From b9a89e09258bfbccd6c6706ff2af3690fffbefe0 Mon Sep 17 00:00:00 2001 From: Oladapo Fadeyi Date: Wed, 21 Aug 2019 23:14:10 +0100 Subject: [PATCH] #33 | Ola | Add serviceaccount for listing Kubernetes resources Added role, rolebinding and serviceaccount definitions --- .../charts/templates/deployment.yaml | 95 ++++++++++--------- packs/vertx-web/charts/templates/ksvc.yaml | 70 +++++++------- packs/vertx-web/charts/templates/role.yaml | 15 +++ .../charts/templates/rolebinding.yaml | 13 +++ packs/vertx-web/charts/templates/service.yaml | 42 ++++---- .../charts/templates/serviceaccount.yaml | 9 ++ 6 files changed, 142 insertions(+), 102 deletions(-) create mode 100644 packs/vertx-web/charts/templates/role.yaml create mode 100644 packs/vertx-web/charts/templates/rolebinding.yaml create mode 100644 packs/vertx-web/charts/templates/serviceaccount.yaml diff --git a/packs/vertx-web/charts/templates/deployment.yaml b/packs/vertx-web/charts/templates/deployment.yaml index 66c01e551..79b8316b3 100644 --- a/packs/vertx-web/charts/templates/deployment.yaml +++ b/packs/vertx-web/charts/templates/deployment.yaml @@ -1,51 +1,54 @@ {{- if .Values.knativeDeploy }} -{{- else }} + {{- else }} apiVersion: extensions/v1beta1 kind: Deployment metadata: - name: {{ template "fullname" . }} - labels: - draft: {{ default "draft-app" .Values.draft }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: + name: {{ template "fullname" . }} + labels: draft: {{ default "draft-app" .Values.draft }} - app: {{ template "fullname" . }} -{{- if .Values.podAnnotations }} - annotations: -{{ toYaml .Values.podAnnotations | indent 8 }} -{{- end }} - spec: - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - env: -{{- range $pkey, $pval := .Values.env }} - - name: {{ $pkey }} - value: {{ quote $pval }} -{{- end }} - ports: - - containerPort: {{ .Values.service.internalPort }} - livenessProbe: - httpGet: - path: {{ .Values.probePath }} - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - readinessProbe: - httpGet: - path: {{ .Values.probePath }} - port: {{ .Values.service.internalPort }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - resources: -{{ toYaml .Values.resources | indent 12 }} - terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} -{{- end }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + draft: {{ default "draft-app" .Values.draft }} + app: {{ template "fullname" . }} + {{- if .Values.podAnnotations }} + annotations: + {{ toYaml .Values.podAnnotations | indent 8 }} + {{- end }} + spec: + serviceAccountName: {{ .Chart.Name }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: KUBERNETES_NAMESPACE + value: {{ .Release.Namespace | quote }} + {{- range $pkey, $pval := .Values.env }} + - name: {{ $pkey }} + value: {{ quote $pval }} + {{- end }} + ports: + - containerPort: {{ .Values.service.internalPort }} + livenessProbe: + httpGet: + path: {{ .Values.probePath }} + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + readinessProbe: + httpGet: + path: {{ .Values.probePath }} + port: {{ .Values.service.internalPort }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + resources: + {{ toYaml .Values.resources | indent 12 }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + {{- end }} diff --git a/packs/vertx-web/charts/templates/ksvc.yaml b/packs/vertx-web/charts/templates/ksvc.yaml index b49200b72..9b7b627ca 100644 --- a/packs/vertx-web/charts/templates/ksvc.yaml +++ b/packs/vertx-web/charts/templates/ksvc.yaml @@ -2,39 +2,39 @@ apiVersion: serving.knative.dev/v1alpha1 kind: Service metadata: -{{- if .Values.service.name }} - name: {{ .Values.service.name }} -{{- else }} - name: {{ template "fullname" . }} -{{- end }} - labels: - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- if .Values.service.name }} + name: {{ .Values.service.name }} + {{- else }} + name: {{ template "fullname" . }} + {{- end }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" spec: - runLatest: - configuration: - revisionTemplate: - spec: - container: - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - env: -{{- range $pkey, $pval := .Values.env }} - - name: {{ $pkey }} - value: {{ quote $pval }} -{{- end }} - livenessProbe: - httpGet: - path: {{ .Values.probePath }} - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - readinessProbe: - httpGet: - path: {{ .Values.probePath }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - resources: -{{ toYaml .Values.resources | indent 14 }} -{{- end }} + runLatest: + configuration: + revisionTemplate: + spec: + container: + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- range $pkey, $pval := .Values.env }} + - name: {{ $pkey }} + value: {{ quote $pval }} + {{- end }} + livenessProbe: + httpGet: + path: {{ .Values.probePath }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + readinessProbe: + httpGet: + path: {{ .Values.probePath }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + resources: + {{ toYaml .Values.resources | indent 14 }} + {{- end }} diff --git a/packs/vertx-web/charts/templates/role.yaml b/packs/vertx-web/charts/templates/role.yaml new file mode 100644 index 000000000..f4756f310 --- /dev/null +++ b/packs/vertx-web/charts/templates/role.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ .Chart.Name }} +rules: + - apiGroups: + - "" + resources: + - endpoints + - pods + - services + verbs: + - get + - list + - watch diff --git a/packs/vertx-web/charts/templates/rolebinding.yaml b/packs/vertx-web/charts/templates/rolebinding.yaml new file mode 100644 index 000000000..dcf8b75bc --- /dev/null +++ b/packs/vertx-web/charts/templates/rolebinding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ .Chart.Name }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ .Chart.Name }} +subjects: + - kind: ServiceAccount + name: {{ .Chart.Name }} + namespace: {{ .Release.Namespace }} diff --git a/packs/vertx-web/charts/templates/service.yaml b/packs/vertx-web/charts/templates/service.yaml index 9321361e3..a8f46875a 100644 --- a/packs/vertx-web/charts/templates/service.yaml +++ b/packs/vertx-web/charts/templates/service.yaml @@ -1,26 +1,26 @@ {{- if .Values.knativeDeploy }} -{{- else }} + {{- else }} apiVersion: v1 kind: Service metadata: -{{- if .Values.service.name }} - name: {{ .Values.service.name }} -{{- else }} - name: {{ template "fullname" . }} -{{- end }} - labels: - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" -{{- if .Values.service.annotations }} - annotations: -{{ toYaml .Values.service.annotations | indent 4 }} -{{- end }} + {{- if .Values.service.name }} + name: {{ .Values.service.name }} + {{- else }} + name: {{ template "fullname" . }} + {{- end }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- if .Values.service.annotations }} + annotations: + {{ toYaml .Values.service.annotations | indent 4 }} + {{- end }} spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - protocol: TCP - name: http - selector: - app: {{ template "fullname" . }} -{{- end }} + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + protocol: TCP + name: http + selector: + app: {{ template "fullname" . }} + {{- end }} diff --git a/packs/vertx-web/charts/templates/serviceaccount.yaml b/packs/vertx-web/charts/templates/serviceaccount.yaml new file mode 100644 index 000000000..5a60486f1 --- /dev/null +++ b/packs/vertx-web/charts/templates/serviceaccount.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: {{ .Chart.Name }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ .Chart.Name }}