Converting mariadb-operator to use helm (#594)

* fixing wrong symlink address

* Converting mariadb-operator to use helm

* separating cluster_name

* add a comment

* make scripts executable

* fixing helm install command

* fixing all.yaml for kustomize resources

* fix helm command

* using default values of mariadb-operator 0.28.0

* Fix: No newline at end of file

* missing new line

* trailing white space

.github/workflows/helm-mariadb-operator.yaml

@@ -0,0 +1,46 @@
+name: Kustomize GitHub Actions for mariadb-operator
+
+on:
+  pull_request:
+    paths:
+      - base-helm-configs/mariadb-operator/**
+      - base-kustomize/mariadb-operator/**
+      - .github/workflows/helm-mariadb-operator.yaml
+jobs:
+  helm:
+    strategy:
+      matrix:
+        overlays:
+          - base
+    name: Helm
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - uses: azure/setup-helm@v3
+        with:
+          version: latest
+          token: "${{ secrets.GITHUB_TOKEN }}"
+        id: helm
+      - name: Kubectl Install
+        working-directory: /usr/local/bin/
+        run: |
+            if [ ! -f /usr/local/bin/kubectl ]; then
+              curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
+              chmod +x ./kubectl
+            fi
+      - name: Run Helm Template
+        run: |
+          ${{ steps.helm.outputs.helm-path }} template mariadb-operator mariadb-operator --repo https://mariadb-operator.github.io/mariadb-operator \
+            --namespace=mariadb-system \
+            --create-namespace \
+            --wait \
+            --timeout 120m \
+            -f ${{ github.workspace }}/base-helm-configs/mariadb-operator/mariadb-operator-helm-overrides.yaml \
+            --post-renderer ${{ github.workspace }}/base-kustomize/kustomize.sh \
+            --post-renderer-args mariadb-operator/${{ matrix.overlays }} > /tmp/rendered.yaml
+      - name: Return helm Build
+        uses: actions/upload-artifact@v4
+        with:
+          name: helm-mariadb-operator-artifact-${{ matrix.overlays }}
+          path: /tmp/rendered.yaml

base-helm-configs/mariadb-operator/mariadb-operator-helm-overrides.yaml

@@ -0,0 +1,254 @@
+nameOverride: ""
+fullnameOverride: ""
+
+image:
+  repository: ghcr.io/mariadb-operator/mariadb-operator
+  pullPolicy: IfNotPresent
+  # -- Image tag to use. By default the chart appVersion is used
+  tag: ""
+imagePullSecrets: []
+
+# -- Controller log level
+logLevel: INFO
+
+# -- Cluster DNS name
+clusterName: cluster.local
+
+ha:
+  # -- Enable high availability
+  enabled: false
+  # -- Number of replicas
+  replicas: 3
+
+metrics:
+  # -- Enable operator internal metrics. Prometheus must be installed in the cluster
+  enabled: false
+  serviceMonitor:
+    # -- Enable controller ServiceMonitor
+    enabled: true
+    # -- Labels to be added to the controller ServiceMonitor
+    additionalLabels: {}
+    # release: kube-prometheus-stack
+    # --  Interval to scrape metrics
+    interval: 30s
+    # -- Timeout if metrics can't be retrieved in given time interval
+    scrapeTimeout: 25s
+
+serviceAccount:
+  # -- Specifies whether a service account should be created
+  enabled: true
+  # -- Automounts the service account token in all containers of the Pod
+  automount: true
+  # -- Annotations to add to the service account
+  annotations: {}
+  # -- Extra Labels to add to the service account
+  extraLabels: {}
+  # -- The name of the service account to use.
+  # If not set and enabled is true, a name is generated using the fullname template
+  name: ""
+
+rbac:
+  # -- Specifies whether RBAC resources should be created
+  enabled: true
+
+# -- Extra arguments to be passed to the controller entrypoint
+extrArgs: []
+
+# -- Extra environment variables to be passed to the controller
+extraEnv: []
+
+# -- Extra volumes to pass to pod.
+extraVolumes: []
+
+# -- Extra volumes to mount to the container.
+extraVolumeMounts: []
+
+# -- Annotations to add to controller Pod
+podAnnotations: {}
+
+# -- Security context to add to controller Pod
+podSecurityContext: {}
+
+# -- Security context to add to controller container
+securityContext: {}
+
+# -- Resources to add to controller container
+resources: {}
+# requests:
+#   cpu: 10m
+#   memory: 32Mi
+
+# -- Node selectors to add to controller Pod
+nodeSelector: {}
+
+# -- Tolerations to add to controller Pod
+tolerations: []
+
+# -- Affinity to add to controller Pod
+affinity:
+  nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+        - matchExpressions:
+            - key: node-role.kubernetes.io/worker
+              operator: In
+              values:
+                - worker
+
+webhook:
+  image:
+    repository: ghcr.io/mariadb-operator/mariadb-operator
+    pullPolicy: IfNotPresent
+    # -- Image tag to use. By default the chart appVersion is used
+    tag: ""
+  imagePullSecrets: []
+  ha:
+    # -- Enable high availability
+    enabled: false
+    # -- Number of replicas
+    replicas: 3
+  cert:
+    certManager:
+      # -- Whether to use cert-manager to issue and rotate the certificate. If set to false, mariadb-operator's cert-controller will be used instead.
+      enabled: true
+      # -- Issuer reference to be used in the Certificate resource. If not provided, a self-signed issuer will be used.
+      issuerRef: {}
+       # -- Duration to be used in the Certificate resource,
+      duration: ""
+       # -- Renew before duration to be used in the Certificate resource.
+      renewBefore: ""
+    # -- Annotatioms to be added to webhook TLS secret.
+    secretAnnotations: {}
+    # -- Labels to be added to webhook TLS secret.
+    secretLabels: {}
+    # -- Path where the CA certificate will be mounted.
+    caPath: /tmp/k8s-webhook-server/certificate-authority
+    # -- Path where the certificate will be mounted.
+    path: /tmp/k8s-webhook-server/serving-certs
+  # -- Port to be used by the webhook server
+  port: 9443
+  # -- Expose the webhook server in the host network
+  hostNetwork: false
+  serviceMonitor:
+    # -- Enable webhook ServiceMonitor. Metrics must be enabled
+    enabled: true
+    # -- Labels to be added to the webhook ServiceMonitor
+    additionalLabels: {}
+    # release: kube-prometheus-stack
+    # --  Interval to scrape metrics
+    interval: 30s
+    # -- Timeout if metrics can't be retrieved in given time interval
+    scrapeTimeout: 25s
+  serviceAccount:
+    # -- Specifies whether a service account should be created
+    enabled: true
+    # -- Automounts the service account token in all containers of the Pod
+    automount: true
+    # -- Annotations to add to the service account
+    annotations: {}
+    # -- Extra Labels to add to the service account
+    extraLabels: {}
+    # -- The name of the service account to use.
+    # If not set and enabled is true, a name is generated using the fullname template
+    name: ""
+  # -- Annotations for webhook configurations.
+  annotations: {}
+  # -- Extra arguments to be passed to the webhook entrypoint
+  extrArgs: []
+  # -- Extra volumes to pass to webhook Pod
+  extraVolumes: []
+  # -- Extra volumes to mount to webhook container
+  extraVolumeMounts: []
+  # -- Annotations to add to webhook Pod
+  podAnnotations: {}
+  # -- Security context to add to webhook Pod
+  podSecurityContext: {}
+  # -- Security context to add to webhook container
+  securityContext: {}
+  # -- Resources to add to webhook container
+  resources: {}
+  # requests:
+  #   cpu: 10m
+  #   memory: 32Mi
+  # -- Node selectors to add to controller Pod
+  nodeSelector: {}
+  # -- Tolerations to add to controller Pod
+  tolerations: []
+  # -- Affinity to add to controller Pod
+  affinity:
+    nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+        - matchExpressions:
+            - key: node-role.kubernetes.io/worker
+              operator: In
+              values:
+                - worker
+
+certController:
+  # -- Specifies whether the cert-controller should be created.
+  enabled: true
+  image:
+    repository: ghcr.io/mariadb-operator/mariadb-operator
+    pullPolicy: IfNotPresent
+    # -- Image tag to use. By default the chart appVersion is used
+    tag: ""
+  imagePullSecrets: []
+  ha:
+    # -- Enable high availability
+    enabled: false
+    # -- Number of replicas
+    replicas: 3
+  # -- CA certificate validity. It must be greater than certValidity.
+  caValidity: 35064h
+  # -- Certificate validity.
+  certValidity: 8766h
+  # -- Duration used to verify whether a certificate is valid or not.
+  lookaheadValidity: 2160h
+  # -- Requeue duration to ensure that certificate gets renewed.
+  requeueDuration: 5m
+  serviceMonitor:
+    # -- Enable cert-controller ServiceMonitor. Metrics must be enabled
+    enabled: true
+    # -- Labels to be added to the cert-controller ServiceMonitor
+    additionalLabels: {}
+    # release: kube-prometheus-stack
+    # --  Interval to scrape metrics
+    interval: 30s
+    # -- Timeout if metrics can't be retrieved in given time interval
+    scrapeTimeout: 25s
+  serviceAccount:
+    # -- Specifies whether a service account should be created
+    enabled: true
+    # -- Automounts the service account token in all containers of the Pod
+    automount: true
+    # -- Annotations to add to the service account
+    annotations: {}
+    # -- Extra Labels to add to the service account
+    extraLabels: {}
+    # -- The name of the service account to use.
+    # If not set and enabled is true, a name is generated using the fullname template
+    name: ""
+  # -- Extra arguments to be passed to the cert-controller entrypoint
+  extrArgs: []
+  # -- Extra volumes to pass to cert-controller Pod
+  extraVolumes: []
+  # -- Extra volumes to mount to cert-controller container
+  extraVolumeMounts: []
+  # -- Annotations to add to cert-controller Pod
+  podAnnotations: {}
+  # -- Security context to add to cert-controller Pod
+  podSecurityContext: {}
+  # -- Security context to add to cert-controller container
+  securityContext: {}
+  # -- Resources to add to cert-controller container
+  resources: {}
+  # requests:
+  #   cpu: 10m
+  #   memory: 32Mi
+  # -- Node selectors to add to controller Pod
+  nodeSelector: {}
+  # -- Tolerations to add to controller Pod
+  tolerations: []
+  # -- Affinity to add to controller Pod
+  affinity: {}

base-kustomize/mariadb-operator/base/kustomization.yaml

@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+   - all.yaml