existingSecret" (dict "keys" dict))...) "configKey" "some-key") + +*/}} +{{- define "alfresco-common.checksum.config" -}} +{{- $ns := required "template needs to be given the release namepace" .ns }} +{{- $configCtx := index .context .configKey }} +{{- $lookedup_secret := "" }} +{{- $lookedup_cm := "" }} +{{- $defaultLookup := dict "data" dict -}} +{{/* If configmap is given, checksum & concat its keys otherwise checksum & concat values */}} +{{- with $configCtx }} +{{- if .existingConfigMap.name }} + {{- $lookup := lookup "v1" "ConfigMap" $ns .existingConfigMap.name | default $defaultLookup }} + {{- range $k := (keys .existingConfigMap.keys | sortAlpha) }} + {{- $lookedup_cm = cat $lookedup_cm (pick $lookup.data (index $configCtx "existingConfigMap" "keys" $k) | toJson | sha256sum) }} + {{- end }} +{{- else }} + {{- range $k := (keys .existingConfigMap.keys | sortAlpha) }} + {{- $lookedup_cm = cat $lookedup_cm (index $configCtx $k | toJson | sha256sum) }} + {{- end }} +{{- end -}} +{{/* If secret is given, checksum & concat its keys otherwise checksum & concat values */}} +{{- if .existingSecret.name }} + {{- $lookup := lookup "v1" "Secret" $ns .existingSecret.name | default $defaultLookup }} + {{- range $k := (keys .existingSecret.keys | sortAlpha) }} + {{- $lookedup_secret = cat $lookedup_secret (pick $lookup.data (index $configCtx "existingSecret" "keys" $k) | toJson | sha256sum) }} + {{- end }} +{{- else }} + {{- range $k := (keys .existingSecret.keys | sortAlpha) }} + {{- $lookedup_secret = cat $lookedup_secret (index $configCtx (index $configCtx "existingSecret" "keys" $k) | toJson | sha256sum) }} + {{- end }} +{{- end }} +{{- end -}} +{{/* Finaly checksums both concatenated hashes */}} +checksum.config.alfresco.org/{{ $.configKey }}: {{- cat $lookedup_cm $lookedup_secret | trim | sha256sum | indent 1 }} +{{- end -}}