Merge branch 'main' into custom-config

gomods · May 17, 2024 · e56053a · e56053a
2 parents e792963 + 1fb640b
commit e56053a
Show file tree

Hide file tree

Showing 5 changed files with 50 additions and 40 deletions.
diff --git a/charts/athens-proxy/Chart.yaml b/charts/athens-proxy/Chart.yaml
@@ -1,24 +1,24 @@
 apiVersion: v1
 name: athens-proxy
-version: 0.10.0
+version: 0.11.0
 appVersion: v0.14.0
 description: The proxy server for Go modules
 icon: https://github.com/raw/gomods/athens/main/docs/static/banner.png
 keywords:
-- Golang
-- Package Management
-- Goproxy
-- Athens
+  - Golang
+  - Package Management
+  - Goproxy
+  - Athens
 home: https://github.com/gomods/athens-charts
 sources:
   - https://github.com/gomods/athens-charts
 maintainers:
-- name: rimusz
-  email: rmocius@gmail.com
-- name: arschles
-  email: aaron@ecomaz.net
-- name: DrPsychick
-  email: drpsychick@drsick.net
-- name: nrwiersma
-  email: nick@wiersma.co.za
+  - name: rimusz
+    email: rmocius@gmail.com
+  - name: arschles
+    email: aaron@ecomaz.net
+  - name: DrPsychick
+    email: drpsychick@drsick.net
+  - name: nrwiersma
+    email: nick@wiersma.co.za
 engine: gotpl
diff --git a/charts/athens-proxy/templates/_helpers.tpl b/charts/athens-proxy/templates/_helpers.tpl
@@ -59,3 +59,11 @@ Determine the home directory of the current user.
 /home/athens
 {{- end -}}
 {{- end -}}
+
+{{- define "serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+{{ default (include "fullname" .) .Values.serviceAccount.name | trunc 63 | trimSuffix "-" }}
+{{- else -}}
+{{ default "default" .Values.serviceAccount.name | trunc 63 | trimSuffix "-" }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/athens-proxy/templates/deployment.yaml b/charts/athens-proxy/templates/deployment.yaml
@@ -1,7 +1,7 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ template "fullname" . }}
+  name: {{ include "fullname" . }}
   labels:
     {{- include "athens.metaLabels" . | nindent 4 }}
 spec:
@@ -17,7 +17,7 @@ spec:
   {{- end }}
   selector:
     matchLabels:
-      app: {{ template "fullname" . }}
+      app: {{ include "fullname" . }}
       release: "{{ .Release.Name }}"
   template:
     metadata:
@@ -39,9 +39,7 @@ spec:
         runAsUser: 1000
         runAsGroup: 1000
       {{- end }}
-      {{- if .Values.serviceAccount.create }}
-      serviceAccountName: {{ template "fullname" . }}
-      {{- end }}
+      serviceAccountName: {{ include "serviceAccountName" . | quote }}
       {{- if .Values.image.pullSecrets }}
       imagePullSecrets:
         {{- toYaml .Values.image.pullSecrets | nindent 8 }}
@@ -53,19 +51,19 @@ spec:
           command:
             - sh
             - -c
-          args: ["cp {{ template "home" . }}/.ssh/id_rsa* /ssh-keys && chmod 400 /ssh-keys/*"]
+          args: ["cp {{ include "home" . }}/.ssh/id_rsa* /ssh-keys && chmod 400 /ssh-keys/*"]
           volumeMounts:
           - name: ssh-keys
             mountPath: /ssh-keys
           {{- $dot := . -}}
           {{- range $server := .Values.sshGitServers }}
           {{- if $server.existingSecret }}
           - name: ssh-git-servers-secret-{{ $server.host | replace "." "-" }}
-            mountPath: "{{ template "home" $dot }}/.ssh/id_rsa-{{ $server.host }}"
+            mountPath: "{{ include "home" $dot }}/.ssh/id_rsa-{{ $server.host }}"
             subPath: {{ $server.existingSecret.subPath | quote }}
           {{- else }}
           - name: ssh-git-servers-secret
-            mountPath: {{ template "home" $dot }}/.ssh/id_rsa-{{ $server.host }}
+            mountPath: {{ include "home" $dot }}/.ssh/id_rsa-{{ $server.host }}
             subPath: id_rsa-{{ $server.host }}
           {{- end }}
           {{- end }}
@@ -79,7 +77,7 @@ spec:
           {{- end }}
       {{- end }}
       containers:
-      - name: {{ template "fullname" . }}
+      - name: {{ include "fullname" . }}
         image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
         imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
         livenessProbe:
@@ -109,7 +107,7 @@ spec:
         - name: ATHENS_MONGO_STORAGE_URL
           valueFrom:
             secretKeyRef:
-              name: {{ template "fullname" . }}-secret
+              name: {{ include "fullname" . }}-secret
               key: ATHENS_MONGO_STORAGE_URL
 {{- else if eq .Values.storage.type "s3" }}
         - name: AWS_REGION
@@ -124,21 +122,21 @@ spec:
         - name: AWS_ACCESS_KEY_ID
           valueFrom:
             secretKeyRef:
-              name: {{ template "fullname" . }}-secret
+              name: {{ include "fullname" . }}-secret
               key: AWS_ACCESS_KEY_ID
         {{- end }}
         {{- if .Values.storage.s3.secretKey }}
         - name: AWS_SECRET_ACCESS_KEY
           valueFrom:
             secretKeyRef:
-              name: {{ template "fullname" . }}-secret
+              name: {{ include "fullname" . }}-secret
               key: AWS_SECRET_ACCESS_KEY
         {{- end }}
         {{- if .Values.storage.s3.sessionToken }}
         - name: AWS_SESSION_TOKEN
           valueFrom:
             secretKeyRef:
-              name: {{ template "fullname" . }}-secret
+              name: {{ include "fullname" . }}-secret
               key: AWS_SESSION_TOKEN
         {{- end }}
 {{- else if eq .Values.storage.type "gcp"}}
@@ -150,7 +148,7 @@ spec:
         - name: ATHENS_STORAGE_GCP_JSON_KEY
           valueFrom:
             secretKeyRef:
-              name: {{ template "fullname" . }}-secret
+              name: {{ include "fullname" . }}-secret
               key: ATHENS_STORAGE_GCP_JSON_KEY
         {{- end }}
 {{- else if eq .Values.storage.type "minio" }}
@@ -162,14 +160,14 @@ spec:
         - name: ATHENS_MINIO_ACCESS_KEY_ID
           valueFrom:
             secretKeyRef:
-              name: {{ template "fullname" . }}-secret
+              name: {{ include "fullname" . }}-secret
               key: ATHENS_MINIO_ACCESS_KEY_ID
         {{- end }}
         {{- if .Values.storage.minio.secretKey }}
         - name: ATHENS_MINIO_SECRET_ACCESS_KEY
           valueFrom:
             secretKeyRef:
-              name: {{ template "fullname" . }}-secret
+              name: {{ include "fullname" . }}-secret
               key: ATHENS_MINIO_SECRET_ACCESS_KEY
         {{- end }}
         {{- if .Values.storage.minio.bucket }}
@@ -235,10 +233,10 @@ spec:
         {{- end }}
         {{- if .Values.sshGitServers }}
         - name: ssh-git-servers-config
-          mountPath: {{ template "home" . }}/.ssh/config
+          mountPath: {{ include "home" . }}/.ssh/config
           subPath: ssh_config
         - name: ssh-git-servers-config
-          mountPath: {{ template "home" . }}/.gitconfig
+          mountPath: {{ include "home" . }}/.gitconfig
           subPath: git_config
         - name: ssh-keys
           mountPath: /ssh-keys
@@ -267,7 +265,7 @@ spec:
       - name: storage-volume
       {{- if .Values.storage.disk.persistence.enabled }}
         persistentVolumeClaim:
-          claimName: {{ template "fullname" . }}-storage
+          claimName: {{ include "fullname" . }}-storage
       {{- else }}
         emptyDir: {}
       {{- end }}
@@ -284,7 +282,7 @@ spec:
       {{- if .Values.upstreamProxy.enabled }}
       - name: upstream-config
         configMap:
-          name: {{ template "fullname" . }}-upstream
+          name: {{ include "fullname" . }}-upstream
       {{- end }}
       {{- if .Values.netrc.enabled }}
       - name: netrc
@@ -296,10 +294,10 @@ spec:
         emptyDir: {}
       - name: ssh-git-servers-config
         configMap:
-          name: {{ template "fullname" . }}-ssh-git-servers
+          name: {{ include "fullname" . }}-ssh-git-servers
       - name: ssh-git-servers-secret
         secret:
-          secretName: {{ template "fullname" . }}-ssh-git-servers
+          secretName: {{ include "fullname" . }}-ssh-git-servers
       {{- range $server := .Values.sshGitServers }}
       {{- if $server.existingSecret }}
       - name: ssh-git-servers-secret-{{ $server.host | replace "." "-" }}

diff --git a/charts/athens-proxy/templates/service-account.yaml b/charts/athens-proxy/templates/service-account.yaml
@@ -2,11 +2,11 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ template "fullname" . }}
+  name: {{ include "fullname" . }}
   labels:
     {{- include "athens.metaLabels" . | nindent 4 }}
   {{- with .Values.serviceAccount.annotations }}
   annotations:
-{{ toYaml . | indent 4 }}
+    {{- toYaml . | nindent 4 }}
   {{- end }}
 {{- end }}
diff --git a/charts/athens-proxy/values.yaml b/charts/athens-proxy/values.yaml
@@ -99,11 +99,13 @@ priorityClassName: ""
 
 # Container security context configuration (see API reference: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#securitycontext-v1-core)
 # This will override the `image.runAsNonRoot` settings in the specified container if `runAsUser` or `runAsGroup` are set
-securityContext: {}
+securityContext:
+  {}
   # allowPrivilegeEscalation: false
   # runAsNonRoot: true
 
-initContainerSecurityContext: {}
+initContainerSecurityContext:
+  {}
   # allowPrivilegeEscalation: false
   # runAsNonRoot: true
 
@@ -212,6 +214,7 @@ metrics:
 serviceAccount:
   create: true
   annotations: {}
+  # name: "athens-proxy"
 
 nodeSelector: {}
 
@@ -244,7 +247,8 @@ autoscaling:
   targetMemoryUtilizationPercentage: 80
   apiVersionOverride: ""
   # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer
-  behavior: {}
+  behavior:
+    {}
     # scaleDown:
     #  stabilizationWindowSeconds: 300
     #  policies: