Remove Senlin (#1266)
Signed-off-by: Mohammed Naser <mnaser@vexxhost.com>
diff --git a/.charts.yml b/.charts.yml
index 33123ac..5fd498e 100644
--- a/.charts.yml
+++ b/.charts.yml
@@ -200,14 +200,6 @@
version: 1.14.2
repository:
url: https://charts.rook.io/release
- - name: senlin
- version: 0.2.9
- repository: *openstack_helm_repository
- dependencies: *openstack_helm_dependencies
- patches:
- gerrit:
- review.opendev.org:
- - 899913
- name: tempest
version: 0.2.8
repository: *openstack_helm_repository
diff --git a/charts/senlin/Chart.yaml b/charts/senlin/Chart.yaml
deleted file mode 100644
index 4085ec4..0000000
--- a/charts/senlin/Chart.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: v1
-appVersion: v1.0.0
-description: OpenStack-Helm Senlin
-home: https://docs.openstack.org/senlin/latest/
-icon: https://www.openstack.org/themes/openstack/images/project-mascots/Senlin/OpenStack_Project_Senlin_vertical.png
-maintainers:
-- name: OpenStack-Helm Authors
-name: senlin
-sources:
-- https://opendev.org/openstack/senlin
-- https://opendev.org/openstack/openstack-helm
-version: 0.2.9
diff --git a/charts/senlin/charts/helm-toolkit/Chart.yaml b/charts/senlin/charts/helm-toolkit/Chart.yaml
deleted file mode 100644
index e827e99..0000000
--- a/charts/senlin/charts/helm-toolkit/Chart.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: v1
-appVersion: v1.0.0
-description: OpenStack-Helm Helm-Toolkit
-home: https://docs.openstack.org/openstack-helm
-icon: https://www.openstack.org/themes/openstack/images/project-mascots/OpenStack-Helm/OpenStack_Project_OpenStackHelm_vertical.png
-maintainers:
-- name: OpenStack-Helm Authors
-name: helm-toolkit
-sources:
-- https://opendev.org/openstack/openstack-helm-infra
-- https://opendev.org/openstack/openstack-helm
-version: 0.2.64
diff --git a/charts/senlin/charts/helm-toolkit/requirements.lock b/charts/senlin/charts/helm-toolkit/requirements.lock
deleted file mode 100644
index 808bd94..0000000
--- a/charts/senlin/charts/helm-toolkit/requirements.lock
+++ /dev/null
@@ -1,3 +0,0 @@
-dependencies: []
-digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726
-generated: '0001-01-01T00:00:00Z'
diff --git a/charts/senlin/charts/helm-toolkit/requirements.yaml b/charts/senlin/charts/helm-toolkit/requirements.yaml
deleted file mode 100644
index 27fb08a..0000000
--- a/charts/senlin/charts/helm-toolkit/requirements.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
----
-dependencies: []
-...
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl
deleted file mode 100644
index 12b84de..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl
+++ /dev/null
@@ -1,58 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves database, or basic auth, style endpoints
-values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- auth:
- admin:
- username: root
- password: password
- service_username:
- username: username
- password: password
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
- path: /dbname
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
-usage: |
- {{ tuple "oslo_db" "internal" "service_username" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" }}
-return: |
- mysql+pymysql://serviceuser:password@mariadb.default.svc.cluster.local:3306/dbname
-*/}}
-
-{{- define "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $userclass := index . 2 -}}
-{{- $port := index . 3 -}}
-{{- $context := index . 4 -}}
-{{- $endpointScheme := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" }}
-{{- $userMap := index $context.Values.endpoints ( $type | replace "-" "_" ) "auth" $userclass }}
-{{- $endpointUser := index $userMap "username" }}
-{{- $endpointPass := index $userMap "password" }}
-{{- $endpointHost := tuple $type $endpoint $context | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
-{{- $endpointPort := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-{{- $endpointPath := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.keystone_endpoint_path_lookup" }}
-{{- printf "%s://%s:%s@%s:%s%s" $endpointScheme $endpointUser $endpointPass $endpointHost $endpointPort $endpointPath -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_authenticated_transport_endpoint_uri_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_authenticated_transport_endpoint_uri_lookup.tpl
deleted file mode 100644
index b7cf287..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_authenticated_transport_endpoint_uri_lookup.tpl
+++ /dev/null
@@ -1,121 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves endpoint string suitible for use with oslo.messaging transport url
- See: https://docs.openstack.org/oslo.messaging/latest/reference/transport.html#oslo_messaging.TransportURL
-examples:
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_messaging:
- auth:
- cinder:
- username: cinder
- password: password
- statefulset:
- replicas: 2
- name: rabbitmq-rabbitmq
- hosts:
- default: rabbitmq
- host_fqdn_override:
- default: null
- path: /cinder
- scheme: rabbit
- port:
- amqp:
- default: 5672
- usage: |
- {{ tuple "oslo_messaging" "internal" "cinder" "amqp" . | include "helm-toolkit.endpoints.authenticated_transport_endpoint_uri_lookup" }}
- return: |
- rabbit://cinder:password@rabbitmq-rabbitmq-0.rabbitmq.default.svc.cluster.local:5672,cinder:password@rabbitmq-rabbitmq-1.rabbitmq.default.svc.cluster.local:5672/cinder
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_messaging:
- auth:
- cinder:
- username: cinder
- password: password
- statefulset: null
- hosts:
- default: rabbitmq
- host_fqdn_override:
- default: null
- path: /cinder
- scheme: rabbit
- port:
- amqp:
- default: 5672
- usage: |
- {{ tuple "oslo_messaging" "internal" "cinder" "amqp" . | include "helm-toolkit.endpoints.authenticated_transport_endpoint_uri_lookup" }}
- return: |
- rabbit://cinder:password@rabbitmq.default.svc.cluster.local:5672/cinder
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_messaging:
- auth:
- cinder:
- username: cinder
- password: password
- statefulset:
- replicas: 2
- name: rabbitmq-rabbitmq
- hosts:
- default: rabbitmq
- host_fqdn_override:
- default: rabbitmq.openstackhelm.org
- path: /cinder
- scheme: rabbit
- port:
- amqp:
- default: 5672
- usage: |
- {{ tuple "oslo_messaging" "internal" "cinder" "amqp" . | include "helm-toolkit.endpoints.authenticated_transport_endpoint_uri_lookup" }}
- return: |
- rabbit://cinder:password@rabbitmq.openstackhelm.org:5672/cinder
-*/}}
-
-{{- define "helm-toolkit.endpoints.authenticated_transport_endpoint_uri_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $userclass := index . 2 -}}
-{{- $port := index . 3 -}}
-{{- $context := index . 4 -}}
-{{- $endpointScheme := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" }}
-{{- $userMap := index $context.Values.endpoints ( $type | replace "-" "_" ) "auth" $userclass }}
-{{- $ssMap := index $context.Values.endpoints ( $type | replace "-" "_" ) "statefulset" | default false}}
-{{- $hostFqdnOverride := index $context.Values.endpoints ( $type | replace "-" "_" ) "host_fqdn_override" }}
-{{- $endpointUser := index $userMap "username" }}
-{{- $endpointPass := index $userMap "password" }}
-{{- $endpointHostSuffix := tuple $type $endpoint $context | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
-{{- $endpointPort := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-{{- $local := dict "endpointCredsAndHosts" list -}}
-{{- if not (or (index $hostFqdnOverride $endpoint | default ( index $hostFqdnOverride "default" ) ) ( not $ssMap ) ) }}
-{{- $endpointHostPrefix := $ssMap.name }}
-{{- range $podInt := until ( atoi (print $ssMap.replicas ) ) }}
-{{- $endpointCredAndHost := printf "%s:%s@%s-%d.%s:%s" $endpointUser $endpointPass $endpointHostPrefix $podInt $endpointHostSuffix $endpointPort }}
-{{- $_ := set $local "endpointCredsAndHosts" ( append $local.endpointCredsAndHosts $endpointCredAndHost ) }}
-{{- end }}
-{{- else }}
-{{- $endpointHost := tuple $type $endpoint $context | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
-{{- $endpointCredAndHost := printf "%s:%s@%s:%s" $endpointUser $endpointPass $endpointHost $endpointPort }}
-{{- $_ := set $local "endpointCredsAndHosts" ( append $local.endpointCredsAndHosts $endpointCredAndHost ) }}
-{{- end }}
-{{- $endpointCredsAndHosts := include "helm-toolkit.utils.joinListWithComma" $local.endpointCredsAndHosts }}
-{{- $endpointPath := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.keystone_endpoint_path_lookup" }}
-{{- printf "%s://%s%s" $endpointScheme $endpointCredsAndHosts $endpointPath }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_endpoint_host_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_endpoint_host_lookup.tpl
deleted file mode 100644
index fb8bbe7..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_endpoint_host_lookup.tpl
+++ /dev/null
@@ -1,90 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves either the fully qualified hostname, of if defined in the host field
- IPv4 for an endpoint.
-examples:
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
- usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
- return: |
- mariadb.default.svc.cluster.local
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default:
- host: mariadb
- host_fqdn_override:
- default: null
- usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
- return: |
- mariadb.default.svc.cluster.local
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default: 127.0.0.1
- host_fqdn_override:
- default: null
- usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
- return: |
- 127.0.0.1
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default:
- host: 127.0.0.1
- host_fqdn_override:
- default: null
- usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
- return: |
- 127.0.0.1
-*/}}
-
-{{- define "helm-toolkit.endpoints.endpoint_host_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $context := index . 2 -}}
-{{- $endpointMap := index $context.Values.endpoints ( $type | replace "-" "_" ) }}
-{{- $endpointScheme := $endpointMap.scheme }}
-{{- $_ := set $context.Values "__endpointHost" ( index $endpointMap.hosts $endpoint | default $endpointMap.hosts.default ) }}
-{{- if kindIs "map" $context.Values.__endpointHost }}
-{{- $_ := set $context.Values "__endpointHost" ( index $context.Values.__endpointHost "host" ) }}
-{{- end }}
-{{- $endpointHost := $context.Values.__endpointHost }}
-{{- if regexMatch "[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+" $endpointHost }}
-{{- $endpointHostname := printf "%s" $endpointHost }}
-{{- printf "%s" $endpointHostname -}}
-{{- else }}
-{{- $endpointHostname := tuple $type $endpoint $context | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
-{{- printf "%s" $endpointHostname -}}
-{{- end }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_endpoint_port_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_endpoint_port_lookup.tpl
deleted file mode 100644
index 447efe7..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_endpoint_port_lookup.tpl
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves the port for an endpoint
-values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- port:
- mysql:
- default: 3306
-usage: |
- {{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-return: |
- 3306
-*/}}
-
-{{- define "helm-toolkit.endpoints.endpoint_port_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $port := index . 2 -}}
-{{- $context := index . 3 -}}
-{{- $typeYamlSafe := $type | replace "-" "_" }}
-{{- $endpointMap := index $context.Values.endpoints $typeYamlSafe }}
-{{- $endpointPortMAP := index $endpointMap.port $port }}
-{{- $endpointPort := index $endpointPortMAP $endpoint | default ( index $endpointPortMAP "default" ) }}
-{{- printf "%1.f" $endpointPort -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_endpoint_token_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_endpoint_token_lookup.tpl
deleted file mode 100644
index 3a268c0..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_endpoint_token_lookup.tpl
+++ /dev/null
@@ -1,36 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Gets the token for an endpoint
-values: |
- endpoints:
- keystone:
- auth:
- admin:
- token: zh78JzXgw6YUKy2e
-usage: |
- {{ tuple "keystone" "admin" . | include "helm-toolkit.endpoints.endpoint_token_lookup" }}
-return: |
- zh78JzXgw6YUKy2e
-*/}}
-
-{{- define "helm-toolkit.endpoints.endpoint_token_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $userName := index . 1 -}}
-{{- $context := index . 2 -}}
-{{- $serviceToken := index $context.Values.endpoints ( $type | replace "-" "_" ) "auth" $userName "token" }}
-{{- printf "%s" $serviceToken -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_host_and_port_endpoint_uri_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_host_and_port_endpoint_uri_lookup.tpl
deleted file mode 100644
index 6877b7b..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_host_and_port_endpoint_uri_lookup.tpl
+++ /dev/null
@@ -1,59 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves 'hostname:port' for an endpoint
-examples:
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
- port:
- mysql:
- default: 3306
- usage: |
- {{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
- return: |
- mariadb.default.svc.cluster.local:3306
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default: 127.0.0.1
- host_fqdn_override:
- default: null
- port:
- mysql:
- default: 3306
- usage: |
- {{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
- return: |
- 127.0.0.1:3306
-*/}}
-
-{{- define "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $port := index . 2 -}}
-{{- $context := index . 3 -}}
-{{- $endpointPort := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-{{- $endpointHostname := tuple $type $endpoint $context | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
-{{- printf "%s:%s" $endpointHostname $endpointPort -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_fqdn_endpoint_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_fqdn_endpoint_lookup.tpl
deleted file mode 100644
index 26374e3..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_fqdn_endpoint_lookup.tpl
+++ /dev/null
@@ -1,76 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves the fully qualified hostname for an endpoint
-examples:
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
- usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
- return: |
- mariadb.default.svc.cluster.local
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default: mariadb
- host_fqdn_override:
- default: mariadb.openstackhelm.openstack.org
- usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
- return: |
- mariadb.openstackhelm.openstack.org
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default: mariadb
- host_fqdn_override:
- default:
- host: mariadb.openstackhelm.openstack.org
- usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
- return: |
- mariadb.openstackhelm.openstack.org
-*/}}
-
-{{- define "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $context := index . 2 -}}
-{{- $endpointMap := index $context.Values.endpoints ( $type | replace "-" "_" ) }}
-{{- $endpointHostNamespaced := tuple $type $endpoint $context | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
-{{- $endpointClusterHostname := printf "%s.svc.%s" $endpointHostNamespaced $context.Values.endpoints.cluster_domain_suffix }}
-{{- $_ := set $context.Values "__FQDNendpointHostDefault" ( index $endpointMap.host_fqdn_override "default" | default "" ) }}
-{{- if kindIs "map" $context.Values.__FQDNendpointHostDefault }}
-{{- $_ := set $context.Values "__FQDNendpointHostDefault" ( index $context.Values.__FQDNendpointHostDefault "host" ) }}
-{{- end }}
-{{- if kindIs "map" (index $endpointMap.host_fqdn_override $endpoint) }}
-{{- $endpointHostname := index $endpointMap.host_fqdn_override $endpoint "host" | default $context.Values.__FQDNendpointHostDefault | default $endpointClusterHostname }}
-{{- printf "%s" $endpointHostname -}}
-{{- else }}
-{{- $endpointHostname := index $endpointMap.host_fqdn_override $endpoint | default $context.Values.__FQDNendpointHostDefault | default $endpointClusterHostname }}
-{{- printf "%s" $endpointHostname -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_namespaced_endpoint_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_namespaced_endpoint_lookup.tpl
deleted file mode 100644
index 9d60393..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_namespaced_endpoint_lookup.tpl
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves the namespace scoped hostname for an endpoint
-values: |
- endpoints:
- oslo_db:
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
-usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
-return: |
- mariadb.default
-*/}}
-
-{{- define "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $context := index . 2 -}}
-{{- $endpointMap := index $context.Values.endpoints ( $type | replace "-" "_" ) }}
-{{- $namespace := $endpointMap.namespace | default $context.Release.Namespace }}
-{{- $endpointHost := tuple $type $endpoint $context | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
-{{- $endpointClusterHostname := printf "%s.%s" $endpointHost $namespace }}
-{{- printf "%s" $endpointClusterHostname -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_namespaced_endpoint_namespace_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_namespaced_endpoint_namespace_lookup.tpl
deleted file mode 100644
index cc4d4de..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_namespaced_endpoint_namespace_lookup.tpl
+++ /dev/null
@@ -1,38 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves the namespace scoped hostname for an endpoint
-values: |
- endpoints:
- oslo_db:
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
-usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_namespace_lookup" }}
-return: |
- default
-*/}}
-
-{{- define "helm-toolkit.endpoints.hostname_namespaced_endpoint_namespace_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $context := index . 2 -}}
-{{- $endpointMap := index $context.Values.endpoints ( $type | replace "-" "_" ) }}
-{{- $namespace := $endpointMap.namespace | default $context.Release.Namespace }}
-{{- printf "%s" $namespace -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_short_endpoint_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_short_endpoint_lookup.tpl
deleted file mode 100644
index f23c624..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_hostname_short_endpoint_lookup.tpl
+++ /dev/null
@@ -1,61 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves the short hostname for an endpoint
-examples:
- - values: |
- endpoints:
- oslo_db:
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
- usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
- return: |
- mariadb
- - values: |
- endpoints:
- oslo_db:
- hosts:
- default:
- host: mariadb
- host_fqdn_override:
- default: null
- usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
- return: |
- mariadb
-*/}}
-
-{{- define "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $context := index . 2 -}}
-{{- $endpointMap := index $context.Values.endpoints ( $type | replace "-" "_" ) }}
-{{- $endpointScheme := $endpointMap.scheme }}
-{{- $_ := set $context.Values "__endpointHost" ( index $endpointMap.hosts $endpoint | default $endpointMap.hosts.default ) }}
-{{- if kindIs "map" $context.Values.__endpointHost }}
-{{- $_ := set $context.Values "__endpointHost" ( index $context.Values.__endpointHost "host" ) }}
-{{- end }}
-{{- $endpointHost := $context.Values.__endpointHost }}
-{{- if regexMatch "[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+" $endpointHost }}
-{{- printf "%s" $type -}}
-{{- else }}
-{{- $endpointHostname := printf "%s" $endpointHost }}
-{{- printf "%s" $endpointHostname -}}
-{{- end }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_name_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_name_lookup.tpl
deleted file mode 100644
index e31c0eb..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_name_lookup.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves the service name for an service type
-values: |
- endpoints:
- identity:
- name: keystone
-usage: |
- {{ tuple identity . | include "keystone_endpoint_name_lookup" }}
-return: |
- "keystone"
-*/}}
-
-{{- define "helm-toolkit.endpoints.keystone_endpoint_name_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $context := index . 1 -}}
-{{- $endpointMap := index $context.Values.endpoints ( $type | replace "-" "_" ) }}
-{{- $endpointName := index $endpointMap "name" }}
-{{- $endpointName | quote -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_path_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_path_lookup.tpl
deleted file mode 100644
index b2ec648..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_path_lookup.tpl
+++ /dev/null
@@ -1,48 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# FIXME(portdirect): it appears the port input here serves no purpose,
-# and should be removed. In addition this function is bugged, do we use it?
-
-{{/*
-abstract: |
- Resolves the path for an endpoint
-values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- path:
- default: /dbname
- port:
- mysql:
- default: 3306
-usage: |
- {{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.keystone_endpoint_path_lookup" }}
-return: |
- /dbname
-*/}}
-
-{{- define "helm-toolkit.endpoints.keystone_endpoint_path_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $port := index . 2 -}}
-{{- $context := index . 3 -}}
-{{- $endpointMap := index $context.Values.endpoints ( $type | replace "-" "_" ) }}
-{{- if kindIs "string" $endpointMap.path }}
-{{- printf "%s" $endpointMap.path | default "/" -}}
-{{- else -}}
-{{- $endpointPath := index $endpointMap.path $endpoint | default $endpointMap.path.default | default "/" }}
-{{- printf "%s" $endpointPath -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_scheme_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_scheme_lookup.tpl
deleted file mode 100644
index b35cb0b..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_scheme_lookup.tpl
+++ /dev/null
@@ -1,55 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# FIXME(portdirect): it appears the port input here serves no purpose,
-# and should be removed. In addition this function is bugged, do we use it?
-
-{{/*
-abstract: |
- Resolves the scheme for an endpoint
-values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- scheme:
- default:
- mysql+pymysql
- port:
- mysql:
- default: 3306
-usage: |
- {{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" }}
-return: |
- mysql+pymysql
-*/}}
-
-# This function returns the scheme for a service, it takes an tuple
-# input in the form: service-type, endpoint-class, port-name. eg:
-# { tuple "etcd" "internal" "client" . | include "helm-toolkit.endpoints.keystone_scheme_lookup" }
-# will return the scheme setting for this particular endpoint. In other words, for most endpoints
-# it will return either 'http' or 'https'
-
-{{- define "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $port := index . 2 -}}
-{{- $context := index . 3 -}}
-{{- $endpointMap := index $context.Values.endpoints ( $type | replace "-" "_" ) }}
-{{- if kindIs "string" $endpointMap.scheme }}
-{{- printf "%s" $endpointMap.scheme | default "http" -}}
-{{- else -}}
-{{- $endpointScheme := index $endpointMap.scheme $endpoint | default $endpointMap.scheme.default | default "http" }}
-{{- printf "%s" $endpointScheme -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_uri_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_uri_lookup.tpl
deleted file mode 100644
index 8d0819c..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_keystone_endpoint_uri_lookup.tpl
+++ /dev/null
@@ -1,52 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- This function helps resolve uri style endpoints. It will omit the port for
- http when 80 is used, and 443 in the case of https.
-values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
- path: /dbname
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
-usage: |
- {{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
-return: |
- mysql+pymysql://mariadb.default.svc.cluster.local:3306/dbname
-*/}}
-
-{{- define "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $port := index . 2 -}}
-{{- $context := index . 3 -}}
-{{- $endpointScheme := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" }}
-{{- $endpointHost := tuple $type $endpoint $context | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
-{{- $endpointPort := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-{{- $endpointPath := tuple $type $endpoint $port $context | include "helm-toolkit.endpoints.keystone_endpoint_path_lookup" }}
-{{- if or ( and ( eq $endpointScheme "http" ) ( eq $endpointPort "80" ) ) ( and ( eq $endpointScheme "https" ) ( eq $endpointPort "443" ) ) -}}
-{{- printf "%s://%s%s" $endpointScheme $endpointHost $endpointPath -}}
-{{- else -}}
-{{- printf "%s://%s:%s%s" $endpointScheme $endpointHost $endpointPort $endpointPath -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/endpoints/_service_name_endpoint_with_namespace_lookup.tpl b/charts/senlin/charts/helm-toolkit/templates/endpoints/_service_name_endpoint_with_namespace_lookup.tpl
deleted file mode 100644
index cf2ef38..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/endpoints/_service_name_endpoint_with_namespace_lookup.tpl
+++ /dev/null
@@ -1,61 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- This function returns endpoint "<namespace>:<name>" pair from an endpoint
- definition. This is used in kubernetes-entrypoint to support dependencies
- between different services in different namespaces.
- returns: the endpoint namespace and the service name, delimited by a colon
-
- Normally, the service name is constructed dynamically from the hostname
- however when an ip address is used as the hostname, we default to
- namespace:endpointCategoryName in order to construct a valid service name
- however this can be overridden to a custom service name by defining
- .service.name within the endpoint definition
-values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- namespace: foo
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
-usage: |
- {{ tuple oslo_db internal . | include "helm-toolkit.endpoints.service_name_endpoint_with_namespace_lookup" }}
-return: |
- foo:mariadb
-*/}}
-
-{{- define "helm-toolkit.endpoints.service_name_endpoint_with_namespace_lookup" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $context := index . 2 -}}
-{{- $typeYamlSafe := $type | replace "-" "_" }}
-{{- $endpointMap := index $context.Values.endpoints $typeYamlSafe }}
-{{- with $endpointMap -}}
-{{- $endpointName := index .hosts $endpoint | default .hosts.default }}
-{{- $endpointNamespace := .namespace | default $context.Release.Namespace }}
-{{- if regexMatch "[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+" $endpointName }}
-{{- if .service.name }}
-{{- printf "%s:%s" $endpointNamespace .service.name -}}
-{{- else -}}
-{{- printf "%s:%s" $endpointNamespace $typeYamlSafe -}}
-{{- end -}}
-{{- else -}}
-{{- printf "%s:%s" $endpointNamespace $endpointName -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_ceph-storageclass.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_ceph-storageclass.tpl
deleted file mode 100644
index 18453ee..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_ceph-storageclass.tpl
+++ /dev/null
@@ -1,111 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Creates a manifest for kubernete ceph storageclass
-examples:
- - values: |
- manifests:
- storageclass: true
- storageclass:
- rbd:
- provision_storage_class: true
- provisioner: "ceph.com/rbd"
- metadata:
- default_storage_class: true
- name: general
- parameters:
- #We will grab the monitors value based on helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup
- pool: rbd
- admin_id: admin
- ceph_configmap_name: "ceph-etc"
- admin_secret_name: "pvc-ceph-conf-combined-storageclass"
- admin_secret_namespace: ceph
- user_id: admin
- user_secret_name: "pvc-ceph-client-key"
- image_format: "2"
- image_features: layering
- cephfs:
- provision_storage_class: true
- provisioner: "ceph.com/cephfs"
- metadata:
- name: cephfs
- parameters:
- admin_id: admin
- admin_secret_name: "pvc-ceph-cephfs-client-key"
- admin_secret_namespace: ceph
- usage: |
- {{- range $storageclass, $val := .Values.storageclass }}
- {{ dict "storageclass_data" $val "envAll" $ | include "helm-toolkit.manifests.ceph-storageclass" }}
- {{- end }}
- return: |
- ---
- apiVersion: storage.k8s.io/v1
- kind: StorageClass
- metadata:
- annotations:
- storageclass.kubernetes.io/is-default-class: "true"
- name: general
- provisioner: ceph.com/rbd
- parameters:
- monitors: ceph-mon.<ceph-namespace>.svc.<k8s-domain-name>:6789
- adminId: admin
- adminSecretName: pvc-ceph-conf-combined-storageclass
- adminSecretNamespace: ceph
- pool: rbd
- userId: admin
- userSecretName: pvc-ceph-client-key
- image_format: "2"
- image_features: layering
- ---
- apiVersion: storage.k8s.io/v1
- kind: StorageClass
- metadata:
- name: cephfs
- provisioner: ceph.com/cephfs
- parameters:
- monitors: ceph-mon.<ceph-namespace>.svc.<k8s-domain-name>:6789
- adminId: admin
- adminSecretName: pvc-ceph-cephfs-client-key
- adminSecretNamespace: ceph
-*/}}
-
-{{- define "helm-toolkit.manifests.ceph-storageclass" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $monHost := $envAll.Values.conf.ceph.global.mon_host -}}
-{{- if empty $monHost -}}
-{{- $monHost = tuple "ceph_mon" "internal" "mon" $envAll | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" -}}
-{{- end -}}
-{{- $storageclassData := index . "storageclass_data" -}}
----
-{{- if $storageclassData.provision_storage_class }}
-apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-{{- if $storageclassData.metadata.default_storage_class }}
- annotations:
- storageclass.kubernetes.io/is-default-class: "true"
-{{- end }}
- name: {{ $storageclassData.metadata.name }}
-provisioner: {{ $storageclassData.provisioner }}
-parameters:
- monitors: {{ $monHost }}
-{{- range $attr, $value := $storageclassData.parameters }}
- {{ $attr }}: {{ $value | quote }}
-{{- end }}
-allowVolumeExpansion: true
-
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_certificates.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_certificates.tpl
deleted file mode 100644
index 8be771e..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_certificates.tpl
+++ /dev/null
@@ -1,108 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Creates a certificate using jetstack
-examples:
- - values: |
- endpoints:
- dashboard:
- host_fqdn_override:
- default:
- host: null
- tls:
- secretName: keystone-tls-api
- issuerRef:
- name: ca-issuer
- duration: 2160h
- organization:
- - ACME
- commonName: keystone-api.openstack.svc.cluster.local
- privateKey:
- size: 2048
- usages:
- - server auth
- - client auth
- dnsNames:
- - cluster.local
- issuerRef:
- name: ca-issuer
- usage: |
- {{- $opts := dict "envAll" . "service" "dashboard" "type" "internal" -}}
- {{ $opts | include "helm-toolkit.manifests.certificates" }}
- return: |
- ---
- apiVersion: cert-manager.io/v1
- kind: Certificate
- metadata:
- name: keystone-tls-api
- namespace: NAMESPACE
- spec:
- commonName: keystone-api.openstack.svc.cluster.local
- dnsNames:
- - cluster.local
- duration: 2160h
- issuerRef:
- name: ca-issuer
- privateKey:
- size: 2048
- organization:
- - ACME
- secretName: keystone-tls-api
- usages:
- - server auth
- - client auth
-*/}}
-
-{{- define "helm-toolkit.manifests.certificates" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $service := index . "service" -}}
-{{- $type := index . "type" | default "" -}}
-{{- $slice := index $envAll.Values.endpoints $service "host_fqdn_override" "default" "tls" -}}
-{{/* Put in some sensible default value if one is not provided by values.yaml */}}
-{{/* If a dnsNames list is not in the values.yaml, it can be overridden by a passed-in parameter.
- This allows user to use other HTK method to determine the URI and pass that into this method.*/}}
-{{- if not (hasKey $slice "dnsNames") -}}
-{{- $hostName := tuple $service $type $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}
-{{- $dnsNames := list $hostName (printf "%s.%s" $hostName $envAll.Release.Namespace) (printf "%s.%s.svc.%s" $hostName $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) -}}
-{{- $_ := $dnsNames | set (index $envAll.Values.endpoints $service "host_fqdn_override" "default" "tls") "dnsNames" -}}
-{{- end -}}
-{{/* Default privateKey size to 4096. This can be overridden. */}}
-{{- if not (hasKey $slice "privateKey") -}}
-{{- $_ := dict "size" ( printf "%d" 4096 | atoi ) | set (index $envAll.Values.endpoints $service "host_fqdn_override" "default" "tls") "privateKey" -}}
-{{- else if empty (index $envAll.Values.endpoints $service "host_fqdn_override" "default" "tls" "privateKey" "size") -}}
-{{- $_ := ( printf "%d" 4096 | atoi ) | set (index $envAll.Values.endpoints $service "host_fqdn_override" "default" "tls" "privateKey") "size" -}}
-{{- end -}}
-{{/* Default duration to 3 months. Note the min is 720h. This can be overridden. */}}
-{{- if not (hasKey $slice "duration") -}}
-{{- $_ := printf "%s" "2190h" | set (index $envAll.Values.endpoints $service "host_fqdn_override" "default" "tls") "duration" -}}
-{{- end -}}
-{{/* Default renewBefore to 15 days. This can be overridden. */}}
-{{- if not (hasKey $slice "renewBefore") -}}
-{{- $_ := printf "%s" "360h" | set (index $envAll.Values.endpoints $service "host_fqdn_override" "default" "tls") "renewBefore" -}}
-{{- end -}}
-{{/* Default the usage to server auth and client auth. This can be overridden. */}}
-{{- if not (hasKey $slice "usages") -}}
-{{- $_ := (list "server auth" "client auth") | set (index $envAll.Values.endpoints $service "host_fqdn_override" "default" "tls") "usages" -}}
-{{- end -}}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ index $envAll.Values.endpoints $service "host_fqdn_override" "default" "tls" "secretName" }}
- namespace: {{ $envAll.Release.Namespace }}
-spec:
-{{ $slice | toYaml | indent 2 }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_ingress.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_ingress.tpl
deleted file mode 100644
index cacb4b8..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_ingress.tpl
+++ /dev/null
@@ -1,729 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Creates a manifest for a services ingress rules.
-examples:
- - values: |
- network:
- api:
- ingress:
- public: true
- classes:
- namespace: "nginx"
- cluster: "nginx-cluster"
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
- secrets:
- tls:
- key_manager:
- api:
- public: barbican-tls-public
- endpoints:
- cluster_domain_suffix: cluster.local
- key_manager:
- name: barbican
- hosts:
- default: barbican-api
- public: barbican
- host_fqdn_override:
- default: null
- public:
- host: barbican.openstackhelm.example
- tls:
- crt: |
- FOO-CRT
- key: |
- FOO-KEY
- ca: |
- FOO-CA_CRT
- path:
- default: /
- scheme:
- default: http
- public: https
- port:
- api:
- default: 9311
- public: 80
- usage: |
- {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "pathType" "Prefix" ) -}}
- return: |
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: barbican
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
-
- spec:
- ingressClassName: "nginx"
- rules:
- - host: barbican
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- - host: barbican.default
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- - host: barbican.default.svc.cluster.local
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: barbican-namespace-fqdn
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
-
- spec:
- ingressClassName: "nginx"
- tls:
- - secretName: barbican-tls-public
- hosts:
- - barbican.openstackhelm.example
- rules:
- - host: barbican.openstackhelm.example
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: barbican-cluster-fqdn
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
-
- spec:
- ingressClassName: "nginx-cluster"
- tls:
- - secretName: barbican-tls-public
- hosts:
- - barbican.openstackhelm.example
- rules:
- - host: barbican.openstackhelm.example
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- - values: |
- network:
- api:
- ingress:
- public: true
- classes:
- namespace: "nginx"
- cluster: "nginx-cluster"
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
- secrets:
- tls:
- key_manager:
- api:
- public: barbican-tls-public
- endpoints:
- cluster_domain_suffix: cluster.local
- key_manager:
- name: barbican
- hosts:
- default: barbican-api
- public:
- host: barbican
- tls:
- crt: |
- FOO-CRT
- key: |
- FOO-KEY
- ca: |
- FOO-CA_CRT
- host_fqdn_override:
- default: null
- path:
- default: /
- scheme:
- default: http
- public: https
- port:
- api:
- default: 9311
- public: 80
- usage: |
- {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "pathType" "Prefix" ) -}}
- return: |
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: barbican
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
-
- spec:
- ingressClassName: "nginx"
- tls:
- - secretName: barbican-tls-public
- hosts:
- - barbican
- - barbican.default
- - barbican.default.svc.cluster.local
- rules:
- - host: barbican
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- - host: barbican.default
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- - host: barbican.default.svc.cluster.local
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- - values: |
- cert_issuer_type: issuer
- network:
- api:
- ingress:
- public: true
- classes:
- namespace: "nginx"
- cluster: "nginx-cluster"
- annotations:
- nginx.ingress.kubernetes.io/secure-backends: "true"
- nginx.ingress.kubernetes.io/backend-protocol: "https"
- secrets:
- tls:
- key_manager:
- api:
- public: barbican-tls-public
- internal: barbican-tls-api
- endpoints:
- cluster_domain_suffix: cluster.local
- key_manager:
- name: barbican
- hosts:
- default: barbican-api
- public:
- host: barbican
- tls:
- crt: |
- FOO-CRT
- key: |
- FOO-KEY
- ca: |
- FOO-CA_CRT
- host_fqdn_override:
- default: null
- path:
- default: /
- scheme:
- default: http
- public: https
- port:
- api:
- default: 9311
- public: 80
- certs:
- barbican_tls_api:
- secretName: barbican-tls-api
- issuerRef:
- name: ca-issuer
- kind: Issuer
- usage: |
- {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "certIssuer" "ca-issuer" "pathType" "Prefix" ) -}}
- return: |
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: barbican
- annotations:
- cert-manager.io/issuer: ca-issuer
- certmanager.k8s.io/issuer: ca-issuer
- nginx.ingress.kubernetes.io/backend-protocol: https
- nginx.ingress.kubernetes.io/secure-backends: "true"
- spec:
- ingressClassName: "nginx"
- tls:
- - secretName: barbican-tls-public-certmanager
- hosts:
- - barbican
- - barbican.default
- - barbican.default.svc.cluster.local
- rules:
- - host: barbican
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- - host: barbican.default
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- - host: barbican.default.svc.cluster.local
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
-
- - values: |
- network:
- api:
- ingress:
- public: true
- classes:
- namespace: "nginx"
- cluster: "nginx-cluster"
- annotations:
- nginx.ingress.kubernetes.io/secure-backends: "true"
- nginx.ingress.kubernetes.io/backend-protocol: "https"
- secrets:
- tls:
- key_manager:
- api:
- public: barbican-tls-public
- internal: barbican-tls-api
- endpoints:
- cluster_domain_suffix: cluster.local
- key_manager:
- name: barbican
- hosts:
- default: barbican-api
- public:
- host: barbican
- tls:
- crt: |
- FOO-CRT
- key: |
- FOO-KEY
- ca: |
- FOO-CA_CRT
- host_fqdn_override:
- default: null
- path:
- default: /
- scheme:
- default: http
- public: https
- port:
- api:
- default: 9311
- public: 80
- certs:
- barbican_tls_api:
- secretName: barbican-tls-api
- issuerRef:
- name: ca-issuer
- kind: ClusterIssuer
- usage: |
- {{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "certIssuer" "ca-issuer" "pathType" "Prefix" ) -}}
- return: |
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: barbican
- annotations:
- cert-manager.io/cluster-issuer: ca-issuer
- certmanager.k8s.io/cluster-issuer: ca-issuer
- nginx.ingress.kubernetes.io/backend-protocol: https
- nginx.ingress.kubernetes.io/secure-backends: "true"
- spec:
- ingressClassName: "nginx"
- tls:
- - secretName: barbican-tls-public-certmanager
- hosts:
- - barbican
- - barbican.default
- - barbican.default.svc.cluster.local
- rules:
- - host: barbican
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- - host: barbican.default
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- - host: barbican.default.svc.cluster.local
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: barbican-api
- port:
- name: b-api
- # Sample usage for multiple DNS names associated with the same public
- # endpoint and certificate
- - values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- grafana:
- name: grafana
- hosts:
- default: grafana-dashboard
- public: grafana
- host_fqdn_override:
- public:
- host: grafana.openstackhelm.example
- tls:
- dnsNames:
- - grafana-alt.openstackhelm.example
- crt: "BASE64 ENCODED CERT"
- key: "BASE64 ENCODED KEY"
- network:
- grafana:
- ingress:
- classes:
- namespace: "nginx"
- cluster: "nginx-cluster"
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
- secrets:
- tls:
- grafana:
- grafana:
- public: grafana-tls-public
- usage: |
- {{- $ingressOpts := dict "envAll" . "backendService" "grafana" "backendServiceType" "grafana" "backendPort" "dashboard" "pathType" "Prefix" -}}
- {{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
- return: |
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: grafana
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
-
- spec:
- ingressClassName: "nginx"
- rules:
- - host: grafana
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: grafana-dashboard
- port:
- name: dashboard
- - host: grafana.default
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: grafana-dashboard
- port:
- name: dashboard
- - host: grafana.default.svc.cluster.local
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: grafana-dashboard
- port:
- name: dashboard
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: grafana-namespace-fqdn
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
-
- spec:
- ingressClassName: "nginx"
- tls:
- - secretName: grafana-tls-public
- hosts:
- - grafana.openstackhelm.example
- - grafana-alt.openstackhelm.example
- rules:
- - host: grafana.openstackhelm.example
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: grafana-dashboard
- port:
- name: dashboard
- - host: grafana-alt.openstackhelm.example
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: grafana-dashboard
- port:
- name: dashboard
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: grafana-cluster-fqdn
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
-
- spec:
- ingressClassName: "nginx-cluster"
- tls:
- - secretName: grafana-tls-public
- hosts:
- - grafana.openstackhelm.example
- - grafana-alt.openstackhelm.example
- rules:
- - host: grafana.openstackhelm.example
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: grafana-dashboard
- port:
- name: dashboard
- - host: grafana-alt.openstackhelm.example
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: grafana-dashboard
- port:
- name: dashboard
-
-*/}}
-
-{{- define "helm-toolkit.manifests.ingress._host_rules" -}}
-{{- $vHost := index . "vHost" -}}
-{{- $backendName := index . "backendName" -}}
-{{- $backendPort := index . "backendPort" -}}
-{{- $pathType := index . "pathType" -}}
-- host: {{ $vHost }}
- http:
- paths:
- - path: /
- pathType: {{ $pathType }}
- backend:
- service:
- name: {{ $backendName }}
- port:
-{{- if or (kindIs "int" $backendPort) (regexMatch "^[0-9]{1,5}$" $backendPort) }}
- number: {{ $backendPort | int }}
-{{- else }}
- name: {{ $backendPort | quote }}
-{{- end }}
-{{- end }}
-
-{{- define "helm-toolkit.manifests.ingress" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $backendService := index . "backendService" | default "api" -}}
-{{- $backendServiceType := index . "backendServiceType" -}}
-{{- $backendPort := index . "backendPort" -}}
-{{- $endpoint := index . "endpoint" | default "public" -}}
-{{- $pathType := index . "pathType" | default "Prefix" -}}
-{{- $certIssuer := index . "certIssuer" | default "" -}}
-{{- $ingressName := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
-{{- $backendName := tuple $backendServiceType "internal" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
-{{- $hostName := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
-{{- $hostNameFull := tuple $backendServiceType $endpoint $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
-{{- $certIssuerType := "cluster-issuer" -}}
-{{- if $envAll.Values.cert_issuer_type }}
-{{- $certIssuerType = $envAll.Values.cert_issuer_type }}
-{{- end }}
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: {{ $ingressName }}
- annotations:
-{{- if $certIssuer }}
- cert-manager.io/{{ $certIssuerType }}: {{ $certIssuer }}
- certmanager.k8s.io/{{ $certIssuerType }}: {{ $certIssuer }}
-{{- $slice := index $envAll.Values.endpoints $backendServiceType "host_fqdn_override" "default" "tls" -}}
-{{- if (hasKey $slice "duration") }}
- cert-manager.io/duration: {{ index $slice "duration" }}
-{{- end }}
-{{- end }}
-{{ toYaml (index $envAll.Values.network $backendService "ingress" "annotations") | indent 4 }}
-spec:
- ingressClassName: {{ index $envAll.Values.network $backendService "ingress" "classes" "namespace" | quote }}
-{{- $host := index $envAll.Values.endpoints ( $backendServiceType | replace "-" "_" ) "hosts" }}
-{{- if $certIssuer }}
-{{- $secretName := index $envAll.Values.secrets "tls" ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
-{{- $_ := required "You need to specify a secret in your values for the endpoint" $secretName }}
- tls:
- - secretName: {{ printf "%s-ing" $secretName }}
- hosts:
-{{- range $key1, $vHost := tuple $hostName (printf "%s.%s" $hostName $envAll.Release.Namespace) (printf "%s.%s.svc.%s" $hostName $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) }}
- - {{ $vHost }}
-{{- end }}
-{{- else }}
-{{- if hasKey $host $endpoint }}
-{{- $endpointHost := index $host $endpoint }}
-{{- if kindIs "map" $endpointHost }}
-{{- if hasKey $endpointHost "tls" }}
-{{- if and ( not ( empty $endpointHost.tls.key ) ) ( not ( empty $endpointHost.tls.crt ) ) }}
-{{- $secretName := index $envAll.Values.secrets "tls" ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
-{{- $_ := required "You need to specify a secret in your values for the endpoint" $secretName }}
- tls:
- - secretName: {{ $secretName }}
- hosts:
-{{- range $key1, $vHost := tuple $hostName (printf "%s.%s" $hostName $envAll.Release.Namespace) (printf "%s.%s.svc.%s" $hostName $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) }}
- - {{ $vHost }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
- rules:
-{{- range $key1, $vHost := tuple $hostName (printf "%s.%s" $hostName $envAll.Release.Namespace) (printf "%s.%s.svc.%s" $hostName $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) }}
-{{- $hostRules := dict "vHost" $vHost "backendName" $backendName "backendPort" $backendPort "pathType" $pathType }}
-{{ $hostRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4 }}
-{{- end }}
-{{- if not ( hasSuffix ( printf ".%s.svc.%s" $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) $hostNameFull) }}
-{{- $ingressConf := $envAll.Values.network -}}
-{{- $ingressClasses := ternary (tuple "namespace") (tuple "namespace" "cluster") (and (hasKey $ingressConf "use_external_ingress_controller") $ingressConf.use_external_ingress_controller) }}
-{{- range $key2, $ingressController := $ingressClasses }}
-{{- $vHosts := list $hostNameFull }}
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: {{ printf "%s-%s-%s" $ingressName $ingressController "fqdn" }}
- annotations:
-{{ toYaml (index $envAll.Values.network $backendService "ingress" "annotations") | indent 4 }}
-spec:
- ingressClassName: {{ index $envAll.Values.network $backendService "ingress" "classes" $ingressController | quote }}
-{{- $host := index $envAll.Values.endpoints ( $backendServiceType | replace "-" "_" ) "host_fqdn_override" }}
-{{- if hasKey $host $endpoint }}
-{{- $endpointHost := index $host $endpoint }}
-{{- if kindIs "map" $endpointHost }}
-{{- if hasKey $endpointHost "tls" }}
-{{- range $v := without (index $endpointHost.tls "dnsNames" | default list) $hostNameFull }}
-{{- $vHosts = append $vHosts $v }}
-{{- end }}
-{{- $secretName := index $envAll.Values.secrets "tls" ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
-{{- $_ := required "You need to specify a secret in your values for the endpoint" $secretName }}
- tls:
- - secretName: {{ $secretName }}
- hosts:
-{{- range $vHost := $vHosts }}
- - {{ $vHost }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
- rules:
-{{- range $vHost := $vHosts }}
-{{- $hostNameFullRules := dict "vHost" $vHost "backendName" $backendName "backendPort" $backendPort "pathType" $pathType }}
-{{ $hostNameFullRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4 }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-bootstrap.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job-bootstrap.tpl
deleted file mode 100644
index 6b77004..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-bootstrap.tpl
+++ /dev/null
@@ -1,142 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for db creation and user management.
-# It can be used in charts dict created similar to the following:
-# {- $bootstrapJob := dict "envAll" . "serviceName" "senlin" -}
-# { $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }
-
-{{- define "helm-toolkit.manifests.job_bootstrap" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $podVolMounts := index . "podVolMounts" | default false -}}
-{{- $podVols := index . "podVols" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
-{{- $configFile := index . "configFile" | default (printf "/etc/%s/%s.conf" $serviceName $serviceName ) -}}
-{{- $logConfigFile := index . "logConfigFile" | default (printf "/etc/%s/logging.conf" $serviceName ) -}}
-{{- $tlsSecret := index . "tlsSecret" | default "" -}}
-{{- $keystoneUser := index . "keystoneUser" | default $serviceName -}}
-{{- $openrc := index . "openrc" | default "true" -}}
-{{- $secretBin := index . "secretBin" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "bootstrap" }}
-{{ tuple $envAll "bootstrap" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceNamePretty "bootstrap" | quote }}
- labels:
-{{ tuple $envAll $serviceName "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
-{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- {{ tuple $envAll "bootstrap" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "bootstrap" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: bootstrap
- image: {{ $envAll.Values.images.tags.bootstrap }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{- if eq $openrc "true" }}
- env:
-{{- with $env := dict "ksUserSecret" ( index $envAll.Values.secrets.identity $keystoneUser ) "useCA" (ne $tlsSecret "") }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
-{{- end }}
- command:
- - /bin/bash
- - -c
- - /tmp/bootstrap.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: bootstrap-sh
- mountPath: /tmp/bootstrap.sh
- subPath: bootstrap.sh
- readOnly: true
- - name: etc-service
- mountPath: {{ dir $configFile | quote }}
- - name: bootstrap-conf
- mountPath: {{ $configFile | quote }}
- subPath: {{ base $configFile | quote }}
- readOnly: true
- - name: bootstrap-conf
- mountPath: {{ $logConfigFile | quote }}
- subPath: {{ base $logConfigFile | quote }}
- readOnly: true
-{{ dict "enabled" (ne $tlsSecret "") "name" $tlsSecret | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- if $podVolMounts }}
-{{ $podVolMounts | toYaml | indent 12 }}
-{{- end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: bootstrap-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
- - name: etc-service
- emptyDir: {}
- - name: bootstrap-conf
- secret:
- secretName: {{ $configMapEtc | quote }}
- defaultMode: 0444
-{{- dict "enabled" (ne $tlsSecret "") "name" $tlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- if $podVols }}
-{{ $podVols | toYaml | indent 8 }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
deleted file mode 100644
index 2b7ff2c..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
+++ /dev/null
@@ -1,171 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for db creation and user management.
-# It can be used in charts dict created similar to the following:
-# {- $dbToDropJob := dict "envAll" . "serviceName" "senlin" -}
-# { $dbToDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }
-#
-# If the service does not use oslo then the db can be managed with:
-# {- $dbToDrop := dict "inputType" "secret" "adminSecret" .Values.secrets.oslo_db.admin "userSecret" .Values.secrets.oslo_db.horizon -}
-# {- $dbToDropJob := dict "envAll" . "serviceName" "horizon" "dbToDrop" $dbToDrop -}
-# { $dbToDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }
-
-{{- define "helm-toolkit.manifests.job_db_drop_mysql" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
-{{- $dbToDrop := index . "dbToDrop" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}}
-{{- $dbsToDrop := default (list $dbToDrop) (index . "dbsToDrop") }}
-{{- $secretBin := index . "secretBin" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-{{- $dbAdminTlsSecret := index . "dbAdminTlsSecret" | default "" -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-drop" }}
-{{ tuple $envAll "db_drop" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceNamePretty "db-drop" | quote }}
- labels:
-{{ tuple $envAll $serviceName "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
- "helm.sh/hook": pre-delete
- "helm.sh/hook-delete-policy": hook-succeeded
-{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- {{ tuple $envAll "db_drop" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "db_drop" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
-{{- range $key1, $dbToDrop := $dbsToDrop }}
-{{ $dbToDropType := default "oslo" $dbToDrop.inputType }}
- - name: {{ printf "%s-%s-%d" $serviceNamePretty "db-drop" $key1 | quote }}
- image: {{ $envAll.Values.images.tags.db_drop }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
- - name: ROOT_DB_CONNECTION
- valueFrom:
- secretKeyRef:
- name: {{ $dbToDrop.adminSecret | quote }}
- key: DB_CONNECTION
-{{- if eq $dbToDropType "oslo" }}
- - name: OPENSTACK_CONFIG_FILE
- value: {{ $dbToDrop.configFile | quote }}
- - name: OPENSTACK_CONFIG_DB_SECTION
- value: {{ $dbToDrop.configDbSection | quote }}
- - name: OPENSTACK_CONFIG_DB_KEY
- value: {{ $dbToDrop.configDbKey | quote }}
-{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
- - name: MARIADB_X509
- value: "REQUIRE X509"
-{{- end }}
-{{- if eq $dbToDropType "secret" }}
- - name: DB_CONNECTION
- valueFrom:
- secretKeyRef:
- name: {{ $dbToDrop.userSecret | quote }}
- key: DB_CONNECTION
-{{- end }}
- command:
- - /tmp/db-drop.py
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: db-drop-sh
- mountPath: /tmp/db-drop.py
- subPath: db-drop.py
- readOnly: true
-
-{{- if eq $dbToDropType "oslo" }}
- - name: etc-service
- mountPath: {{ dir $dbToDrop.configFile | quote }}
- - name: db-drop-conf
- mountPath: {{ $dbToDrop.configFile | quote }}
- subPath: {{ base $dbToDrop.configFile | quote }}
- readOnly: true
- - name: db-drop-conf
- mountPath: {{ $dbToDrop.logConfigFile | quote }}
- subPath: {{ base $dbToDrop.logConfigFile | quote }}
- readOnly: true
-{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- end }}
-{{- end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: db-drop-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- end }}
-{{- $local := dict "configMapBinFirst" true -}}
-{{- range $key1, $dbToDrop := $dbsToDrop }}
-{{- $dbToDropType := default "oslo" $dbToDrop.inputType }}
-{{- if and (eq $dbToDropType "oslo") $local.configMapBinFirst }}
-{{- $_ := set $local "configMapBinFirst" false }}
- - name: etc-service
- emptyDir: {}
- - name: db-drop-conf
- secret:
- secretName: {{ $configMapEtc | quote }}
- defaultMode: 0444
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
deleted file mode 100644
index b8a1dce..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
+++ /dev/null
@@ -1,170 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for db creation and user management.
-# It can be used in charts dict created similar to the following:
-# {- $dbToInitJob := dict "envAll" . "serviceName" "senlin" -}
-# { $dbToInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }
-#
-# If the service does not use oslo then the db can be managed with:
-# {- $dbToInit := dict "inputType" "secret" "adminSecret" .Values.secrets.oslo_db.admin "userSecret" .Values.secrets.oslo_db.horizon -}
-# {- $dbToInitJob := dict "envAll" . "serviceName" "horizon" "dbToInit" $dbToInit -}
-# { $dbToInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }
-
-{{- define "helm-toolkit.manifests.job_db_init_mysql" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
-{{- $dbToInit := index . "dbToInit" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}}
-{{- $dbsToInit := default (list $dbToInit) (index . "dbsToInit") }}
-{{- $secretBin := index . "secretBin" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-{{- $dbAdminTlsSecret := index . "dbAdminTlsSecret" | default "" -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-init" }}
-{{ tuple $envAll "db_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceNamePretty "db-init" | quote }}
- labels:
-{{ tuple $envAll $serviceName "db-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
-{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "db-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- {{ tuple $envAll "db_init" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "db_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
-{{- range $key1, $dbToInit := $dbsToInit }}
-{{ $dbToInitType := default "oslo" $dbToInit.inputType }}
- - name: {{ printf "%s-%s-%d" $serviceNamePretty "db-init" $key1 | quote }}
- image: {{ $envAll.Values.images.tags.db_init }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
- - name: ROOT_DB_CONNECTION
- valueFrom:
- secretKeyRef:
- name: {{ $dbToInit.adminSecret | quote }}
- key: DB_CONNECTION
-{{- if eq $dbToInitType "oslo" }}
- - name: OPENSTACK_CONFIG_FILE
- value: {{ $dbToInit.configFile | quote }}
- - name: OPENSTACK_CONFIG_DB_SECTION
- value: {{ $dbToInit.configDbSection | quote }}
- - name: OPENSTACK_CONFIG_DB_KEY
- value: {{ $dbToInit.configDbKey | quote }}
-{{- end }}
-{{- if eq $dbToInitType "secret" }}
- - name: DB_CONNECTION
- valueFrom:
- secretKeyRef:
- name: {{ $dbToInit.userSecret | quote }}
- key: DB_CONNECTION
-{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
- - name: MARIADB_X509
- value: "REQUIRE X509"
-{{- end }}
- command:
- - /tmp/db-init.py
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: db-init-sh
- mountPath: /tmp/db-init.py
- subPath: db-init.py
- readOnly: true
-{{- if eq $dbToInitType "oslo" }}
- - name: etc-service
- mountPath: {{ dir $dbToInit.configFile | quote }}
- - name: db-init-conf
- mountPath: {{ $dbToInit.configFile | quote }}
- subPath: {{ base $dbToInit.configFile | quote }}
- readOnly: true
- - name: db-init-conf
- mountPath: {{ $dbToInit.logConfigFile | quote }}
- subPath: {{ base $dbToInit.logConfigFile | quote }}
- readOnly: true
-{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- end }}
-{{- end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: db-init-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- end }}
-{{- $local := dict "configMapBinFirst" true -}}
-{{- range $key1, $dbToInit := $dbsToInit }}
-{{- $dbToInitType := default "oslo" $dbToInit.inputType }}
-{{- if and (eq $dbToInitType "oslo") $local.configMapBinFirst }}
-{{- $_ := set $local "configMapBinFirst" false }}
- - name: etc-service
- emptyDir: {}
- - name: db-init-conf
- secret:
- secretName: {{ $configMapEtc | quote }}
- defaultMode: 0444
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
deleted file mode 100644
index 4696c88..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
+++ /dev/null
@@ -1,138 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for db migration and management.
-# It can be used in charts dict created similar to the following:
-# {- $dbSyncJob := dict "envAll" . "serviceName" "senlin" -}
-# { $dbSyncJob | include "helm-toolkit.manifests.job_db_sync" }
-
-{{- define "helm-toolkit.manifests.job_db_sync" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
-{{- $podVolMounts := index . "podVolMounts" | default false -}}
-{{- $podVols := index . "podVols" | default false -}}
-{{- $podEnvVars := index . "podEnvVars" | default false -}}
-{{- $dbToSync := index . "dbToSync" | default ( dict "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "image" ( index $envAll.Values.images.tags ( printf "%s_db_sync" $serviceName )) ) -}}
-{{- $secretBin := index . "secretBin" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-{{- $dbAdminTlsSecret := index . "dbAdminTlsSecret" | default "" -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-sync" }}
-{{ tuple $envAll "db_sync" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceNamePretty "db-sync" | quote }}
- labels:
-{{ tuple $envAll $serviceName "db-sync" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
-{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "db-sync" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- {{ tuple $envAll "db_sync" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "db_sync" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: {{ printf "%s-%s" $serviceNamePretty "db-sync" | quote }}
- image: {{ $dbToSync.image | quote }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy | quote }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_sync | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{- if $podEnvVars }}
- env:
-{{ $podEnvVars | toYaml | indent 12 }}
-{{- end }}
- command:
- - /bin/bash
- - -c
- - /tmp/db-sync.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: db-sync-sh
- mountPath: /tmp/db-sync.sh
- subPath: db-sync.sh
- readOnly: true
- - name: etc-service
- mountPath: {{ dir $dbToSync.configFile | quote }}
- - name: db-sync-conf
- mountPath: {{ $dbToSync.configFile | quote }}
- subPath: {{ base $dbToSync.configFile | quote }}
- readOnly: true
- - name: db-sync-conf
- mountPath: {{ $dbToSync.logConfigFile | quote }}
- subPath: {{ base $dbToSync.logConfigFile | quote }}
- readOnly: true
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- if $podVolMounts }}
-{{ $podVolMounts | toYaml | indent 12 }}
-{{- end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: db-sync-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
- - name: etc-service
- emptyDir: {}
- - name: db-sync-conf
- secret:
- secretName: {{ $configMapEtc | quote }}
- defaultMode: 0444
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- if $podVols }}
-{{ $podVols | toYaml | indent 8 }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
deleted file mode 100644
index d69c9e6..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
+++ /dev/null
@@ -1,131 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for keystone service management.
-# It can be used in charts dict created similar to the following:
-# {- $ksEndpointJob := dict "envAll" . "serviceName" "senlin" "serviceTypes" ( tuple "clustering" ) -}
-# { $ksEndpointJob | include "helm-toolkit.manifests.job_ks_endpoints" }
-
-{{- define "helm-toolkit.manifests.job_ks_endpoints" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $serviceTypes := index . "serviceTypes" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $secretBin := index . "secretBin" -}}
-{{- $tlsSecret := index . "tlsSecret" | default "" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-{{- $restartPolicy_ := "OnFailure" -}}
-{{- if hasKey $envAll.Values "jobs" -}}
-{{- if hasKey $envAll.Values.jobs "ks_endpoints" -}}
-{{- $restartPolicy_ = $envAll.Values.jobs.ks_endpoints.restartPolicy | default $restartPolicy_ }}
-{{- end }}
-{{- end }}
-{{- $restartPolicy := index . "restartPolicy" | default $restartPolicy_ -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "ks-endpoints" }}
-{{ tuple $envAll "ks_endpoints" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceNamePretty "ks-endpoints" | quote }}
- labels:
-{{ tuple $envAll $serviceName "ks-endpoints" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
-{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "ks-endpoints" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: {{ $restartPolicy }}
- {{ tuple $envAll "ks_endpoints" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "ks_endpoints" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
-{{- range $key1, $osServiceType := $serviceTypes }}
-{{- range $key2, $osServiceEndPoint := tuple "admin" "internal" "public" }}
- - name: {{ printf "%s-%s-%s" $osServiceType "ks-endpoints" $osServiceEndPoint | quote }}
- image: {{ $envAll.Values.images.tags.ks_endpoints }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_endpoints | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- command:
- - /bin/bash
- - -c
- - /tmp/ks-endpoints.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: ks-endpoints-sh
- mountPath: /tmp/ks-endpoints.sh
- subPath: ks-endpoints.sh
- readOnly: true
-{{ dict "enabled" true "name" $tlsSecret "ca" true | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
- env:
-{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin "useCA" (ne $tlsSecret "") }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- - name: OS_SVC_ENDPOINT
- value: {{ $osServiceEndPoint | quote }}
- - name: OS_SERVICE_NAME
- value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoints.keystone_endpoint_name_lookup" }}
- - name: OS_SERVICE_TYPE
- value: {{ $osServiceType | quote }}
- - name: OS_SERVICE_ENDPOINT
- value: {{ tuple $osServiceType $osServiceEndPoint "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | quote }}
-{{- end }}
-{{- end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: ks-endpoints-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
-{{- dict "enabled" true "name" $tlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-ks-service.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job-ks-service.tpl
deleted file mode 100644
index 9604c63..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-ks-service.tpl
+++ /dev/null
@@ -1,125 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for keystone service management.
-# It can be used in charts dict created similar to the following:
-# {- $ksServiceJob := dict "envAll" . "serviceName" "senlin" "serviceTypes" ( tuple "clustering" ) -}
-# { $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }
-
-{{- define "helm-toolkit.manifests.job_ks_service" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $serviceTypes := index . "serviceTypes" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $secretBin := index . "secretBin" -}}
-{{- $tlsSecret := index . "tlsSecret" | default "" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-{{- $restartPolicy_ := "OnFailure" -}}
-{{- if hasKey $envAll.Values "jobs" -}}
-{{- if hasKey $envAll.Values.jobs "ks_service" -}}
-{{- $restartPolicy_ = $envAll.Values.jobs.ks_service.restartPolicy | default $restartPolicy_ }}
-{{- end }}
-{{- end }}
-{{- $restartPolicy := index . "restartPolicy" | default $restartPolicy_ -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "ks-service" }}
-{{ tuple $envAll "ks_service" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceNamePretty "ks-service" | quote }}
- labels:
-{{ tuple $envAll $serviceName "ks-service" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
-{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "ks-service" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: {{ $restartPolicy }}
- {{ tuple $envAll "ks_service" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "ks_service" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
-{{- range $key1, $osServiceType := $serviceTypes }}
- - name: {{ printf "%s-%s" $osServiceType "ks-service-registration" | quote }}
- image: {{ $envAll.Values.images.tags.ks_service }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_service | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- command:
- - /bin/bash
- - -c
- - /tmp/ks-service.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: ks-service-sh
- mountPath: /tmp/ks-service.sh
- subPath: ks-service.sh
- readOnly: true
-{{ dict "enabled" true "name" $tlsSecret "ca" true | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
- env:
-{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin "useCA" (ne $tlsSecret "") }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- - name: OS_SERVICE_NAME
- value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoints.keystone_endpoint_name_lookup" }}
- - name: OS_SERVICE_TYPE
- value: {{ $osServiceType | quote }}
-{{- end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: ks-service-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
-{{- dict "enabled" true "name" $tlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
deleted file mode 100644
index 58dcdc5..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
+++ /dev/null
@@ -1,155 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for keystone user management.
-# It can be used in charts dict created similar to the following:
-# {- $ksUserJob := dict "envAll" . "serviceName" "senlin" }
-# { $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }
-
-{{/*
- # To enable PodSecuritycontext (PodSecurityContext/v1) define the below in values.yaml:
- # example:
- # values: |
- # pod:
- # security_context:
- # ks_user:
- # pod:
- # runAsUser: 65534
- # To enable Container SecurityContext(SecurityContext/v1) for ks-user container define the values:
- # example:
- # values: |
- # pod:
- # security_context:
- # ks_user:
- # container:
- # ks-user:
- # runAsUser: 65534
- # readOnlyRootFilesystem: true
- # allowPrivilegeEscalation: false
-*/}}
-
-{{- define "helm-toolkit.manifests.job_ks_user" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $serviceUser := index . "serviceUser" | default $serviceName -}}
-{{- $secretBin := index . "secretBin" -}}
-{{- $tlsSecret := index . "tlsSecret" | default "" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceUserPretty := $serviceUser | replace "_" "-" -}}
-{{- $restartPolicy_ := "OnFailure" -}}
-{{- if hasKey $envAll.Values "jobs" -}}
-{{- if hasKey $envAll.Values.jobs "ks_user" -}}
-{{- $restartPolicy_ = $envAll.Values.jobs.ks_user.restartPolicy | default $restartPolicy_ }}
-{{- end }}
-{{- end }}
-{{- $restartPolicy := index . "restartPolicy" | default $restartPolicy_ -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "ks-user" }}
-{{ tuple $envAll "ks_user" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceUserPretty "ks-user" | quote }}
- labels:
-{{ tuple $envAll $serviceName "ks-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
-{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "ks-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName | quote }}
-{{ dict "envAll" $envAll "application" "ks_user" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
- restartPolicy: {{ $restartPolicy }}
- {{ tuple $envAll "ks_user" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "ks_user" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: ks-user
- image: {{ $envAll.Values.images.tags.ks_user }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "ks_user" "container" "ks_user" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
- command:
- - /bin/bash
- - -c
- - /tmp/ks-user.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: ks-user-sh
- mountPath: /tmp/ks-user.sh
- subPath: ks-user.sh
- readOnly: true
-{{ dict "enabled" true "name" $tlsSecret "ca" true | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
- env:
-{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin "useCA" (ne $tlsSecret "") }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- - name: SERVICE_OS_SERVICE_NAME
- value: {{ $serviceName | quote }}
-{{- with $env := dict "ksUserSecret" (index $envAll.Values.secrets.identity $serviceUser ) }}
-{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
-{{- end }}
- - name: SERVICE_OS_ROLES
- {{- $serviceOsRoles := index $envAll.Values.endpoints.identity.auth $serviceUser "role" }}
- {{- if kindIs "slice" $serviceOsRoles }}
- value: {{ include "helm-toolkit.utils.joinListWithComma" $serviceOsRoles | quote }}
- {{- else }}
- value: {{ $serviceOsRoles | quote }}
- {{- end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: ks-user-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
-{{- dict "enabled" true "name" $tlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
deleted file mode 100644
index 2cfadaf..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
+++ /dev/null
@@ -1,130 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.manifests.job_rabbit_init" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $serviceUser := index . "serviceUser" | default $serviceName -}}
-{{- $secretBin := index . "secretBin" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceUserPretty := $serviceUser | replace "_" "-" -}}
-{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-{{- $tlsPath := index . "tlsPath" | default "/etc/rabbitmq/certs" -}}
-{{- $tlsSecret := index . "tlsSecret" | default "" -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "rabbit-init" }}
-{{ tuple $envAll "rabbit_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceUserPretty "rabbit-init" | quote }}
- labels:
-{{ tuple $envAll $serviceName "rabbit-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
-{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "rabbit-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName | quote }}
- restartPolicy: OnFailure
- {{ tuple $envAll "rabbit_init" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "rabbit_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: rabbit-init
- image: {{ $envAll.Values.images.tags.rabbit_init | quote }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy | quote }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.rabbit_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- command:
- - /bin/bash
- - -c
- - /tmp/rabbit-init.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: rabbit-init-sh
- mountPath: /tmp/rabbit-init.sh
- subPath: rabbit-init.sh
- readOnly: true
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $tlsSecret "path" $tlsPath | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- end }}
- env:
- - name: RABBITMQ_ADMIN_CONNECTION
- valueFrom:
- secretKeyRef:
- name: {{ $envAll.Values.secrets.oslo_messaging.admin }}
- key: RABBITMQ_CONNECTION
- - name: RABBITMQ_USER_CONNECTION
- valueFrom:
- secretKeyRef:
- name: {{ index $envAll.Values.secrets.oslo_messaging $serviceName }}
- key: RABBITMQ_CONNECTION
-{{- if $envAll.Values.conf.rabbitmq }}
- - name: RABBITMQ_AUXILIARY_CONFIGURATION
- value: {{ toJson $envAll.Values.conf.rabbitmq | quote }}
-{{- end }}
-{{- if and $envAll.Values.manifests.certificates (ne $tlsSecret "") }}
- - name: RABBITMQ_X509
- value: "REQUIRE X509"
- - name: USER_CERT_PATH
- value: {{ $tlsPath | quote }}
-{{- end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: rabbit-init-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $tlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- end }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
deleted file mode 100644
index b5fdc09..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
+++ /dev/null
@@ -1,148 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for linking an s3 bucket to an s3 user.
-# It can be used in charts dict created similar to the following:
-# {- $s3BucketJob := dict "envAll" . "serviceName" "elasticsearch" }
-# { $s3BucketJob | include "helm-toolkit.manifests.job_s3_bucket" }
-
-{{- define "helm-toolkit.manifests.job_s3_bucket" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $configMapCeph := index . "configMapCeph" | default (printf "ceph-etc" ) -}}
-{{- $secretBin := index . "secretBin" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-{{- $s3UserSecret := index $envAll.Values.secrets.rgw $serviceName -}}
-{{- $s3Bucket := index . "s3Bucket" | default $serviceName }}
-{{- $tlsCertificateSecret := index . "tlsCertificateSecret" -}}
-{{- $tlsCertificatePath := index . "tlsCertificatePath" -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "s3-bucket" }}
-{{ tuple $envAll "s3_bucket" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceNamePretty "s3-bucket" | quote }}
- labels:
-{{ tuple $envAll $serviceName "s3-bucket" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "s3-bucket" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- spec:
- serviceAccountName: {{ $serviceAccountName | quote }}
- restartPolicy: OnFailure
- {{ tuple $envAll "s3_bucket" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "s3_bucket" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: s3-bucket
- image: {{ $envAll.Values.images.tags.s3_bucket }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.s3_bucket | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- command:
- - /bin/bash
- - -c
- - /tmp/create-s3-bucket.sh
- env:
-{{- with $env := dict "s3AdminSecret" $envAll.Values.secrets.rgw.admin }}
-{{- include "helm-toolkit.snippets.rgw_s3_admin_env_vars" $env | indent 12 }}
-{{- end }}
-{{- include "helm-toolkit.snippets.rgw_s3_user_env_vars" $envAll | indent 12 }}
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: s3-bucket-sh
- mountPath: /tmp/create-s3-bucket.sh
- subPath: create-s3-bucket.sh
- readOnly: true
- - name: etcceph
- mountPath: /etc/ceph
- - name: ceph-etc
- mountPath: /etc/ceph/ceph.conf
- subPath: ceph.conf
- readOnly: true
- {{- if empty $envAll.Values.conf.ceph.admin_keyring }}
- - name: ceph-keyring
- mountPath: /tmp/client-keyring
- subPath: key
- readOnly: true
- {{ end }}
-{{- if and ($tlsCertificatePath) ($tlsCertificateSecret) }}
- - name: {{ $tlsCertificateSecret }}
- mountPath: {{ $tlsCertificatePath }}
- subPath: ca.crt
- readOnly: true
-{{- end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: s3-bucket-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
- - name: etcceph
- emptyDir: {}
- - name: ceph-etc
- configMap:
- name: {{ $configMapCeph | quote }}
- defaultMode: 0444
- {{- if empty $envAll.Values.conf.ceph.admin_keyring }}
- - name: ceph-keyring
- secret:
- secretName: pvc-ceph-client-key
- {{ end }}
-{{- if and ($tlsCertificatePath) ($tlsCertificateSecret) }}
- - name: {{ $tlsCertificateSecret }}
- secret:
- secretName: {{ $tlsCertificateSecret }}
- defaultMode: 292
-{{- end }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
deleted file mode 100644
index 77d1a71..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
+++ /dev/null
@@ -1,160 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for s3 user management.
-# It can be used in charts dict created similar to the following:
-# {- $s3UserJob := dict "envAll" . "serviceName" "elasticsearch" }
-# { $s3UserJob | include "helm-toolkit.manifests.job_s3_user" }
-
-{{- define "helm-toolkit.manifests.job_s3_user" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $configMapCeph := index . "configMapCeph" | default (printf "ceph-etc" ) -}}
-{{- $secretBin := index . "secretBin" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-{{- $s3UserSecret := index $envAll.Values.secrets.rgw $serviceName -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "s3-user" }}
-{{ tuple $envAll "s3_user" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceNamePretty "s3-user" | quote }}
- labels:
-{{ tuple $envAll $serviceName "s3-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
- "helm.sh/hook-delete-policy": before-hook-creation
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-{{ tuple $serviceAccountName $envAll | include "helm-toolkit.snippets.custom_job_annotations" | indent 4 -}}
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "s3-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- spec:
- serviceAccountName: {{ $serviceAccountName | quote }}
- restartPolicy: OnFailure
- {{ tuple $envAll "s3_user" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "s3_user" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- - name: ceph-keyring-placement
- image: {{ $envAll.Values.images.tags.ceph_key_placement }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
- command:
- - /tmp/ceph-admin-keyring.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: etcceph
- mountPath: /etc/ceph
- - name: ceph-keyring-sh
- mountPath: /tmp/ceph-admin-keyring.sh
- subPath: ceph-admin-keyring.sh
- readOnly: true
- {{- if empty $envAll.Values.conf.ceph.admin_keyring }}
- - name: ceph-keyring
- mountPath: /tmp/client-keyring
- subPath: key
- readOnly: true
- {{ end }}
- containers:
- - name: s3-user
- image: {{ $envAll.Values.images.tags.s3_user }}
- imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.s3_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- command:
- - /bin/bash
- - -c
- - /tmp/create-s3-user.sh
- env:
-{{- with $env := dict "s3AdminSecret" $envAll.Values.secrets.rgw.admin }}
-{{- include "helm-toolkit.snippets.rgw_s3_admin_env_vars" $env | indent 12 }}
-{{- end }}
-{{- include "helm-toolkit.snippets.rgw_s3_user_env_vars" $envAll | indent 12 }}
- - name: RGW_HOST
- value: {{ tuple "ceph_object_store" "internal" "api" $envAll | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: create-s3-user-sh
- mountPath: /tmp/create-s3-user.sh
- subPath: create-s3-user.sh
- readOnly: true
- - name: etcceph
- mountPath: /etc/ceph
- - name: ceph-etc
- mountPath: /etc/ceph/ceph.conf
- subPath: ceph.conf
- readOnly: true
- {{- if empty $envAll.Values.conf.ceph.admin_keyring }}
- - name: ceph-keyring
- mountPath: /tmp/client-keyring
- subPath: key
- readOnly: true
- {{ end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: create-s3-user-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
- - name: ceph-keyring-sh
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
- - name: etcceph
- emptyDir: {}
- - name: ceph-etc
- configMap:
- name: {{ $configMapCeph | quote }}
- defaultMode: 0444
- {{- if empty $envAll.Values.conf.ceph.admin_keyring }}
- - name: ceph-keyring
- secret:
- secretName: pvc-ceph-client-key
- {{ end }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl
deleted file mode 100644
index 0906df4..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl
+++ /dev/null
@@ -1,119 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for the image repo sync jobs.
-# It can be used in charts dict created similar to the following:
-# {- $imageRepoSyncJob := dict "envAll" . "serviceName" "prometheus" -}
-# { $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }
-
-{{- define "helm-toolkit.manifests.job_image_repo_sync" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $serviceName := index . "serviceName" -}}
-{{- $jobAnnotations := index . "jobAnnotations" -}}
-{{- $jobLabels := index . "jobLabels" -}}
-{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
-{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
-{{- $podVolMounts := index . "podVolMounts" | default false -}}
-{{- $podVols := index . "podVols" | default false -}}
-{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
-{{- $secretBin := index . "secretBin" -}}
-{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
-{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
-{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-
-{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "image-repo-sync" }}
-{{ tuple $envAll "image_repo_sync" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ printf "%s-%s" $serviceNamePretty "image-repo-sync" | quote }}
- labels:
-{{ tuple $envAll $serviceName "image-repo-sync" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 4 }}
-{{- end }}
- annotations:
- "helm.sh/hook-delete-policy": before-hook-creation
-{{- if $jobAnnotations }}
-{{ toYaml $jobAnnotations | indent 4 }}
-{{- end }}
-spec:
- backoffLimit: {{ $backoffLimit }}
-{{- if $activeDeadlineSeconds }}
- activeDeadlineSeconds: {{ $activeDeadlineSeconds }}
-{{- end }}
- template:
- metadata:
- labels:
-{{ tuple $envAll $serviceName "image-repo-sync" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-{{- if $jobLabels }}
-{{ toYaml $jobLabels | indent 8 }}
-{{- end }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- {{ tuple $envAll "image_repo_sync" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
- nodeSelector:
-{{ toYaml $nodeSelector | indent 8 }}
-{{- if $tolerationsEnabled }}
-{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{- end}}
- initContainers:
-{{ tuple $envAll "image_repo_sync" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: image-repo-sync
-{{ tuple $envAll "image_repo_sync" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.image_repo_sync | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- env:
- - name: LOCAL_REPO
- value: "{{ tuple "local_image_registry" "node" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}:{{ tuple "local_image_registry" "node" "registry" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
- - name: IMAGE_SYNC_LIST
- value: "{{ include "helm-toolkit.utils.image_sync_list" $envAll }}"
- command:
- - /bin/bash
- - -c
- - /tmp/image-repo-sync.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: bootstrap-sh
- mountPath: /tmp/image-repo-sync.sh
- subPath: image-repo-sync.sh
- readOnly: true
- - name: docker-socket
- mountPath: /var/run/docker.sock
-{{- if $podVolMounts }}
-{{ $podVolMounts | toYaml | indent 12 }}
-{{- end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: bootstrap-sh
-{{- if $secretBin }}
- secret:
- secretName: {{ $secretBin | quote }}
- defaultMode: 0555
-{{- else }}
- configMap:
- name: {{ $configMapBin | quote }}
- defaultMode: 0555
-{{- end }}
- - name: docker-socket
- hostPath:
- path: /var/run/docker.sock
-{{- if $podVols }}
-{{ $podVols | toYaml | indent 8 }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_network_policy.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_network_policy.tpl
deleted file mode 100644
index 405197a..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_network_policy.tpl
+++ /dev/null
@@ -1,238 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Creates a network policy manifest for services.
-values: |
- endpoints:
- kube_dns:
- namespace: kube-system
- name: kubernetes-dns
- hosts:
- default: kube-dns
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme: http
- port:
- dns_tcp:
- default: 53
- dns:
- default: 53
- protocol: UDP
- network_policy:
- myLabel:
- podSelector:
- matchLabels:
- component: api
- ingress:
- - from:
- - podSelector:
- matchLabels:
- application: keystone
- ports:
- - protocol: TCP
- port: 80
- egress:
- - to:
- - namespaceSelector:
- matchLabels:
- name: default
- - namespaceSelector:
- matchLabels:
- name: kube-public
- ports:
- - protocol: TCP
- port: 53
- - protocol: UDP
- port: 53
-usage: |
- {{ dict "envAll" . "name" "application" "label" "myLabel" | include "helm-toolkit.manifests.kubernetes_network_policy" }}
- {{ dict "envAll" . "key" "myLabel" "labels" (dict "application" "myApp" "component" "myComp")}}
-return: |
- ---
- apiVersion: networking.k8s.io/v1
- kind: NetworkPolicy
- metadata:
- name: RELEASE-NAME
- namespace: NAMESPACE
- spec:
- policyTypes:
- - Ingress
- - Egress
- podSelector:
- matchLabels:
- application: myLabel
- component: api
- ingress:
- - from:
- - podSelector:
- matchLabels:
- application: keystone
- ports:
- - protocol: TCP
- port: 80
- egress:
- - to:
- - podSelector:
- matchLabels:
- name: default
- - namespaceSelector:
- matchLabels:
- name: kube-public
- ports:
- - protocol: TCP
- port: 53
- - protocol: UDP
- port: 53
- ---
- apiVersion: networking.k8s.io/v1
- kind: NetworkPolicy
- metadata:
- name: RELEASE-NAME
- namespace: NAMESPACE
- spec:
- policyTypes:
- - Ingress
- - Egress
- podSelector:
- matchLabels:
- application: myApp
- component: myComp
- ingress:
- - from:
- - podSelector:
- matchLabels:
- application: keystone
- ports:
- - protocol: TCP
- port: 80
- egress:
- - to:
- - podSelector:
- matchLabels:
- name: default
- - namespaceSelector:
- matchLabels:
- name: kube-public
- ports:
- - protocol: TCP
- port: 53
- - protocol: UDP
- port: 53
-*/}}
-
-{{- define "helm-toolkit.manifests.kubernetes_network_policy" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $name := index . "name" -}}
-{{- $labels := index . "labels" | default nil -}}
-{{- $label := index . "key" | default (index . "label") -}}
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- name: {{ $label | replace "_" "-" }}-netpol
- namespace: {{ $envAll.Release.Namespace }}
-spec:
-{{- if hasKey (index $envAll.Values "network_policy") $label }}
- policyTypes:
-{{- $is_egress := false -}}
-{{- if hasKey (index $envAll.Values.network_policy $label) "policyTypes" -}}
-{{- if has "Egress" (index $envAll.Values.network_policy $label "policyTypes") -}}
-{{- $is_egress = true -}}
-{{- end -}}
-{{- end -}}
-{{- if or $is_egress (index $envAll.Values.network_policy $label "egress") }}
- - Egress
-{{ end -}}
-{{- $is_ingress := false -}}
-{{- if hasKey (index $envAll.Values.network_policy $label) "policyTypes" -}}
-{{- if has "Ingress" (index $envAll.Values.network_policy $label "policyTypes") -}}
-{{- $is_ingress = true -}}
-{{- end -}}
-{{- end -}}
-{{- if or $is_ingress (index $envAll.Values.network_policy $label "ingress") }}
- - Ingress
-{{ end -}}
-{{- end }}
- podSelector:
- matchLabels:
-{{- if empty $labels }}
- {{ $name }}: {{ $label }}
-{{- else }}
-{{ range $k, $v := $labels }}
- {{ $k }}: {{ $v }}
-{{- end }}
-{{- end }}
-{{- if hasKey (index $envAll.Values "network_policy") $label }}
-{{- if hasKey (index $envAll.Values.network_policy $label) "podSelector" }}
-{{- if index $envAll.Values.network_policy $label "podSelector" "matchLabels" }}
-{{ index $envAll.Values.network_policy $label "podSelector" "matchLabels" | toYaml | indent 6 }}
-{{ end }}
-{{ end }}
-{{ end }}
-{{- if hasKey (index $envAll.Values "network_policy") $label }}
- egress:
-{{- range $key, $value := $envAll.Values.endpoints }}
-{{- if kindIs "map" $value }}
-{{- if or (hasKey $value "namespace") (hasKey $value "hosts") }}
- - to:
-{{- if index $value "namespace" }}
- - namespaceSelector:
- matchLabels:
- name: {{ index $value "namespace" }}
-{{- else if index $value "hosts" }}
-{{- $defaultValue := index $value "hosts" "internal" }}
-{{- if hasKey (index $value "hosts") "internal" }}
-{{- $a := split "-" $defaultValue }}
- - podSelector:
- matchLabels:
- application: {{ printf "%s" (index $a._0) | default $defaultValue }}
-{{- else }}
-{{- $defaultValue := index $value "hosts" "default" }}
-{{- $a := split "-" $defaultValue }}
- - podSelector:
- matchLabels:
- application: {{ printf "%s" (index $a._0) | default $defaultValue }}
-{{- end }}
-{{- end }}
-{{- if index $value "port" }}
- ports:
-{{- range $k, $v := index $value "port" }}
-{{- if $k }}
-{{- range $pk, $pv := $v }}
-{{- if and $pv (ne $pk "protocol") }}
- - port: {{ $pv }}
- protocol: {{ $v.protocol | default "TCP" }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- if index $envAll.Values.network_policy $label "egress" }}
-{{ index $envAll.Values.network_policy $label "egress" | toYaml | indent 4 }}
-{{- end }}
-{{- end }}
-{{- if hasKey (index $envAll.Values "network_policy") $label }}
-{{- if index $envAll.Values.network_policy $label "ingress" }}
- ingress:
-{{ index $envAll.Values.network_policy $label "ingress" | toYaml | indent 4 }}
-{{- end }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_secret-registry.yaml.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_secret-registry.yaml.tpl
deleted file mode 100644
index 7ad505b..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_secret-registry.yaml.tpl
+++ /dev/null
@@ -1,78 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Creates a manifest for a authenticating a registry with a secret
-examples:
- - values: |
- annotations:
- secret:
- oci_image_registry:
- {{ $serviceName }}:
- custom.tld/key: "value"
- secrets:
- oci_image_registry:
- {{ $serviceName }}: {{ $keyName }}
- endpoints:
- oci_image_registry:
- name: oci-image-registry
- auth:
- enabled: true
- {{ $serviceName }}:
- name: {{ $userName }}
- password: {{ $password }}
- usage: |
- {{- include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) -}}
- return: |
- ---
- apiVersion: v1
- kind: Secret
- metadata:
- name: {{ $secretName }}
- annotations:
- custom.tld/key: "value"
- type: kubernetes.io/dockerconfigjson
- data:
- dockerconfigjson: {{ $dockerAuth }}
-*/}}
-
-{{- define "helm-toolkit.manifests.secret_registry" }}
-{{- $envAll := index . "envAll" }}
-{{- $registryUser := index . "registryUser" }}
-{{- $secretName := index $envAll.Values.secrets.oci_image_registry $registryUser }}
-{{- $registryHost := tuple "oci_image_registry" "internal" $envAll | include "helm-toolkit.endpoints.endpoint_host_lookup" }}
-{{/*
-We only use "host:port" when port is non-null, else just use "host"
-*/}}
-{{- $registryPort := "" }}
-{{- $port := $envAll.Values.endpoints.oci_image_registry.port.registry.default }}
-{{- if $port }}
-{{- $port = tuple "oci_image_registry" "internal" "registry" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-{{- $registryPort = printf ":%s" $port }}
-{{- end }}
-{{- $imageCredentials := index $envAll.Values.endpoints.oci_image_registry.auth $registryUser }}
-{{- $dockerAuthToken := printf "%s:%s" $imageCredentials.username $imageCredentials.password | b64enc }}
-{{- $dockerAuth := printf "{\"auths\": {\"%s%s\": {\"auth\": \"%s\"}}}" $registryHost $registryPort $dockerAuthToken | b64enc }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ $secretName }}
- annotations:
-{{ tuple "oci_image_registry" $registryUser $envAll | include "helm-toolkit.snippets.custom_secret_annotations" | indent 4 }}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ $dockerAuth }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_secret-tls.yaml.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_secret-tls.yaml.tpl
deleted file mode 100644
index c800340..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_secret-tls.yaml.tpl
+++ /dev/null
@@ -1,119 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Creates a manifest for a services public tls secret
-examples:
- - values: |
- annotations:
- secret:
- tls:
- key_manager_api_public:
- custom.tld/key: "value"
- secrets:
- tls:
- key_manager:
- api:
- public: barbican-tls-public
- endpoints:
- key_manager:
- host_fqdn_override:
- public:
- tls:
- crt: |
- FOO-CRT
- key: |
- FOO-KEY
- ca: |
- FOO-CA_CRT
- usage: |
- {{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "key-manager" ) -}}
- return: |
- ---
- apiVersion: v1
- kind: Secret
- metadata:
- name: barbican-tls-public
- annotations:
- custom.tld/key: "value"
- type: kubernetes.io/tls
- data:
- tls.key: Rk9PLUtFWQo=
- tls.crt: Rk9PLUNSVAoKRk9PLUNBX0NSVAo=
-
- - values: |
- secrets:
- tls:
- key_manager:
- api:
- public: barbican-tls-public
- endpoints:
- key_manager:
- host_fqdn_override:
- public:
- tls:
- crt: |
- FOO-CRT
- FOO-INTERMEDIATE_CRT
- FOO-CA_CRT
- key: |
- FOO-KEY
- usage: |
- {{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "key-manager" ) -}}
- return: |
- ---
- apiVersion: v1
- kind: Secret
- metadata:
- name: barbican-tls-public
- type: kubernetes.io/tls
- data:
- tls.key: Rk9PLUtFWQo=
- tls.crt: Rk9PLUNSVApGT08tSU5URVJNRURJQVRFX0NSVApGT08tQ0FfQ1JUCg==
-*/}}
-
-{{- define "helm-toolkit.manifests.secret_ingress_tls" }}
-{{- $envAll := index . "envAll" }}
-{{- $endpoint := index . "endpoint" | default "public" }}
-{{- $backendServiceType := index . "backendServiceType" }}
-{{- $backendService := index . "backendService" | default "api" }}
-{{- $host := index $envAll.Values.endpoints ( $backendServiceType | replace "-" "_" ) "host_fqdn_override" }}
-{{- if hasKey $host $endpoint }}
-{{- $endpointHost := index $host $endpoint }}
-{{- if kindIs "map" $endpointHost }}
-{{- if hasKey $endpointHost "tls" }}
-{{- if and $endpointHost.tls.key $endpointHost.tls.crt }}
-
-{{- $customAnnotationKey := printf "%s_%s_%s" ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ index $envAll.Values.secrets.tls ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
- annotations:
-{{ tuple "tls" $customAnnotationKey $envAll | include "helm-toolkit.snippets.custom_secret_annotations" | indent 4 }}
-type: kubernetes.io/tls
-data:
- tls.key: {{ $endpointHost.tls.key | b64enc }}
-{{- if $endpointHost.tls.ca }}
- tls.crt: {{ list $endpointHost.tls.crt $endpointHost.tls.ca | join "\n" | b64enc }}
-{{- else }}
- tls.crt: {{ $endpointHost.tls.crt | b64enc }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/manifests/_service-ingress.tpl b/charts/senlin/charts/helm-toolkit/templates/manifests/_service-ingress.tpl
deleted file mode 100644
index d2e7c0e..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/manifests/_service-ingress.tpl
+++ /dev/null
@@ -1,43 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This function creates a manifest for a services ingress rules.
-# It can be used in charts dict created similar to the following:
-# {- $serviceIngressOpts := dict "envAll" . "backendServiceType" "key-manager" -}
-# { $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }
-
-{{- define "helm-toolkit.manifests.service_ingress" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $backendServiceType := index . "backendServiceType" -}}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
-spec:
- ports:
- - name: http
- port: 80
- - name: https
- port: 443
- selector:
- app: ingress-api
-{{- if index $envAll.Values.endpoints $backendServiceType }}
-{{- if index $envAll.Values.endpoints $backendServiceType "ip" }}
-{{- if index $envAll.Values.endpoints $backendServiceType "ip" "ingress" }}
- clusterIP: {{ (index $envAll.Values.endpoints $backendServiceType "ip" "ingress") }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl
deleted file mode 100644
index bf1465b..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl
+++ /dev/null
@@ -1,35 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-{{- define "helm-toolkit.scripts.create_s3_bucket" }}
-#!/bin/bash
-set -e
-CONNECTION_ARGS="--host=$RGW_HOST --host-bucket=$RGW_HOST"
-if [ "$RGW_PROTO" = "http" ]; then
- CONNECTION_ARGS+=" --no-ssl"
-else
- CONNECTION_ARGS+=" --no-check-certificate"
-fi
-ADMIN_AUTH_ARGS=" --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY"
-USER_AUTH_ARGS=" --access_key=$S3_ACCESS_KEY --secret_key=$S3_SECRET_KEY"
-function check_rgw_s3_bucket () {
- s3cmd $CONNECTION_ARGS $USER_AUTH_ARGS ls s3://$S3_BUCKET
-}
-function create_rgw_s3_bucket () {
- s3cmd $CONNECTION_ARGS $ADMIN_AUTH_ARGS mb s3://$S3_BUCKET
-}
-function modify_bucket_acl () {
- s3cmd $CONNECTION_ARGS $ADMIN_AUTH_ARGS setacl s3://$S3_BUCKET --acl-grant=read:$S3_USERNAME --acl-grant=write:$S3_USERNAME
-}
-check_rgw_s3_bucket || ( create_rgw_s3_bucket && modify_bucket_acl )
-{{- end }}
\ No newline at end of file
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_create-s3-user.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_create-s3-user.sh.tpl
deleted file mode 100644
index 08796d2..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_create-s3-user.sh.tpl
+++ /dev/null
@@ -1,65 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-{{- define "helm-toolkit.scripts.create_s3_user" }}
-#!/bin/bash
-set -e
-function create_s3_user () {
- echo "Creating s3 user and key pair"
- radosgw-admin user create \
- --uid=${S3_USERNAME} \
- --display-name=${S3_USERNAME} \
- --key-type=s3 \
- --access-key ${S3_ACCESS_KEY} \
- --secret-key ${S3_SECRET_KEY}
-}
-function update_s3_user () {
- # Retrieve old access keys, if they exist
- old_access_keys=$(radosgw-admin user info --uid=${S3_USERNAME} \
- | jq -r '.keys[].access_key' || true)
-
- if [[ ! -z ${old_access_keys} ]]; then
- for access_key in $old_access_keys; do
- # If current access key is the same as the key supplied, do nothing.
- if [ "$access_key" == "${S3_ACCESS_KEY}" ]; then
- echo "Current user and key pair exists."
- continue
- else
- # If keys differ, remove previous key
- radosgw-admin key rm --uid=${S3_USERNAME} --key-type=s3 --access-key=$access_key
- fi
- done
- fi
-
- # Perform one more additional check to account for scenarios where multiple
- # key pairs existed previously, but one existing key was the supplied key
- current_access_key=$(radosgw-admin user info --uid=${S3_USERNAME} \
- | jq -r '.keys[].access_key' || true)
-
- # If the supplied key does not exist, modify the user
- if [[ -z ${current_access_key} ]]; then
- # Modify user with new access and secret keys
- echo "Updating existing user's key pair"
- radosgw-admin user modify \
- --uid=${S3_USERNAME}\
- --access-key ${S3_ACCESS_KEY} \
- --secret-key ${S3_SECRET_KEY}
- fi
-}
-user_exists=$(radosgw-admin user info --uid=${S3_USERNAME} || true)
-if [[ -z ${user_exists} ]]; then
- create_s3_user
-else
- update_s3_user
-fi
-{{- end }}
\ No newline at end of file
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_db-drop.py.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_db-drop.py.tpl
deleted file mode 100644
index 03884fa..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_db-drop.py.tpl
+++ /dev/null
@@ -1,142 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.scripts.db_drop" }}
-#!/usr/bin/env python
-
-# Drops db and user for an OpenStack Service:
-# Set ROOT_DB_CONNECTION and DB_CONNECTION environment variables to contain
-# SQLAlchemy strings for the root connection to the database and the one you
-# wish the service to use. Alternatively, you can use an ini formatted config
-# at the location specified by OPENSTACK_CONFIG_FILE, and extract the string
-# from the key OPENSTACK_CONFIG_DB_KEY, in the section specified by
-# OPENSTACK_CONFIG_DB_SECTION.
-
-import os
-import sys
-try:
- import ConfigParser
- PARSER_OPTS = {}
-except ImportError:
- import configparser as ConfigParser
- PARSER_OPTS = {"strict": False}
-import logging
-from sqlalchemy import create_engine
-
-# Create logger, console handler and formatter
-logger = logging.getLogger('OpenStack-Helm DB Drop')
-logger.setLevel(logging.DEBUG)
-ch = logging.StreamHandler()
-ch.setLevel(logging.DEBUG)
-formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
-
-# Set the formatter and add the handler
-ch.setFormatter(formatter)
-logger.addHandler(ch)
-
-
-# Get the connection string for the service db root user
-if "ROOT_DB_CONNECTION" in os.environ:
- db_connection = os.environ['ROOT_DB_CONNECTION']
- logger.info('Got DB root connection')
-else:
- logger.critical('environment variable ROOT_DB_CONNECTION not set')
- sys.exit(1)
-
-mysql_x509 = os.getenv('MARIADB_X509', "")
-ssl_args = {}
-if mysql_x509:
- ssl_args = {'ssl': {'ca': '/etc/mysql/certs/ca.crt',
- 'key': '/etc/mysql/certs/tls.key',
- 'cert': '/etc/mysql/certs/tls.crt'}}
-
-# Get the connection string for the service db
-if "OPENSTACK_CONFIG_FILE" in os.environ:
- os_conf = os.environ['OPENSTACK_CONFIG_FILE']
- if "OPENSTACK_CONFIG_DB_SECTION" in os.environ:
- os_conf_section = os.environ['OPENSTACK_CONFIG_DB_SECTION']
- else:
- logger.critical('environment variable OPENSTACK_CONFIG_DB_SECTION not set')
- sys.exit(1)
- if "OPENSTACK_CONFIG_DB_KEY" in os.environ:
- os_conf_key = os.environ['OPENSTACK_CONFIG_DB_KEY']
- else:
- logger.critical('environment variable OPENSTACK_CONFIG_DB_KEY not set')
- sys.exit(1)
- try:
- config = ConfigParser.RawConfigParser(**PARSER_OPTS)
- logger.info("Using {0} as db config source".format(os_conf))
- config.read(os_conf)
- logger.info("Trying to load db config from {0}:{1}".format(
- os_conf_section, os_conf_key))
- user_db_conn = config.get(os_conf_section, os_conf_key)
- logger.info("Got config from {0}".format(os_conf))
- except:
- logger.critical("Tried to load config from {0} but failed.".format(os_conf))
- raise
-elif "DB_CONNECTION" in os.environ:
- user_db_conn = os.environ['DB_CONNECTION']
- logger.info('Got config from DB_CONNECTION env var')
-else:
- logger.critical('Could not get db config, either from config file or env var')
- sys.exit(1)
-
-# Root DB engine
-try:
- root_engine_full = create_engine(db_connection)
- root_user = root_engine_full.url.username
- root_password = root_engine_full.url.password
- drivername = root_engine_full.url.drivername
- host = root_engine_full.url.host
- port = root_engine_full.url.port
- root_engine_url = ''.join([drivername, '://', root_user, ':', root_password, '@', host, ':', str (port)])
- root_engine = create_engine(root_engine_url, connect_args=ssl_args)
- connection = root_engine.connect()
- connection.close()
- logger.info("Tested connection to DB @ {0}:{1} as {2}".format(
- host, port, root_user))
-except:
- logger.critical('Could not connect to database as root user')
- raise
-
-# User DB engine
-try:
- user_engine = create_engine(user_db_conn, connect_args=ssl_args)
- # Get our user data out of the user_engine
- database = user_engine.url.database
- user = user_engine.url.username
- password = user_engine.url.password
- logger.info('Got user db config')
-except:
- logger.critical('Could not get user database config')
- raise
-
-# Delete DB
-try:
- root_engine.execute("DROP DATABASE IF EXISTS {0}".format(database))
- logger.info("Deleted database {0}".format(database))
-except:
- logger.critical("Could not drop database {0}".format(database))
- raise
-
-# Delete DB User
-try:
- root_engine.execute("DROP USER IF EXISTS {0}".format(user))
- logger.info("Deleted user {0}".format(user))
-except:
- logger.critical("Could not delete user {0}".format(user))
- raise
-
-logger.info('Finished DB Management')
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_db-init.py.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_db-init.py.tpl
deleted file mode 100644
index 6027b95..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_db-init.py.tpl
+++ /dev/null
@@ -1,156 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.scripts.db_init" }}
-#!/usr/bin/env python
-
-# Creates db and user for an OpenStack Service:
-# Set ROOT_DB_CONNECTION and DB_CONNECTION environment variables to contain
-# SQLAlchemy strings for the root connection to the database and the one you
-# wish the service to use. Alternatively, you can use an ini formatted config
-# at the location specified by OPENSTACK_CONFIG_FILE, and extract the string
-# from the key OPENSTACK_CONFIG_DB_KEY, in the section specified by
-# OPENSTACK_CONFIG_DB_SECTION.
-
-import os
-import sys
-try:
- import ConfigParser
- PARSER_OPTS = {}
-except ImportError:
- import configparser as ConfigParser
- PARSER_OPTS = {"strict": False}
-import logging
-from sqlalchemy import create_engine
-
-# Create logger, console handler and formatter
-logger = logging.getLogger('OpenStack-Helm DB Init')
-logger.setLevel(logging.DEBUG)
-ch = logging.StreamHandler()
-ch.setLevel(logging.DEBUG)
-formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
-
-# Set the formatter and add the handler
-ch.setFormatter(formatter)
-logger.addHandler(ch)
-
-
-# Get the connection string for the service db root user
-if "ROOT_DB_CONNECTION" in os.environ:
- db_connection = os.environ['ROOT_DB_CONNECTION']
- logger.info('Got DB root connection')
-else:
- logger.critical('environment variable ROOT_DB_CONNECTION not set')
- sys.exit(1)
-
-mysql_x509 = os.getenv('MARIADB_X509', "")
-ssl_args = {}
-if mysql_x509:
- ssl_args = {'ssl': {'ca': '/etc/mysql/certs/ca.crt',
- 'key': '/etc/mysql/certs/tls.key',
- 'cert': '/etc/mysql/certs/tls.crt'}}
-
-# Get the connection string for the service db
-if "OPENSTACK_CONFIG_FILE" in os.environ:
- os_conf = os.environ['OPENSTACK_CONFIG_FILE']
- if "OPENSTACK_CONFIG_DB_SECTION" in os.environ:
- os_conf_section = os.environ['OPENSTACK_CONFIG_DB_SECTION']
- else:
- logger.critical('environment variable OPENSTACK_CONFIG_DB_SECTION not set')
- sys.exit(1)
- if "OPENSTACK_CONFIG_DB_KEY" in os.environ:
- os_conf_key = os.environ['OPENSTACK_CONFIG_DB_KEY']
- else:
- logger.critical('environment variable OPENSTACK_CONFIG_DB_KEY not set')
- sys.exit(1)
- try:
- config = ConfigParser.RawConfigParser(**PARSER_OPTS)
- logger.info("Using {0} as db config source".format(os_conf))
- config.read(os_conf)
- logger.info("Trying to load db config from {0}:{1}".format(
- os_conf_section, os_conf_key))
- user_db_conn = config.get(os_conf_section, os_conf_key)
- logger.info("Got config from {0}".format(os_conf))
- except:
- logger.critical("Tried to load config from {0} but failed.".format(os_conf))
- raise
-elif "DB_CONNECTION" in os.environ:
- user_db_conn = os.environ['DB_CONNECTION']
- logger.info('Got config from DB_CONNECTION env var')
-else:
- logger.critical('Could not get db config, either from config file or env var')
- sys.exit(1)
-
-# Root DB engine
-try:
- root_engine_full = create_engine(db_connection)
- root_user = root_engine_full.url.username
- root_password = root_engine_full.url.password
- drivername = root_engine_full.url.drivername
- host = root_engine_full.url.host
- port = root_engine_full.url.port
- root_engine_url = ''.join([drivername, '://', root_user, ':', root_password, '@', host, ':', str (port)])
- root_engine = create_engine(root_engine_url, connect_args=ssl_args)
- connection = root_engine.connect()
- connection.close()
- logger.info("Tested connection to DB @ {0}:{1} as {2}".format(
- host, port, root_user))
-except:
- logger.critical('Could not connect to database as root user')
- raise
-
-# User DB engine
-try:
- user_engine = create_engine(user_db_conn, connect_args=ssl_args)
- # Get our user data out of the user_engine
- database = user_engine.url.database
- user = user_engine.url.username
- password = user_engine.url.password
- logger.info('Got user db config')
-except:
- logger.critical('Could not get user database config')
- raise
-
-# Create DB
-try:
- root_engine.execute("CREATE DATABASE IF NOT EXISTS {0}".format(database))
- logger.info("Created database {0}".format(database))
-except:
- logger.critical("Could not create database {0}".format(database))
- raise
-
-# Create DB User
-try:
- root_engine.execute(
- "CREATE USER IF NOT EXISTS \'{0}\'@\'%%\' IDENTIFIED BY \'{1}\' {2}".format(
- user, password, mysql_x509))
- root_engine.execute(
- "GRANT ALL ON `{0}`.* TO \'{1}\'@\'%%\'".format(database, user))
- logger.info("Created user {0} for {1}".format(user, database))
-except:
- logger.critical("Could not create user {0} for {1}".format(user, database))
- raise
-
-# Test connection
-try:
- connection = user_engine.connect()
- connection.close()
- logger.info("Tested connection to DB @ {0}:{1}/{2} as {3}".format(
- host, port, database, user))
-except:
- logger.critical('Could not connect to database as user')
- raise
-
-logger.info('Finished DB Management')
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_db-pg-init.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_db-pg-init.sh.tpl
deleted file mode 100644
index 4d7dfaa..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_db-pg-init.sh.tpl
+++ /dev/null
@@ -1,69 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-{{- define "helm-toolkit.scripts.pg_db_init" }}
-#!/bin/bash
-set -ex
-
-if [[ ! -v DB_HOST ]]; then
- echo "environment variable DB_HOST not set"
- exit 1
-elif [[ ! -v DB_ADMIN_USER ]]; then
- echo "environment variable DB_ADMIN_USER not set"
- exit 1
-elif [[ ! -v PGPASSWORD ]]; then
- echo "environment variable PGPASSWORD not set"
- exit 1
-elif [[ ! -v DB_PORT ]]; then
- echo "environment variable DB_PORT not set"
- exit 1
-elif [[ ! -v USER_DB_USER ]]; then
- echo "environment variable USER_DB_USER not set"
- exit 1
-elif [[ ! -v USER_DB_PASS ]]; then
- echo "environment variable USER_DB_PASS not set"
- exit 1
-elif [[ ! -v USER_DB_NAME ]]; then
- echo "environment variable USER_DB_NAME not set"
- exit 1
-else
- echo "Got DB connection info"
-fi
-
-pgsql_superuser_cmd () {
- DB_COMMAND="$1"
- if [[ ! -z $2 ]]; then
- EXPORT PGDATABASE=$2
- fi
- /usr/bin/psql \
- -h ${DB_HOST} \
- -p ${DB_PORT} \
- -U ${DB_ADMIN_USER} \
- --command="${DB_COMMAND}"
-}
-
-#create db
-pgsql_superuser_cmd "SELECT 1 FROM pg_database WHERE datname = '$USER_DB_NAME'" | grep -q "(1 row)" || pgsql_superuser_cmd "CREATE DATABASE $USER_DB_NAME"
-
-#create db user
-pgsql_superuser_cmd "SELECT * FROM pg_roles WHERE rolname = '$USER_DB_USER';" | grep -q "(1 row)" || \
- pgsql_superuser_cmd "CREATE ROLE ${USER_DB_USER} LOGIN PASSWORD '$USER_DB_PASS';"
-
-#Set password everytime. This is required for cases when we would want password rotation to take effect and set the updated password for a user.
-pgsql_superuser_cmd "SELECT * FROM pg_roles WHERE rolname = '$USER_DB_USER';" && pgsql_superuser_cmd "ALTER USER ${USER_DB_USER} with password '$USER_DB_PASS'"
-
-#give permissions to user
-pgsql_superuser_cmd "GRANT ALL PRIVILEGES ON DATABASE $USER_DB_NAME to $USER_DB_USER;"
-
-#revoke all privileges from PUBLIC role
-pgsql_superuser_cmd "REVOKE ALL ON DATABASE $USER_DB_NAME FROM PUBLIC;"
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_image-repo-sync.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_image-repo-sync.sh.tpl
deleted file mode 100644
index e41abe3..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_image-repo-sync.sh.tpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.scripts.image_repo_sync" }}
-#!/bin/sh
-set -ex
-
-IFS=','; for IMAGE in ${IMAGE_SYNC_LIST}; do
- docker pull ${IMAGE}
- docker tag ${IMAGE} ${LOCAL_REPO}/${IMAGE}
- docker push ${LOCAL_REPO}/${IMAGE}
-done
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-domain-user.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-domain-user.sh.tpl
deleted file mode 100644
index 8755cd5..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-domain-user.sh.tpl
+++ /dev/null
@@ -1,72 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.scripts.keystone_domain_user" }}
-#!/bin/bash
-
-# Copyright 2017 Pete Birley
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -ex
-
-# Manage domain
-SERVICE_OS_DOMAIN_ID=$(openstack domain create --or-show --enable -f value -c id \
- --description="Service Domain for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_DOMAIN_NAME}" \
- "${SERVICE_OS_DOMAIN_NAME}")
-
-# Display domain
-openstack domain show "${SERVICE_OS_DOMAIN_ID}"
-
-# Manage user
-SERVICE_OS_USERID=$(openstack user create --or-show --enable -f value -c id \
- --domain="${SERVICE_OS_DOMAIN_ID}" \
- --description "Service User for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_DOMAIN_NAME}" \
- --password="${SERVICE_OS_PASSWORD}" \
- "${SERVICE_OS_USERNAME}")
-
-# Manage user password (we do this to ensure the password is updated if required)
-openstack user set --password="${SERVICE_OS_PASSWORD}" "${SERVICE_OS_USERID}"
-
-# Display user
-openstack user show "${SERVICE_OS_USERID}"
-
-# Manage role
-SERVICE_OS_ROLE_ID=$(openstack role show -f value -c id \
- "${SERVICE_OS_ROLE}" || openstack role create -f value -c id \
- "${SERVICE_OS_ROLE}" )
-
-# Manage user role assignment
-openstack role add \
- --domain="${SERVICE_OS_DOMAIN_ID}" \
- --user="${SERVICE_OS_USERID}" \
- --user-domain="${SERVICE_OS_DOMAIN_ID}" \
- "${SERVICE_OS_ROLE_ID}"
-
-# Display user role assignment
-openstack role assignment list \
- --role="${SERVICE_OS_ROLE_ID}" \
- --user-domain="${SERVICE_OS_DOMAIN_ID}" \
- --user="${SERVICE_OS_USERID}"
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-endpoints.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-endpoints.sh.tpl
deleted file mode 100644
index e400bcd..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-endpoints.sh.tpl
+++ /dev/null
@@ -1,79 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.scripts.keystone_endpoints" }}
-#!/bin/bash
-
-# Copyright 2017 Pete Birley
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -ex
-
-# Get Service ID
-OS_SERVICE_ID=$( openstack service list -f csv --quote none | \
- grep ",${OS_SERVICE_NAME},${OS_SERVICE_TYPE}$" | \
- sed -e "s/,${OS_SERVICE_NAME},${OS_SERVICE_TYPE}//g" )
-
-# Get Endpoint ID if it exists
-OS_ENDPOINT_ID=$( openstack endpoint list -f csv --quote none | \
- grep "^[a-z0-9]*,${OS_REGION_NAME},${OS_SERVICE_NAME},${OS_SERVICE_TYPE},True,${OS_SVC_ENDPOINT}," | \
- awk -F ',' '{ print $1 }' )
-
-# Making sure only a single endpoint exists for a service within a region
-if [ "$(echo $OS_ENDPOINT_ID | wc -w)" -gt "1" ]; then
- echo "More than one endpoint found, cleaning up"
- for ENDPOINT_ID in $OS_ENDPOINT_ID; do
- openstack endpoint delete ${ENDPOINT_ID}
- done
- unset OS_ENDPOINT_ID
-fi
-
-# Determine if Endpoint needs updated
-if [[ ${OS_ENDPOINT_ID} ]]; then
- OS_ENDPOINT_URL_CURRENT=$(openstack endpoint show ${OS_ENDPOINT_ID} -f value -c url)
- if [ "${OS_ENDPOINT_URL_CURRENT}" == "${OS_SERVICE_ENDPOINT}" ]; then
- echo "Endpoints Match: no action required"
- OS_ENDPOINT_UPDATE="False"
- else
- echo "Endpoints Dont Match: removing existing entries"
- openstack endpoint delete ${OS_ENDPOINT_ID}
- OS_ENDPOINT_UPDATE="True"
- fi
-else
- OS_ENDPOINT_UPDATE="True"
-fi
-
-# Update Endpoint if required
-if [[ "${OS_ENDPOINT_UPDATE}" == "True" ]]; then
- OS_ENDPOINT_ID=$( openstack endpoint create -f value -c id \
- --region="${OS_REGION_NAME}" \
- "${OS_SERVICE_ID}" \
- ${OS_SVC_ENDPOINT} \
- "${OS_SERVICE_ENDPOINT}" )
-fi
-
-# Display the Endpoint
-openstack endpoint show ${OS_ENDPOINT_ID}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-service.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-service.sh.tpl
deleted file mode 100644
index 8356b36..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-service.sh.tpl
+++ /dev/null
@@ -1,76 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.scripts.keystone_service" }}
-#!/bin/bash
-
-# Copyright 2017 Pete Birley
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -ex
-
-# Service boilerplate description
-OS_SERVICE_DESC="${OS_REGION_NAME}: ${OS_SERVICE_NAME} (${OS_SERVICE_TYPE}) service"
-
-# Get Service ID if it exists
-unset OS_SERVICE_ID
-
-# FIXME - There seems to be an issue once in a while where the
-# openstack service list fails and encounters an error message such as:
-# Unable to establish connection to
-# https://keystone-api.openstack.svc.cluster.local:5000/v3/auth/tokens:
-# ('Connection aborted.', OSError("(104, 'ECONNRESET')",))
-# During an upgrade scenario, this would cause the OS_SERVICE_ID to be blank
-# and it would attempt to create a new service when it was not needed.
-# This duplciate service would sometimes be used by other services such as
-# Horizon and would give an 'Invalid Service Catalog' error.
-# This loop allows for a 'retry' of the openstack service list in an
-# attempt to get the service list as expected if it does ecounter an error.
-# This loop and recheck can be reverted once the underlying issue is addressed.
-
-# If OS_SERVICE_ID is blank then wait a few seconds to give it
-# additional time and try again
-for i in $(seq 3)
-do
- OS_SERVICE_ID=$( openstack service list -f csv --quote none | \
- grep ",${OS_SERVICE_NAME},${OS_SERVICE_TYPE}$" | \
- sed -e "s/,${OS_SERVICE_NAME},${OS_SERVICE_TYPE}//g" )
-
- # If the service was found, go ahead and exit successfully.
- if [[ -n "${OS_SERVICE_ID}" ]]; then
- exit 0
- fi
-
- sleep 2
-done
-
-# If we've reached this point and a Service ID was not found,
-# then create the service
-OS_SERVICE_ID=$(openstack service create -f value -c id \
- --name="${OS_SERVICE_NAME}" \
- --description "${OS_SERVICE_DESC}" \
- --enable \
- "${OS_SERVICE_TYPE}")
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-user.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-user.sh.tpl
deleted file mode 100644
index b45f798..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_ks-user.sh.tpl
+++ /dev/null
@@ -1,108 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.scripts.keystone_user" }}
-#!/bin/bash
-
-# Copyright 2017 Pete Birley
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -ex
-
-shopt -s nocasematch
-
-if [[ "${SERVICE_OS_PROJECT_DOMAIN_NAME}" == "Default" ]]
-then
- PROJECT_DOMAIN_ID="default"
-else
- # Manage project domain
- PROJECT_DOMAIN_ID=$(openstack domain create --or-show --enable -f value -c id \
- --description="Domain for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_PROJECT_DOMAIN_NAME}" \
- "${SERVICE_OS_PROJECT_DOMAIN_NAME}")
-fi
-
-if [[ "${SERVICE_OS_USER_DOMAIN_NAME}" == "Default" ]]
-then
- USER_DOMAIN_ID="default"
-else
- # Manage user domain
- USER_DOMAIN_ID=$(openstack domain create --or-show --enable -f value -c id \
- --description="Domain for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_USER_DOMAIN_NAME}" \
- "${SERVICE_OS_USER_DOMAIN_NAME}")
-fi
-
-shopt -u nocasematch
-
-# Manage user project
-USER_PROJECT_DESC="Service Project for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_PROJECT_DOMAIN_NAME}"
-USER_PROJECT_ID=$(openstack project create --or-show --enable -f value -c id \
- --domain="${PROJECT_DOMAIN_ID}" \
- --description="${USER_PROJECT_DESC}" \
- "${SERVICE_OS_PROJECT_NAME}");
-
-# Manage user
-USER_DESC="Service User for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_USER_DOMAIN_NAME}/${SERVICE_OS_SERVICE_NAME}"
-USER_ID=$(openstack user create --or-show --enable -f value -c id \
- --domain="${USER_DOMAIN_ID}" \
- --project-domain="${PROJECT_DOMAIN_ID}" \
- --project="${USER_PROJECT_ID}" \
- --description="${USER_DESC}" \
- "${SERVICE_OS_USERNAME}");
-
-# Manage user password (we do this in a seperate step to ensure the password is updated if required)
-set +x
-echo "Setting user password via: openstack user set --password=xxxxxxx ${USER_ID}"
-openstack user set --password="${SERVICE_OS_PASSWORD}" "${USER_ID}"
-set -x
-
-function ks_assign_user_role () {
- if [[ "$SERVICE_OS_ROLE" == "admin" ]]
- then
- USER_ROLE_ID="$SERVICE_OS_ROLE"
- else
- USER_ROLE_ID=$(openstack role create --or-show -f value -c id "${SERVICE_OS_ROLE}");
- fi
-
- # Manage user role assignment
- openstack role add \
- --user="${USER_ID}" \
- --user-domain="${USER_DOMAIN_ID}" \
- --project-domain="${PROJECT_DOMAIN_ID}" \
- --project="${USER_PROJECT_ID}" \
- "${USER_ROLE_ID}"
-}
-
-# Manage user service role
-IFS=','
-for SERVICE_OS_ROLE in ${SERVICE_OS_ROLES}; do
- ks_assign_user_role
-done
-
-# Manage user member role
-: ${MEMBER_OS_ROLE:="member"}
-export USER_ROLE_ID=$(openstack role create --or-show -f value -c id \
- "${MEMBER_OS_ROLE}");
-ks_assign_user_role
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl
deleted file mode 100644
index 3739f95..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl
+++ /dev/null
@@ -1,111 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.scripts.rabbit_init" }}
-#!/bin/bash
-set -e
-# Extract connection details
-RABBIT_HOSTNAME=$(echo "${RABBITMQ_ADMIN_CONNECTION}" | \
- awk -F'[@]' '{print $2}' | \
- awk -F'[:/]' '{print $1}')
-RABBIT_PORT=$(echo "${RABBITMQ_ADMIN_CONNECTION}" | \
- awk -F'[@]' '{print $2}' | \
- awk -F'[:/]' '{print $2}')
-
-# Extract Admin User creadential
-RABBITMQ_ADMIN_USERNAME=$(echo "${RABBITMQ_ADMIN_CONNECTION}" | \
- awk -F'[@]' '{print $1}' | \
- awk -F'[//:]' '{print $4}')
-RABBITMQ_ADMIN_PASSWORD=$(echo "${RABBITMQ_ADMIN_CONNECTION}" | \
- awk -F'[@]' '{print $1}' | \
- awk -F'[//:]' '{print $5}')
-
-# Extract User creadential
-RABBITMQ_USERNAME=$(echo "${RABBITMQ_USER_CONNECTION}" | \
- awk -F'[@]' '{print $1}' | \
- awk -F'[//:]' '{print $4}')
-RABBITMQ_PASSWORD=$(echo "${RABBITMQ_USER_CONNECTION}" | \
- awk -F'[@]' '{print $1}' | \
- awk -F'[//:]' '{print $5}')
-
-# Extract User vHost
-RABBITMQ_VHOST=$(echo "${RABBITMQ_USER_CONNECTION}" | \
- awk -F'[@]' '{print $2}' | \
- awk -F'[:/]' '{print $3}')
-# Resolve vHost to / if no value is set
-RABBITMQ_VHOST="${RABBITMQ_VHOST:-/}"
-
-function rabbitmqadmin_cli () {
- if [ -n "$RABBITMQ_X509" ]
- then
- rabbitmqadmin \
- --ssl \
- --ssl-disable-hostname-verification \
- --ssl-ca-cert-file="${USER_CERT_PATH}/ca.crt" \
- --ssl-cert-file="${USER_CERT_PATH}/tls.crt" \
- --ssl-key-file="${USER_CERT_PATH}/tls.key" \
- --host="${RABBIT_HOSTNAME}" \
- --port="${RABBIT_PORT}" \
- --username="${RABBITMQ_ADMIN_USERNAME}" \
- --password="${RABBITMQ_ADMIN_PASSWORD}" \
- ${@}
- else
- rabbitmqadmin \
- --host="${RABBIT_HOSTNAME}" \
- --port="${RABBIT_PORT}" \
- --username="${RABBITMQ_ADMIN_USERNAME}" \
- --password="${RABBITMQ_ADMIN_PASSWORD}" \
- ${@}
- fi
-}
-
-echo "Managing: User: ${RABBITMQ_USERNAME}"
-rabbitmqadmin_cli \
- declare user \
- name="${RABBITMQ_USERNAME}" \
- password="${RABBITMQ_PASSWORD}" \
- tags="user"
-
-echo "Deleting Guest User"
-rabbitmqadmin_cli \
- delete user \
- name="guest" || true
-
-if [ "${RABBITMQ_VHOST}" != "/" ]
-then
- echo "Managing: vHost: ${RABBITMQ_VHOST}"
- rabbitmqadmin_cli \
- declare vhost \
- name="${RABBITMQ_VHOST}"
-else
- echo "Skipping root vHost declaration: vHost: ${RABBITMQ_VHOST}"
-fi
-
-echo "Managing: Permissions: ${RABBITMQ_USERNAME} on ${RABBITMQ_VHOST}"
-rabbitmqadmin_cli \
- declare permission \
- vhost="${RABBITMQ_VHOST}" \
- user="${RABBITMQ_USERNAME}" \
- configure=".*" \
- write=".*" \
- read=".*"
-
-if [ ! -z "$RABBITMQ_AUXILIARY_CONFIGURATION" ]
-then
- echo "Applying additional configuration"
- echo "${RABBITMQ_AUXILIARY_CONFIGURATION}" > /tmp/rmq_definitions.json
- rabbitmqadmin_cli import /tmp/rmq_definitions.json
-fi
-
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/_rally_test.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/_rally_test.sh.tpl
deleted file mode 100644
index c08d320..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/_rally_test.sh.tpl
+++ /dev/null
@@ -1,88 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.scripts.rally_test" -}}
-#!/bin/bash
-set -ex
-{{- $rallyTests := index . 0 }}
-
-: "${RALLY_ENV_NAME:="openstack-helm"}"
-: "${OS_INTERFACE:="public"}"
-: "${RALLY_CLEANUP:="true"}"
-
-if [ "x$RALLY_CLEANUP" == "xtrue" ]; then
- function rally_cleanup {
- openstack user delete \
- --domain="${SERVICE_OS_USER_DOMAIN_NAME}" \
- "${SERVICE_OS_USERNAME}"
-{{ $rallyTests.clean_up | default "" | indent 4 }}
- }
- trap rally_cleanup EXIT
-fi
-
-function create_or_update_db () {
- revisionResults=$(rally db revision)
- if [ $revisionResults = "None" ]
- then
- rally db create
- else
- rally db upgrade
- fi
-}
-
-create_or_update_db
-
-cat > /tmp/rally-config.json << EOF
-{
- "openstack": {
- "auth_url": "${OS_AUTH_URL}",
- "region_name": "${OS_REGION_NAME}",
- "endpoint_type": "${OS_INTERFACE}",
- "admin": {
- "username": "${OS_USERNAME}",
- "password": "${OS_PASSWORD}",
- "user_domain_name": "${OS_USER_DOMAIN_NAME}",
- "project_name": "${OS_PROJECT_NAME}",
- "project_domain_name": "${OS_PROJECT_DOMAIN_NAME}"
- },
- "users": [
- {
- "username": "${SERVICE_OS_USERNAME}",
- "password": "${SERVICE_OS_PASSWORD}",
- "project_name": "${SERVICE_OS_PROJECT_NAME}",
- "user_domain_name": "${SERVICE_OS_USER_DOMAIN_NAME}",
- "project_domain_name": "${SERVICE_OS_PROJECT_DOMAIN_NAME}"
- }
- ],
- "https_insecure": false,
- "https_cacert": "${OS_CACERT}"
- }
-}
-EOF
-rally deployment create --file /tmp/rally-config.json --name "${RALLY_ENV_NAME}"
-rm -f /tmp/rally-config.json
-rally deployment use "${RALLY_ENV_NAME}"
-rally deployment check
-{{- if $rallyTests.run_tempest }}
-rally verify create-verifier --name "${RALLY_ENV_NAME}-tempest" --type tempest
-SERVICE_TYPE="$(rally deployment check | grep "${RALLY_ENV_NAME}" | awk -F \| '{print $3}' | tr -d ' ' | tr -d '\n')"
-rally verify start --pattern "tempest.api.${SERVICE_TYPE}*"
-rally verify delete-verifier --id "${RALLY_ENV_NAME}-tempest" --force
-{{- end }}
-rally task validate /etc/rally/rally_tests.yaml
-rally task start /etc/rally/rally_tests.yaml
-rally task sla-check
-rally env cleanup
-rally deployment destroy --deployment "${RALLY_ENV_NAME}"
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl
deleted file mode 100644
index 695cb2e..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl
+++ /dev/null
@@ -1,701 +0,0 @@
-{{- define "helm-toolkit.scripts.db-backup-restore.backup_main" }}
-#!/bin/bash
-
-# This file contains a database backup framework which database scripts
-# can use to perform a backup. The idea here is that the database-specific
-# functions will be implemented by the various databases using this script
-# (like mariadb, postgresql or etcd for example). The database-specific
-# script will need to first "source" this file like this:
-# source /tmp/backup_main.sh
-#
-# Then the script should call the main backup function (backup_databases):
-# backup_databases [scope]
-# [scope] is an optional parameter, defaulted to "all". If only one specific
-# database is required to be backed up then this parameter will
-# contain the name of the database; otherwise all are backed up.
-#
-# The framework will require the following variables to be exported:
-#
-# export DB_NAMESPACE Namespace where the database(s) reside
-# export DB_NAME Name of the database system
-# export LOCAL_DAYS_TO_KEEP Number of days to keep the local backups
-# export REMOTE_DAYS_TO_KEEP Number of days to keep the remote backups
-# export ARCHIVE_DIR Local location where the backup tarballs should
-# be stored. (full directory path)
-# export BACK_UP_MODE Determines the mode of backup taken.
-# export REMOTE_BACKUP_ENABLED "true" if remote backup enabled; false
-# otherwise
-# export CONTAINER_NAME Name of the container on the RGW to store
-# the backup tarball.
-# export STORAGE_POLICY Name of the storage policy defined on the
-# RGW which is intended to store backups.
-# RGW access variables:
-# export OS_REGION_NAME Name of the region the RGW resides in
-# export OS_AUTH_URL Keystone URL associated with the RGW
-# export OS_PROJECT_NAME Name of the project associated with the
-# keystone user
-# export OS_USERNAME Name of the keystone user
-# export OS_PASSWORD Password of the keystone user
-# export OS_USER_DOMAIN_NAME Keystone domain the project belongs to
-# export OS_PROJECT_DOMAIN_NAME Keystone domain the user belongs to
-# export OS_IDENTITY_API_VERSION Keystone API version to use
-#
-# export REMOTE_BACKUP_RETRIES Number of retries to send backup to remote
-# in case of any temporary failures.
-# export MIN_DELAY_SEND_REMOTE Minimum seconds to delay before sending backup
-# to remote to stagger backups being sent to RGW
-# export MAX_DELAY_SEND_REMOTE Maximum seconds to delay before sending backup
-# to remote to stagger backups being sent to RGW.
-# A random number between min and max delay is generated
-# to set the delay.
-#
-# RGW backup throttle limits variables:
-# export THROTTLE_BACKUPS_ENABLED Boolean variableto control backup functionality
-# export THROTTLE_LIMIT Number of simultaneous RGW upload sessions
-# export THROTTLE_LOCK_EXPIRE_AFTER Time in seconds to expire flag file is orphaned
-# export THROTTLE_RETRY_AFTER Time in seconds to wait before retry
-# export THROTTLE_CONTAINER_NAME Name of RGW container to place flag falies into
-#
-# The database-specific functions that need to be implemented are:
-# dump_databases_to_directory <directory> <err_logfile> [scope]
-# where:
-# <directory> is the full directory path to dump the database files
-# into. This is a temporary directory for this backup only.
-# <err_logfile> is the full directory path where error logs are to be
-# written by the application.
-# [scope] set to "all" if all databases are to be backed up; or
-# set to the name of a specific database to be backed up.
-# This optional parameter is defaulted to "all".
-# returns: 0 if no errors; 1 if any errors occurred
-#
-# This function is expected to dump the database file(s) to the specified
-# directory path. If this function completes successfully (returns 0), the
-# framework will automatically tar/zip the files in that directory and
-# name the tarball appropriately according to the proper conventions.
-#
-# verify_databases_backup_archives [scope]
-# returns: 0 if no errors; 1 if any errors occurred
-#
-# This function is expected to verify the database backup archives. If this function
-# completes successfully (returns 0), the
-# framework will automatically starts remote backup upload.
-#
-#
-# The functions in this file will take care of:
-# 1) Calling "dump_databases_to_directory" and then compressing the files,
-# naming the tarball properly, and then storing it locally at the specified
-# local directory.
-# 2) Sending the tarball built to the remote gateway, to be stored in the
-# container configured to store database backups.
-# 3) Removing local backup tarballs which are older than the number of days
-# specified by the "LOCAL_DAYS_TO_KEEP" variable.
-# 4) Removing remote backup tarballs (from the remote gateway) which are older
-# than the number of days specified by the "REMOTE_DAYS_TO_KEEP" variable.
-# 5) Controlling remote storage gateway load from client side and throttling it
-# by using a dedicated RGW container to store flag files defining upload session
-# in progress
-#
-# Note: not using set -e in this script because more elaborate error handling
-# is needed.
-
-log_backup_error_exit() {
- MSG=$1
- ERRCODE=${2:-0}
- log ERROR "${DB_NAME}_backup" "${DB_NAMESPACE} namespace: ${MSG}"
- rm -f $ERR_LOG_FILE
- rm -rf $TMP_DIR
- exit 0
-}
-
-log_verify_backup_exit() {
- MSG=$1
- ERRCODE=${2:-0}
- log ERROR "${DB_NAME}_verify_backup" "${DB_NAMESPACE} namespace: ${MSG}"
- rm -f $ERR_LOG_FILE
- # rm -rf $TMP_DIR
- exit 0
-}
-
-
-log() {
- #Log message to a file or stdout
- #TODO: This can be convert into mail alert of alert send to a monitoring system
- #Params: $1 log level
- #Params: $2 service
- #Params: $3 message
- #Params: $4 Destination
- LEVEL=$1
- SERVICE=$2
- MSG=$3
- DEST=$4
- DATE=$(date +"%m-%d-%y %H:%M:%S")
- if [[ -z "$DEST" ]]; then
- echo "${DATE} ${LEVEL}: $(hostname) ${SERVICE}: ${MSG}"
- else
- echo "${DATE} ${LEVEL}: $(hostname) ${SERVICE}: ${MSG}" >>$DEST
- fi
-}
-
-# Generate a random number between MIN_DELAY_SEND_REMOTE and
-# MAX_DELAY_SEND_REMOTE
-random_number() {
- diff=$((${MAX_DELAY_SEND_REMOTE} - ${MIN_DELAY_SEND_REMOTE} + 1))
- echo $(($(( ${RANDOM} % ${diff} )) + ${MIN_DELAY_SEND_REMOTE} ))
-}
-
-#Get the day delta since the archive file backup
-seconds_difference() {
- ARCHIVE_DATE=$( date --date="$1" +%s )
- if [[ $? -ne 0 ]]; then
- SECOND_DELTA=0
- fi
- CURRENT_DATE=$( date +%s )
- SECOND_DELTA=$(($CURRENT_DATE-$ARCHIVE_DATE))
- if [[ "$SECOND_DELTA" -lt 0 ]]; then
- SECOND_DELTA=0
- fi
- echo $SECOND_DELTA
-}
-
-# Send the specified tarball file at the specified filepath to the
-# remote gateway.
-send_to_remote_server() {
- FILEPATH=$1
- FILE=$2
-
- # Grab the list of containers on the remote site
- RESULT=$(openstack container list 2>&1)
-
- if [[ $? -eq 0 ]]; then
- echo $RESULT | grep $CONTAINER_NAME
- if [[ $? -ne 0 ]]; then
- # Find the swift URL from the keystone endpoint list
- SWIFT_URL=$(openstack catalog show object-store -c endpoints | grep public | awk '{print $4}')
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Unable to get object-store enpoints from keystone catalog."
- return 2
- fi
-
- # Get a token from keystone
- TOKEN=$(openstack token issue -f value -c id)
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Unable to get keystone token."
- return 2
- fi
-
- # Create the container
- RES_FILE=$(mktemp -p /tmp)
- curl -g -i -X PUT ${SWIFT_URL}/${CONTAINER_NAME} \
- -H "X-Auth-Token: ${TOKEN}" \
- -H "X-Storage-Policy: ${STORAGE_POLICY}" 2>&1 > $RES_FILE
-
- if [[ $? -ne 0 || $(grep "HTTP" $RES_FILE | awk '{print $2}') -ge 400 ]]; then
- log WARN "${DB_NAME}_backup" "Unable to create container ${CONTAINER_NAME}"
- cat $RES_FILE
- rm -f $RES_FILE
- return 2
- fi
- rm -f $RES_FILE
-
- swift stat $CONTAINER_NAME
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Unable to retrieve container ${CONTAINER_NAME} details after creation."
- return 2
- fi
- fi
- else
- echo $RESULT | grep -E "HTTP 401|HTTP 403"
- if [[ $? -eq 0 ]]; then
- log ERROR "${DB_NAME}_backup" "Access denied by keystone: ${RESULT}"
- return 1
- else
- echo $RESULT | grep -E "ConnectionError|Failed to discover available identity versions|Service Unavailable|HTTP 50"
- if [[ $? -eq 0 ]]; then
- log WARN "${DB_NAME}_backup" "Could not reach the RGW: ${RESULT}"
- # In this case, keystone or the site/node may be temporarily down.
- # Return slightly different error code so the calling code can retry
- return 2
- else
- log ERROR "${DB_NAME}_backup" "Could not get container list: ${RESULT}"
- return 1
- fi
- fi
- fi
-
- # load balance delay
- DELAY=$((1 + ${RANDOM} % 30))
- echo "Sleeping for ${DELAY} seconds to spread the load in time..."
- sleep ${DELAY}
-
- #---------------------------------------------------------------------------
- # Remote backup throttling
- export THROTTLE_BACKUPS_ENABLED=$(echo $THROTTLE_BACKUPS_ENABLED | sed 's/"//g')
- if $THROTTLE_BACKUPS_ENABLED; then
- # Remove Quotes from the constants which were added due to reading
- # from secret.
- export THROTTLE_LIMIT=$(echo $THROTTLE_LIMIT | sed 's/"//g')
- export THROTTLE_LOCK_EXPIRE_AFTER=$(echo $THROTTLE_LOCK_EXPIRE_AFTER | sed 's/"//g')
- export THROTTLE_RETRY_AFTER=$(echo $THROTTLE_RETRY_AFTER | sed 's/"//g')
- export THROTTLE_CONTAINER_NAME=$(echo $THROTTLE_CONTAINER_NAME | sed 's/"//g')
-
- # load balance delay
- RESULT=$(openstack container list 2>&1)
-
- if [[ $? -eq 0 ]]; then
- echo $RESULT | grep $THROTTLE_CONTAINER_NAME
- if [[ $? -ne 0 ]]; then
- # Find the swift URL from the keystone endpoint list
- SWIFT_URL=$(openstack catalog show object-store -c endpoints | grep public | awk '{print $4}')
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Unable to get object-store enpoints from keystone catalog."
- return 2
- fi
-
- # Get a token from keystone
- TOKEN=$(openstack token issue -f value -c id)
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Unable to get keystone token."
- return 2
- fi
-
- # Create the container
- RES_FILE=$(mktemp -p /tmp)
- curl -g -i -X PUT ${SWIFT_URL}/${THROTTLE_CONTAINER_NAME} \
- -H "X-Auth-Token: ${TOKEN}" \
- -H "X-Storage-Policy: ${STORAGE_POLICY}" 2>&1 > $RES_FILE
-
- if [[ $? -ne 0 || $(grep "HTTP" $RES_FILE | awk '{print $2}') -ge 400 ]]; then
- log WARN "${DB_NAME}_backup" "Unable to create container ${THROTTLE_CONTAINER_NAME}"
- cat $RES_FILE
- rm -f $RES_FILE
- return 2
- fi
- rm -f $RES_FILE
-
- swift stat $THROTTLE_CONTAINER_NAME
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Unable to retrieve container ${THROTTLE_CONTAINER_NAME} details after creation."
- return 2
- fi
- fi
- else
- echo $RESULT | grep -E "HTTP 401|HTTP 403"
- if [[ $? -eq 0 ]]; then
- log ERROR "${DB_NAME}_backup" "Access denied by keystone: ${RESULT}"
- return 1
- else
- echo $RESULT | grep -E "ConnectionError|Failed to discover available identity versions|Service Unavailable|HTTP 50"
- if [[ $? -eq 0 ]]; then
- log WARN "${DB_NAME}_backup" "Could not reach the RGW: ${RESULT}"
- # In this case, keystone or the site/node may be temporarily down.
- # Return slightly different error code so the calling code can retry
- return 2
- else
- log ERROR "${DB_NAME}_backup" "Could not get container list: ${RESULT}"
- return 1
- fi
- fi
- fi
-
- NUMBER_OF_SESSIONS=$(openstack object list $THROTTLE_CONTAINER_NAME -f value | wc -l)
- log INFO "${DB_NAME}_backup" "There are ${NUMBER_OF_SESSIONS} remote sessions right now."
- while [[ ${NUMBER_OF_SESSIONS} -ge ${THROTTLE_LIMIT} ]]
- do
- log INFO "${DB_NAME}_backup" "Current number of active uploads is ${NUMBER_OF_SESSIONS}>=${THROTTLE_LIMIT}!"
- log INFO "${DB_NAME}_backup" "Retrying in ${THROTTLE_RETRY_AFTER} seconds...."
- sleep ${THROTTLE_RETRY_AFTER}
- NUMBER_OF_SESSIONS=$(openstack object list $THROTTLE_CONTAINER_NAME -f value | wc -l)
- log INFO "${DB_NAME}_backup" "There are ${NUMBER_OF_SESSIONS} remote sessions right now."
- done
-
- # Create a lock file in THROTTLE_CONTAINER
- THROTTLE_FILEPATH=$(mktemp -d)
- THROTTLE_FILE=${CONTAINER_NAME}.lock
- date +%s > $THROTTLE_FILEPATH/$THROTTLE_FILE
-
- # Create an object to store the file
- openstack object create --name $THROTTLE_FILE $THROTTLE_CONTAINER_NAME $THROTTLE_FILEPATH/$THROTTLE_FILE
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Cannot create throttle container object ${THROTTLE_FILE}!"
- return 2
- fi
-
- swift post $THROTTLE_CONTAINER_NAME $THROTTLE_FILE -H "X-Delete-After:${THROTTLE_LOCK_EXPIRE_AFTER}"
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Cannot set throttle container object ${THROTTLE_FILE} expiration header!"
- return 2
- fi
- openstack object show $THROTTLE_CONTAINER_NAME $THROTTLE_FILE
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Unable to retrieve throttle container object $THROTTLE_FILE after creation."
- return 2
- fi
- fi
-
- #---------------------------------------------------------------------------
-
- # Create an object to store the file
- openstack object create --name $FILE $CONTAINER_NAME $FILEPATH/$FILE
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Cannot create container object ${FILE}!"
- return 2
- fi
-
- openstack object show $CONTAINER_NAME $FILE
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Unable to retrieve container object $FILE after creation."
- return 2
- fi
-
- # Remote backup verification
- MD5_REMOTE=$(openstack object show $CONTAINER_NAME $FILE -f json | jq -r ".etag")
- MD5_LOCAL=$(cat ${FILEPATH}/${FILE} | md5sum | awk '{print $1}')
- log INFO "${DB_NAME}_backup" "Obtained MD5 hash for the file $FILE in container $CONTAINER_NAME."
- log INFO "${DB_NAME}_backup" "Local MD5 hash is ${MD5_LOCAL}."
- log INFO "${DB_NAME}_backup" "Remote MD5 hash is ${MD5_REMOTE}."
- if [[ "${MD5_LOCAL}" == "${MD5_REMOTE}" ]]; then
- log INFO "${DB_NAME}_backup" "The local backup & remote backup MD5 hash values are matching for file $FILE in container $CONTAINER_NAME."
- else
- log ERROR "${DB_NAME}_backup" "Mismatch between the local backup & remote backup MD5 hash values"
- return 2
- fi
- rm -f ${REMOTE_FILE}
-
- #---------------------------------------------------------------------------
- # Remote backup throttling
- export THROTTLE_BACKUPS_ENABLED=$(echo $THROTTLE_BACKUPS_ENABLED | sed 's/"//g')
- if $THROTTLE_BACKUPS_ENABLED; then
- # Remove flag file
- # Delete an object to remove the flag file
- openstack object delete $THROTTLE_CONTAINER_NAME $THROTTLE_FILE
- if [[ $? -ne 0 ]]; then
- log WARN "${DB_NAME}_backup" "Cannot delete throttle container object ${THROTTLE_FILE}"
- return 0
- else
- log INFO "${DB_NAME}_backup" "The throttle container object ${THROTTLE_FILE} has been successfully removed."
- fi
- rm -f ${THROTTLE_FILEPATH}/${THROTTLE_FILE}
- fi
-
- #---------------------------------------------------------------------------
-
- log INFO "${DB_NAME}_backup" "Created file $FILE in container $CONTAINER_NAME successfully."
- return 0
-}
-
-# This function attempts to store the built tarball to the remote gateway,
-# with built-in logic to handle error cases like:
-# 1) Network connectivity issues - retries for a specific amount of time
-# 2) Authorization errors - immediately logs an ERROR and returns
-store_backup_remotely() {
- FILEPATH=$1
- FILE=$2
-
- count=1
- while [[ ${count} -le ${REMOTE_BACKUP_RETRIES} ]]; do
- # Store the new archive to the remote backup storage facility.
- send_to_remote_server $FILEPATH $FILE
- SEND_RESULT="$?"
-
- # Check if successful
- if [[ $SEND_RESULT -eq 0 ]]; then
- log INFO "${DB_NAME}_backup" "Backup file ${FILE} successfully sent to RGW."
- return 0
- elif [[ $SEND_RESULT -eq 2 ]]; then
- if [[ ${count} -ge ${REMOTE_BACKUP_RETRIES} ]]; then
- log ERROR "${DB_NAME}_backup" "Backup file ${FILE} could not be sent to the RGW in " \
- "${REMOTE_BACKUP_RETRIES} retries. Errors encountered. Exiting."
- break
- fi
- # Temporary failure occurred. We need to retry
- log WARN "${DB_NAME}_backup" "Backup file ${FILE} could not be sent to RGW due to connection issue."
- sleep_time=$(random_number)
- log INFO "${DB_NAME}_backup" "Sleeping ${sleep_time} seconds waiting for RGW to become available..."
- sleep ${sleep_time}
- log INFO "${DB_NAME}_backup" "Retrying..."
- else
- log ERROR "${DB_NAME}_backup" "Backup file ${FILE} could not be sent to the RGW. Errors encountered. Exiting."
- break
- fi
-
- # Increment the counter
- count=$((count+1))
- done
-
- return 1
-}
-
-
-function get_archive_date(){
-# get_archive_date function returns correct archive date
-# for different formats of archives' names
-# the old one: <database name>.<namespace>.<table name | all>.<date-time>.tar.gz
-# the new one: <database name>.<namespace>.<table name | all>.<backup mode>.<date-time>.tar.gz
- local A_FILE="$1"
- awk -F. '{print $(NF-2)}' <<< ${A_FILE} | tr -d "Z"
-}
-
-# This function takes a list of archives' names as an input
-# and creates a hash table where keys are number of seconds
-# between current date and archive date (see seconds_difference),
-# and values are space separated archives' names
-#
-# +------------+---------------------------------------------------------------------------------------------------------+
-# | 1265342678 | "tmp/mysql.backup.auto.2022-02-14T10:13:13Z.tar.gz" |
-# +------------+---------------------------------------------------------------------------------------------------------+
-# | 2346254257 | "tmp/mysql.backup.auto.2022-02-11T10:13:13Z.tar.gz tmp/mysql.backup.manual.2022-02-11T10:13:13Z.tar.gz" |
-# +------------+---------------------------------------------------------------------------------------------------------+
-# <...>
-# +------------+---------------------------------------------------------------------------------------------------------+
-# | 6253434567 | "tmp/mysql.backup.manual.2022-02-01T10:13:13Z.tar.gz" |
-# +------------+---------------------------------------------------------------------------------------------------------+
-# We will use the explained above data stracture to cover rare, but still
-# possible case, when we have several backups of the same date. E.g.
-# one manual, and one automatic.
-
-declare -A fileTable
-create_hash_table() {
-unset fileTable
-fileList=$@
- for ARCHIVE_FILE in ${fileList}; do
- # Creating index, we will round given ARCHIVE_DATE to the midnight (00:00:00)
- # to take in account a possibility, that we can have more than one scheduled
- # backup per day.
- ARCHIVE_DATE=$(get_archive_date ${ARCHIVE_FILE})
- ARCHIVE_DATE=$(date --date=${ARCHIVE_DATE} +%D)
- log INFO "${DB_NAME}_backup" "Archive date to build index: ${ARCHIVE_DATE}"
- INDEX=$(seconds_difference ${ARCHIVE_DATE})
- if [[ -z fileTable[${INDEX}] ]]; then
- fileTable[${INDEX}]=${ARCHIVE_FILE}
- else
- fileTable[${INDEX}]="${fileTable[${INDEX}]} ${ARCHIVE_FILE}"
- fi
- echo "INDEX: ${INDEX} VALUE: ${fileTable[${INDEX}]}"
- done
-}
-
-function get_backup_prefix() {
-# Create list of all possible prefixes in a format:
-# <db_name>.<namespace> to cover a possible situation
-# when different backups of different databases and/or
-# namespaces share the same local or remote storage.
- ALL_FILES=($@)
- PREFIXES=()
- for fname in ${ALL_FILES[@]}; do
- prefix=$(basename ${fname} | cut -d'.' -f1,2 )
- for ((i=0; i<${#PREFIXES[@]}; i++)) do
- if [[ ${PREFIXES[${i}]} == ${prefix} ]]; then
- prefix=""
- break
- fi
- done
- if [[ ! -z ${prefix} ]]; then
- PREFIXES+=(${prefix})
- fi
- done
-}
-
-remove_old_local_archives() {
- SECONDS_TO_KEEP=$(( $((${LOCAL_DAYS_TO_KEEP}))*86400))
- log INFO "${DB_NAME}_backup" "Deleting backups older than ${LOCAL_DAYS_TO_KEEP} days (${SECONDS_TO_KEEP} seconds)"
- if [[ -d $ARCHIVE_DIR ]]; then
- count=0
- # We iterate over the hash table, checking the delta in seconds (hash keys),
- # and minimum number of backups we must have in place. List of keys has to be sorted.
- for INDEX in $(tr " " "\n" <<< ${!fileTable[@]} | sort -n -); do
- ARCHIVE_FILE=${fileTable[${INDEX}]}
- if [[ ${INDEX} -lt ${SECONDS_TO_KEEP} || ${count} -lt ${LOCAL_DAYS_TO_KEEP} ]]; then
- ((count++))
- log INFO "${DB_NAME}_backup" "Keeping file(s) ${ARCHIVE_FILE}."
- else
- log INFO "${DB_NAME}_backup" "Deleting file(s) ${ARCHIVE_FILE}."
- rm -f ${ARCHIVE_FILE}
- if [[ $? -ne 0 ]]; then
- # Log error but don't exit so we can finish the script
- # because at this point we haven't sent backup to RGW yet
- log ERROR "${DB_NAME}_backup" "Failed to cleanup local backup. Cannot remove some of ${ARCHIVE_FILE}"
- fi
- fi
- done
- else
- log WARN "${DB_NAME}_backup" "The local backup directory ${$ARCHIVE_DIR} does not exist."
- fi
-}
-
-prepare_list_of_remote_backups() {
- BACKUP_FILES=$(mktemp -p /tmp)
- DB_BACKUP_FILES=$(mktemp -p /tmp)
- openstack object list $CONTAINER_NAME > $BACKUP_FILES
- if [[ $? -ne 0 ]]; then
- log_backup_error_exit \
- "Failed to cleanup remote backup. Could not obtain a list of current backup files in the RGW"
- fi
- # Filter out other types of backup files
- cat $BACKUP_FILES | grep $DB_NAME | grep $DB_NAMESPACE | awk '{print $2}' > $DB_BACKUP_FILES
-}
-
-# The logic implemented with this function is absolutely similar
-# to the function remove_old_local_archives (see above)
-remove_old_remote_archives() {
- count=0
- SECONDS_TO_KEEP=$((${REMOTE_DAYS_TO_KEEP}*86400))
- log INFO "${DB_NAME}_backup" "Deleting backups older than ${REMOTE_DAYS_TO_KEEP} days (${SECONDS_TO_KEEP} seconds)"
- for INDEX in $(tr " " "\n" <<< ${!fileTable[@]} | sort -n -); do
- ARCHIVE_FILE=${fileTable[${INDEX}]}
- if [[ ${INDEX} -lt ${SECONDS_TO_KEEP} || ${count} -lt ${REMOTE_DAYS_TO_KEEP} ]]; then
- ((count++))
- log INFO "${DB_NAME}_backup" "Keeping remote backup(s) ${ARCHIVE_FILE}."
- else
- log INFO "${DB_NAME}_backup" "Deleting remote backup(s) ${ARCHIVE_FILE} from the RGW"
- openstack object delete ${CONTAINER_NAME} ${ARCHIVE_FILE} || log WARN "${DB_NAME}_backup" \
- "Failed to cleanup remote backup. Cannot delete container object ${ARCHIVE_FILE}"
- fi
- done
-
- # Cleanup now that we're done.
- for fd in ${BACKUP_FILES} ${DB_BACKUP_FILES}; do
- if [[ -f ${fd} ]]; then
- rm -f ${fd}
- else
- log WARN "${DB_NAME}_backup" "Can not delete a temporary file ${fd}"
- fi
- done
-}
-
-# Main function to backup the databases. Calling functions need to supply:
-# 1) The directory where the final backup will be kept after it is compressed.
-# 2) A temporary directory to use for placing database files to be compressed.
-# Note: this temp directory will be deleted after backup is done.
-# 3) Optional "scope" parameter indicating what database to back up. Defaults
-# to "all".
-backup_databases() {
- SCOPE=${1:-"all"}
-
- # Create necessary directories if they do not exist.
- mkdir -p $ARCHIVE_DIR || log_backup_error_exit \
- "Backup of the ${DB_NAME} database failed. Cannot create directory ${ARCHIVE_DIR}!"
- export TMP_DIR=$(mktemp -d) || log_backup_error_exit \
- "Backup of the ${DB_NAME} database failed. Cannot create temp directory!"
-
- # Create temporary log file
- export ERR_LOG_FILE=$(mktemp -p /tmp) || log_backup_error_exit \
- "Backup of the ${DB_NAME} database failed. Cannot create log file!"
-
- # It is expected that this function will dump the database files to the $TMP_DIR
- dump_databases_to_directory $TMP_DIR $ERR_LOG_FILE $SCOPE
-
- # If successful, there should be at least one file in the TMP_DIR
- if [[ $? -ne 0 || $(ls $TMP_DIR | wc -w) -eq 0 ]]; then
- cat $ERR_LOG_FILE
- log_backup_error_exit "Backup of the ${DB_NAME} database failed and needs attention."
- fi
-
- log INFO "${DB_NAME}_backup" "Databases dumped successfully. Creating tarball..."
-
- NOW=$(date +"%Y-%m-%dT%H:%M:%SZ")
- if [[ -z "${BACK_UP_MODE}" ]]; then
- TARBALL_FILE="${DB_NAME}.${DB_NAMESPACE}.${SCOPE}.${NOW}.tar.gz"
- else
- TARBALL_FILE="${DB_NAME}.${DB_NAMESPACE}.${SCOPE}.${BACK_UP_MODE}.${NOW}.tar.gz"
- fi
-
- cd $TMP_DIR || log_backup_error_exit \
- "Backup of the ${DB_NAME} database failed. Cannot change to directory $TMP_DIR"
-
- #Archive the current database files
- tar zcvf $ARCHIVE_DIR/$TARBALL_FILE *
- if [[ $? -ne 0 ]]; then
- log_backup_error_exit \
- "Backup ${DB_NAME} to local file system failed. Backup tarball could not be created."
- fi
-
- # Get the size of the file
- ARCHIVE_SIZE=$(ls -l $ARCHIVE_DIR/$TARBALL_FILE | awk '{print $5}')
-
- log INFO "${DB_NAME}_backup" "Tarball $TARBALL_FILE created successfully."
-
- cd $ARCHIVE_DIR
-
- #Only delete the old archive after a successful archive
- export LOCAL_DAYS_TO_KEEP=$(echo $LOCAL_DAYS_TO_KEEP | sed 's/"//g')
- if [[ "$LOCAL_DAYS_TO_KEEP" -gt 0 ]]; then
- get_backup_prefix $(ls -1 ${ARCHIVE_DIR}/*.gz)
- for ((i=0; i<${#PREFIXES[@]}; i++)); do
- echo "Working with prefix: ${PREFIXES[i]}"
- create_hash_table $(ls -1 ${ARCHIVE_DIR}/${PREFIXES[i]}*.gz)
- remove_old_local_archives
- done
- fi
-
- # Local backup verification process
-
- # It is expected that this function will verify the database backup files
- if verify_databases_backup_archives ${SCOPE}; then
- log INFO "${DB_NAME}_backup_verify" "Databases backup verified successfully. Uploading verified backups to remote location..."
- else
- # If successful, there should be at least one file in the TMP_DIR
- if [[ $(ls $TMP_DIR | wc -w) -eq 0 ]]; then
- cat $ERR_LOG_FILE
- fi
- log_verify_backup_exit "Verify of the ${DB_NAME} database backup failed and needs attention."
- exit 1
- fi
-
- # Remove the temporary directory and files as they are no longer needed.
- rm -rf $TMP_DIR
- rm -f $ERR_LOG_FILE
-
- # Remote backup
- REMOTE_BACKUP=$(echo $REMOTE_BACKUP_ENABLED | sed 's/"//g')
- if $REMOTE_BACKUP; then
- # Remove Quotes from the constants which were added due to reading
- # from secret.
- export REMOTE_BACKUP_RETRIES=$(echo $REMOTE_BACKUP_RETRIES | sed 's/"//g')
- export MIN_DELAY_SEND_REMOTE=$(echo $MIN_DELAY_SEND_REMOTE | sed 's/"//g')
- export MAX_DELAY_SEND_REMOTE=$(echo $MAX_DELAY_SEND_REMOTE | sed 's/"//g')
- export REMOTE_DAYS_TO_KEEP=$(echo $REMOTE_DAYS_TO_KEEP | sed 's/"//g')
-
- store_backup_remotely $ARCHIVE_DIR $TARBALL_FILE
- if [[ $? -ne 0 ]]; then
- # This error should print first, then print the summary as the last
- # thing that the user sees in the output.
- log ERROR "${DB_NAME}_backup" "Backup ${TARBALL_FILE} could not be sent to remote RGW."
- echo "=================================================================="
- echo "Local backup successful, but could not send to remote RGW."
- echo "Backup archive name: $TARBALL_FILE"
- echo "Backup archive size: $ARCHIVE_SIZE"
- echo "=================================================================="
- # Because the local backup was successful, exit with 0 so the pod will not
- # continue to restart and fill the disk with more backups. The ERRORs are
- # logged and alerting system should catch those errors and flag the operator.
- exit 0
- fi
-
- #Only delete the old archive after a successful archive
- if [[ "$REMOTE_DAYS_TO_KEEP" -gt 0 ]]; then
- prepare_list_of_remote_backups
- get_backup_prefix $(cat $DB_BACKUP_FILES)
- for ((i=0; i<${#PREFIXES[@]}; i++)); do
- echo "Working with prefix: ${PREFIXES[i]}"
- create_hash_table $(cat ${DB_BACKUP_FILES} | grep ${PREFIXES[i]})
- remove_old_remote_archives
- done
- fi
-
- echo "=================================================================="
- echo "Local backup and backup to remote RGW successful!"
- echo "Backup archive name: $TARBALL_FILE"
- echo "Backup archive size: $ARCHIVE_SIZE"
- echo "=================================================================="
- else
- # Remote backup is not enabled. This is ok; at least we have a local backup.
- log INFO "${DB_NAME}_backup" "Skipping remote backup, as it is not enabled."
-
- echo "=================================================================="
- echo "Local backup successful!"
- echo "Backup archive name: $TARBALL_FILE"
- echo "Backup archive size: $ARCHIVE_SIZE"
- echo "=================================================================="
- fi
-}
-{{- end }}
\ No newline at end of file
diff --git a/charts/senlin/charts/helm-toolkit/templates/scripts/db-backup-restore/_restore_main.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/scripts/db-backup-restore/_restore_main.sh.tpl
deleted file mode 100644
index 093dd2c..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/scripts/db-backup-restore/_restore_main.sh.tpl
+++ /dev/null
@@ -1,616 +0,0 @@
-{{- define "helm-toolkit.scripts.db-backup-restore.restore_main" }}
-#!/bin/bash
-
-# This file contains a database restore framework which database scripts
-# can use to perform a backup. The idea here is that the database-specific
-# functions will be implemented by the various databases using this script
-# (like mariadb, postgresql or etcd for example). The database-specific
-# script will need to first "source" this file like this:
-# source /tmp/restore_main.sh
-#
-# Then the script should call the main CLI function (cli_main):
-# cli_main <arg_list>
-# where:
-# <arg_list> is the list of arguments given by the user
-#
-# The framework will require the following variables to be exported:
-#
-# export DB_NAMESPACE Namespace where the database(s) reside
-# export DB_NAME Name of the database system
-# export ARCHIVE_DIR Location where the backup tarballs should
-# be stored. (full directory path which
-# should already exist)
-# export CONTAINER_NAME Name of the container on the RGW where
-# the backups are stored.
-# RGW access variables:
-# export OS_REGION_NAME Name of the region the RGW resides in
-# export OS_AUTH_URL Keystone URL associated with the RGW
-# export OS_PROJECT_NAME Name of the project associated with the
-# keystone user
-# export OS_USERNAME Name of the keystone user
-# export OS_PASSWORD Password of the keystone user
-# export OS_USER_DOMAIN_NAME Keystone domain the project belongs to
-# export OS_PROJECT_DOMAIN_NAME Keystone domain the user belongs to
-# export OS_IDENTITY_API_VERSION Keystone API version to use
-#
-# The database-specific functions that need to be implemented are:
-# get_databases
-# where:
-# <tmp_dir> is the full directory path where the decompressed
-# database files reside
-# <db_file> is the full path of the file to write the database
-# names into, one database per line
-# returns: 0 if no errors; 1 if any errors occurred
-#
-# This function is expected to extract the database names from the
-# uncompressed database files found in the given "tmp_dir", which is
-# the staging directory for database restore. The database names
-# should be written to the given "db_file", one database name per
-# line.
-#
-# get_tables
-# <db_name> is the name of the database to get the tables from
-# <tmp_dir> is the full directory path where the decompressed
-# database files reside
-# <table_file> is the full path of the file to write the table
-# names into, one table per line
-# returns: 0 if no errors; 1 if any errors occurred
-#
-# This function is expected to extract the table names from the given
-# database, found in the uncompressed database files located in the
-# given "tmp_dir", which is the staging directory for database restore.
-# The table names should be written to the given "table_file", one
-# table name per line.
-#
-# get_rows
-# <table_name> is the name of the table to get the rows from
-# <db_name> is the name of the database the table resides in
-# <tmp_dir> is the full directory path where the decompressed
-# database files reside
-# <rows_file> is the full path of the file to write the table
-# row data into, one row (INSERT statement) per line
-# returns: 0 if no errors; 1 if any errors occurred
-#
-# This function is expected to extract the rows from the given table
-# in the given database, found in the uncompressed database files
-# located in the given "tmp_dir", which is the staging directory for
-# database restore. The table rows should be written to the given
-# "rows_file", one row (INSERT statement) per line.
-#
-# get_schema
-# <table_name> is the name of the table to get the schema from
-# <db_name> is the name of the database the table resides in
-# <tmp_dir> is the full directory path where the decompressed
-# database files reside
-# <schema_file> is the full path of the file to write the table
-# schema data into
-# returns: 0 if no errors; 1 if any errors occurred
-#
-# This function is expected to extract the schema from the given table
-# in the given database, found in the uncompressed database files
-# located in the given "tmp_dir", which is the staging directory for
-# database restore. The table schema and related alterations and
-# grant information should be written to the given "schema_file".
-#
-# restore_single_db
-# where:
-# <db_name> is the name of the database to be restored
-# <tmp_dir> is the full directory path where the decompressed
-# database files reside
-# returns: 0 if no errors; 1 if any errors occurred
-#
-# This function is expected to restore the database given as "db_name"
-# using the database files located in the "tmp_dir". The framework
-# will delete the "tmp_dir" and the files in it after the restore is
-# complete.
-#
-# restore_all_dbs
-# where:
-# <tmp_dir> is the full directory path where the decompressed
-# database files reside
-# returns: 0 if no errors; 1 if any errors occurred
-#
-# This function is expected to restore all of the databases which
-# are backed up in the database files located in the "tmp_dir". The
-# framework will delete the "tmp_dir" and the files in it after the
-# restore is complete.
-#
-# The functions in this file will take care of:
-# 1) The CLI parameter parsing for the arguments passed in by the user.
-# 2) The listing of either local or remote archive files at the request
-# of the user.
-# 3) The retrieval/download of an archive file located either in the local
-# file system or remotely stored on an RGW.
-# 4) Calling either "restore_single_db" or "restore_all_dbs" when the user
-# chooses to restore a database or all databases.
-# 5) The framework will call "get_databases" when it needs a list of
-# databases when the user requests a database list or when the user
-# requests to restore a single database (to ensure it exists in the
-# archive). Similarly, the framework will call "get_tables", "get_rows",
-# or "get_schema" when it needs that data requested by the user.
-#
-
-usage() {
- ret_val=$1
- echo "Usage:"
- echo "Restore command options"
- echo "============================="
- echo "help"
- echo "list_archives [remote]"
- echo "list_databases <archive_filename> [remote]"
- echo "list_tables <archive_filename> <dbname> [remote]"
- echo "list_rows <archive_filename> <dbname> <table_name> [remote]"
- echo "list_schema <archive_filename> <dbname> <table_name> [remote]"
- echo "restore <archive_filename> <db_specifier> [remote]"
- echo " where <db_specifier> = <dbname> | ALL"
- echo "delete_archive <archive_filename> [remote]"
- clean_and_exit $ret_val ""
-}
-
-#Exit cleanly with some message and return code
-clean_and_exit() {
- RETCODE=$1
- MSG=$2
-
- # Clean/remove temporary directories/files
- rm -rf $TMP_DIR
- rm -f $RESULT_FILE
-
- if [[ "x${MSG}" != "x" ]]; then
- echo $MSG
- fi
- exit $RETCODE
-}
-
-determine_resulting_error_code() {
- RESULT="$1"
-
- echo ${RESULT} | grep "HTTP 404"
- if [[ $? -eq 0 ]]; then
- echo "Could not find the archive: ${RESULT}"
- return 1
- else
- echo ${RESULT} | grep "HTTP 401"
- if [[ $? -eq 0 ]]; then
- echo "Could not access the archive: ${RESULT}"
- return 1
- else
- echo ${RESULT} | grep "HTTP 503"
- if [[ $? -eq 0 ]]; then
- echo "RGW service is unavailable. ${RESULT}"
- # In this case, the RGW may be temporarily down.
- # Return slightly different error code so the calling code can retry
- return 2
- else
- echo ${RESULT} | grep "ConnectionError"
- if [[ $? -eq 0 ]]; then
- echo "Could not reach the RGW: ${RESULT}"
- # In this case, keystone or the site/node may be temporarily down.
- # Return slightly different error code so the calling code can retry
- return 2
- else
- echo "Archive ${ARCHIVE} could not be retrieved: ${RESULT}"
- return 1
- fi
- fi
- fi
- fi
- return 0
-}
-
-# Retrieve a list of archives from the RGW.
-retrieve_remote_listing() {
- RESULT=$(openstack container show $CONTAINER_NAME 2>&1)
- if [[ $? -eq 0 ]]; then
- # Get the list, ensureing that we only pick up the right kind of backups from the
- # requested namespace
- openstack object list $CONTAINER_NAME | grep $DB_NAME | grep $DB_NAMESPACE | awk '{print $2}' > $TMP_DIR/archive_list
- if [[ $? -ne 0 ]]; then
- echo "Container object listing could not be obtained."
- return 1
- else
- echo "Archive listing successfully retrieved."
- fi
- else
- determine_resulting_error_code "${RESULT}"
- return $?
- fi
- return 0
-}
-
-# Retrieve a single archive from the RGW.
-retrieve_remote_archive() {
- ARCHIVE=$1
-
- RESULT=$(openstack object save --file $TMP_DIR/$ARCHIVE $CONTAINER_NAME $ARCHIVE 2>&1)
- if [[ $? -ne 0 ]]; then
- determine_resulting_error_code "${RESULT}"
- return $?
- else
- echo "Archive $ARCHIVE successfully retrieved."
- fi
- return 0
-}
-
-# Delete an archive from the RGW.
-delete_remote_archive() {
- ARCHIVE=$1
-
- RESULT=$(openstack object delete ${CONTAINER_NAME} ${ARCHIVE} 2>&1)
- if [[ $? -ne 0 ]]; then
- determine_resulting_error_code "${RESULT}"
- return $?
- else
- echo "Archive ${ARCHIVE} successfully deleted."
- fi
- return 0
-}
-
-# Display all archives
-list_archives() {
- REMOTE=$1
-
- if [[ "x${REMOTE^^}" == "xREMOTE" ]]; then
- retrieve_remote_listing
- if [[ $? -eq 0 && -e $TMP_DIR/archive_list ]]; then
- echo
- echo "All Archives from RGW Data Store"
- echo "=============================================="
- cat $TMP_DIR/archive_list | sort
- clean_and_exit 0 ""
- else
- clean_and_exit 1 "ERROR: Archives could not be retrieved from the RGW."
- fi
- elif [[ "x${REMOTE}" == "x" ]]; then
- if [[ -d $ARCHIVE_DIR ]]; then
- archives=$(find $ARCHIVE_DIR/ -iname "*.gz" -print | sort)
- echo
- echo "All Local Archives"
- echo "=============================================="
- for archive in $archives
- do
- echo $archive | cut -d '/' -f8-
- done
- clean_and_exit 0 ""
- else
- clean_and_exit 1 "ERROR: Local archive directory is not available."
- fi
- else
- usage 1
- fi
-}
-
-# Retrieve the archive from the desired location and decompress it into
-# the restore directory
-get_archive() {
- ARCHIVE_FILE=$1
- REMOTE=$2
-
- if [[ "x$REMOTE" == "xremote" ]]; then
- echo "Retrieving archive ${ARCHIVE_FILE} from the remote RGW..."
- retrieve_remote_archive $ARCHIVE_FILE
- if [[ $? -ne 0 ]]; then
- clean_and_exit 1 "ERROR: Could not retrieve remote archive: $ARCHIVE_FILE"
- fi
- elif [[ "x$REMOTE" == "x" ]]; then
- if [[ -e $ARCHIVE_DIR/$ARCHIVE_FILE ]]; then
- cp $ARCHIVE_DIR/$ARCHIVE_FILE $TMP_DIR/$ARCHIVE_FILE
- if [[ $? -ne 0 ]]; then
- clean_and_exit 1 "ERROR: Could not copy local archive to restore directory."
- fi
- else
- clean_and_exit 1 "ERROR: Local archive file could not be found."
- fi
- else
- usage 1
- fi
-
- echo "Decompressing archive $ARCHIVE_FILE..."
- cd $TMP_DIR
- tar zxvf - < $TMP_DIR/$ARCHIVE_FILE 1>/dev/null
- if [[ $? -ne 0 ]]; then
- clean_and_exit 1 "ERROR: Archive decompression failed."
- fi
-}
-
-# Display all databases from an archive
-list_databases() {
- ARCHIVE_FILE=$1
- REMOTE=$2
- WHERE="local"
-
- if [[ -n ${REMOTE} ]]; then
- WHERE="remote"
- fi
-
- # Get the archive from the source location (local/remote)
- get_archive $ARCHIVE_FILE $REMOTE
-
- # Expectation is that the database listing will be put into
- # the given file one database per line
- get_databases $TMP_DIR $RESULT_FILE
- if [[ "$?" -ne 0 ]]; then
- clean_and_exit 1 "ERROR: Could not retrieve databases from $WHERE archive $ARCHIVE_FILE."
- fi
-
- if [[ -f "$RESULT_FILE" ]]; then
- echo " "
- echo "Databases in the $WHERE archive $ARCHIVE_FILE"
- echo "================================================================================"
- cat $RESULT_FILE
- else
- clean_and_exit 1 "ERROR: Databases file missing. Could not list databases from $WHERE archive $ARCHIVE_FILE."
- fi
-}
-
-# Display all tables of a database from an archive
-list_tables() {
- ARCHIVE_FILE=$1
- DATABASE=$2
- REMOTE=$3
- WHERE="local"
-
- if [[ -n ${REMOTE} ]]; then
- WHERE="remote"
- fi
-
- # Get the archive from the source location (local/remote)
- get_archive $ARCHIVE_FILE $REMOTE
-
- # Expectation is that the database listing will be put into
- # the given file one table per line
- get_tables $DATABASE $TMP_DIR $RESULT_FILE
- if [[ "$?" -ne 0 ]]; then
- clean_and_exit 1 "ERROR: Could not retrieve tables for database ${DATABASE} from $WHERE archive $ARCHIVE_FILE."
- fi
-
- if [[ -f "$RESULT_FILE" ]]; then
- echo " "
- echo "Tables in database $DATABASE from $WHERE archive $ARCHIVE_FILE"
- echo "================================================================================"
- cat $RESULT_FILE
- else
- clean_and_exit 1 "ERROR: Tables file missing. Could not list tables of database ${DATABASE} from $WHERE archive $ARCHIVE_FILE."
- fi
-}
-
-# Display all rows of the given database table from an archive
-list_rows() {
- ARCHIVE_FILE=$1
- DATABASE=$2
- TABLE=$3
- REMOTE=$4
- WHERE="local"
-
- if [[ -n ${REMOTE} ]]; then
- WHERE="remote"
- fi
-
- # Get the archive from the source location (local/remote)
- get_archive $ARCHIVE_FILE $REMOTE
-
- # Expectation is that the database listing will be put into
- # the given file one table per line
- get_rows $DATABASE $TABLE $TMP_DIR $RESULT_FILE
- if [[ "$?" -ne 0 ]]; then
- clean_and_exit 1 "ERROR: Could not retrieve rows in table ${TABLE} of database ${DATABASE} from $WHERE archive $ARCHIVE_FILE."
- fi
-
- if [[ -f "$RESULT_FILE" ]]; then
- echo " "
- echo "Rows in table $TABLE of database $DATABASE from $WHERE archive $ARCHIVE_FILE"
- echo "================================================================================"
- cat $RESULT_FILE
- else
- clean_and_exit 1 "ERROR: Rows file missing. Could not list rows in table ${TABLE} of database ${DATABASE} from $WHERE archive $ARCHIVE_FILE."
- fi
-}
-
-# Display the schema information of the given database table from an archive
-list_schema() {
- ARCHIVE_FILE=$1
- DATABASE=$2
- TABLE=$3
- REMOTE=$4
- WHERE="local"
-
- if [[ -n ${REMOTE} ]]; then
- WHERE="remote"
- fi
-
- # Get the archive from the source location (local/remote)
- get_archive $ARCHIVE_FILE $REMOTE
-
- # Expectation is that the schema information will be placed into
- # the given schema file.
- get_schema $DATABASE $TABLE $TMP_DIR $RESULT_FILE
- if [[ "$?" -ne 0 ]]; then
- clean_and_exit 1 "ERROR: Could not retrieve schema for table ${TABLE} of database ${DATABASE} from $WHERE archive $ARCHIVE_FILE."
- fi
-
- if [[ -f "$RESULT_FILE" ]]; then
- echo " "
- echo "Schema for table $TABLE of database $DATABASE from $WHERE archive $ARCHIVE_FILE"
- echo "================================================================================"
- cat $RESULT_FILE
- else
- clean_and_exit 1 "ERROR: Schema file missing. Could not list schema for table ${TABLE} of database ${DATABASE} from $WHERE archive $ARCHIVE_FILE."
- fi
-}
-
-# Delete an archive
-delete_archive() {
- ARCHIVE_FILE=$1
- REMOTE=$2
- WHERE="local"
-
- if [[ -n ${REMOTE} ]]; then
- WHERE="remote"
- fi
-
- if [[ "${WHERE}" == "remote" ]]; then
- delete_remote_archive ${ARCHIVE_FILE}
- if [[ $? -ne 0 ]]; then
- clean_and_exit 1 "ERROR: Could not delete remote archive: ${ARCHIVE_FILE}"
- fi
- else # Local
- if [[ -e ${ARCHIVE_DIR}/${ARCHIVE_FILE} ]]; then
- rm -f ${ARCHIVE_DIR}/${ARCHIVE_FILE}
- if [[ $? -ne 0 ]]; then
- clean_and_exit 1 "ERROR: Could not delete local archive."
- fi
- else
- clean_and_exit 1 "ERROR: Local archive file could not be found."
- fi
- fi
-
- echo "Successfully deleted archive ${ARCHIVE_FILE} from ${WHERE} storage."
-}
-
-
-# Return 1 if the given database exists in the database file. 0 otherwise.
-database_exists() {
- DB=$1
-
- grep "${DB}" ${RESULT_FILE}
- if [[ $? -eq 0 ]]; then
- return 1
- fi
- return 0
-}
-
-# This is the main CLI interpreter function
-cli_main() {
- ARGS=("$@")
-
- # Create the ARCHIVE DIR if it's not already there.
- mkdir -p $ARCHIVE_DIR
-
- # Create temp directory for a staging area to decompress files into
- export TMP_DIR=$(mktemp -d)
-
- # Create a temp file for storing list of databases (if needed)
- export RESULT_FILE=$(mktemp -p /tmp)
-
- case "${ARGS[0]}" in
- "help")
- usage 0
- ;;
-
- "list_archives")
- if [[ ${#ARGS[@]} -gt 2 ]]; then
- usage 1
- elif [[ ${#ARGS[@]} -eq 1 ]]; then
- list_archives
- else
- list_archives ${ARGS[1]}
- fi
- clean_and_exit 0
- ;;
-
- "list_databases")
- if [[ ${#ARGS[@]} -lt 2 || ${#ARGS[@]} -gt 3 ]]; then
- usage 1
- elif [[ ${#ARGS[@]} -eq 2 ]]; then
- list_databases ${ARGS[1]}
- else
- list_databases ${ARGS[1]} ${ARGS[2]}
- fi
- ;;
-
- "list_tables")
- if [[ ${#ARGS[@]} -lt 3 || ${#ARGS[@]} -gt 4 ]]; then
- usage 1
- elif [[ ${#ARGS[@]} -eq 3 ]]; then
- list_tables ${ARGS[1]} ${ARGS[2]}
- else
- list_tables ${ARGS[1]} ${ARGS[2]} ${ARGS[3]}
- fi
- ;;
-
- "list_rows")
- if [[ ${#ARGS[@]} -lt 4 || ${#ARGS[@]} -gt 5 ]]; then
- usage 1
- elif [[ ${#ARGS[@]} -eq 4 ]]; then
- list_rows ${ARGS[1]} ${ARGS[2]} ${ARGS[3]}
- else
- list_rows ${ARGS[1]} ${ARGS[2]} ${ARGS[3]} ${ARGS[4]}
- fi
- ;;
-
- "list_schema")
- if [[ ${#ARGS[@]} -lt 4 || ${#ARGS[@]} -gt 5 ]]; then
- usage 1
- elif [[ ${#ARGS[@]} -eq 4 ]]; then
- list_schema ${ARGS[1]} ${ARGS[2]} ${ARGS[3]}
- else
- list_schema ${ARGS[1]} ${ARGS[2]} ${ARGS[3]} ${ARGS[4]}
- fi
- ;;
-
- "restore")
- REMOTE=""
- if [[ ${#ARGS[@]} -lt 3 || ${#ARGS[@]} -gt 4 ]]; then
- usage 1
- elif [[ ${#ARGS[@]} -eq 4 ]]; then
- REMOTE=${ARGS[3]}
- fi
-
- ARCHIVE=${ARGS[1]}
- DB_SPEC=${ARGS[2]}
-
- #Get all the databases in that archive
- get_archive $ARCHIVE $REMOTE
-
- if [[ "$( echo $DB_SPEC | tr '[a-z]' '[A-Z]')" != "ALL" ]]; then
- # Expectation is that the database listing will be put into
- # the given file one database per line
- get_databases $TMP_DIR $RESULT_FILE
- if [[ "$?" -ne 0 ]]; then
- clean_and_exit 1 "ERROR: Could not get the list of databases to restore."
- fi
-
- if [[ ! $DB_NAMESPACE == "kube-system" ]]; then
- #check if the requested database is available in the archive
- database_exists $DB_SPEC
- if [[ $? -ne 1 ]]; then
- clean_and_exit 1 "ERROR: Database ${DB_SPEC} does not exist."
- fi
- fi
-
- echo "Restoring Database $DB_SPEC And Grants"
- restore_single_db $DB_SPEC $TMP_DIR
- if [[ "$?" -eq 0 ]]; then
- echo "Single database restored successfully."
- else
- clean_and_exit 1 "ERROR: Single database restore failed."
- fi
- clean_and_exit 0 ""
- else
- echo "Restoring All The Databases. This could take a few minutes..."
- restore_all_dbs $TMP_DIR
- if [[ "$?" -eq 0 ]]; then
- echo "All databases restored successfully."
- else
- clean_and_exit 1 "ERROR: Database restore failed."
- fi
- clean_and_exit 0 ""
- fi
- ;;
- "delete_archive")
- if [[ ${#ARGS[@]} -lt 2 || ${#ARGS[@]} -gt 3 ]]; then
- usage 1
- elif [[ ${#ARGS[@]} -eq 2 ]]; then
- delete_archive ${ARGS[1]}
- else
- delete_archive ${ARGS[1]} ${ARGS[2]}
- fi
- ;;
- *)
- usage 1
- ;;
- esac
-
- clean_and_exit 0 ""
-}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_custom_job_annotations.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_custom_job_annotations.tpl
deleted file mode 100644
index fc42614..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_custom_job_annotations.tpl
+++ /dev/null
@@ -1,76 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Adds custom annotations to the job spec of a component.
-examples:
- - values: |
- annotations:
- job:
- default:
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- keystone_domain_manage:
- another.tld/foo: "bar"
- usage: |
- {{ tuple "keystone_domain_manage" . | include "helm-toolkit.snippets.custom_job_annotations" }}
- return: |
- another.tld/foo: bar
- - values: |
- annotations:
- job:
- default:
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- keystone_domain_manage:
- another.tld/foo: "bar"
- usage: |
- {{ tuple "keystone_bootstrap" . | include "helm-toolkit.snippets.custom_job_annotations" }}
- return: |
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- - values: |
- annotations:
- job:
- default:
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- keystone_domain_manage:
- another.tld/foo: "bar"
- keystone_bootstrap:
- usage: |
- {{ tuple "keystone_bootstrap" . | include "helm-toolkit.snippets.custom_job_annotations" }}
- return: |
- custom.tld/key: "value"
- custom.tld/key2: "value2"
-*/}}
-
-{{- define "helm-toolkit.snippets.custom_job_annotations" -}}
-{{- $envAll := index . 1 -}}
-{{- $component := index . 0 | replace "-" "_" -}}
-{{- if (hasKey $envAll.Values "annotations") -}}
-{{- if (hasKey $envAll.Values.annotations "job") -}}
-{{- $annotationsMap := $envAll.Values.annotations.job -}}
-{{- $defaultAnnotations := dict -}}
-{{- if (hasKey $annotationsMap "default" ) -}}
-{{- $defaultAnnotations = $annotationsMap.default -}}
-{{- end -}}
-{{- $annotations := index $annotationsMap $component | default $defaultAnnotations -}}
-{{- if (not (empty $annotations)) -}}
-{{- toYaml $annotations -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_custom_pod_annotations.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_custom_pod_annotations.tpl
deleted file mode 100644
index ecff6e9..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_custom_pod_annotations.tpl
+++ /dev/null
@@ -1,76 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Adds custom annotations to the pod spec of a component.
-examples:
- - values: |
- annotations:
- pod:
- default:
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- nova_compute:
- another.tld/foo: "bar"
- usage: |
- {{ tuple "nova_compute" . | include "helm-toolkit.snippets.custom_pod_annotations" }}
- return: |
- another.tld/foo: bar
- - values: |
- annotations:
- pod:
- default:
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- nova_compute:
- another.tld/foo: "bar"
- usage: |
- {{ tuple "nova_api" . | include "helm-toolkit.snippets.custom_pod_annotations" }}
- return: |
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- - values: |
- annotations:
- pod:
- default:
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- nova_compute:
- another.tld/foo: "bar"
- nova_api:
- usage: |
- {{ tuple "nova_api" . | include "helm-toolkit.snippets.custom_pod_annotations" }}
- return: |
- custom.tld/key: "value"
- custom.tld/key2: "value2"
-*/}}
-
-{{- define "helm-toolkit.snippets.custom_pod_annotations" -}}
-{{- $component := index . 0 -}}
-{{- $envAll := index . 1 -}}
-{{- if (hasKey $envAll.Values "annotations") -}}
-{{- if (hasKey $envAll.Values.annotations "pod") -}}
-{{- $annotationsMap := $envAll.Values.annotations.pod -}}
-{{- $defaultAnnotations := dict -}}
-{{- if (hasKey $annotationsMap "default" ) -}}
-{{- $defaultAnnotations = $annotationsMap.default -}}
-{{- end -}}
-{{- $annotations := index $annotationsMap $component | default $defaultAnnotations -}}
-{{- if (not (empty $annotations)) -}}
-{{- toYaml $annotations -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_custom_secret_annotations.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_custom_secret_annotations.tpl
deleted file mode 100644
index 19c4380..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_custom_secret_annotations.tpl
+++ /dev/null
@@ -1,81 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Adds custom annotations to the secret spec of a component.
-examples:
- - values: |
- annotations:
- secret:
- default:
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- identity:
- admin:
- another.tld/foo: "bar"
- usage: |
- {{ tuple "identity" "admin" . | include "helm-toolkit.snippets.custom_secret_annotations" }}
- return: |
- another.tld/foo: bar
- - values: |
- annotations:
- secret:
- default:
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- identity:
- admin:
- another.tld/foo: "bar"
- usage: |
- {{ tuple "oslo_db" "admin" . | include "helm-toolkit.snippets.custom_secret_annotations" }}
- return: |
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- - values: |
- annotations:
- secret:
- default:
- custom.tld/key: "value"
- custom.tld/key2: "value2"
- identity:
- admin:
- another.tld/foo: "bar"
- oslo_db:
- admin:
- usage: |
- {{ tuple "oslo_db" "admin" . | include "helm-toolkit.snippets.custom_secret_annotations" }}
- return: |
- custom.tld/key: "value"
- custom.tld/key2: "value2"
-*/}}
-
-{{- define "helm-toolkit.snippets.custom_secret_annotations" -}}
-{{- $secretType := index . 0 -}}
-{{- $userClass := index . 1 | replace "-" "_" -}}
-{{- $envAll := index . 2 -}}
-{{- if (hasKey $envAll.Values "annotations") -}}
-{{- if (hasKey $envAll.Values.annotations "secret") -}}
-{{- $annotationsMap := index $envAll.Values.annotations.secret $secretType | default dict -}}
-{{- $defaultAnnotations := dict -}}
-{{- if (hasKey $envAll.Values.annotations.secret "default" ) -}}
-{{- $defaultAnnotations = $envAll.Values.annotations.secret.default -}}
-{{- end -}}
-{{- $annotations := index $annotationsMap $userClass | default $defaultAnnotations -}}
-{{- if (not (empty $annotations)) -}}
-{{- toYaml $annotations -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_image.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_image.tpl
deleted file mode 100644
index 029c93d..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_image.tpl
+++ /dev/null
@@ -1,60 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Resolves an image reference to a string, and its pull policy
-values: |
- images:
- tags:
- test_image: docker.io/port/test:version-foo
- image_foo: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
- pull_policy: IfNotPresent
- local_registry:
- active: true
- exclude:
- - image_foo
- endpoints:
- cluster_domain_suffix: cluster.local
- local_image_registry:
- name: docker-registry
- namespace: docker-registry
- hosts:
- default: localhost
- internal: docker-registry
- node: localhost
- host_fqdn_override:
- default: null
- port:
- registry:
- node: 5000
-usage: |
- {{ tuple . "test_image" | include "helm-toolkit.snippets.image" }}
-return: |
- image: "localhost:5000/docker.io/port/test:version-foo"
- imagePullPolicy: IfNotPresent
-*/}}
-
-{{- define "helm-toolkit.snippets.image" -}}
-{{- $envAll := index . 0 -}}
-{{- $image := index . 1 -}}
-{{- $imageTag := index $envAll.Values.images.tags $image -}}
-{{- if and ($envAll.Values.images.local_registry.active) (not (has $image $envAll.Values.images.local_registry.exclude )) -}}
-{{- $registryPrefix := printf "%s:%s" (tuple "local_image_registry" "node" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup") (tuple "local_image_registry" "node" "registry" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup") -}}
-image: {{ printf "%s/%s" $registryPrefix $imageTag | quote }}
-{{- else -}}
-image: {{ $imageTag | quote }}
-{{- end }}
-imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_keystone_openrc_env_vars.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_keystone_openrc_env_vars.tpl
deleted file mode 100644
index 2f209fe..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_keystone_openrc_env_vars.tpl
+++ /dev/null
@@ -1,142 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Returns a set of container enviorment variables, equivlant to an openrc for
- use with keystone based command line clients.
-values: |
- secrets:
- identity:
- admin: example-keystone-admin
-usage: |
- {{ include "helm-toolkit.snippets.keystone_openrc_env_vars" ( dict "ksUserSecret" .Values.secrets.identity.admin ) }}
-return: |
- - name: OS_IDENTITY_API_VERSION
- value: "3"
- - name: OS_AUTH_URL
- valueFrom:
- secretKeyRef:
- name: example-keystone-admin
- key: OS_AUTH_URL
- - name: OS_REGION_NAME
- valueFrom:
- secretKeyRef:
- name: example-keystone-admin
- key: OS_REGION_NAME
- - name: OS_INTERFACE
- valueFrom:
- secretKeyRef:
- name: example-keystone-admin
- key: OS_INTERFACE
- - name: OS_ENDPOINT_TYPE
- valueFrom:
- secretKeyRef:
- name: example-keystone-admin
- key: OS_INTERFACE
- - name: OS_PROJECT_DOMAIN_NAME
- valueFrom:
- secretKeyRef:
- name: example-keystone-admin
- key: OS_PROJECT_DOMAIN_NAME
- - name: OS_PROJECT_NAME
- valueFrom:
- secretKeyRef:
- name: example-keystone-admin
- key: OS_PROJECT_NAME
- - name: OS_USER_DOMAIN_NAME
- valueFrom:
- secretKeyRef:
- name: example-keystone-admin
- key: OS_USER_DOMAIN_NAME
- - name: OS_USERNAME
- valueFrom:
- secretKeyRef:
- name: example-keystone-admin
- key: OS_USERNAME
- - name: OS_PASSWORD
- valueFrom:
- secretKeyRef:
- name: example-keystone-admin
- key: OS_PASSWORD
- - name: OS_CACERT
- valueFrom:
- secretKeyRef:
- name: example-keystone-admin
- key: OS_CACERT
-*/}}
-
-{{- define "helm-toolkit.snippets.keystone_openrc_env_vars" }}
-{{- $useCA := .useCA -}}
-{{- $ksUserSecret := .ksUserSecret }}
-- name: OS_IDENTITY_API_VERSION
- value: "3"
-- name: OS_AUTH_URL
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_AUTH_URL
-- name: OS_REGION_NAME
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_REGION_NAME
-- name: OS_INTERFACE
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_INTERFACE
-- name: OS_ENDPOINT_TYPE
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_INTERFACE
-- name: OS_PROJECT_DOMAIN_NAME
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_PROJECT_DOMAIN_NAME
-- name: OS_PROJECT_NAME
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_PROJECT_NAME
-- name: OS_USER_DOMAIN_NAME
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_USER_DOMAIN_NAME
-- name: OS_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_USERNAME
-- name: OS_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_PASSWORD
-- name: OS_DEFAULT_DOMAIN
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_DEFAULT_DOMAIN
-{{- if $useCA }}
-- name: OS_CACERT
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_CACERT
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_keystone_secret_openrc.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_keystone_secret_openrc.tpl
deleted file mode 100644
index f627657..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_keystone_secret_openrc.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.snippets.keystone_secret_openrc" }}
-{{- $userClass := index . 0 -}}
-{{- $identityEndpoint := index . 1 -}}
-{{- $context := index . 2 -}}
-{{- $userContext := index $context.Values.endpoints.identity.auth $userClass }}
-OS_AUTH_URL: {{ tuple "identity" $identityEndpoint "api" $context | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc }}
-OS_REGION_NAME: {{ $userContext.region_name | b64enc }}
-OS_INTERFACE: {{ $userContext.interface | default "internal" | b64enc }}
-OS_PROJECT_DOMAIN_NAME: {{ $userContext.project_domain_name | b64enc }}
-OS_PROJECT_NAME: {{ $userContext.project_name | b64enc }}
-OS_USER_DOMAIN_NAME: {{ $userContext.user_domain_name | b64enc }}
-OS_USERNAME: {{ $userContext.username | b64enc }}
-OS_PASSWORD: {{ $userContext.password | b64enc }}
-OS_DEFAULT_DOMAIN: {{ $userContext.default_domain_id | default "default" | b64enc }}
-{{- if $userContext.cacert }}
-OS_CACERT: {{ $userContext.cacert | b64enc }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_keystone_user_create_env_vars.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_keystone_user_create_env_vars.tpl
deleted file mode 100644
index 648711b..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_keystone_user_create_env_vars.tpl
+++ /dev/null
@@ -1,90 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Returns a set of container enviorment variables, for use with the keystone
- user management jobs.
-values: |
- secrets:
- identity:
- service_user: example-keystone-user
-usage: |
- {{ include "helm-toolkit.snippets.keystone_user_create_env_vars" ( dict "ksUserSecret" .Values.secrets.identity.service_user "useCA" true ) }}
-return: |
- - name: SERVICE_OS_REGION_NAME
- valueFrom:
- secretKeyRef:
- name: example-keystone-user
- key: OS_REGION_NAME
- - name: SERVICE_OS_PROJECT_DOMAIN_NAME
- valueFrom:
- secretKeyRef:
- name: example-keystone-user
- key: OS_PROJECT_DOMAIN_NAME
- - name: SERVICE_OS_PROJECT_NAME
- valueFrom:
- secretKeyRef:
- name: example-keystone-user
- key: OS_PROJECT_NAME
- - name: SERVICE_OS_USER_DOMAIN_NAME
- valueFrom:
- secretKeyRef:
- name: example-keystone-user
- key: OS_USER_DOMAIN_NAME
- - name: SERVICE_OS_USERNAME
- valueFrom:
- secretKeyRef:
- name: example-keystone-user
- key: OS_USERNAME
- - name: SERVICE_OS_PASSWORD
- valueFrom:
- secretKeyRef:
- name: example-keystone-user
- key: OS_PASSWORD
-*/}}
-
-{{- define "helm-toolkit.snippets.keystone_user_create_env_vars" }}
-{{- $ksUserSecret := .ksUserSecret }}
-- name: SERVICE_OS_REGION_NAME
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_REGION_NAME
-- name: SERVICE_OS_PROJECT_DOMAIN_NAME
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_PROJECT_DOMAIN_NAME
-- name: SERVICE_OS_PROJECT_NAME
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_PROJECT_NAME
-- name: SERVICE_OS_USER_DOMAIN_NAME
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_USER_DOMAIN_NAME
-- name: SERVICE_OS_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_USERNAME
-- name: SERVICE_OS_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ $ksUserSecret }}
- key: OS_PASSWORD
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_apparmor_configmap.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_apparmor_configmap.tpl
deleted file mode 100644
index 8ca1028..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_apparmor_configmap.tpl
+++ /dev/null
@@ -1,68 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders a configmap used for loading custom AppArmor profiles.
-values: |
- pod:
- mandatory_access_control:
- type: apparmor
- configmap_apparmor: true
- apparmor_profiles: |-
- my_apparmor-v1.profile: |-
- #include <tunables/global>
- profile my-apparmor-v1 flags=(attach_disconnected,mediate_deleted) {
- <profile_data>
- }
-usage: |
- {{ dict "envAll" . "component" "myComponent" | include "helm-toolkit.snippets.kubernetes_apparmor_configmap" }}
-return: |
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: releaseName-myComponent-apparmor
- namespace: myNamespace
-data:
- my_apparmor-v1.profile: |-
- #include <tunables/global>
- profile my-apparmor-v1 flags=(attach_disconnected,mediate_deleted) {
- <profile_data>
- }
-*/}}
-{{- define "helm-toolkit.snippets.kubernetes_apparmor_configmap" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $component := index . "component" -}}
-{{- if hasKey $envAll.Values.pod "mandatory_access_control" -}}
-{{- if hasKey $envAll.Values.pod.mandatory_access_control "type" -}}
-{{- if eq $envAll.Values.pod.mandatory_access_control.type "apparmor" -}}
-{{- if hasKey $envAll.Values.pod.mandatory_access_control "configmap_apparmor" -}}
-{{- if $envAll.Values.pod.mandatory_access_control.configmap_apparmor }}
-{{- $mapName := printf "%s-%s-%s" $envAll.Release.Name $component "apparmor" -}}
-{{- if $envAll.Values.conf.apparmor_profiles }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ $mapName }}
- namespace: {{ $envAll.Release.Namespace }}
-data:
-{{ $envAll.Values.conf.apparmor_profiles | toYaml | indent 2 }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_apparmor_loader_init_container.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_apparmor_loader_init_container.tpl
deleted file mode 100644
index f231fe6..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_apparmor_loader_init_container.tpl
+++ /dev/null
@@ -1,75 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders the init container used for apparmor loading.
-values: |
- images:
- tags:
- apparmor_loader: my-repo.io/apparmor-loader:1.0.0
- pod:
- mandatory_access_control:
- type: apparmor
- configmap_apparmor: true
- apparmor-loader: unconfined
-usage: |
- {{ dict "envAll" . | include "helm-toolkit.snippets.kubernetes_apparmor_loader_init_container" }}
-return: |
- - name: apparmor-loader
- image: my-repo.io/apparmor-loader:1.0.0
- args:
- - /profiles
- securityContext:
- privileged: true
- volumeMounts:
- - name: sys
- mountPath: /sys
- readOnly: true
- - name: includes
- mountPath: /etc/apparmor.d
- readOnly: true
- - name: profiles
- mountPath: /profiles
- readOnly: true
-*/}}
-{{- define "helm-toolkit.snippets.kubernetes_apparmor_loader_init_container" -}}
-{{- $envAll := index . "envAll" -}}
-{{- if hasKey $envAll.Values.pod "mandatory_access_control" -}}
-{{- if hasKey $envAll.Values.pod.mandatory_access_control "type" -}}
-{{- if hasKey $envAll.Values.pod.mandatory_access_control "configmap_apparmor" -}}
-{{- if eq $envAll.Values.pod.mandatory_access_control.type "apparmor" -}}
-{{- if $envAll.Values.pod.mandatory_access_control.configmap_apparmor }}
-- name: apparmor-loader
- image: {{ $envAll.Values.images.tags.apparmor_loader }}
- args:
- - /profiles
- securityContext:
- privileged: true
- volumeMounts:
- - name: sys
- mountPath: /sys
- readOnly: true
- - name: includes
- mountPath: /etc/apparmor.d
- readOnly: true
- - name: profiles
- mountPath: /profiles
- readOnly: true
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_apparmor_volumes.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_apparmor_volumes.tpl
deleted file mode 100644
index baebaa3..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_apparmor_volumes.tpl
+++ /dev/null
@@ -1,68 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders the volumes used by the apparmor loader.
-values: |
- pod:
- mandatory_access_control:
- type: apparmor
- configmap_apparmor: true
-inputs: |
- envAll: "Environment or Context."
- component: "Name of the component used for the name of configMap."
- requireSys: "Boolean. True if it needs the hostpath /sys in volumes."
-usage: |
- {{ dict "envAll" . "component" "keystone" "requireSys" true | include "helm-toolkit.snippets.kubernetes_apparmor_volumes" }}
-return: |
-- name: sys
- hostPath:
- path: /sys
-- name: includes
- hostPath:
- path: /etc/apparmor.d
-- name: profiles
- configMap:
- name: RELEASENAME-keystone-apparmor
- defaultMode: 0555
-*/}}
-{{- define "helm-toolkit.snippets.kubernetes_apparmor_volumes" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $component := index . "component" -}}
-{{- $requireSys := index . "requireSys" | default false -}}
-{{- $configName := printf "%s-%s-%s" $envAll.Release.Name $component "apparmor" -}}
-{{- if hasKey $envAll.Values.pod "mandatory_access_control" -}}
-{{- if hasKey $envAll.Values.pod.mandatory_access_control "type" -}}
-{{- if hasKey $envAll.Values.pod.mandatory_access_control "configmap_apparmor" -}}
-{{- if eq $envAll.Values.pod.mandatory_access_control.type "apparmor" -}}
-{{- if $envAll.Values.pod.mandatory_access_control.configmap_apparmor }}
-{{- if $requireSys }}
-- name: sys
- hostPath:
- path: /sys
-{{- end }}
-- name: includes
- hostPath:
- path: /etc/apparmor.d
-- name: profiles
- configMap:
- name: {{ $configName | quote }}
- defaultMode: 0555
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_container_security_context.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_container_security_context.tpl
deleted file mode 100644
index 4741497..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_container_security_context.tpl
+++ /dev/null
@@ -1,48 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders securityContext for a Kubernetes container.
- For container level, see here: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.13/#securitycontext-v1-core
-examples:
- - values: |
- pod:
- security_context:
- myApp:
- container:
- foo:
- runAsUser: 34356
- readOnlyRootFilesystem: true
- usage: |
- {{ dict "envAll" . "application" "myApp" "container" "foo" | include "helm-toolkit.snippets.kubernetes_container_security_context" }}
- return: |
- securityContext:
- readOnlyRootFilesystem: true
- runAsUser: 34356
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_container_security_context" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $application := index . "application" -}}
-{{- $container := index . "container" -}}
-{{- if hasKey $envAll.Values.pod "security_context" }}
-{{- if hasKey ( index $envAll.Values.pod.security_context ) $application }}
-{{- if hasKey ( index $envAll.Values.pod.security_context $application "container" ) $container }}
-securityContext:
-{{ toYaml ( index $envAll.Values.pod.security_context $application "container" $container ) | indent 2 }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl
deleted file mode 100644
index bed712e..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl
+++ /dev/null
@@ -1,209 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Returns a container definition for use with the kubernetes-entrypoint image
- from stackanetes.
-values: |
- images:
- tags:
- dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
- pull_policy: IfNotPresent
- local_registry:
- active: true
- exclude:
- - dep_check
- dependencies:
- dynamic:
- common:
- local_image_registry:
- jobs:
- - calico-image-repo-sync
- services:
- - endpoint: node
- service: local_image_registry
- static:
- calico_node:
- services:
- - endpoint: internal
- service: etcd
- custom_resources:
- - apiVersion: argoproj.io/v1alpha1
- kind: Workflow
- name: wf-example
- fields:
- - key: "status.phase"
- value: "Succeeded"
- endpoints:
- local_image_registry:
- namespace: docker-registry
- hosts:
- default: localhost
- node: localhost
- etcd:
- hosts:
- default: etcd
- # NOTE (portdirect): if the stanza, or a portion of it, under `pod` is not
- # specififed then the following will be used as defaults:
- # pod:
- # security_context:
- # kubernetes_entrypoint:
- # container:
- # kubernetes_entrypoint:
- # runAsUser: 65534
- # readOnlyRootFilesystem: true
- # allowPrivilegeEscalation: false
- pod:
- security_context:
- kubernetes_entrypoint:
- container:
- kubernetes_entrypoint:
- runAsUser: 0
- readOnlyRootFilesystem: false
-usage: |
- {{ tuple . "calico_node" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" }}
-return: |
- - name: init
- image: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
- imagePullPolicy: IfNotPresent
- securityContext:
- allowPrivilegeEscalation: false
- readOnlyRootFilesystem: false
- runAsUser: 0
-
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.name
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: INTERFACE_NAME
- value: eth0
- - name: PATH
- value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/
- - name: DEPENDENCY_SERVICE
- value: "default:etcd,docker-registry:localhost"
- - name: DEPENDENCY_JOBS
- value: "calico-image-repo-sync"
- - name: DEPENDENCY_DAEMONSET
- value: ""
- - name: DEPENDENCY_CONTAINER
- value: ""
- - name: DEPENDENCY_POD_JSON
- value: ""
- - name: DEPENDENCY_CUSTOM_RESOURCE
- value: "[{\"apiVersion\":\"argoproj.io/v1alpha1\",\"kind\":\"Workflow\",\"namespace\":\"default\",\"name\":\"wf-example\",\"fields\":[{\"key\":\"status.phase\",\"value\":\"Succeeded\"}]}]"
- command:
- - kubernetes-entrypoint
- volumeMounts:
- []
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_entrypoint_init_container._default_security_context" -}}
-Values:
- pod:
- security_context:
- kubernetes_entrypoint:
- container:
- kubernetes_entrypoint:
- runAsUser: 65534
- readOnlyRootFilesystem: true
- allowPrivilegeEscalation: false
-{{- end -}}
-
-{{- define "helm-toolkit.snippets.kubernetes_entrypoint_init_container" -}}
-{{- $envAll := index . 0 -}}
-{{- $component := index . 1 -}}
-{{- $mounts := index . 2 -}}
-
-{{- $_ := set $envAll.Values "__kubernetes_entrypoint_init_container" dict -}}
-{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" dict -}}
-{{- if and ($envAll.Values.images.local_registry.active) (ne $component "image_repo_sync") -}}
-{{- if eq $component "pod_dependency" -}}
-{{- $_ := include "helm-toolkit.utils.merge" ( tuple $envAll.Values.__kubernetes_entrypoint_init_container.deps ( index $envAll.Values.pod_dependency ) $envAll.Values.dependencies.dynamic.common.local_image_registry ) -}}
-{{- else -}}
-{{- $_ := include "helm-toolkit.utils.merge" ( tuple $envAll.Values.__kubernetes_entrypoint_init_container.deps ( index $envAll.Values.dependencies.static $component ) $envAll.Values.dependencies.dynamic.common.local_image_registry ) -}}
-{{- end -}}
-{{- else -}}
-{{- if eq $component "pod_dependency" -}}
-{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" ( index $envAll.Values.pod_dependency ) -}}
-{{- else -}}
-{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" ( index $envAll.Values.dependencies.static $component ) -}}
-{{- end -}}
-{{- end -}}
-
-{{- if and ($envAll.Values.manifests.job_rabbit_init) (hasKey $envAll.Values.dependencies "dynamic") -}}
-{{- if $envAll.Values.dependencies.dynamic.job_rabbit_init -}}
-{{- if eq $component "pod_dependency" -}}
-{{- $_ := include "helm-toolkit.utils.merge" ( tuple $envAll.Values.__kubernetes_entrypoint_init_container.deps ( index $envAll.Values.pod_dependency ) (index $envAll.Values.dependencies.dynamic.job_rabbit_init $component) ) -}}
-{{- else -}}
-{{- $_ := include "helm-toolkit.utils.merge" ( tuple $envAll.Values.__kubernetes_entrypoint_init_container.deps ( index $envAll.Values.dependencies.static $component ) (index $envAll.Values.dependencies.dynamic.job_rabbit_init $component)) -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{- $deps := $envAll.Values.__kubernetes_entrypoint_init_container.deps }}
-{{- range $deps.custom_resources }}
-{{- $_ := set . "namespace" $envAll.Release.Namespace -}}
-{{- end -}}
-{{- $default_security_context := include "helm-toolkit.snippets.kubernetes_entrypoint_init_container._default_security_context" . | fromYaml }}
-{{- $patchedEnvAll := mergeOverwrite $default_security_context $envAll }}
-- name: init
-{{ tuple $envAll "dep_check" | include "helm-toolkit.snippets.image" | indent 2 }}
-{{- dict "envAll" $patchedEnvAll "application" "kubernetes_entrypoint" "container" "kubernetes_entrypoint" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 2 }}
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.name
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- - name: INTERFACE_NAME
- value: eth0
- - name: PATH
- value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/
- - name: DEPENDENCY_SERVICE
- value: "{{ tuple $deps.services $envAll | include "helm-toolkit.utils.comma_joined_service_list" }}"
-{{- if $deps.jobs -}}
- {{- if kindIs "string" (index $deps.jobs 0) }}
- - name: DEPENDENCY_JOBS
- value: "{{ include "helm-toolkit.utils.joinListWithComma" $deps.jobs }}"
- {{- else }}
- - name: DEPENDENCY_JOBS_JSON
- value: {{- toJson $deps.jobs | quote -}}
- {{- end -}}
-{{- end }}
- - name: DEPENDENCY_DAEMONSET
- value: "{{ include "helm-toolkit.utils.joinListWithComma" $deps.daemonset }}"
- - name: DEPENDENCY_CONTAINER
- value: "{{ include "helm-toolkit.utils.joinListWithComma" $deps.container }}"
- - name: DEPENDENCY_POD_JSON
- value: {{ if $deps.pod }}{{ toJson $deps.pod | quote }}{{ else }}""{{ end }}
- - name: DEPENDENCY_CUSTOM_RESOURCE
- value: {{ if $deps.custom_resources }}{{ toJson $deps.custom_resources | quote }}{{ else }}""{{ end }}
- command:
- - kubernetes-entrypoint
- volumeMounts:
-{{ toYaml $mounts | indent 4 }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_kubectl_params.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_kubectl_params.tpl
deleted file mode 100644
index 34a7da3..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_kubectl_params.tpl
+++ /dev/null
@@ -1,20 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_kubectl_params" -}}
-{{- $envAll := index . 0 -}}
-{{- $application := index . 1 -}}
-{{- $component := index . 2 -}}
-{{ print "-l application=" $application " -l component=" $component }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_mandatory_access_control_annotation.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_mandatory_access_control_annotation.tpl
deleted file mode 100644
index 92d3ea5..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_mandatory_access_control_annotation.tpl
+++ /dev/null
@@ -1,60 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders mandatory access control annotations for a list of containers
- driven by values.yaml. As of now, it can only generate an apparmor
- annotation, but in the future could generate others.
-values: |
- pod:
- mandatory_access_control:
- type: apparmor
- myPodName:
- myContainerName: localhost/myAppArmor
- mySecondContainerName: localhost/secondProfile # optional
- myThirdContainerName: localhost/thirdProfile # optional
-usage: |
- {{ dict "envAll" . "podName" "myPodName" "containerNames" (list "myContainerName" "mySecondContainerName" "myThirdContainerName") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" }}
-return: |
- container.apparmor.security.beta.kubernetes.io/myContainerName: localhost/myAppArmor
- container.apparmor.security.beta.kubernetes.io/mySecondContainerName: localhost/secondProfile
- container.apparmor.security.beta.kubernetes.io/myThirdContainerName: localhost/thirdProfile
-note: |
- The number of container underneath is a variable arguments. It loops through
- all the container names specified.
-*/}}
-{{- define "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $podName := index . "podName" -}}
-{{- $containerNames := index . "containerNames" -}}
-{{- if hasKey $envAll.Values.pod "mandatory_access_control" -}}
-{{- if hasKey $envAll.Values.pod.mandatory_access_control "type" -}}
-{{- $macType := $envAll.Values.pod.mandatory_access_control.type -}}
-{{- if $macType -}}
-{{- if eq $macType "apparmor" -}}
-{{- if hasKey $envAll.Values.pod.mandatory_access_control $podName -}}
-{{- range $name := $containerNames -}}
-{{- $apparmorProfile := index $envAll.Values.pod.mandatory_access_control $podName $name -}}
-{{- if $apparmorProfile }}
-container.apparmor.security.beta.kubernetes.io/{{ $name }}: {{ $apparmorProfile }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_metadata_labels.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_metadata_labels.tpl
deleted file mode 100644
index 48b53fa..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_metadata_labels.tpl
+++ /dev/null
@@ -1,51 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders a set of standardised labels
-values: |
- release_group: null
- pod:
- labels:
- default:
- label1.example.com: value
- bar:
- label2.example.com: bar
-usage: |
- {{ tuple . "foo" "bar" | include "helm-toolkit.snippets.kubernetes_metadata_labels" }}
-return: |
- release_group: RELEASE-NAME
- application: foo
- component: bar
- label1.example.com: value
- label2.example.com: bar
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_metadata_labels" -}}
-{{- $envAll := index . 0 -}}
-{{- $application := index . 1 -}}
-{{- $component := index . 2 -}}
-release_group: {{ $envAll.Values.release_group | default $envAll.Release.Name }}
-application: {{ $application }}
-component: {{ $component }}
-{{- if ($envAll.Values.pod).labels }}
-{{- if hasKey $envAll.Values.pod.labels $component }}
-{{ index $envAll.Values.pod "labels" $component | toYaml }}
-{{- end -}}
-{{- if hasKey $envAll.Values.pod.labels "default" }}
-{{ $envAll.Values.pod.labels.default | toYaml }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_anti_affinity.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_anti_affinity.tpl
deleted file mode 100644
index fabbcf8..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_anti_affinity.tpl
+++ /dev/null
@@ -1,89 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders kubernetes anti affinity rules, this function supports both hard
- 'requiredDuringSchedulingIgnoredDuringExecution' and soft
- 'preferredDuringSchedulingIgnoredDuringExecution' types.
-values: |
- pod:
- affinity:
- anti:
- topologyKey:
- default: kubernetes.io/hostname
- type:
- default: requiredDuringSchedulingIgnoredDuringExecution
- weight:
- default: 10
-usage: |
- {{ tuple . "appliction_x" "component_y" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" }}
-return: |
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: release_group
- operator: In
- values:
- - RELEASE-NAME
- - key: application
- operator: In
- values:
- - appliction_x
- - key: component
- operator: In
- values:
- - component_y
- topologyKey: kubernetes.io/hostname
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_pod_anti_affinity._match_expressions" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $application := index . "application" -}}
-{{- $component := index . "component" -}}
-{{- $expressionRelease := dict "key" "release_group" "operator" "In" "values" ( list ( $envAll.Values.release_group | default $envAll.Release.Name ) ) -}}
-{{- $expressionApplication := dict "key" "application" "operator" "In" "values" ( list $application ) -}}
-{{- $expressionComponent := dict "key" "component" "operator" "In" "values" ( list $component ) -}}
-{{- list $expressionRelease $expressionApplication $expressionComponent | toYaml }}
-{{- end -}}
-
-{{- define "helm-toolkit.snippets.kubernetes_pod_anti_affinity" -}}
-{{- $envAll := index . 0 -}}
-{{- $application := index . 1 -}}
-{{- $component := index . 2 -}}
-{{- $antiAffinityType := index $envAll.Values.pod.affinity.anti.type $component | default $envAll.Values.pod.affinity.anti.type.default }}
-{{- $antiAffinityKey := index $envAll.Values.pod.affinity.anti.topologyKey $component | default $envAll.Values.pod.affinity.anti.topologyKey.default }}
-podAntiAffinity:
-{{- $matchExpressions := include "helm-toolkit.snippets.kubernetes_pod_anti_affinity._match_expressions" ( dict "envAll" $envAll "application" $application "component" $component ) -}}
-{{- if eq $antiAffinityType "preferredDuringSchedulingIgnoredDuringExecution" }}
- {{ $antiAffinityType }}:
- - podAffinityTerm:
- labelSelector:
- matchExpressions:
-{{ $matchExpressions | indent 10 }}
- topologyKey: {{ $antiAffinityKey }}
-{{- if $envAll.Values.pod.affinity.anti.weight }}
- weight: {{ index $envAll.Values.pod.affinity.anti.weight $component | default $envAll.Values.pod.affinity.anti.weight.default }}
-{{- else }}
- weight: 10
-{{- end -}}
-{{- else if eq $antiAffinityType "requiredDuringSchedulingIgnoredDuringExecution" }}
- {{ $antiAffinityType }}:
- - labelSelector:
- matchExpressions:
-{{ $matchExpressions | indent 8 }}
- topologyKey: {{ $antiAffinityKey }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_image_pull_secret.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_image_pull_secret.tpl
deleted file mode 100644
index 74173dc..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_image_pull_secret.tpl
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders image pull secrets for a pod
-values: |
- pod:
- image_pull_secrets:
- default:
- - name: some-pull-secret
- bar:
- - name: another-pull-secret
-usage: |
- {{ tuple . "bar" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" }}
-return: |
- imagePullSecrets:
- - name: some-pull-secret
- - name: another-pull-secret
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_image_pull_secrets" -}}
-{{- $envAll := index . 0 -}}
-{{- $application := index . 1 -}}
-{{- if ($envAll.Values.pod).image_pull_secrets }}
-imagePullSecrets:
-{{- if hasKey $envAll.Values.pod.image_pull_secrets $application }}
-{{ index $envAll.Values.pod "image_pull_secrets" $application | toYaml | indent 2 }}
-{{- end -}}
-{{- if hasKey $envAll.Values.pod.image_pull_secrets "default" }}
-{{ $envAll.Values.pod.image_pull_secrets.default | toYaml | indent 2 }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
deleted file mode 100644
index 90a7a65..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_roles.tpl
+++ /dev/null
@@ -1,69 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_pod_rbac_roles" -}}
-{{- $envAll := index . 0 -}}
-{{- $deps := index . 1 -}}
-{{- $saName := index . 2 | replace "_" "-" }}
-{{- $saNamespace := index . 3 -}}
-{{- $releaseName := $envAll.Release.Name }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ $releaseName }}-{{ $saName }}
- namespace: {{ $saNamespace }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ $releaseName }}-{{ $saNamespace }}-{{ $saName }}
-subjects:
- - kind: ServiceAccount
- name: {{ $saName }}
- namespace: {{ $saNamespace }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ $releaseName }}-{{ $saNamespace }}-{{ $saName }}
- namespace: {{ $saNamespace }}
-rules:
- - apiGroups:
- - ""
- - extensions
- - batch
- - apps
- verbs:
- - get
- - list
- resources:
- {{- range $k, $v := $deps -}}
- {{ if eq $v "daemonsets" }}
- - daemonsets
- {{- end -}}
- {{ if eq $v "jobs" }}
- - jobs
- {{- end -}}
- {{ if or (eq $v "pods") (eq $v "daemonsets") (eq $v "jobs") }}
- - pods
- {{- end -}}
- {{ if eq $v "services" }}
- - services
- - endpoints
- {{- end -}}
- {{ if eq $v "secrets" }}
- - secrets
- {{- end -}}
- {{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
deleted file mode 100644
index bc2045e..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
+++ /dev/null
@@ -1,75 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" -}}
-{{- $envAll := index . 0 -}}
-{{- $component := index . 1 -}}
-{{- $saName := index . 2 -}}
-{{- $saNamespace := $envAll.Release.Namespace }}
-{{- $randomKey := randAlphaNum 32 }}
-{{- $allNamespace := dict $randomKey "" }}
-
-{{- $_ := set $envAll.Values "__kubernetes_entrypoint_init_container" dict -}}
-{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" dict -}}
-{{- if and ($envAll.Values.images.local_registry.active) (ne $component "image_repo_sync") -}}
-{{- if eq $component "pod_dependency" -}}
-{{- $_ := include "helm-toolkit.utils.merge" ( tuple $envAll.Values.__kubernetes_entrypoint_init_container.deps ( index $envAll.Values.pod_dependency ) $envAll.Values.dependencies.dynamic.common.local_image_registry ) -}}
-{{- else -}}
-{{- $_ := include "helm-toolkit.utils.merge" ( tuple $envAll.Values.__kubernetes_entrypoint_init_container.deps ( index $envAll.Values.dependencies.static $component ) $envAll.Values.dependencies.dynamic.common.local_image_registry ) -}}
-{{- end -}}
-{{- else -}}
-{{- if eq $component "pod_dependency" -}}
-{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" ( index $envAll.Values.pod_dependency ) -}}
-{{- else -}}
-{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" ( index $envAll.Values.dependencies.static $component ) -}}
-{{- end -}}
-{{- end -}}
-{{- $deps := $envAll.Values.__kubernetes_entrypoint_init_container.deps }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ $saName }}
- namespace: {{ $saNamespace }}
-{{- if $envAll.Values.manifests.secret_registry }}
-{{- if $envAll.Values.endpoints.oci_image_registry.auth.enabled }}
-imagePullSecrets:
- - name: {{ index $envAll.Values.secrets.oci_image_registry $envAll.Chart.Name }}
-{{- end -}}
-{{- end -}}
-{{- range $k, $v := $deps -}}
-{{- if eq $k "services" }}
-{{- range $serv := $v }}
-{{- $endpointMap := index $envAll.Values.endpoints $serv.service }}
-{{- $endpointNS := $endpointMap.namespace | default $saNamespace }}
-{{- if not (contains "services" ((index $allNamespace $endpointNS) | default "")) }}
-{{- $_ := set $allNamespace $endpointNS (printf "%s%s" "services," ((index $allNamespace $endpointNS) | default "")) }}
-{{- end -}}
-{{- end -}}
-{{- else if and (eq $k "jobs") $v }}
-{{- $_ := set $allNamespace $saNamespace (printf "%s%s" "jobs," ((index $allNamespace $saNamespace) | default "")) }}
-{{- else if and (eq $k "daemonset") $v }}
-{{- $_ := set $allNamespace $saNamespace (printf "%s%s" "daemonsets," ((index $allNamespace $saNamespace) | default "")) }}
-{{- else if and (eq $k "pod") $v }}
-{{- $_ := set $allNamespace $saNamespace (printf "%s%s" "pods," ((index $allNamespace $saNamespace) | default "")) }}
-{{- else if and (eq $k "secret") $v }}
-{{- $_ := set $allNamespace $saNamespace (printf "%s%s" "secrets," ((index $allNamespace $saNamespace) | default "")) }}
-{{- end -}}
-{{- end -}}
-{{- $_ := unset $allNamespace $randomKey }}
-{{- range $ns, $vv := $allNamespace }}
-{{- $resourceList := (splitList "," (trimSuffix "," $vv)) }}
-{{- tuple $envAll $resourceList $saName $ns | include "helm-toolkit.snippets.kubernetes_pod_rbac_roles" }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_security_context.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_security_context.tpl
deleted file mode 100644
index 3a4fbaa..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_pod_security_context.tpl
+++ /dev/null
@@ -1,67 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders securityContext for a Kubernetes pod.
- For pod level, seurity context see here: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.13/#podsecuritycontext-v1-core
-examples:
- - values: |
- pod:
- # NOTE: The 'user' key is deprecated, and will be removed shortly.
- user:
- myApp:
- uid: 34356
- security_context:
- myApp:
- pod:
- runAsNonRoot: true
- usage: |
- {{ dict "envAll" . "application" "myApp" | include "helm-toolkit.snippets.kubernetes_pod_security_context" }}
- return: |
- securityContext:
- runAsUser: 34356
- runAsNonRoot: true
- - values: |
- pod:
- security_context:
- myApp:
- pod:
- runAsUser: 34356
- runAsNonRoot: true
- usage: |
- {{ dict "envAll" . "application" "myApp" | include "helm-toolkit.snippets.kubernetes_pod_security_context" }}
- return: |
- securityContext:
- runAsNonRoot: true
- runAsUser: 34356
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_pod_security_context" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $application := index . "application" -}}
-securityContext:
-{{- if hasKey $envAll.Values.pod "user" }}
-{{- if hasKey $envAll.Values.pod.user $application }}
-{{- if hasKey ( index $envAll.Values.pod.user $application ) "uid" }}
- runAsUser: {{ index $envAll.Values.pod.user $application "uid" }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- if hasKey $envAll.Values.pod "security_context" }}
-{{- if hasKey ( index $envAll.Values.pod.security_context ) $application }}
-{{ toYaml ( index $envAll.Values.pod.security_context $application "pod" ) | indent 2 }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_probes.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_probes.tpl
deleted file mode 100644
index 7470760..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_probes.tpl
+++ /dev/null
@@ -1,55 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders kubernetes liveness and readiness probes for containers
-values: |
- pod:
- probes:
- api:
- default:
- readiness:
- enabled: true
- params:
- initialDelaySeconds: 30
- timeoutSeconds: 30
-usage: |
- {{- define "probeTemplate" }}
- httpGet:
- path: /status
- port: 9090
- {{- end }}
- {{ dict "envAll" . "component" "api" "container" "default" "type" "readiness" "probeTemplate" (include "probeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" }}
-return: |
- readinessProbe:
- httpGet:
- path: /status
- port: 9090
- initialDelaySeconds: 30
- timeoutSeconds: 30
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_probe" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $component := index . "component" -}}
-{{- $container := index . "container" -}}
-{{- $type := index . "type" -}}
-{{- $probeTemplate := index . "probeTemplate" -}}
-{{- $probeOpts := index $envAll.Values.pod.probes $component $container $type -}}
-{{- if $probeOpts.enabled -}}
-{{- $probeOverides := index $probeOpts "params" | default dict -}}
-{{ dict ( printf "%sProbe" $type ) (mergeOverwrite $probeTemplate $probeOverides ) | toYaml }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_resources.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_resources.tpl
deleted file mode 100644
index 24d30cf..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_resources.tpl
+++ /dev/null
@@ -1,53 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-Note: This function is deprecated and will be removed in the future.
-
-abstract: |
- Renders kubernetes resource limits for pods
-values: |
- pod:
- resources:
- enabled: true
- api:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- hugepages-1Gi: "1Gi"
-
-usage: |
- {{ include "helm-toolkit.snippets.kubernetes_resources" ( tuple . .Values.pod.resources.api ) }}
-return: |
- resources:
- limits:
- cpu: "2000m"
- memory: "1024Mi"
- hugepages-1Gi: "1Gi"
- requests:
- cpu: "100m"
- memory: "128Mi
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_resources" -}}
-{{- $envAll := index . 0 -}}
-{{- $component := index . 1 -}}
-{{- if $envAll.Values.pod.resources.enabled -}}
-resources:
-{{ toYaml $component | trim | indent 2 }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_seccomp_annotation.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_seccomp_annotation.tpl
deleted file mode 100644
index 555ffb0..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_seccomp_annotation.tpl
+++ /dev/null
@@ -1,47 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders seccomp annotations for a list of containers driven by values.yaml.
-values: |
- pod:
- seccomp:
- myPodName:
- myContainerName: localhost/mySeccomp
- mySecondContainerName: localhost/secondProfile # optional
- myThirdContainerName: localhost/thirdProfile # optional
-usage: |
- {{ dict "envAll" . "podName" "myPodName" "containerNames" (list "myContainerName" "mySecondContainerName" "myThirdContainerName") | include "helm-toolkit.snippets.kubernetes_seccomp_annotation" }}
-return: |
- container.seccomp.security.alpha.kubernetes.io/myContainerName: localhost/mySeccomp
- container.seccomp.security.alpha.kubernetes.io/mySecondContainerName: localhost/secondProfile
- container.seccomp.security.alpha.kubernetes.io/myThirdContainerName: localhost/thirdProfile
-note: |
- The number of container underneath is a variable arguments. It loops through
- all the container names specified.
-*/}}
-{{- define "helm-toolkit.snippets.kubernetes_seccomp_annotation" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $podName := index . "podName" -}}
-{{- $containerNames := index . "containerNames" -}}
-{{- if hasKey (index $envAll.Values.pod "seccomp") $podName -}}
-{{- range $name := $containerNames -}}
-{{- $seccompProfile := index $envAll.Values.pod.seccomp $podName $name -}}
-{{- if $seccompProfile }}
-container.seccomp.security.alpha.kubernetes.io/{{ $name }}: {{ $seccompProfile }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_tolerations.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_tolerations.tpl
deleted file mode 100644
index e4af6a6..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_tolerations.tpl
+++ /dev/null
@@ -1,45 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders kubernetes tolerations for pods
-values: |
- pod:
- tolerations:
- api:
- enabled: true
- tolerations:
- - key: node-role.kubernetes.io/master
- operator: Exists
- - key: node-role.kubernetes.io/node
- operator: Exists
-
-usage: |
- {{ include "helm-toolkit.snippets.kubernetes_tolerations" ( tuple . .Values.pod.tolerations.api ) }}
-return: |
- tolerations:
- - key: node-role.kubernetes.io/master
- operator: Exists
- - key: node-role.kubernetes.io/node
- operator: Exists
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_tolerations" -}}
-{{- $envAll := index . 0 -}}
-{{- $component := index . 1 -}}
-{{- $pod := index $envAll.Values.pod.tolerations $component }}
-tolerations:
-{{ toYaml $pod.tolerations }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_upgrades_daemonset.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_upgrades_daemonset.tpl
deleted file mode 100644
index 69cee47..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_upgrades_daemonset.tpl
+++ /dev/null
@@ -1,33 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_upgrades_daemonset" -}}
-{{- $envAll := index . 0 -}}
-{{- $component := index . 1 -}}
-{{- $upgradeMap := index $envAll.Values.pod.lifecycle.upgrades.daemonsets $component -}}
-{{- $pod_replacement_strategy := $envAll.Values.pod.lifecycle.upgrades.daemonsets.pod_replacement_strategy -}}
-{{- with $upgradeMap -}}
-{{- if .enabled }}
-minReadySeconds: {{ .min_ready_seconds }}
-updateStrategy:
- type: {{ $pod_replacement_strategy }}
- {{- if $pod_replacement_strategy }}
- {{- if eq $pod_replacement_strategy "RollingUpdate" }}
- rollingUpdate:
- maxUnavailable: {{ .max_unavailable }}
- {{- end }}
- {{- end }}
-{{- end }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_upgrades_deployment.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_upgrades_deployment.tpl
deleted file mode 100644
index be28cdb..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_upgrades_deployment.tpl
+++ /dev/null
@@ -1,27 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_upgrades_deployment" -}}
-{{- $envAll := index . 0 -}}
-{{- with $envAll.Values.pod.lifecycle.upgrades.deployments -}}
-revisionHistoryLimit: {{ .revision_history }}
-strategy:
- type: {{ .pod_replacement_strategy }}
- {{- if eq .pod_replacement_strategy "RollingUpdate" }}
- rollingUpdate:
- maxUnavailable: {{ .rolling_update.max_unavailable }}
- maxSurge: {{ .rolling_update.max_surge }}
- {{- end }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_upgrades_statefulset.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_upgrades_statefulset.tpl
deleted file mode 100644
index f897023..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_kubernetes_upgrades_statefulset.tpl
+++ /dev/null
@@ -1,51 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders upgradeStrategy configuration for Kubernetes statefulsets.
- See: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets
- Types:
- - RollingUpdate (default)
- - OnDelete
- Partitions:
- - Stage updates to a statefulset by keeping pods at current version while
- allowing mutations to statefulset's .spec.template
-values: |
- pod:
- lifecycle:
- upgrades:
- statefulsets:
- pod_replacement_strategy: RollingUpdate
- partition: 2
-usage: |
- {{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_statefulset" | indent 2 }}
-return: |
- updateStrategy:
- type: RollingUpdate
- rollingUpdate:
- partition: 2
-*/}}
-
-{{- define "helm-toolkit.snippets.kubernetes_upgrades_statefulset" -}}
-{{- $envAll := index . 0 -}}
-{{- with $envAll.Values.pod.lifecycle.upgrades.statefulsets -}}
-updateStrategy:
- type: {{ .pod_replacement_strategy }}
- {{ if .partition -}}
- rollingUpdate:
- partition: {{ .partition }}
- {{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_mon_host_from_k8s_ep.sh.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_mon_host_from_k8s_ep.sh.tpl
deleted file mode 100644
index fc74c6f..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_mon_host_from_k8s_ep.sh.tpl
+++ /dev/null
@@ -1,68 +0,0 @@
-{{- define "helm-toolkit.snippets.mon_host_from_k8s_ep" -}}
-{{/*
-
-Inserts a bash function definition mon_host_from_k8s_ep() which can be used
-to construct a mon_hosts value from the given namespaced endpoint.
-
-Usage (e.g. in _script.sh.tpl):
- #!/bin/bash
-
- : "${NS:=ceph}"
- : "${EP:=ceph-mon-discovery}"
-
- {{ include "helm-toolkit.snippets.mon_host_from_k8s_ep" . }}
-
- MON_HOST=$(mon_host_from_k8s_ep "$NS" "$EP")
-
- if [ -z "$MON_HOST" ]; then
- # deal with failure
- else
- sed -i -e "s/^mon_host = /mon_host = $MON_HOST/" /etc/ceph/ceph.conf
- fi
-*/}}
-{{`
-# Construct a mon_hosts value from the given namespaced endpoint
-# IP x.x.x.x with port p named "mon-msgr2" will appear as [v2:x.x.x.x/p/0]
-# IP x.x.x.x with port q named "mon" will appear as [v1:x.x.x.x/q/0]
-# IP x.x.x.x with ports p and q will appear as [v2:x.x.x.x/p/0,v1:x.x.x.x/q/0]
-# The entries for all IPs will be joined with commas
-mon_host_from_k8s_ep() {
- local ns=$1
- local ep=$2
-
- if [ -z "$ns" ] || [ -z "$ep" ]; then
- return 1
- fi
-
- # We don't want shell expansion for the go-template expression
- # shellcheck disable=SC2016
- kubectl get endpoints -n "$ns" "$ep" -o go-template='
- {{- $sep := "" }}
- {{- range $_,$s := .subsets }}
- {{- $v2port := 0 }}
- {{- $v1port := 0 }}
- {{- range $_,$port := index $s "ports" }}
- {{- if (eq $port.name "mon-msgr2") }}
- {{- $v2port = $port.port }}
- {{- else if (eq $port.name "mon") }}
- {{- $v1port = $port.port }}
- {{- end }}
- {{- end }}
- {{- range $_,$address := index $s "addresses" }}
- {{- $v2endpoint := printf "v2:%s:%d/0" $address.ip $v2port }}
- {{- $v1endpoint := printf "v1:%s:%d/0" $address.ip $v1port }}
- {{- if (and $v2port $v1port) }}
- {{- printf "%s[%s,%s]" $sep $v2endpoint $v1endpoint }}
- {{- $sep = "," }}
- {{- else if $v2port }}
- {{- printf "%s[%s]" $sep $v2endpoint }}
- {{- $sep = "," }}
- {{- else if $v1port }}
- {{- printf "%s[%s]" $sep $v1endpoint }}
- {{- $sep = "," }}
- {{- end }}
- {{- end }}
- {{- end }}'
-}
-`}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_prometheus_pod_annotations.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_prometheus_pod_annotations.tpl
deleted file mode 100644
index fec41f8..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_prometheus_pod_annotations.tpl
+++ /dev/null
@@ -1,33 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# Appends annotations for configuring prometheus scrape jobs via pod
-# annotations. The required annotations are:
-# * `prometheus.io/scrape`: Only scrape pods that have a value of `true`
-# * `prometheus.io/path`: If the metrics path is not `/metrics` override this.
-# * `prometheus.io/port`: Scrape the pod on the indicated port instead of the
-# pod's declared ports (default is a port-free target if none are declared).
-
-{{- define "helm-toolkit.snippets.prometheus_pod_annotations" -}}
-{{- $config := index . 0 -}}
-{{- if $config.scrape }}
-prometheus.io/scrape: {{ $config.scrape | quote }}
-{{- end }}
-{{- if $config.path }}
-prometheus.io/path: {{ $config.path | quote }}
-{{- end }}
-{{- if $config.port }}
-prometheus.io/port: {{ $config.port | quote }}
-{{- end }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_prometheus_service_annotations.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_prometheus_service_annotations.tpl
deleted file mode 100644
index a827c4b..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_prometheus_service_annotations.tpl
+++ /dev/null
@@ -1,35 +0,0 @@
-{{/*
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# Appends annotations for configuring prometheus scrape endpoints via
-# annotations. The required annotations are:
-# * `prometheus.io/scrape`: Only scrape services that have a value of `true`
-# * `prometheus.io/scheme`: If the metrics endpoint is secured then you will need
-# to set this to `https` & most likely set the `tls_config` of the scrape config.
-# * `prometheus.io/path`: If the metrics path is not `/metrics` override this.
-# * `prometheus.io/port`: If the metrics are exposed on a different port to the
-# service then set this appropriately.
-
-{{- define "helm-toolkit.snippets.prometheus_service_annotations" -}}
-{{- $config := index . 0 -}}
-{{- if $config.scrape }}
-prometheus.io/scrape: {{ $config.scrape | quote }}
-{{- end }}
-{{- if $config.scheme }}
-prometheus.io/scheme: {{ $config.scheme | quote }}
-{{- end }}
-{{- if $config.path }}
-prometheus.io/path: {{ $config.path | quote }}
-{{- end }}
-{{- if $config.port }}
-prometheus.io/port: {{ $config.port | quote }}
-{{- end }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_release_uuid.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_release_uuid.tpl
deleted file mode 100644
index 253920b..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_release_uuid.tpl
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Reneders an attonation key and value for a release
-values: |
- release_uuid: null
-usage: |
- {{ tuple . | include "helm-toolkit.snippets.release_uuid" }}
-return: |
- "openstackhelm.openstack.org/release_uuid": ""
-*/}}
-
-{{- define "helm-toolkit.snippets.release_uuid" -}}
-{{- $envAll := index . 0 -}}
-"openstackhelm.openstack.org/release_uuid": {{ $envAll.Values.release_uuid | default "" | quote }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_admin_env_vars.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_admin_env_vars.tpl
deleted file mode 100644
index a3169ce..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_admin_env_vars.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.snippets.rgw_s3_admin_env_vars" }}
-{{- $s3AdminSecret := .s3AdminSecret }}
-- name: S3_ADMIN_USERNAME
- valueFrom:
- secretKeyRef:
- name: {{ $s3AdminSecret }}
- key: S3_ADMIN_USERNAME
-- name: S3_ADMIN_ACCESS_KEY
- valueFrom:
- secretKeyRef:
- name: {{ $s3AdminSecret }}
- key: S3_ADMIN_ACCESS_KEY
-- name: S3_ADMIN_SECRET_KEY
- valueFrom:
- secretKeyRef:
- name: {{ $s3AdminSecret }}
- key: S3_ADMIN_SECRET_KEY
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_bucket_user_env_vars_rook.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_bucket_user_env_vars_rook.tpl
deleted file mode 100644
index 08521e0..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_bucket_user_env_vars_rook.tpl
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.snippets.rgw_s3_bucket_user_env_vars_rook" }}
-{{- range $s3Bucket := .Values.storage.s3.buckets }}
-- name: {{ printf "%s_S3_ACCESS_KEY" ($s3Bucket.client | replace "-" "_" | upper) }}
- valueFrom:
- secretKeyRef:
- name: {{ $s3Bucket.name }}
- key: AWS_ACCESS_KEY_ID
-- name: {{ printf "%s_S3_SECRET_KEY" ($s3Bucket.client | replace "-" "_" | upper) }}
- valueFrom:
- secretKeyRef:
- name: {{ $s3Bucket.name }}
- key: AWS_SECRET_ACCESS_KEY
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_secret_creds.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_secret_creds.tpl
deleted file mode 100644
index a611a5e..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_secret_creds.tpl
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.snippets.rgw_s3_secret_creds" }}
-{{- range $client, $config := .Values.storage.s3.clients -}}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ printf "%s-s3-user-secret" ( $client | replace "_" "-" | lower ) }}
-type: Opaque
-data:
-{{- range $key, $value := $config.auth }}
- {{ $key | upper }}: {{ $value | toString | b64enc}}
-{{- end }}
-
-{{ end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_user_env_vars.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_user_env_vars.tpl
deleted file mode 100644
index a3dd431..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_rgw_s3_user_env_vars.tpl
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.snippets.rgw_s3_user_env_vars" }}
-{{- range $client, $user := .Values.storage.s3.clients }}
-{{- $s3secret := printf "%s-s3-user-secret" ( $client | replace "_" "-" | lower ) }}
-- name: {{ printf "%s_S3_USERNAME" ($client | replace "-" "_" | upper) }}
- valueFrom:
- secretKeyRef:
- name: {{ $s3secret }}
- key: USERNAME
-- name: {{ printf "%s_S3_ACCESS_KEY" ($client | replace "-" "_" | upper) }}
- valueFrom:
- secretKeyRef:
- name: {{ $s3secret }}
- key: ACCESS_KEY
-- name: {{ printf "%s_S3_SECRET_KEY" ($client | replace "-" "_" | upper) }}
- valueFrom:
- secretKeyRef:
- name: {{ $s3secret }}
- key: SECRET_KEY
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_tls_volume.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_tls_volume.tpl
deleted file mode 100644
index 41fe3d9..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_tls_volume.tpl
+++ /dev/null
@@ -1,47 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-{{/*
-abstract: |
- Renders a secret volume for tls.
-
- Dictionary Parameters:
- enabled: boolean check if you want to conditional disable this snippet (optional)
- name: name of the volume (required)
- secretName: name of a kuberentes/tls secret, if not specified, use the volume name (optional)
-
-values: |
- manifests:
- certificates: true
-
-usage: |
- {{- $opts := dict "enabled" "true" "name" "glance-tls-api" -}}
- {{- $opts | include "helm-toolkit.snippets.tls_volume" -}}
-
-return: |
- - name: glance-tls-api
- secret:
- secretName: glance-tls-api
- defaultMode: 292
-*/}}
-{{- define "helm-toolkit.snippets.tls_volume" }}
-{{- $enabled := index . "enabled" -}}
-{{- $name := index . "name" -}}
-{{- $secretName := index . "secretName" | default $name -}}
-{{- if and $enabled (ne $name "") }}
-- name: {{ $name }}
- secret:
- secretName: {{ $secretName }}
- defaultMode: 292
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_tls_volume_mount.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_tls_volume_mount.tpl
deleted file mode 100644
index 9cfa819..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_tls_volume_mount.tpl
+++ /dev/null
@@ -1,82 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-{{/*
-abstract: |
- Renders a volume mount for TLS key, cert and CA.
-
- Dictionary Parameters:
- enabled: boolean check if you want to conditional disable this snippet (optional)
- name: name that of the volume and should match the volume name (required)
- path: path to place tls.crt tls.key ca.crt, do not suffix with '/' (required)
- certs: a tuple containing a nonempty subset of {tls.crt, tls.key, ca.crt}.
- the default is the full set. (optional)
-
-values: |
- manifests:
- certificates: true
-
-usage: |
- {{- $opts := dict "enabled" .Values.manifests.certificates "name" "glance-tls-api" "path" "/etc/glance/certs" -}}
- {{- $opts | include "helm-toolkit.snippets.tls_volume_mount" -}}
-
-return: |
- - name: glance-tls-api
- mountPath: /etc/glance/certs/tls.crt
- subPath: tls.crt
- readOnly: true
- - name: glance-tls-api
- mountPath: /etc/glance/certs/tls.key
- subPath: tls.key
- readOnly: true
- - name: glance-tls-api
- mountPath: /etc/glance/certs/ca.crt
- subPath: ca.crt
- readOnly: true
-
-abstract: |
- This mounts a specific issuing CA only for service validation
-
-usage: |
- {{- $opts := dict "enabled" .Values.manifests.certificates "name" "glance-tls-api" "ca" true -}}
- {{- $opts | include "helm-toolkit.snippets.tls_volume_mount" -}}
-
-return: |
- - name: glance-tls-api
- mountPath: /etc/ssl/certs/openstack-helm.crt
- subPath: ca.crt
- readOnly: true
-*/}}
-{{- define "helm-toolkit.snippets.tls_volume_mount" }}
-{{- $enabled := index . "enabled" -}}
-{{- $name := index . "name" -}}
-{{- $path := index . "path" | default "" -}}
-{{- $certs := index . "certs" | default ( tuple "tls.crt" "tls.key" "ca.crt" ) }}
-{{- if $enabled }}
-{{- if and (eq $path "") (ne $name "") }}
-- name: {{ $name }}
- mountPath: "/etc/ssl/certs/openstack-helm.crt"
- subPath: ca.crt
- readOnly: true
-{{- else }}
-{{- if ne $name "" }}
-{{- range $key, $value := $certs }}
-- name: {{ $name }}
- mountPath: {{ printf "%s/%s" $path $value }}
- subPath: {{ $value }}
- readOnly: true
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/snippets/_values_template_renderer.tpl b/charts/senlin/charts/helm-toolkit/templates/snippets/_values_template_renderer.tpl
deleted file mode 100644
index 6e9d5a1..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/snippets/_values_template_renderer.tpl
+++ /dev/null
@@ -1,87 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Renders out configuration sections into a format suitable for incorporation
- into a config-map. Allowing various forms of input to be rendered out as
- appropriate.
-values: |
- conf:
- inputs:
- - foo
- - bar
- some:
- config_to_render: |
- #We can use all of gotpl here: eg macros, ranges etc.
- {{ include "helm-toolkit.utils.joinListWithComma" .Values.conf.inputs }}
- config_to_complete:
- #here we can fill out params, but things need to be valid yaml as input
- '{{ .Release.Name }}': '{{ printf "%s-%s" .Release.Namespace "namespace" }}'
- static_config:
- #this is just passed though as yaml to the configmap
- foo: bar
-usage: |
- {{- $envAll := . }}
- ---
- apiVersion: v1
- kind: ConfigMap
- metadata:
- name: application-etc
- data:
- {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.some.config_to_render "key" "config_to_render.conf") | indent 2 }}
- {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.some.config_to_complete "key" "config_to_complete.yaml") | indent 2 }}
- {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.some.static_config "key" "static_config.yaml") | indent 2 }}
-return: |
- ---
- apiVersion: v1
- kind: ConfigMap
- metadata:
- name: application-etc
- data:
- config_to_render.conf: |
- #We can use all of gotpl here: eg macros, ranges etc.
- foo,bar
-
- config_to_complete.yaml: |
- 'RELEASE-NAME': 'default-namespace'
-
- static_config.yaml: |
- foo: bar
-*/}}
-
-{{- define "helm-toolkit.snippets.values_template_renderer" -}}
-{{- $envAll := index . "envAll" -}}
-{{- $template := index . "template" -}}
-{{- $key := index . "key" -}}
-{{- $format := index . "format" | default "configMap" -}}
-{{- with $envAll -}}
-{{- $templateRendered := tpl ( $template | toYaml ) . }}
-{{- if eq $format "Secret" }}
-{{- if hasPrefix "|\n" $templateRendered }}
-{{ $key }}: {{ regexReplaceAllLiteral "\n " ( $templateRendered | trimPrefix "|\n" | trimPrefix " " ) "\n" | b64enc }}
-{{- else }}
-{{ $key }}: {{ $templateRendered | b64enc }}
-{{- end -}}
-{{- else }}
-{{- if hasPrefix "|\n" $templateRendered }}
-{{ $key }}: |
-{{ regexReplaceAllLiteral "\n " ( $templateRendered | trimPrefix "|\n" | trimPrefix " " ) "\n" | indent 2 }}
-{{- else }}
-{{ $key }}: |
-{{ $templateRendered | indent 2 }}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/tls/_tls_generate_certs.tpl b/charts/senlin/charts/helm-toolkit/templates/tls/_tls_generate_certs.tpl
deleted file mode 100644
index 6d617a1..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/tls/_tls_generate_certs.tpl
+++ /dev/null
@@ -1,94 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Produces a certificate from a certificate authority. If the "encode" parameter
- is true, base64 encode the values for inclusion in a Kubernetes secret.
-values: |
- test:
- hosts:
- names:
- - barbican.openstackhelm.example
- - barbican.openstack.svc.cluster.local
- ips:
- - 127.0.0.1
- - 192.168.0.1
- life: 3
- # Use ca.crt and ca.key to build a customized ca, if they are provided.
- # Use hosts.names[0] and life to auto-generate a ca, if ca is not provided.
- ca:
- crt: |
- <CA CRT>
- key: |
- <CA PRIVATE KEY>
-usage: |
- {{ include "helm-toolkit.utils.tls_generate_certs" (dict "params" .Values.test) }}
-return: |
- ca: |
- <CA CRT>
- crt: |
- <CRT>
- exp: 2018-09-01T10:56:07.895392915-00:00
- key: |
- <CRT PRIVATE KEY>
-*/}}
-
-{{- define "helm-toolkit.utils.tls_generate_certs" -}}
-{{- $params := index . "params" -}}
-{{- $encode := index . "encode" | default false -}}
-{{- $local := dict -}}
-
-{{- $_hosts := $params.hosts.names | default list }}
-{{- if kindIs "string" $params.hosts.names }}
-{{- $_ := set $local "certHosts" (list $params.hosts.names) }}
-{{- else }}
-{{- $_ := set $local "certHosts" $_hosts }}
-{{- end }}
-
-{{- $_ips := $params.hosts.ips | default list }}
-{{- if kindIs "string" $params.hosts.ips }}
-{{- $_ := set $local "certIps" (list $params.hosts.ips) }}
-{{- else }}
-{{- $_ := set $local "certIps" $_ips }}
-{{- end }}
-
-{{- if hasKey $params "ca" }}
-{{- if and (hasKey $params.ca "crt") (hasKey $params.ca "key") }}
-{{- $ca := buildCustomCert ($params.ca.crt | b64enc ) ($params.ca.key | b64enc ) }}
-{{- $_ := set $local "ca" $ca }}
-{{- end }}
-{{- else }}
-{{- $ca := genCA (first $local.certHosts) (int $params.life) }}
-{{- $_ := set $local "ca" $ca }}
-{{- end }}
-
-{{- $expDate := date_in_zone "2006-01-02T15:04:05Z07:00" ( date_modify (printf "+%sh" (mul $params.life 24 |toString)) now ) "UTC" }}
-{{- $rawCert := genSignedCert (first $local.certHosts) ($local.certIps) ($local.certHosts) (int $params.life) $local.ca }}
-{{- $certificate := dict -}}
-{{- if $encode -}}
-{{- $_ := b64enc $rawCert.Cert | set $certificate "crt" -}}
-{{- $_ := b64enc $rawCert.Key | set $certificate "key" -}}
-{{- $_ := b64enc $local.ca.Cert | set $certificate "ca" -}}
-{{- $_ := b64enc $local.ca.Key | set $certificate "caKey" -}}
-{{- $_ := b64enc $expDate | set $certificate "exp" -}}
-{{- else -}}
-{{- $_ := set $certificate "crt" $rawCert.Cert -}}
-{{- $_ := set $certificate "key" $rawCert.Key -}}
-{{- $_ := set $certificate "ca" $local.ca.Cert -}}
-{{- $_ := set $certificate "caKey" $local.ca.Key -}}
-{{- $_ := set $certificate "exp" $expDate -}}
-{{- end -}}
-{{- $certificate | toYaml }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_comma_joined_service_list.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_comma_joined_service_list.tpl
deleted file mode 100644
index e26501f..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_comma_joined_service_list.tpl
+++ /dev/null
@@ -1,46 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Returns a comma separated list of namespace:service pairs.
-values: |
- dependencies:
- static:
- api:
- services:
- - endpoint: internal
- service: oslo_cache
- - endpoint: internal
- service: oslo_db
- endpoints:
- oslo_db:
- namespace: foo
- hosts:
- default: mariadb
- oslo_cache:
- namespace: bar
- hosts:
- default: memcache
-usage: |
- {{ tuple .Values.dependencies.static.api.services . | include "helm-toolkit.utils.comma_joined_service_list" }}
-return: |
- bar:memcache,foo:mariadb
-*/}}
-
-{{- define "helm-toolkit.utils.comma_joined_service_list" -}}
-{{- $deps := index . 0 -}}
-{{- $envAll := index . 1 -}}
-{{- range $k, $v := $deps -}}{{- if $k -}},{{- end -}}{{ tuple $v.service $v.endpoint $envAll | include "helm-toolkit.endpoints.service_name_endpoint_with_namespace_lookup" }}{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_configmap_templater.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_configmap_templater.tpl
deleted file mode 100644
index 7095c19..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_configmap_templater.tpl
+++ /dev/null
@@ -1,30 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.utils.configmap_templater" }}
-{{- $keyRoot := index . 0 -}}
-{{- $configTemplate := index . 1 -}}
-{{- $context := index . 2 -}}
-{{ if $keyRoot.override -}}
-{{ $keyRoot.override | indent 4 }}
-{{- else -}}
-{{- if $keyRoot.prefix -}}
-{{ $keyRoot.prefix | indent 4 }}
-{{- end }}
-{{ tuple $configTemplate $context | include "helm-toolkit.utils.template" | indent 4 }}
-{{- end }}
-{{- if $keyRoot.append -}}
-{{ $keyRoot.append | indent 4 }}
-{{- end }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_daemonset_overrides.tpl
deleted file mode 100644
index 40359f0..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_daemonset_overrides.tpl
+++ /dev/null
@@ -1,269 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.utils.daemonset_overrides" }}
- {{- $daemonset := index . 0 }}
- {{- $daemonset_yaml := index . 1 }}
- {{- $configmap_include := index . 2 }}
- {{- $configmap_name := index . 3 }}
- {{- $context := index . 4 }}
- {{- $_ := unset $context ".Files" }}
- {{- $daemonset_root_name := printf (print $context.Chart.Name "_" $daemonset) }}
- {{- $_ := set $context.Values "__daemonset_list" list }}
- {{- $_ := set $context.Values "__default" dict }}
- {{- if hasKey $context.Values.conf "overrides" }}
- {{- range $key, $val := $context.Values.conf.overrides }}
-
- {{- if eq $key $daemonset_root_name }}
- {{- range $type, $type_data := . }}
-
- {{- if eq $type "hosts" }}
- {{- range $host_data := . }}
- {{/* dictionary that will contain all info needed to generate this
- iteration of the daemonset */}}
- {{- $current_dict := dict }}
-
- {{/* set daemonset name */}}
- {{/* Note: long hostnames can cause the 63 char name limit to be
- exceeded. Truncate the hostname if hostname > 20 char */}}
- {{- if gt (len $host_data.name) 20 }}
- {{- $_ := set $current_dict "name" (substr 0 20 $host_data.name) }}
- {{- else }}
- {{- $_ := set $current_dict "name" $host_data.name }}
- {{- end }}
-
- {{/* apply overrides */}}
- {{- $override_conf_copy := $host_data.conf }}
- {{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
- {{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
- {{- $root_conf_copy2 := dict "conf" $merged_dict }}
- {{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
- {{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
- {{- $_ := set $current_dict "nodeData" $root_conf_copy4 }}
-
- {{/* Schedule to this host explicitly. */}}
- {{- $nodeSelector_dict := dict }}
-
- {{- $_ := set $nodeSelector_dict "key" "kubernetes.io/hostname" }}
- {{- $_ := set $nodeSelector_dict "operator" "In" }}
-
- {{- $values_list := list $host_data.name }}
- {{- $_ := set $nodeSelector_dict "values" $values_list }}
-
- {{- $list_aggregate := list $nodeSelector_dict }}
- {{- $_ := set $current_dict "matchExpressions" $list_aggregate }}
-
- {{/* store completed daemonset entry/info into global list */}}
- {{- $list_aggregate := append $context.Values.__daemonset_list $current_dict }}
- {{- $_ := set $context.Values "__daemonset_list" $list_aggregate }}
-
- {{- end }}
- {{- end }}
-
- {{- if eq $type "labels" }}
- {{- $_ := set $context.Values "__label_list" . }}
- {{- range $label_data := . }}
- {{/* dictionary that will contain all info needed to generate this
- iteration of the daemonset. */}}
- {{- $_ := set $context.Values "__current_label" dict }}
-
- {{/* set daemonset name */}}
- {{- $_ := set $context.Values.__current_label "name" $label_data.label.key }}
-
- {{/* apply overrides */}}
- {{- $override_conf_copy := $label_data.conf }}
- {{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
- {{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
- {{- $root_conf_copy2 := dict "conf" $merged_dict }}
- {{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
- {{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
- {{- $_ := set $context.Values.__current_label "nodeData" $root_conf_copy4 }}
-
- {{/* Schedule to the provided label value(s) */}}
- {{- $label_dict := omit $label_data.label "NULL" }}
- {{- $_ := set $label_dict "operator" "In" }}
- {{- $list_aggregate := list $label_dict }}
- {{- $_ := set $context.Values.__current_label "matchExpressions" $list_aggregate }}
-
- {{/* Do not schedule to other specified labels, with higher
- precedence as the list position increases. Last defined label
- is highest priority. */}}
- {{- $other_labels := without $context.Values.__label_list $label_data }}
- {{- range $label_data2 := $other_labels }}
- {{- $label_dict := omit $label_data2.label "NULL" }}
-
- {{- $_ := set $label_dict "operator" "NotIn" }}
-
- {{- $list_aggregate := append $context.Values.__current_label.matchExpressions $label_dict }}
- {{- $_ := set $context.Values.__current_label "matchExpressions" $list_aggregate }}
- {{- end }}
- {{- $_ := set $context.Values "__label_list" $other_labels }}
-
- {{/* Do not schedule to any other specified hosts */}}
- {{- range $type, $type_data := $val }}
- {{- if eq $type "hosts" }}
- {{- range $host_data := . }}
- {{- $label_dict := dict }}
-
- {{- $_ := set $label_dict "key" "kubernetes.io/hostname" }}
- {{- $_ := set $label_dict "operator" "NotIn" }}
-
- {{- $values_list := list $host_data.name }}
- {{- $_ := set $label_dict "values" $values_list }}
-
- {{- $list_aggregate := append $context.Values.__current_label.matchExpressions $label_dict }}
- {{- $_ := set $context.Values.__current_label "matchExpressions" $list_aggregate }}
- {{- end }}
- {{- end }}
- {{- end }}
-
- {{/* store completed daemonset entry/info into global list */}}
- {{- $list_aggregate := append $context.Values.__daemonset_list $context.Values.__current_label }}
- {{- $_ := set $context.Values "__daemonset_list" $list_aggregate }}
- {{- $_ := unset $context.Values "__current_label" }}
-
- {{- end }}
- {{- end }}
- {{- end }}
-
- {{/* scheduler exceptions for the default daemonset */}}
- {{- $_ := set $context.Values.__default "matchExpressions" list }}
-
- {{- range $type, $type_data := . }}
- {{/* Do not schedule to other specified labels */}}
- {{- if eq $type "labels" }}
- {{- range $label_data := . }}
- {{- $default_dict := omit $label_data.label "NULL" }}
-
- {{- $_ := set $default_dict "operator" "NotIn" }}
-
- {{- $list_aggregate := append $context.Values.__default.matchExpressions $default_dict }}
- {{- $_ := set $context.Values.__default "matchExpressions" $list_aggregate }}
- {{- end }}
- {{- end }}
- {{/* Do not schedule to other specified hosts */}}
- {{- if eq $type "hosts" }}
- {{- range $host_data := . }}
- {{- $default_dict := dict }}
-
- {{- $_ := set $default_dict "key" "kubernetes.io/hostname" }}
- {{- $_ := set $default_dict "operator" "NotIn" }}
-
- {{- $values_list := list $host_data.name }}
- {{- $_ := set $default_dict "values" $values_list }}
-
- {{- $list_aggregate := append $context.Values.__default.matchExpressions $default_dict }}
- {{- $_ := set $context.Values.__default "matchExpressions" $list_aggregate }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- end }}
-
- {{/* generate the default daemonset */}}
-
- {{/* set name */}}
- {{- $_ := set $context.Values.__default "name" "default" }}
-
- {{/* no overrides apply, so copy as-is */}}
- {{- $root_conf_copy1 := omit $context.Values.conf "overrides" }}
- {{- $root_conf_copy2 := dict "conf" $root_conf_copy1 }}
- {{- $context_values := omit $context.Values "conf" }}
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
- {{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
- {{- $_ := set $context.Values.__default "nodeData" $root_conf_copy4 }}
-
- {{/* add to global list */}}
- {{- $list_aggregate := append $context.Values.__daemonset_list $context.Values.__default }}
- {{- $_ := set $context.Values "__daemonset_list" $list_aggregate }}
-
- {{- range $current_dict := $context.Values.__daemonset_list }}
-
- {{- $context_novalues := omit $context "Values" }}
- {{- $merged_dict := mergeOverwrite $context_novalues $current_dict.nodeData }}
- {{- $_ := set $current_dict "nodeData" $merged_dict }}
- {{/* Deep copy original daemonset_yaml */}}
- {{- $_ := set $context.Values "__daemonset_yaml" ($daemonset_yaml | toYaml | fromYaml) }}
-
- {{/* name needs to be a DNS-1123 compliant name. Ensure lower case */}}
- {{- $name_format1 := printf (print $daemonset_root_name "-" $current_dict.name) | lower }}
- {{/* labels may contain underscores which would be invalid here, so we replace them with dashes
- there may be other valid label names which would make for an invalid DNS-1123 name
- but these will be easier to handle in future with sprig regex* functions
- (not availabile in helm 2.5.1) */}}
- {{- $name_format2 := $name_format1 | replace "_" "-" }}
- {{/* To account for the case where the same label is defined multiple times in overrides
- (but with different label values), we add a sha of the scheduling data to ensure
- name uniqueness */}}
- {{- $_ := set $current_dict "dns_1123_name" dict }}
- {{- if hasKey $current_dict "matchExpressions" }}
- {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | quote | sha256sum | trunc 8))) }}
- {{- else }}
- {{- $_ := set $current_dict "dns_1123_name" $name_format2 }}
- {{- end }}
-
- {{/* set daemonset metadata name */}}
- {{- if not $context.Values.__daemonset_yaml.metadata }}{{- $_ := set $context.Values.__daemonset_yaml "metadata" dict }}{{- end }}
- {{- if not $context.Values.__daemonset_yaml.metadata.name }}{{- $_ := set $context.Values.__daemonset_yaml.metadata "name" dict }}{{- end }}
- {{- $_ := set $context.Values.__daemonset_yaml.metadata "name" $current_dict.dns_1123_name }}
-
- {{/* cross-reference configmap name to container volume definitions */}}
- {{- $_ := set $context.Values "__volume_list" list }}
- {{- range $current_volume := $context.Values.__daemonset_yaml.spec.template.spec.volumes }}
- {{- $_ := set $context.Values "__volume" $current_volume }}
- {{- if hasKey $context.Values.__volume "secret" }}
- {{- if eq $context.Values.__volume.secret.secretName $configmap_name }}
- {{- $_ := set $context.Values.__volume.secret "secretName" $current_dict.dns_1123_name }}
- {{- end }}
- {{- end }}
- {{- $updated_list := append $context.Values.__volume_list $context.Values.__volume }}
- {{- $_ := set $context.Values "__volume_list" $updated_list }}
- {{- end }}
- {{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec "volumes" $context.Values.__volume_list }}
-
-
- {{/* populate scheduling restrictions */}}
- {{- if hasKey $current_dict "matchExpressions" }}
- {{- if not $context.Values.__daemonset_yaml.spec.template.spec }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template "spec" dict }}{{- end }}
- {{- if not $context.Values.__daemonset_yaml.spec.template.spec.affinity }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec "affinity" dict }}{{- end }}
- {{- if not $context.Values.__daemonset_yaml.spec.template.spec.affinity.nodeAffinity }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec.affinity "nodeAffinity" dict }}{{- end }}
- {{- if not $context.Values.__daemonset_yaml.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec.affinity.nodeAffinity "requiredDuringSchedulingIgnoredDuringExecution" dict }}{{- end }}
- {{- $match_exprs := dict }}
- {{- $_ := set $match_exprs "matchExpressions" $current_dict.matchExpressions }}
- {{- $appended_match_expr := list $match_exprs }}
- {{- $_ := set $context.Values.__daemonset_yaml.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution "nodeSelectorTerms" $appended_match_expr }}
- {{- end }}
-
- {{/* input value hash for current set of values overrides */}}
- {{- if not $context.Values.__daemonset_yaml.spec }}{{- $_ := set $context.Values.__daemonset_yaml "spec" dict }}{{- end }}
- {{- if not $context.Values.__daemonset_yaml.spec.template }}{{- $_ := set $context.Values.__daemonset_yaml.spec "template" dict }}{{- end }}
- {{- if not $context.Values.__daemonset_yaml.spec.template.metadata }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template "metadata" dict }}{{- end }}
- {{- if not $context.Values.__daemonset_yaml.spec.template.metadata.annotations }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata "annotations" dict }}{{- end }}
- {{- $cmap := list $current_dict.dns_1123_name $current_dict.nodeData | include $configmap_include }}
- {{- $values_hash := $cmap | quote | sha256sum }}
- {{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata.annotations "configmap-etc-hash" $values_hash }}
-
- {{/* generate configmap */}}
----
-{{ $cmap }}
- {{/* generate daemonset yaml */}}
----
-{{ $context.Values.__daemonset_yaml | toYaml }}
- {{- end }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_dependency_resolver.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_dependency_resolver.tpl
deleted file mode 100644
index 4a88dd8..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_dependency_resolver.tpl
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.utils.dependency_resolver" }}
-{{- $envAll := index . "envAll" -}}
-{{- $dependencyMixinParam := index . "dependencyMixinParam" -}}
-{{- $dependencyKey := index . "dependencyKey" -}}
-{{- if $dependencyMixinParam -}}
-{{- $_ := set $envAll.Values "pod_dependency" dict -}}
-{{- if kindIs "string" $dependencyMixinParam }}
-{{- if ( index $envAll.Values.dependencies.dynamic.targeted $dependencyMixinParam ) }}
-{{- $_ := include "helm-toolkit.utils.merge" (tuple $envAll.Values.pod_dependency ( index $envAll.Values.dependencies.static $dependencyKey ) ( index $envAll.Values.dependencies.dynamic.targeted $dependencyMixinParam $dependencyKey ) ) -}}
-{{- else }}
-{{- $_ := set $envAll.Values "pod_dependency" ( index $envAll.Values.dependencies.static $dependencyKey ) }}
-{{- end }}
-{{- else if kindIs "slice" $dependencyMixinParam }}
-{{- $_ := set $envAll.Values "__deps" ( index $envAll.Values.dependencies.static $dependencyKey ) }}
-{{- range $k, $v := $dependencyMixinParam -}}
-{{- if ( index $envAll.Values.dependencies.dynamic.targeted $v ) }}
-{{- $_ := include "helm-toolkit.utils.merge" (tuple $envAll.Values.pod_dependency $envAll.Values.__deps ( index $envAll.Values.dependencies.dynamic.targeted $v $dependencyKey ) ) -}}
-{{- $_ := set $envAll.Values "__deps" $envAll.Values.pod_dependency -}}
-{{- end }}
-{{- end }}
-{{- end }}
-{{- else -}}
-{{- $_ := set $envAll.Values "pod_dependency" ( index $envAll.Values.dependencies.static $dependencyKey ) -}}
-{{- end -}}
-{{ $envAll.Values.pod_dependency | toYaml }}
-{{- end }}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_hash.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_hash.tpl
deleted file mode 100644
index d871b62..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_hash.tpl
+++ /dev/null
@@ -1,21 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.utils.hash" -}}
-{{- $name := index . 0 -}}
-{{- $context := index . 1 -}}
-{{- $last := base $context.Template.Name }}
-{{- $wtf := $context.Template.Name | replace $last $name -}}
-{{- include $wtf $context | sha256sum | quote -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_host_list.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_host_list.tpl
deleted file mode 100644
index 0c32136..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_host_list.tpl
+++ /dev/null
@@ -1,44 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Returns a list of unique hosts for an endpoint, in yaml.
-values: |
- endpoints:
- cluster_domain_suffix: cluster.local
- oslo_db:
- hosts:
- default: mariadb
- host_fqdn_override:
- default: mariadb
-usage: |
- {{ tuple "oslo_db" "internal" . | include "helm-toolkit.utils.host_list" }}
-return: |
- hosts:
- - mariadb
- - mariadb.default
-*/}}
-
-{{- define "helm-toolkit.utils.host_list" -}}
-{{- $type := index . 0 -}}
-{{- $endpoint := index . 1 -}}
-{{- $context := index . 2 -}}
-{{- $host_fqdn := tuple $type $endpoint $context | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
-{{- $host_namespaced := tuple $type $endpoint $context | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
-{{- $host_short := tuple $type $endpoint $context | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
-{{/* It is important that the FQDN host is 1st in this list, to ensure other function can use the 1st element for cert gen CN etc */}}
-{{- $host_list := list $host_fqdn $host_namespaced $host_short | uniq }}
-{{- dict "hosts" $host_list | toYaml }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_image_sync_list.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_image_sync_list.tpl
deleted file mode 100644
index 51923b6..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_image_sync_list.tpl
+++ /dev/null
@@ -1,25 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.utils.image_sync_list" -}}
-{{- $imageExcludeList := .Values.images.local_registry.exclude -}}
-{{- $imageDict := .Values.images.tags -}}
-{{- $local := dict "first" true -}}
-{{- range $k, $v := $imageDict -}}
-{{- if not $local.first -}},{{- end -}}
-{{- if (not (has $k $imageExcludeList )) -}}
-{{- index $imageDict $k -}}
-{{- $_ := set $local "first" false -}}
-{{- end -}}{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithComma.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithComma.tpl
deleted file mode 100644
index 5eb5785..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithComma.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Joins a list of values into a comma separated string
-values: |
- test:
- - foo
- - bar
-usage: |
- {{ include "helm-toolkit.utils.joinListWithComma" .Values.test }}
-return: |
- foo,bar
-*/}}
-
-{{- define "helm-toolkit.utils.joinListWithComma" -}}
-{{- $local := dict "first" true -}}
-{{- range $k, $v := . -}}{{- if not $local.first -}},{{- end -}}{{- $v -}}{{- $_ := set $local "first" false -}}{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithCommaAndSingleQuotes.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithCommaAndSingleQuotes.tpl
deleted file mode 100644
index 3bc6819..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithCommaAndSingleQuotes.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Joins a list of values into a comma seperated string with single quotes
- around each value.
-values: |
- test:
- - foo
- - bar
-usage: |
- {{ include "helm-toolkit.utils.joinListWithCommaAndSingleQuotes" .Values.test }}
-return: |
- 'foo','bar'
-*/}}
-
-{{- define "helm-toolkit.utils.joinListWithCommaAndSingleQuotes" -}}
-{{- $local := dict "first" true -}}
-{{- range $k, $v := . -}}{{- if not $local.first -}},{{- end -}}'{{- $v -}}'{{- $_ := set $local "first" false -}}{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithPrefix.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithPrefix.tpl
deleted file mode 100644
index 40ebb15..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithPrefix.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Joins a list of prefixed values into a space separated string
-values: |
- test:
- - foo
- - bar
-usage: |
- {{ tuple "prefix" .Values.test | include "helm-toolkit.utils.joinListWithPrefix" }}
-return: |
- prefixfoo prefixbar
-*/}}
-
-{{- define "helm-toolkit.utils.joinListWithPrefix" -}}
-{{- $prefix := index . 0 -}}
-{{- $local := dict "first" true -}}
-{{- range $k, $v := index . 1 -}}{{- if not $local.first -}}{{- " " -}}{{- end -}}{{- $prefix -}}{{- $v -}}{{- $_ := set $local "first" false -}}{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithSpace.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithSpace.tpl
deleted file mode 100644
index 5912280..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_joinListWithSpace.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Joins a list of values into a space separated string
-values: |
- test:
- - foo
- - bar
-usage: |
- {{ include "helm-toolkit.utils.joinListWithSpace" .Values.test }}
-return: |
- foo bar
-*/}}
-
-{{- define "helm-toolkit.utils.joinListWithSpace" -}}
-{{- $local := dict "first" true -}}
-{{- range $k, $v := . -}}{{- if not $local.first -}}{{- " " -}}{{- end -}}{{- $v -}}{{- $_ := set $local "first" false -}}{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_merge.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_merge.tpl
deleted file mode 100644
index ea80546..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_merge.tpl
+++ /dev/null
@@ -1,135 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-Takes a tuple of values and merges into the first (target) one each subsequent
-(source) one in order. If all values to merge are maps, then the tuple can be
-passed as is and the target will be the result, otherwise pass a map with a
-"values" key containing the tuple of values to merge, and the merge result will
-be assigned to the "result" key of the passed map.
-
-When merging maps, for each key in the source, if the target does not define
-that key, the source value is assigned. If both define the key, then the key
-values are merged using this algorithm (recursively) and the result is assigned
-to the target key. Slices are merged by appending them and removing any
-duplicates, and when passing a map to this function and including a
-"merge_same_named" key set to true, then map items from the slices with the same
-value for the "name" key will be merged with each other. Any other values are
-merged by simply keeping the source, and throwing away the target.
-*/}}
-
-{{- define "helm-toolkit.utils.merge" -}}
- {{- $local := dict -}}
- {{- $_ := set $local "merge_same_named" false -}}
- {{- if kindIs "map" $ -}}
- {{- $_ := set $local "values" $.values -}}
- {{- if hasKey $ "merge_same_named" -}}
- {{- $_ := set $local "merge_same_named" $.merge_same_named -}}
- {{- end -}}
- {{- else -}}
- {{- $_ := set $local "values" $ -}}
- {{- end -}}
-
- {{- $target := first $local.values -}}
- {{- range $item := rest $local.values -}}
- {{- $call := dict "target" $target "source" . "merge_same_named" $local.merge_same_named -}}
- {{- $_ := include "helm-toolkit.utils._merge" $call -}}
- {{- $_ := set $local "result" $call.result -}}
- {{- end -}}
-
- {{- if kindIs "map" $ -}}
- {{- $_ := set $ "result" $local.result -}}
- {{- end -}}
-{{- end -}}
-
-{{- define "helm-toolkit.utils._merge" -}}
- {{- $local := dict -}}
-
- {{- $_ := set $ "result" $.source -}}
-
- {{/*
- TODO: Should we `fail` when trying to merge a collection (map or slice) with
- either a different kind of collection or a scalar?
- */}}
-
- {{- if and (kindIs "map" $.target) (kindIs "map" $.source) -}}
- {{- range $key, $sourceValue := $.source -}}
- {{- if not (hasKey $.target $key) -}}
- {{- $_ := set $local "newTargetValue" $sourceValue -}}
- {{- if kindIs "map" $sourceValue -}}
- {{- $copy := dict -}}
- {{- $call := dict "target" $copy "source" $sourceValue -}}
- {{- $_ := include "helm-toolkit.utils._merge.shallow" $call -}}
- {{- $_ := set $local "newTargetValue" $copy -}}
- {{- end -}}
- {{- else -}}
- {{- $targetValue := index $.target $key -}}
- {{- $call := dict "target" $targetValue "source" $sourceValue "merge_same_named" $.merge_same_named -}}
- {{- $_ := include "helm-toolkit.utils._merge" $call -}}
- {{- $_ := set $local "newTargetValue" $call.result -}}
- {{- end -}}
- {{- $_ := set $.target $key $local.newTargetValue -}}
- {{- end -}}
- {{- $_ := set $ "result" $.target -}}
- {{- else if and (kindIs "slice" $.target) (kindIs "slice" $.source) -}}
- {{- $call := dict "target" $.target "source" $.source -}}
- {{- $_ := include "helm-toolkit.utils._merge.append_slice" $call -}}
- {{- if $.merge_same_named -}}
- {{- $_ := set $local "result" list -}}
- {{- $_ := set $local "named_items" dict -}}
- {{- range $item := $call.result -}}
- {{- $_ := set $local "has_name_key" false -}}
- {{- if kindIs "map" $item -}}
- {{- if hasKey $item "name" -}}
- {{- $_ := set $local "has_name_key" true -}}
- {{- end -}}
- {{- end -}}
-
- {{- if $local.has_name_key -}}
- {{- if hasKey $local.named_items $item.name -}}
- {{- $named_item := index $local.named_items $item.name -}}
- {{- $call := dict "target" $named_item "source" $item "merge_same_named" $.merge_same_named -}}
- {{- $_ := include "helm-toolkit.utils._merge" $call -}}
- {{- else -}}
- {{- $copy := dict -}}
- {{- $copy_call := dict "target" $copy "source" $item -}}
- {{- $_ := include "helm-toolkit.utils._merge.shallow" $copy_call -}}
- {{- $_ := set $local.named_items $item.name $copy -}}
- {{- $_ := set $local "result" (append $local.result $copy) -}}
- {{- end -}}
- {{- else -}}
- {{- $_ := set $local "result" (append $local.result $item) -}}
- {{- end -}}
- {{- end -}}
- {{- else -}}
- {{- $_ := set $local "result" $call.result -}}
- {{- end -}}
- {{- $_ := set $ "result" (uniq $local.result) -}}
- {{- end -}}
-{{- end -}}
-
-{{- define "helm-toolkit.utils._merge.shallow" -}}
- {{- range $key, $value := $.source -}}
- {{- $_ := set $.target $key $value -}}
- {{- end -}}
-{{- end -}}
-
-{{- define "helm-toolkit.utils._merge.append_slice" -}}
- {{- $local := dict -}}
- {{- $_ := set $local "result" $.target -}}
- {{- range $value := $.source -}}
- {{- $_ := set $local "result" (append $local.result $value) -}}
- {{- end -}}
- {{- $_ := set $ "result" $local.result -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_template.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_template.tpl
deleted file mode 100644
index da56aa0..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_template.tpl
+++ /dev/null
@@ -1,21 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "helm-toolkit.utils.template" -}}
-{{- $name := index . 0 -}}
-{{- $context := index . 1 -}}
-{{- $last := base $context.Template.Name }}
-{{- $wtf := $context.Template.Name | replace $last $name -}}
-{{ include $wtf $context }}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_to_ini.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_to_ini.tpl
deleted file mode 100644
index a159364..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_to_ini.tpl
+++ /dev/null
@@ -1,51 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Returns INI formatted output from yaml input
-values: |
- conf:
- paste:
- filter:debug:
- use: egg:oslo.middleware#debug
- filter:request_id:
- use: egg:oslo.middleware#request_id
- filter:build_auth_context:
- use: egg:keystone#build_auth_context
-usage: |
- {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste }}
-return: |
- [filter:build_auth_context]
- use = egg:keystone#build_auth_context
- [filter:debug]
- use = egg:oslo.middleware#debug
- [filter:request_id]
- use = egg:oslo.middleware#request_id
-*/}}
-
-{{- define "helm-toolkit.utils.to_ini" -}}
-{{- range $section, $values := . -}}
-{{- if kindIs "map" $values -}}
-[{{ $section }}]
-{{range $key, $value := $values -}}
-{{- if kindIs "slice" $value -}}
-{{ $key }} = {{ include "helm-toolkit.utils.joinListWithComma" $value }}
-{{else -}}
-{{ $key }} = {{ $value }}
-{{end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_to_k8s_env_secret_vars.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_to_k8s_env_secret_vars.tpl
deleted file mode 100644
index 885a86c..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_to_k8s_env_secret_vars.tpl
+++ /dev/null
@@ -1,46 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Returns yaml formatted to be used in k8s templates as container
- env vars injected via secrets. This requires a secret-<chartname> template to
- be defined in the chart that can be used to house the desired secret
- variables. For reference, see the fluentd chart.
-values: |
- test:
- secrets:
- foo: bar
-
-usage: |
- {{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.test }}
-return: |
- - name: foo
- valueFrom:
- secretKeyRef:
- name: "my-release-name-env-secret"
- key: foo
-*/}}
-
-{{- define "helm-toolkit.utils.to_k8s_env_secret_vars" -}}
-{{- $context := index . 0 -}}
-{{- $secrets := index . 1 -}}
-{{ range $key, $config := $secrets -}}
-- name: {{ $key }}
- valueFrom:
- secretKeyRef:
- name: {{ printf "%s-%s" $context.Release.Name "env-secret" | quote }}
- key: {{ $key }}
-{{ end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_to_k8s_env_vars.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_to_k8s_env_vars.tpl
deleted file mode 100644
index 829dca6..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_to_k8s_env_vars.tpl
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Returns key value pair formatted to be used in k8s templates as container
- env vars.
-values: |
- test:
- foo: bar
-usage: |
- {{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.test }}
-return: |
- - name: foo
- value: "bar"
-*/}}
-
-{{- define "helm-toolkit.utils.to_k8s_env_vars" -}}
-{{range $key, $value := . -}}
-{{- if kindIs "slice" $value -}}
-- name: {{ $key }}
- value: {{ include "helm-toolkit.utils.joinListWithComma" $value | quote }}
-{{else -}}
-- name: {{ $key }}
- value: {{ $value | quote }}
-{{ end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_to_kv_list.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_to_kv_list.tpl
deleted file mode 100644
index 91bdeb6..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_to_kv_list.tpl
+++ /dev/null
@@ -1,42 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Returns key value pair in INI format (key = value)
-values: |
- conf:
- libvirt:
- log_level: 3
-usage: |
- {{ include "helm-toolkit.utils.to_kv_list" .Values.conf.libvirt }}
-return: |
- log_level = 3
-*/}}
-
-{{- define "helm-toolkit.utils.to_kv_list" -}}
-{{- range $key, $value := . -}}
-{{- if kindIs "slice" $value }}
-{{ $key }} = {{ include "helm-toolkit.utils.joinListWithComma" $value | quote }}
-{{- else if kindIs "string" $value }}
-{{- if regexMatch "^[0-9]+$" $value }}
-{{ $key }} = {{ $value }}
-{{- else }}
-{{ $key }} = {{ $value | quote }}
-{{- end }}
-{{- else }}
-{{ $key }} = {{ $value }}
-{{- end }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/templates/utils/_to_oslo_conf.tpl b/charts/senlin/charts/helm-toolkit/templates/utils/_to_oslo_conf.tpl
deleted file mode 100644
index 622a862..0000000
--- a/charts/senlin/charts/helm-toolkit/templates/utils/_to_oslo_conf.tpl
+++ /dev/null
@@ -1,75 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{/*
-abstract: |
- Returns OSLO.conf formatted output from yaml input
-values: |
- conf:
- keystone:
- DEFAULT: # Keys at this level are used for section headings
- max_token_size: 255
- oslo_messaging_notifications:
- driver: # An example of a multistring option's syntax
- type: multistring
- values:
- - messagingv2
- - log
- oslo_messaging_notifications_stein:
- driver: # An example of a csv option's syntax
- type: csv
- values:
- - messagingv2
- - log
- security_compliance:
- password_expires_ignore_user_ids:
- # Values in a list will be converted to a comma separated key
- - "123"
- - "456"
-usage: |
- {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.keystone }}
-return: |
- [DEFAULT]
- max_token_size = 255
- [oslo_messaging_notifications]
- driver = messagingv2
- driver = log
- [oslo_messaging_notifications_stein]
- driver = messagingv2,log
- [security_compliance]
- password_expires_ignore_user_ids = 123,456
-*/}}
-
-{{- define "helm-toolkit.utils.to_oslo_conf" -}}
-{{- range $section, $values := . -}}
-{{- if kindIs "map" $values -}}
-[{{ $section }}]
-{{ range $key, $value := $values -}}
-{{- if kindIs "slice" $value -}}
-{{ $key }} = {{ include "helm-toolkit.utils.joinListWithComma" $value }}
-{{ else if kindIs "map" $value -}}
-{{- if eq $value.type "multistring" }}
-{{- range $k, $multistringValue := $value.values -}}
-{{ $key }} = {{ $multistringValue }}
-{{ end -}}
-{{ else if eq $value.type "csv" -}}
-{{ $key }} = {{ include "helm-toolkit.utils.joinListWithComma" $value.values }}
-{{ end -}}
-{{- else -}}
-{{ $key }} = {{ $value }}
-{{ end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
diff --git a/charts/senlin/charts/helm-toolkit/values.yaml b/charts/senlin/charts/helm-toolkit/values.yaml
deleted file mode 100644
index 681a92b..0000000
--- a/charts/senlin/charts/helm-toolkit/values.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Default values for utils.
-# This is a YAML-formatted file.
-# Declare name/value pairs to be passed into your templates.
-# name: value
diff --git a/charts/senlin/requirements.lock b/charts/senlin/requirements.lock
deleted file mode 100644
index 43aa382..0000000
--- a/charts/senlin/requirements.lock
+++ /dev/null
@@ -1,6 +0,0 @@
-dependencies:
-- name: helm-toolkit
- repository: https://tarballs.openstack.org/openstack-helm-infra
- version: 0.2.64
-digest: sha256:4c00b9bfa1d3dc0426a82ec22f51b440e838c55cbd1f81dbf7de5b28471f6141
-generated: '0001-01-01T00:00:00Z'
diff --git a/charts/senlin/requirements.yaml b/charts/senlin/requirements.yaml
deleted file mode 100644
index ddafbfc..0000000
--- a/charts/senlin/requirements.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-dependencies:
-- name: helm-toolkit
- repository: https://tarballs.openstack.org/openstack-helm-infra
- version: 0.2.64
diff --git a/charts/senlin/templates/bin/_bootstrap.sh.tpl b/charts/senlin/templates/bin/_bootstrap.sh.tpl
deleted file mode 100644
index 6452d0a..0000000
--- a/charts/senlin/templates/bin/_bootstrap.sh.tpl
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-set -ex
-{{ .Values.bootstrap.script | default "echo 'Not Enabled'" }}
diff --git a/charts/senlin/templates/bin/_db-sync.sh.tpl b/charts/senlin/templates/bin/_db-sync.sh.tpl
deleted file mode 100644
index 7577969..0000000
--- a/charts/senlin/templates/bin/_db-sync.sh.tpl
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-set -ex
-
-senlin-manage db_sync
diff --git a/charts/senlin/templates/bin/_senlin-api.sh.tpl b/charts/senlin/templates/bin/_senlin-api.sh.tpl
deleted file mode 100644
index 88ae1c7..0000000
--- a/charts/senlin/templates/bin/_senlin-api.sh.tpl
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-set -ex
-COMMAND="${@:-start}"
-
-function start () {
- exec uwsgi --ini /etc/senlin/senlin-api-uwsgi.ini
-}
-
-function stop () {
- kill -TERM 1
-}
-
-$COMMAND
diff --git a/charts/senlin/templates/bin/_senlin-conductor.sh.tpl b/charts/senlin/templates/bin/_senlin-conductor.sh.tpl
deleted file mode 100644
index ea120a6..0000000
--- a/charts/senlin/templates/bin/_senlin-conductor.sh.tpl
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-set -ex
-exec senlin-conductor \
- --config-file /etc/senlin/senlin.conf
\ No newline at end of file
diff --git a/charts/senlin/templates/bin/_senlin-engine-cleaner.sh.tpl b/charts/senlin/templates/bin/_senlin-engine-cleaner.sh.tpl
deleted file mode 100644
index a345f12..0000000
--- a/charts/senlin/templates/bin/_senlin-engine-cleaner.sh.tpl
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-set -ex
-
-senlin-manage service clean
diff --git a/charts/senlin/templates/bin/_senlin-engine.sh.tpl b/charts/senlin/templates/bin/_senlin-engine.sh.tpl
deleted file mode 100644
index f4ba64b..0000000
--- a/charts/senlin/templates/bin/_senlin-engine.sh.tpl
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-set -ex
-exec senlin-engine \
- --config-file /etc/senlin/senlin.conf
diff --git a/charts/senlin/templates/bin/_senlin-health-manager.sh.tpl b/charts/senlin/templates/bin/_senlin-health-manager.sh.tpl
deleted file mode 100644
index b19779a..0000000
--- a/charts/senlin/templates/bin/_senlin-health-manager.sh.tpl
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-set -ex
-exec senlin-health-manager \
- --config-file /etc/senlin/senlin.conf
\ No newline at end of file
diff --git a/charts/senlin/templates/bin/_senlin-test.sh.tpl b/charts/senlin/templates/bin/_senlin-test.sh.tpl
deleted file mode 100644
index 7b3e264..0000000
--- a/charts/senlin/templates/bin/_senlin-test.sh.tpl
+++ /dev/null
@@ -1,139 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-set -ex
-
-# Set defaults to use for testing.
-: ${IMAGE_ID:="$(openstack image show -f value -c id \
- $(openstack image list -f csv | awk -F ',' '{ print $2 "," $1 }' | \
- grep "^\"Cirros" | head -1 | awk -F ',' '{ print $2 }' | tr -d '"'))"}
-: ${FLAVOR_ID:="$(openstack flavor show m1.tiny -f value -c id)"}
-: ${NETWORK_NAME:="public"}
-: ${SUB_TIMEOUT:=1200}
-
-# Define functions to use during tests.
-function gen_uuid () {
- cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1
-}
-
-function wait_for_senlin_cluster {
- set +x
- end=$(($(date +%s) + ${SUB_TIMEOUT}))
- while true; do
- STATE=$(openstack cluster show "${1}" -f value -c status)
- [ "x${STATE}" == "xACTIVE" ] && break
- sleep 1
- now=$(date +%s)
- [ $now -gt $end ] && echo "Node did not come up in time" && openstack cluster show "${1}" && exit -1
- done
- set -x
- openstack cluster show "${1}"
-}
-
-function wait_for_senlin_node {
- set +x
- end=$(($(date +%s) + ${SUB_TIMEOUT}))
- while true; do
- STATE=$(openstack cluster node show "${1}" -f value -c status)
- [ "x${STATE}" == "xACTIVE" ] && break
- sleep 1
- now=$(date +%s)
- [ $now -gt $end ] && echo "Node did not come up in time" && openstack cluster node show "${1}" && exit -1
- done
- set -x
- openstack cluster node show "${1}"
-}
-
-function wait_for_senlin_profile_delete {
- set +x
- end=$(($(date +%s) + ${SUB_TIMEOUT}))
- until openstack cluster profile delete "${1}" --force; do
- sleep 1
- now=$(date +%s)
- [ $now -gt $end ] && echo "Profile did not delete in time" && exit -1
- done
- set -x
-}
-
-# Start test run.
-SENLIN_CLUSTER_PROFILE=$(gen_uuid)
-SENLIN_CLUSTER_NAME=$(gen_uuid)
-SENLIN_NODE_NAME=$(gen_uuid)
-
-# Create a cluster profile.
-tee > /tmp/cirros_basic.yaml <<EOF
-type: os.nova.server
-version: 1.0
-properties:
- name: osh-test
- flavor: "${FLAVOR_ID}"
- image: "${IMAGE_ID}"
- #key_name: oskey
- networks:
- - network: ${NETWORK_NAME}
- metadata:
- test_key: test_value
- user_data: |
- #!/bin/sh
- echo 'hello, world' > /tmp/test_file
-EOF
-openstack cluster profile create --spec-file /tmp/cirros_basic.yaml "${SENLIN_CLUSTER_PROFILE}"
-
-# Create a 0 node cluster using the profile.
-# NOTE(portdirect): There is a bug in the Newton era osc/senlin client
-# interaction, so we fall back to calling senlin client directly to create
-# a cluster, before outright failing.
-openstack cluster create --profile "${SENLIN_CLUSTER_PROFILE}" "${SENLIN_CLUSTER_NAME}" || \
- senlin cluster-create -p "${SENLIN_CLUSTER_PROFILE}" "${SENLIN_CLUSTER_NAME}" || false
-
-# Resize the cluster to contain a node.
-openstack cluster resize --capacity 1 "${SENLIN_CLUSTER_NAME}"
-wait_for_senlin_cluster "${SENLIN_CLUSTER_NAME}"
-
-# Expand the cluster by one node.
-openstack cluster expand "${SENLIN_CLUSTER_NAME}"
-wait_for_senlin_cluster "${SENLIN_CLUSTER_NAME}"
-
-# Shrink the cluster by one node.
-openstack cluster shrink "${SENLIN_CLUSTER_NAME}"
-wait_for_senlin_cluster "${SENLIN_CLUSTER_NAME}"
-
-# Create a single node using the cluster profile.
-# NOTE(portdirect): There is a bug in the Newton era osc/senlin client
-# interaction, so we fall back to calling senlin client directly to create
-# a node, before outright failing.
-openstack cluster node create --profile "${SENLIN_CLUSTER_PROFILE}" "${SENLIN_NODE_NAME}" || \
- senlin node-create -p "${SENLIN_CLUSTER_PROFILE}" "${SENLIN_NODE_NAME}" || false
-wait_for_senlin_node "${SENLIN_NODE_NAME}"
-
-# Add the node to the cluster.
-openstack cluster members add --nodes "${SENLIN_NODE_NAME}" "${SENLIN_CLUSTER_NAME}"
-openstack cluster members list "${SENLIN_CLUSTER_NAME}"
-wait_for_senlin_cluster "${SENLIN_CLUSTER_NAME}"
-wait_for_senlin_node "${SENLIN_NODE_NAME}"
-
-# Remove the node from the cluster.
-openstack cluster members del --nodes "${SENLIN_NODE_NAME}" "${SENLIN_CLUSTER_NAME}"
-openstack cluster members list "${SENLIN_CLUSTER_NAME}"
-wait_for_senlin_cluster "${SENLIN_CLUSTER_NAME}"
-wait_for_senlin_node "${SENLIN_NODE_NAME}"
-
-# Cleanup the resources created.
-openstack cluster node delete "${SENLIN_NODE_NAME}" --force
-openstack cluster delete "${SENLIN_CLUSTER_NAME}" --force
-wait_for_senlin_profile_delete "${SENLIN_CLUSTER_PROFILE}"
-
-echo 'Tests Passed'
diff --git a/charts/senlin/templates/configmap-bin.yaml b/charts/senlin/templates/configmap-bin.yaml
deleted file mode 100644
index 1236ddc..0000000
--- a/charts/senlin/templates/configmap-bin.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.configmap_bin }}
-{{- $envAll := . }}
-{{- $rallyTests := .Values.conf.rally_tests }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: senlin-bin
-data:
-{{- if .Values.images.local_registry.active }}
- image-repo-sync.sh: |
-{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
-{{- end }}
-{{- if .Values.bootstrap.enabled }}
- bootstrap.sh: |
-{{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
-{{- end }}
- senlin-test.sh: |
-{{ tuple "bin/_senlin-test.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- db-init.py: |
-{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
- db-sync.sh: |
-{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- db-drop.py: |
-{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }}
- ks-service.sh: |
-{{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }}
- ks-endpoints.sh: |
-{{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }}
- ks-user.sh: |
-{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}
- senlin-api.sh: |
-{{ tuple "bin/_senlin-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- senlin-conductor.sh: |
-{{ tuple "bin/_senlin-conductor.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- senlin-engine.sh: |
-{{ tuple "bin/_senlin-engine.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- senlin-engine-cleaner.sh: |
-{{ tuple "bin/_senlin-engine-cleaner.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- senlin-health-manager.sh: |
-{{ tuple "bin/_senlin-health-manager.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
- rabbit-init.sh: |
-{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
-{{- end }}
diff --git a/charts/senlin/templates/configmap-etc.yaml b/charts/senlin/templates/configmap-etc.yaml
deleted file mode 100644
index f406d43..0000000
--- a/charts/senlin/templates/configmap-etc.yaml
+++ /dev/null
@@ -1,118 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.configmap_etc }}
-{{- $envAll := . }}
-
-{{- if empty .Values.conf.senlin.keystone_authtoken.auth_uri -}}
-{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.senlin.keystone_authtoken "auth_uri" -}}
-{{- end -}}
-
-# FIXME(alanmeadows) fix for broken keystonemiddleware oslo config gen in newton - will remove in future
-{{- if empty .Values.conf.senlin.keystone_authtoken.auth_url -}}
-{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.senlin.keystone_authtoken "auth_url" -}}
-{{- end -}}
-
-{{- if empty .Values.conf.senlin.keystone_authtoken.region_name -}}
-{{- $_ := set .Values.conf.senlin.keystone_authtoken "region_name" .Values.endpoints.identity.auth.senlin.region_name -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.keystone_authtoken.project_name -}}
-{{- $_ := set .Values.conf.senlin.keystone_authtoken "project_name" .Values.endpoints.identity.auth.senlin.project_name -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.keystone_authtoken.project_domain_name -}}
-{{- $_ := set .Values.conf.senlin.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.senlin.project_domain_name -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.keystone_authtoken.user_domain_name -}}
-{{- $_ := set .Values.conf.senlin.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.senlin.user_domain_name -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.keystone_authtoken.username -}}
-{{- $_ := set .Values.conf.senlin.keystone_authtoken "username" .Values.endpoints.identity.auth.senlin.username -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.keystone_authtoken.password -}}
-{{- $_ := set .Values.conf.senlin.keystone_authtoken "password" .Values.endpoints.identity.auth.senlin.password -}}
-{{- end -}}
-
-{{- if empty .Values.conf.senlin.keystone_authtoken.memcached_servers -}}
-{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.senlin.keystone_authtoken "memcached_servers" -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.keystone_authtoken.memcache_secret_key -}}
-{{- $_ := set .Values.conf.senlin.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
-{{- end -}}
-
-{{- if empty .Values.conf.senlin.database.connection -}}
-{{- $_ := tuple "oslo_db" "internal" "senlin" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.senlin.database "connection" -}}
-{{- end -}}
-
-{{- if empty .Values.conf.senlin.DEFAULT.transport_url -}}
-{{- $_ := tuple "oslo_messaging" "internal" "senlin" "amqp" . | include "helm-toolkit.endpoints.authenticated_transport_endpoint_uri_lookup" | set .Values.conf.senlin.DEFAULT "transport_url" -}}
-{{- end -}}
-
-{{- if empty .Values.conf.senlin.senlin_api.bind_port -}}
-{{- $_ := tuple "clustering" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.senlin.senlin_api "bind_port" -}}
-{{- end -}}
-
-{{- if empty .Values.conf.senlin.authentication.auth_url -}}
-{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.senlin.authentication "auth_url" -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.authentication.service_password -}}
-{{- $_ := set .Values.conf.senlin.authentication "service_password" .Values.endpoints.identity.auth.senlin.password -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.authentication.service_project_domain -}}
-{{- $_ := set .Values.conf.senlin.authentication "service_project_domain" .Values.endpoints.identity.auth.senlin.project_domain_name -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.authentication.service_project_name -}}
-{{- $_ := set .Values.conf.senlin.authentication "service_project_name" .Values.endpoints.identity.auth.senlin.project_name -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.authentication.service_user_domain -}}
-{{- $_ := set .Values.conf.senlin.authentication "service_user_domain" .Values.endpoints.identity.auth.senlin.user_domain_name -}}
-{{- end -}}
-{{- if empty .Values.conf.senlin.authentication.service_username -}}
-{{- $_ := set .Values.conf.senlin.authentication "service_username" .Values.endpoints.identity.auth.senlin.username -}}
-{{- end -}}
-
-{{- if empty .Values.conf.senlin_api_uwsgi.uwsgi.processes -}}
-{{- $_ := set .Values.conf.senlin_api_uwsgi.uwsgi "processes" .Values.conf.senlin.senlin_api.workers -}}
-{{- end -}}
-{{- if empty (index .Values.conf.senlin_api_uwsgi.uwsgi "http-socket") -}}
-{{- $http_socket_port := tuple "clustering" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | toString }}
-{{- $http_socket := printf "0.0.0.0:%s" $http_socket_port }}
-{{- $_ := set .Values.conf.senlin_api_uwsgi.uwsgi "http-socket" $http_socket -}}
-{{- end -}}
-
-{{- if and (empty .Values.conf.logging.handler_fluent) (has "fluent" .Values.conf.logging.handlers.keys) -}}
-{{- $fluentd_host := tuple "fluentd" "internal" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
-{{- $fluentd_port := tuple "fluentd" "internal" "service" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
-{{- $fluent_args := printf "('%s.%s', '%s', %s)" .Release.Namespace .Release.Name $fluentd_host $fluentd_port }}
-{{- $handler_fluent := dict "class" "fluent.handler.FluentHandler" "formatter" "fluent" "args" $fluent_args -}}
-{{- $_ := set .Values.conf.logging "handler_fluent" $handler_fluent -}}
-{{- end -}}
-
-{{- if and (empty .Values.conf.logging.formatter_fluent) (has "fluent" .Values.conf.logging.formatters.keys) -}}
-{{- $formatter_fluent := dict "class" "oslo_log.formatters.FluentFormatter" -}}
-{{- $_ := set .Values.conf.logging "formatter_fluent" $formatter_fluent -}}
-{{- end -}}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: senlin-etc
-type: Opaque
-data:
- rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }}
- senlin.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.senlin | b64enc }}
- senlin-api-uwsgi.ini: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.senlin_api_uwsgi | b64enc }}
- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }}
- api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }}
- policy.yaml: {{ toYaml .Values.conf.policy | b64enc }}
-{{- end }}
diff --git a/charts/senlin/templates/cron-job-engine-cleaner.yaml b/charts/senlin/templates/cron-job-engine-cleaner.yaml
deleted file mode 100644
index cae292e..0000000
--- a/charts/senlin/templates/cron-job-engine-cleaner.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.cron_job_engine_cleaner }}
-{{- $envAll := . }}
-
-{{- $mounts_senlin_engine_cleaner := .Values.pod.mounts.senlin_engine_cleaner.senlin_engine_cleaner }}
-{{- $mounts_senlin_engine_cleaner_init := .Values.pod.mounts.senlin_engine_cleaner.init_container }}
-
-{{- $serviceAccountName := "senlin-engine-cleaner" }}
-{{ tuple $envAll "engine_cleaner" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: CronJob
-metadata:
- name: senlin-engine-cleaner
- annotations:
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-spec:
- schedule: {{ .Values.jobs.engine_cleaner.cron | quote }}
- successfulJobsHistoryLimit: {{ .Values.jobs.engine_cleaner.history.success }}
- failedJobsHistoryLimit: {{ .Values.jobs.engine_cleaner.history.failed }}
- concurrencyPolicy: Forbid
- jobTemplate:
- metadata:
- labels:
-{{ tuple $envAll "senlin" "engine-cleaner" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "senlin" "engine-cleaner" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
- initContainers:
-{{ tuple $envAll "engine_cleaner" $mounts_senlin_engine_cleaner_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }}
- containers:
- - name: senlin-engine-cleaner
-{{ tuple $envAll "senlin_engine_cleaner" | include "helm-toolkit.snippets.image" | indent 14 }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.engine_cleaner | include "helm-toolkit.snippets.kubernetes_resources" | indent 14 }}
- command:
- - /tmp/senlin-engine-cleaner.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: senlin-bin
- mountPath: /tmp/senlin-engine-cleaner.sh
- subPath: senlin-engine-cleaner.sh
- readOnly: true
- - name: etcsenlin
- mountPath: /etc/senlin
- - name: senlin-etc
- mountPath: /etc/senlin/senlin.conf
- subPath: senlin.conf
- readOnly: true
- {{- if .Values.conf.senlin.DEFAULT.log_config_append }}
- - name: senlin-etc
- mountPath: {{ .Values.conf.senlin.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.senlin.DEFAULT.log_config_append }}
- readOnly: true
- {{- end }}
-{{ if $mounts_senlin_engine_cleaner.volumeMounts }}{{ toYaml $mounts_senlin_engine_cleaner.volumeMounts | indent 16 }}{{ end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: etcsenlin
- emptyDir: {}
- - name: senlin-etc
- secret:
- secretName: senlin-etc
- defaultMode: 0444
- - name: senlin-bin
- configMap:
- name: senlin-bin
- defaultMode: 0555
-{{ if $mounts_senlin_engine_cleaner.volumes }}{{ toYaml $mounts_senlin_engine_cleaner.volumes | indent 12 }}{{ end }}
-{{- end }}
diff --git a/charts/senlin/templates/deployment-api.yaml b/charts/senlin/templates/deployment-api.yaml
deleted file mode 100644
index 6c192eb..0000000
--- a/charts/senlin/templates/deployment-api.yaml
+++ /dev/null
@@ -1,130 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.deployment_api }}
-{{- $envAll := . }}
-
-{{- $mounts_senlin_api := .Values.pod.mounts.senlin_api.senlin_api }}
-{{- $mounts_senlin_api_init := .Values.pod.mounts.senlin_api.init_container }}
-
-{{- $serviceAccountName := "senlin-api" }}
-{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: senlin-api
- annotations:
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
- labels:
-{{ tuple $envAll "senlin" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-spec:
- replicas: {{ .Values.pod.replicas.api }}
- selector:
- matchLabels:
-{{ tuple $envAll "senlin" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
- template:
- metadata:
- labels:
-{{ tuple $envAll "senlin" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
- configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- affinity:
-{{ tuple $envAll "senlin" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
- nodeSelector:
- {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }}
- terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }}
- initContainers:
-{{ tuple $envAll "api" $mounts_senlin_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: senlin-api
-{{ tuple $envAll "senlin_api" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- securityContext:
- runAsUser: {{ .Values.pod.user.senlin.uid }}
- command:
- - /tmp/senlin-api.sh
- - start
- lifecycle:
- preStop:
- exec:
- command:
- - /tmp/senlin-api.sh
- - stop
- ports:
- - name: s-api
- containerPort: {{ tuple "clustering" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- readinessProbe:
- httpGet:
- scheme: HTTP
- path: /
- port: {{ tuple "clustering" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- initialDelaySeconds: 5
- periodSeconds: 10
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: senlin-bin
- mountPath: /tmp/senlin-api.sh
- subPath: senlin-api.sh
- readOnly: true
- - name: pod-etc-senlin
- mountPath: /etc/senlin
- - name: pod-var-cache-senlin
- mountPath: /var/cache/senlin
- - name: senlin-etc
- mountPath: /etc/senlin/senlin-api-uwsgi.ini
- subPath: senlin-api-uwsgi.ini
- readOnly: true
- - name: senlin-etc
- mountPath: /etc/senlin/senlin.conf
- subPath: senlin.conf
- readOnly: true
- {{- if .Values.conf.senlin.DEFAULT.log_config_append }}
- - name: senlin-etc
- mountPath: {{ .Values.conf.senlin.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.senlin.DEFAULT.log_config_append }}
- readOnly: true
- {{- end }}
- - name: senlin-etc
- mountPath: /etc/senlin/api-paste.ini
- subPath: api-paste.ini
- readOnly: true
- - name: senlin-etc
- mountPath: /etc/senlin/policy.yaml
- subPath: policy.yaml
- readOnly: true
-{{ if $mounts_senlin_api.volumeMounts }}{{ toYaml $mounts_senlin_api.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: pod-etc-senlin
- emptyDir: {}
- - name: pod-var-cache-senlin
- emptyDir: {}
- - name: senlin-bin
- configMap:
- name: senlin-bin
- defaultMode: 0555
- - name: senlin-etc
- secret:
- secretName: senlin-etc
- defaultMode: 0444
-{{ if $mounts_senlin_api.volumes }}{{ toYaml $mounts_senlin_api.volumes | indent 8 }}{{ end }}
-{{- end }}
diff --git a/charts/senlin/templates/deployment-conductor.yaml b/charts/senlin/templates/deployment-conductor.yaml
deleted file mode 100644
index d60ada4..0000000
--- a/charts/senlin/templates/deployment-conductor.yaml
+++ /dev/null
@@ -1,102 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.deployment_conductor }}
-{{- $envAll := . }}
-
-{{- $mounts_senlin_conductor := .Values.pod.mounts.senlin_conductor.senlin_conductor }}
-{{- $mounts_senlin_conductor_init := .Values.pod.mounts.senlin_conductor.init_container }}
-
-{{- $serviceAccountName := "senlin-conductor" }}
-{{ tuple $envAll "conductor" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: senlin-conductor
- annotations:
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
- labels:
-{{ tuple $envAll "senlin" "conductor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-spec:
- replicas: {{ .Values.pod.replicas.conductor }}
- selector:
- matchLabels:
-{{ tuple $envAll "senlin" "conductor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
- template:
- metadata:
- labels:
-{{ tuple $envAll "senlin" "conductor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
- configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- affinity:
-{{ tuple $envAll "senlin" "conductor" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
- nodeSelector:
- {{ .Values.labels.conductor.node_selector_key }}: {{ .Values.labels.conductor.node_selector_value }}
- initContainers:
-{{ tuple $envAll "conductor" $mounts_senlin_conductor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: senlin-conductor
-{{ tuple $envAll "senlin_conductor" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- securityContext:
- runAsUser: {{ .Values.pod.user.senlin.uid }}
- command:
- - /tmp/senlin-conductor.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: senlin-bin
- mountPath: /tmp/senlin-conductor.sh
- subPath: senlin-conductor.sh
- readOnly: true
- - name: pod-etc-senlin
- mountPath: /etc/senlin
- - name: senlin-etc
- mountPath: /etc/senlin/senlin.conf
- subPath: senlin.conf
- readOnly: true
- {{- if .Values.conf.senlin.DEFAULT.log_config_append }}
- - name: senlin-etc
- mountPath: {{ .Values.conf.senlin.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.senlin.DEFAULT.log_config_append }}
- readOnly: true
- {{- end }}
- - name: senlin-etc
- mountPath: /etc/senlin/policy.json
- subPath: policy.json
- readOnly: true
-{{ if $mounts_senlin_conductor.volumeMounts }}{{ toYaml $mounts_senlin_conductor.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: pod-etc-senlin
- emptyDir: {}
- - name: pod-var-cache-senlin
- emptyDir: {}
- - name: senlin-bin
- configMap:
- name: senlin-bin
- defaultMode: 0555
- - name: senlin-etc
- secret:
- secretName: senlin-etc
- defaultMode: 0444
-{{ if $mounts_senlin_conductor.volumes }}{{ toYaml $mounts_senlin_conductor.volumes | indent 8 }}{{ end }}
-{{- end }}
\ No newline at end of file
diff --git a/charts/senlin/templates/deployment-engine.yaml b/charts/senlin/templates/deployment-engine.yaml
deleted file mode 100644
index 06ed768..0000000
--- a/charts/senlin/templates/deployment-engine.yaml
+++ /dev/null
@@ -1,99 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.deployment_engine }}
-{{- $envAll := . }}
-
-{{- $mounts_senlin_engine := .Values.pod.mounts.senlin_engine.senlin_engine }}
-{{- $mounts_senlin_engine_init := .Values.pod.mounts.senlin_engine.init_container }}
-
-{{- $serviceAccountName := "senlin-engine" }}
-{{ tuple $envAll "engine" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: senlin-engine
- annotations:
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
- labels:
-{{ tuple $envAll "senlin" "engine" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-spec:
- replicas: {{ .Values.pod.replicas.engine }}
- selector:
- matchLabels:
-{{ tuple $envAll "senlin" "engine" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
- template:
- metadata:
- labels:
-{{ tuple $envAll "senlin" "engine" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
- configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- affinity:
-{{ tuple $envAll "senlin" "engine" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
- nodeSelector:
- {{ .Values.labels.engine.node_selector_key }}: {{ .Values.labels.engine.node_selector_value }}
- initContainers:
-{{ tuple $envAll "engine" $mounts_senlin_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: senlin-engine
-{{ tuple $envAll "senlin_engine" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.engine | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- securityContext:
- runAsUser: {{ .Values.pod.user.senlin.uid }}
- command:
- - /tmp/senlin-engine.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: senlin-bin
- mountPath: /tmp/senlin-engine.sh
- subPath: senlin-engine.sh
- readOnly: true
- - name: pod-etc-senlin
- mountPath: /etc/senlin
- - name: senlin-etc
- mountPath: /etc/senlin/senlin.conf
- subPath: senlin.conf
- readOnly: true
- {{- if .Values.conf.senlin.DEFAULT.log_config_append }}
- - name: senlin-etc
- mountPath: {{ .Values.conf.senlin.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.senlin.DEFAULT.log_config_append }}
- readOnly: true
- {{- end }}
- - name: senlin-etc
- mountPath: /etc/senlin/policy.yaml
- subPath: policy.yaml
- readOnly: true
-{{ if $mounts_senlin_engine.volumeMounts }}{{ toYaml $mounts_senlin_engine.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: pod-etc-senlin
- emptyDir: {}
- - name: senlin-bin
- configMap:
- name: senlin-bin
- defaultMode: 0555
- - name: senlin-etc
- secret:
- secretName: senlin-etc
- defaultMode: 0444
-{{ if $mounts_senlin_engine.volumes }}{{ toYaml $mounts_senlin_engine.volumes | indent 8 }}{{ end }}
-{{- end }}
diff --git a/charts/senlin/templates/deployment-health-manager.yaml b/charts/senlin/templates/deployment-health-manager.yaml
deleted file mode 100644
index e081c36..0000000
--- a/charts/senlin/templates/deployment-health-manager.yaml
+++ /dev/null
@@ -1,102 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.deployment_health_manager }}
-{{- $envAll := . }}
-
-{{- $mounts_senlin_health_manager := .Values.pod.mounts.senlin_health_manager.senlin_health_manager }}
-{{- $mounts_senlin_health_manager_init := .Values.pod.mounts.senlin_health_manager.init_container }}
-
-{{- $serviceAccountName := "senlin-health-manager" }}
-{{ tuple $envAll "health_manager" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: senlin-health-manager
- annotations:
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
- labels:
-{{ tuple $envAll "senlin" "health_manager" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-spec:
- replicas: {{ .Values.pod.replicas.health_manager }}
- selector:
- matchLabels:
-{{ tuple $envAll "senlin" "health_manager" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
- template:
- metadata:
- labels:
-{{ tuple $envAll "senlin" "health_manager" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
- configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
- configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
- affinity:
-{{ tuple $envAll "senlin" "health_manager" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
- nodeSelector:
- {{ .Values.labels.health_manager.node_selector_key }}: {{ .Values.labels.health_manager.node_selector_value }}
- initContainers:
-{{ tuple $envAll "health_manager" $mounts_senlin_health_manager_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: senlin-health-manager
-{{ tuple $envAll "senlin_health_manager" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.health_manager | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
- securityContext:
- runAsUser: {{ .Values.pod.user.senlin.uid }}
- command:
- - /tmp/senlin-health-manager.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: senlin-bin
- mountPath: /tmp/senlin-health-manager.sh
- subPath: senlin-health-manager.sh
- readOnly: true
- - name: pod-etc-senlin
- mountPath: /etc/senlin
- - name: senlin-etc
- mountPath: /etc/senlin/senlin.conf
- subPath: senlin.conf
- readOnly: true
- {{- if .Values.conf.senlin.DEFAULT.log_config_append }}
- - name: senlin-etc
- mountPath: {{ .Values.conf.senlin.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.senlin.DEFAULT.log_config_append }}
- readOnly: true
- {{- end }}
- - name: senlin-etc
- mountPath: /etc/senlin/policy.json
- subPath: policy.json
- readOnly: true
-{{ if $mounts_senlin_health_manager.volumeMounts }}{{ toYaml $mounts_senlin_health_manager.volumeMounts | indent 12 }}{{ end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: pod-etc-senlin
- emptyDir: {}
- - name: pod-var-cache-senlin
- emptyDir: {}
- - name: senlin-bin
- configMap:
- name: senlin-bin
- defaultMode: 0555
- - name: senlin-etc
- secret:
- secretName: senlin-etc
- defaultMode: 0444
-{{ if $mounts_senlin_health_manager.volumes }}{{ toYaml $mounts_senlin_health_manager.volumes | indent 8 }}{{ end }}
-{{- end }}
\ No newline at end of file
diff --git a/charts/senlin/templates/ingress-api.yaml b/charts/senlin/templates/ingress-api.yaml
deleted file mode 100644
index f38bda6..0000000
--- a/charts/senlin/templates/ingress-api.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if and .Values.manifests.ingress_api .Values.network.api.ingress.public }}
-{{- $ingressOpts := dict "envAll" . "backendServiceType" "clustering" "backendPort" "s-api" -}}
-{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
-{{- end }}
diff --git a/charts/senlin/templates/job-bootstrap.yaml b/charts/senlin/templates/job-bootstrap.yaml
deleted file mode 100644
index b50c6cd..0000000
--- a/charts/senlin/templates/job-bootstrap.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
-{{- $bootstrapJob := dict "envAll" . "serviceName" "senlin" "keystoneUser" .Values.bootstrap.ks_user "logConfigFile" .Values.conf.senlin.DEFAULT.log_config_append -}}
-{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
-{{- end }}
diff --git a/charts/senlin/templates/job-db-drop.yaml b/charts/senlin/templates/job-db-drop.yaml
deleted file mode 100644
index 41735b4..0000000
--- a/charts/senlin/templates/job-db-drop.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.job_db_drop }}
-{{- $dbDropJob := dict "envAll" . "serviceName" "senlin" -}}
-{{ $dbDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }}
-{{- end }}
diff --git a/charts/senlin/templates/job-db-init.yaml b/charts/senlin/templates/job-db-init.yaml
deleted file mode 100644
index 47822ad..0000000
--- a/charts/senlin/templates/job-db-init.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "metadata.annotations.job.db_init" }}
-helm.sh/hook: post-install,post-upgrade
-helm.sh/hook-weight: "-5"
-{{- end }}
-
-{{- if .Values.manifests.job_db_init }}
-{{- $dbInitJob := dict "envAll" . "serviceName" "senlin" -}}
-{{- if .Values.helm3_hook }}
-{{- $_ := set $dbInitJob "jobAnnotations" (include "metadata.annotations.job.db_init" . | fromYaml) }}
-{{- end }}
-{{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }}
-{{- end }}
diff --git a/charts/senlin/templates/job-db-sync.yaml b/charts/senlin/templates/job-db-sync.yaml
deleted file mode 100644
index 7e5f0ba..0000000
--- a/charts/senlin/templates/job-db-sync.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "metadata.annotations.job.db_sync" }}
-helm.sh/hook: post-install,post-upgrade
-helm.sh/hook-weight: "-4"
-{{- end }}
-
-{{- if .Values.manifests.job_db_sync }}
-{{- $dbSyncJob := dict "envAll" . "serviceName" "senlin" "podVolMounts" .Values.pod.mounts.senlin_db_sync.senlin_db_sync.volumeMounts "podVols" .Values.pod.mounts.senlin_db_sync.senlin_db_sync.volumes -}}
-{{- if .Values.helm3_hook }}
-{{- $_ := set $dbSyncJob "jobAnnotations" (include "metadata.annotations.job.db_sync" . | fromYaml) }}
-{{- end }}
-{{ $dbSyncJob | include "helm-toolkit.manifests.job_db_sync" }}
-{{- end }}
diff --git a/charts/senlin/templates/job-image-repo-sync.yaml b/charts/senlin/templates/job-image-repo-sync.yaml
deleted file mode 100644
index d5b87b1..0000000
--- a/charts/senlin/templates/job-image-repo-sync.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "metadata.annotations.job.repo_sync" }}
-helm.sh/hook: post-install,post-upgrade
-{{- end }}
-
-{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
-{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "senlin" -}}
-{{- if .Values.helm3_hook }}
-{{- $_ := $imageRepoSyncJob "jobAnnotations" (include "metadata.annotations.job.repo_sync" . | fromYaml) }}
-{{- end }}
-{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
-{{- end }}
diff --git a/charts/senlin/templates/job-ks-endpoints.yaml b/charts/senlin/templates/job-ks-endpoints.yaml
deleted file mode 100644
index 8c8b2e3..0000000
--- a/charts/senlin/templates/job-ks-endpoints.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "metadata.annotations.job.ks_endpoints" }}
-helm.sh/hook: post-install,post-upgrade
-helm.sh/hook-weight: "-2"
-{{- end }}
-
-{{- if .Values.manifests.job_ks_endpoints }}
-{{- $ksServiceJob := dict "envAll" . "serviceName" "senlin" "serviceTypes" ( tuple "clustering" ) -}}
-{{- if .Values.helm3_hook }}
-{{- $_ := set $ksServiceJob "jobAnnotations" (include "metadata.annotations.job.ks_endpoints" . | fromYaml) }}
-{{- end }}
-{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
-{{- end }}
diff --git a/charts/senlin/templates/job-ks-service.yaml b/charts/senlin/templates/job-ks-service.yaml
deleted file mode 100644
index 0012d88..0000000
--- a/charts/senlin/templates/job-ks-service.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "metadata.annotations.job.ks_service" }}
-helm.sh/hook: post-install,post-upgrade
-helm.sh/hook-weight: "-3"
-{{- end }}
-
-{{- if .Values.manifests.job_ks_service }}
-{{- $ksServiceJob := dict "envAll" . "serviceName" "senlin" "serviceTypes" ( tuple "clustering" ) -}}
-{{- if .Values.helm3_hook }}
-{{- $_ := set $ksServiceJob "jobAnnotations" (include "metadata.annotations.job.ks_service" . | fromYaml) }}
-{{- end }}
-{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }}
-{{- end }}
diff --git a/charts/senlin/templates/job-ks-user.yaml b/charts/senlin/templates/job-ks-user.yaml
deleted file mode 100644
index aa86dc1..0000000
--- a/charts/senlin/templates/job-ks-user.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "metadata.annotations.job.ks_user" }}
-helm.sh/hook: post-install,post-upgrade
-helm.sh/hook-weight: "-1"
-{{- end }}
-
-{{- if .Values.manifests.job_ks_user }}
-{{- $ksUserJob := dict "envAll" . "serviceName" "senlin" -}}
-{{- if .Values.helm3_hook }}
-{{- $_ := set $ksUserJob "jobAnnotations" (include "metadata.annotations.job.ks_user" . | fromYaml) }}
-{{- end }}
-{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
-{{- end }}
diff --git a/charts/senlin/templates/job-rabbit-init.yaml b/charts/senlin/templates/job-rabbit-init.yaml
deleted file mode 100644
index eca7f03..0000000
--- a/charts/senlin/templates/job-rabbit-init.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- define "metadata.annotations.job.rabbit_init" }}
-helm.sh/hook: post-install,post-upgrade
-helm.sh/hook-weight: "-4"
-{{- end }}
-
-{{- if .Values.manifests.job_rabbit_init }}
-{{- $rmqUserJob := dict "envAll" . "serviceName" "senlin" -}}
-{{- if .Values.helm3_hook }}
-{{- $_ := set $rmqUserJob "jobAnnotations" (include "metadata.annotations.job.rabbit_init" . | fromYaml) }}
-{{- end }}
-{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
-{{- end }}
diff --git a/charts/senlin/templates/network_policy.yaml b/charts/senlin/templates/network_policy.yaml
deleted file mode 100644
index 0066c79..0000000
--- a/charts/senlin/templates/network_policy.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-{{- if .Values.manifests.network_policy -}}
-{{- $netpol_opts := dict "envAll" . "name" "application" "label" "senlin" -}}
-{{ $netpol_opts | include "helm-toolkit.manifests.kubernetes_network_policy" }}
-{{- end -}}
diff --git a/charts/senlin/templates/pdb-api.yaml b/charts/senlin/templates/pdb-api.yaml
deleted file mode 100644
index 15a2a45..0000000
--- a/charts/senlin/templates/pdb-api.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.pdb_api }}
-{{- $envAll := . }}
----
-apiVersion: policy/v1
-kind: PodDisruptionBudget
-metadata:
- name: senlin-api
-spec:
- minAvailable: {{ .Values.pod.lifecycle.disruption_budget.api.min_available }}
- selector:
- matchLabels:
-{{ tuple $envAll "senlin" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-{{- end }}
diff --git a/charts/senlin/templates/pod-test.yaml b/charts/senlin/templates/pod-test.yaml
deleted file mode 100644
index 05a65cf..0000000
--- a/charts/senlin/templates/pod-test.yaml
+++ /dev/null
@@ -1,65 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.pod_test }}
-{{- $envAll := . }}
-
-{{- $mounts_senlin_tests := .Values.pod.mounts.senlin_tests.senlin_tests }}
-{{- $mounts_senlin_tests_init := .Values.pod.mounts.senlin_tests.init_container }}
-
-{{- $serviceAccountName := print .Release.Name "-test" }}
-{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: v1
-kind: Pod
-metadata:
- name: "{{.Release.Name}}-test"
- labels:
-{{ tuple $envAll "senlin" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
- annotations:
- "helm.sh/hook": test-success
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-spec:
- serviceAccountName: {{ $serviceAccountName }}
- nodeSelector:
- {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
- restartPolicy: Never
- initContainers:
-{{ tuple $envAll "tests" $mounts_senlin_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
- containers:
- - name: {{.Release.Name}}-senlin-test
-{{ tuple $envAll "scripted_test" | include "helm-toolkit.snippets.image" | indent 6 }}
- env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }}
-{{- end }}
- command:
- - /tmp/senlin-test.sh
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: senlin-bin
- mountPath: /tmp/senlin-test.sh
- subPath: senlin-test.sh
- readOnly: true
-{{ if $mounts_senlin_tests.volumeMounts }}{{ toYaml $mounts_senlin_tests.volumeMounts | indent 8 }}{{ end }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: senlin-bin
- configMap:
- name: senlin-bin
- defaultMode: 0555
-{{ if $mounts_senlin_tests.volumes }}{{ toYaml $mounts_senlin_tests.volumes | indent 4 }}{{ end }}
-{{- end }}
diff --git a/charts/senlin/templates/secret-db.yaml b/charts/senlin/templates/secret-db.yaml
deleted file mode 100644
index 0e3e472..0000000
--- a/charts/senlin/templates/secret-db.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.secret_db }}
-{{- $envAll := . }}
-{{- range $key1, $userClass := tuple "admin" "senlin" }}
-{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ $secretName }}
-type: Opaque
-data:
- DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/templates/secret-keystone.yaml b/charts/senlin/templates/secret-keystone.yaml
deleted file mode 100644
index 4a553ea..0000000
--- a/charts/senlin/templates/secret-keystone.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.secret_keystone }}
-{{- $envAll := . }}
-{{- range $key1, $userClass := tuple "admin" "senlin" }}
-{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ $secretName }}
-type: Opaque
-data:
-{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/templates/secret-rabbitmq.yaml b/charts/senlin/templates/secret-rabbitmq.yaml
deleted file mode 100644
index a7390c6..0000000
--- a/charts/senlin/templates/secret-rabbitmq.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.secret_rabbitmq }}
-{{- $envAll := . }}
-{{- range $key1, $userClass := tuple "admin" "senlin" }}
-{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ $secretName }}
-type: Opaque
-data:
- RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
-{{- end }}
-{{- end }}
diff --git a/charts/senlin/templates/secret-registry.yaml b/charts/senlin/templates/secret-registry.yaml
deleted file mode 100644
index da979b3..0000000
--- a/charts/senlin/templates/secret-registry.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
-{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
-{{- end }}
diff --git a/charts/senlin/templates/service-api.yaml b/charts/senlin/templates/service-api.yaml
deleted file mode 100644
index e4e3787..0000000
--- a/charts/senlin/templates/service-api.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.service_api }}
-{{- $envAll := . }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ tuple "clustering" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
-spec:
- ports:
- - name: s-api
- port: {{ tuple "clustering" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- {{ if .Values.network.api.node_port.enabled }}
- nodePort: {{ .Values.network.api.node_port.port }}
- {{ end }}
- selector:
-{{ tuple $envAll "senlin" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
- {{ if .Values.network.api.node_port.enabled }}
- type: NodePort
- {{ end }}
-{{- end }}
diff --git a/charts/senlin/templates/service-ingress-api.yaml b/charts/senlin/templates/service-ingress-api.yaml
deleted file mode 100644
index 5f8d9cf..0000000
--- a/charts/senlin/templates/service-ingress-api.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if and .Values.manifests.service_ingress_api .Values.network.api.ingress.public }}
-{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "clustering" -}}
-{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
-{{- end }}
diff --git a/charts/senlin/values.yaml b/charts/senlin/values.yaml
deleted file mode 100644
index 5631c58..0000000
--- a/charts/senlin/values.yaml
+++ /dev/null
@@ -1,750 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Default values for senlin.
-# This is a YAML-formatted file.
-# Declare name/value pairs to be passed into your templates.
-# name: value
-
----
-labels:
- api:
- node_selector_key: openstack-control-plane
- node_selector_value: enabled
- conductor:
- node_selector_key: openstack-control-plane
- node_selector_value: enabled
- engine:
- node_selector_key: openstack-control-plane
- node_selector_value: enabled
- health_manager:
- node_selector_key: openstack-control-plane
- node_selector_value: enabled
- job:
- node_selector_key: openstack-control-plane
- node_selector_value: enabled
- test:
- node_selector_key: openstack-control-plane
- node_selector_value: enabled
-
-release_group: null
-
-images:
- tags:
- scripted_test: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
- bootstrap: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
- db_init: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
- senlin_db_sync: docker.io/openstackhelm/senlin:wallaby-ubuntu_focal
- db_drop: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
- rabbit_init: docker.io/rabbitmq:3.7-management
- ks_user: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
- ks_service: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
- ks_endpoints: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
- senlin_api: docker.io/openstackhelm/senlin:wallaby-ubuntu_focal
- senlin_conductor: docker.io/openstackhelm/senlin:wallaby-ubuntu_focal
- senlin_engine: docker.io/openstackhelm/senlin:wallaby-ubuntu_focal
- senlin_engine_cleaner: docker.io/openstackhelm/senlin:wallaby-ubuntu_focal
- senlin_health_manager: docker.io/openstackhelm/senlin:wallaby-ubuntu_focal
- dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
- image_repo_sync: docker.io/docker:17.07.0
- pull_policy: "IfNotPresent"
- local_registry:
- active: false
- exclude:
- - dep_check
- - image_repo_sync
-
-jobs:
- engine_cleaner:
- cron: "*/5 * * * *"
- history:
- success: 3
- failed: 1
-
-conf:
- rally_tests:
- run_tempest: false
- tests:
- SenlinClusters.create_and_delete_cluster:
- - args:
- desired_capacity: 3
- min_size: 0
- max_size: 5
- runner:
- concurrency: 1
- times: 1
- type: constant
- sla:
- failure_rate:
- max: 0
- context:
- profiles:
- type: os.nova.server
- version: "1.0"
- properties:
- name: cirros_server
- flavor: 689eeda3-c6cd-450f-b000-58025c783763
- image: df0c1a14-0940-4ae5-be5c-bb06aa407da2
- networks:
- - network: public
- paste:
- pipeline:senlin-api:
- pipeline: cors http_proxy_to_wsgi request_id faultwrap versionnegotiation osprofiler webhook authtoken context trust apiv1app
- app:apiv1app:
- paste.app_factory: senlin.api.common.wsgi:app_factory
- senlin.app_factory: senlin.api.openstack.v1.router:API
- filter:request_id:
- paste.filter_factory: oslo_middleware.request_id:RequestId.factory
- filter:faultwrap:
- paste.filter_factory: senlin.api.common.wsgi:filter_factory
- senlin.filter_factory: senlin.api.middleware:fault_filter
- filter:context:
- paste.filter_factory: senlin.api.common.wsgi:filter_factory
- senlin.filter_factory: senlin.api.middleware:context_filter
- oslo_config_project: senlin
- filter:versionnegotiation:
- paste.filter_factory: senlin.api.common.wsgi:filter_factory
- senlin.filter_factory: senlin.api.middleware:version_filter
- filter:trust:
- paste.filter_factory: senlin.api.common.wsgi:filter_factory
- senlin.filter_factory: senlin.api.middleware:trust_filter
- filter:webhook:
- paste.filter_factory: senlin.api.common.wsgi:filter_factory
- senlin.filter_factory: senlin.api.middleware:webhook_filter
- filter:http_proxy_to_wsgi:
- paste.filter_factory: oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory
- oslo_config_project: senlin
- filter:authtoken:
- paste.filter_factory: keystonemiddleware.auth_token:filter_factory
- filter:osprofiler:
- paste.filter_factory: osprofiler.web:WsgiMiddleware.factory
- filter:cors:
- paste.filter_factory: oslo_middleware.cors:filter_factory
- oslo_config_project: senlin
- policy: {}
- senlin:
- DEFAULT:
- log_config_append: /etc/senlin/logging.conf
- transport_url: null
- host: senlin
- database:
- max_retries: -1
- authentication:
- auth_url: null
- keystone_authtoken:
- auth_type: password
- auth_version: v3
- memcache_security_strategy: ENCRYPT
- service_type: clustering
- senlin_api:
- # NOTE(portdirect): the bind port should not be defined, and is manipulated
- # via the endpoints section.
- bind_port: null
- oslo_policy:
- policy_file: /etc/senlin/policy.yaml
- logging:
- loggers:
- keys:
- - root
- - senlin
- handlers:
- keys:
- - stdout
- - stderr
- - "null"
- formatters:
- keys:
- - context
- - default
- logger_root:
- level: WARNING
- handlers: 'null'
- logger_senlin:
- level: INFO
- handlers:
- - stdout
- qualname: senlin
- logger_amqp:
- level: WARNING
- handlers: stderr
- qualname: amqp
- logger_amqplib:
- level: WARNING
- handlers: stderr
- qualname: amqplib
- logger_eventletwsgi:
- level: WARNING
- handlers: stderr
- qualname: eventlet.wsgi.server
- logger_sqlalchemy:
- level: WARNING
- handlers: stderr
- qualname: sqlalchemy
- logger_boto:
- level: WARNING
- handlers: stderr
- qualname: boto
- handler_null:
- class: logging.NullHandler
- formatter: default
- args: ()
- handler_stdout:
- class: StreamHandler
- args: (sys.stdout,)
- formatter: context
- handler_stderr:
- class: StreamHandler
- args: (sys.stderr,)
- formatter: context
- formatter_context:
- class: oslo_log.formatters.ContextFormatter
- datefmt: "%Y-%m-%d %H:%M:%S"
- formatter_default:
- format: "%(message)s"
- datefmt: "%Y-%m-%d %H:%M:%S"
- senlin_api_uwsgi:
- uwsgi:
- add-header: "Connection: close"
- buffer-size: 65535
- chunked-input-limit: "4096000"
- die-on-term: true
- enable-threads: true
- exit-on-reload: false
- hook-master-start: unix_signal:15 gracefully_kill_them_all
- http-auto-chunked: true
- http-raw-body: true
- lazy-apps: true
- log-x-forwarded-for: true
- master: true
- need-app: true
- procname-prefix-spaced: "senlin-api:"
- route-user-agent: '^kube-probe.* donotlog:'
- socket-timeout: 10
- thunder-lock: true
- worker-reload-mercy: 80
- wsgi-file: /var/lib/openstack/bin/senlin-wsgi-api
-
-network:
- api:
- ingress:
- public: true
- classes:
- namespace: "nginx"
- cluster: "nginx-cluster"
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
- node_port:
- enabled: false
- port: 30778
-
-bootstrap:
- enabled: false
- ks_user: senlin
- script: |
- openstack token issue
-
-dependencies:
- dynamic:
- common:
- local_image_registry:
- jobs:
- - senlin-image-repo-sync
- services:
- - endpoint: node
- service: local_image_registry
- static:
- engine_cleaner:
- jobs:
- - senlin-db-sync
- services:
- - endpoint: internal
- service: oslo_db
- - endpoint: internal
- service: oslo_messaging
- - endpoint: internal
- service: identity
- api:
- jobs:
- - senlin-db-sync
- - senlin-ks-user
- - senlin-ks-endpoints
- - senlin-rabbit-init
- services:
- - endpoint: internal
- service: oslo_db
- - endpoint: internal
- service: identity
- - endpoint: internal
- service: oslo_messaging
- db_drop:
- services:
- - endpoint: internal
- service: oslo_db
- db_init:
- services:
- - endpoint: internal
- service: oslo_db
- db_sync:
- jobs:
- - senlin-db-init
- services:
- - endpoint: internal
- service: oslo_db
- engine:
- jobs:
- - senlin-db-sync
- - senlin-ks-user
- - senlin-ks-endpoints
- - senlin-rabbit-init
- services:
- - endpoint: internal
- service: oslo_db
- - endpoint: internal
- service: identity
- conductor:
- jobs:
- - senlin-db-sync
- - senlin-ks-user
- - senlin-ks-endpoints
- - senlin-rabbit-init
- services:
- - endpoint: internal
- service: oslo_db
- - endpoint: internal
- service: identity
- health_manager:
- jobs:
- - senlin-db-sync
- - senlin-ks-user
- - senlin-ks-endpoints
- - senlin-rabbit-init
- services:
- - endpoint: internal
- service: oslo_db
- - endpoint: internal
- service: identity
- ks_endpoints:
- jobs:
- - senlin-ks-service
- services:
- - endpoint: internal
- service: identity
- ks_service:
- services:
- - endpoint: internal
- service: identity
- ks_user:
- services:
- - endpoint: internal
- service: identity
- rabbit_init:
- services:
- - endpoint: internal
- service: oslo_messaging
- tests:
- services:
- - endpoint: internal
- service: identity
- - endpoint: internal
- service: clustering
- image_repo_sync:
- services:
- - endpoint: internal
- service: local_image_registry
-
-# Names of secrets used by bootstrap and environmental checks
-secrets:
- identity:
- admin: senlin-keystone-admin
- senlin: senlin-keystone-user
- oslo_db:
- admin: senlin-db-admin
- senlin: senlin-db-user
- oslo_messaging:
- admin: senlin-rabbitmq-admin
- senlin: senlin-rabbitmq-user
- oci_image_registry:
- senlin: senlin-oci-image-registry
-
-# typically overridden by environmental
-# values, but should include all endpoints
-# required by this chart
-endpoints:
- cluster_domain_suffix: cluster.local
- local_image_registry:
- name: docker-registry
- namespace: docker-registry
- hosts:
- default: localhost
- internal: docker-registry
- node: localhost
- host_fqdn_override:
- default: null
- port:
- registry:
- node: 5000
- oci_image_registry:
- name: oci-image-registry
- namespace: oci-image-registry
- auth:
- enabled: false
- senlin:
- username: senlin
- password: password
- hosts:
- default: localhost
- host_fqdn_override:
- default: null
- port:
- registry:
- default: null
- identity:
- name: keystone
- auth:
- admin:
- region_name: RegionOne
- username: admin
- password: password
- project_name: admin
- user_domain_name: default
- project_domain_name: default
- senlin:
- role: admin
- region_name: RegionOne
- username: senlin
- password: password
- project_name: service
- user_domain_name: service
- project_domain_name: service
- test:
- role: admin
- region_name: RegionOne
- username: senlin-test
- password: password
- project_name: test
- user_domain_name: service
- project_domain_name: service
- hosts:
- default: keystone
- internal: keystone-api
- host_fqdn_override:
- default: null
- path:
- default: /v3
- scheme:
- default: http
- port:
- api:
- default: 80
- internal: 5000
- clustering:
- name: senlin
- hosts:
- default: senlin-api
- public: senlin
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme:
- default: http
- port:
- api:
- default: 8778
- public: 80
- oslo_db:
- auth:
- admin:
- username: root
- password: password
- senlin:
- username: senlin
- password: password
- hosts:
- default: mariadb
- host_fqdn_override:
- default: null
- path: /senlin
- scheme: mysql+pymysql
- port:
- mysql:
- default: 3306
- oslo_cache:
- auth:
- # NOTE(portdirect): this is used to define the value for keystone
- # authtoken cache encryption key, if not set it will be populated
- # automatically with a random value, but to take advantage of
- # this feature all services should be set to use the same key,
- # and memcache service.
- memcache_secret_key: null
- hosts:
- default: memcached
- host_fqdn_override:
- default: null
- port:
- memcache:
- default: 11211
- oslo_messaging:
- auth:
- admin:
- username: rabbitmq
- password: password
- senlin:
- username: senlin
- password: password
- statefulset:
- replicas: 2
- name: rabbitmq-rabbitmq
- hosts:
- default: rabbitmq
- host_fqdn_override:
- default: null
- path: /senlin
- scheme: rabbit
- port:
- amqp:
- default: 5672
- http:
- default: 15672
- fluentd:
- namespace: null
- name: fluentd
- hosts:
- default: fluentd-logging
- host_fqdn_override:
- default: null
- path:
- default: null
- scheme: 'http'
- port:
- service:
- default: 24224
- metrics:
- default: 24220
-
-pod:
- user:
- senlin:
- uid: 42424
- affinity:
- anti:
- type:
- default: preferredDuringSchedulingIgnoredDuringExecution
- topologyKey:
- default: kubernetes.io/hostname
- weight:
- default: 10
- mounts:
- senlin_api:
- init_container: null
- senlin_api:
- volumeMounts:
- volumes:
- senlin_conductor:
- init_container: null
- senlin_conductor:
- volumeMounts:
- volumes:
- senlin_engine:
- init_container: null
- senlin_engine:
- volumeMounts:
- volumes:
- senlin_health_manager:
- init_container: null
- senlin_health_manager:
- volumeMounts:
- volumes:
- senlin_bootstrap:
- init_container: null
- senlin_bootstrap:
- volumeMounts:
- volumes:
- senlin_engine_cleaner:
- init_container: null
- senlin_engine_cleaner:
- volumeMounts:
- volumes:
- senlin_tests:
- init_container: null
- senlin_tests:
- volumeMounts:
- volumes:
- senlin_db_sync:
- senlin_db_sync:
- volumeMounts:
- volumes:
- replicas:
- api: 1
- conductor: 1
- engine: 1
- health_manager: 1
- lifecycle:
- upgrades:
- deployments:
- revision_history: 3
- pod_replacement_strategy: RollingUpdate
- rolling_update:
- max_unavailable: 1
- max_surge: 3
- disruption_budget:
- api:
- min_available: 0
- termination_grace_period:
- api:
- timeout: 30
- resources:
- enabled: false
- api:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- conductor:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- engine:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- health_manager:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- jobs:
- bootstrap:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- db_init:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- db_sync:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- db_drop:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- ks_endpoints:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- ks_service:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- ks_user:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- rabbit_init:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- tests:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- engine_cleaner:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
- image_repo_sync:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
-
-network_policy:
- senlin:
- ingress:
- - {}
- egress:
- - {}
-
-helm3_hook: true
-
-manifests:
- configmap_bin: true
- configmap_etc: true
- cron_job_engine_cleaner: true
- deployment_api: true
- deployment_conductor: true
- deployment_engine: true
- deployment_health_manager: true
- ingress_api: true
- job_bootstrap: true
- job_db_init: true
- job_db_sync: true
- job_db_drop: false
- job_image_repo_sync: true
- job_ks_endpoints: true
- job_ks_service: true
- job_ks_user: true
- job_rabbit_init: true
- pdb_api: true
- pod_test: true
- network_policy: false
- secret_db: true
- secret_keystone: true
- secret_rabbitmq: true
- secret_registry: true
- service_ingress_api: true
- service_api: true
-...
diff --git a/images/horizon/Dockerfile b/images/horizon/Dockerfile
index c2c63f2..dbb889f 100644
--- a/images/horizon/Dockerfile
+++ b/images/horizon/Dockerfile
@@ -32,8 +32,6 @@
RUN git -C /src/neutron-vpnaas-dashboard fetch --unshallow
ADD --keep-git-dir=true https://opendev.org/openstack/octavia-dashboard.git#master /src/octavia-dashboard
RUN git -C /src/octavia-dashboard fetch --unshallow
-ADD --keep-git-dir=true https://opendev.org/openstack/senlin-dashboard.git#master /src/senlin-dashboard
-RUN git -C /src/senlin-dashboard fetch --unshallow
COPY patches/magnum-ui /patches/magnum-ui
RUN git -C /src/magnum-ui apply --verbose /patches/magnum-ui/*
RUN --mount=type=cache,mode=0755,target=/root/.cache/pip,sharing=private <<EOF bash -xe
@@ -47,7 +45,6 @@
/src/manila-ui \
/src/neutron-vpnaas-dashboard \
/src/octavia-dashboard \
- /src/senlin-dashboard \
pymemcache
EOF
diff --git a/images/python-openstackclient/Dockerfile b/images/python-openstackclient/Dockerfile
index 2912699..e3316dd 100644
--- a/images/python-openstackclient/Dockerfile
+++ b/images/python-openstackclient/Dockerfile
@@ -28,7 +28,6 @@
python-neutronclient \
python-octaviaclient \
osc-placement \
- python-senlinclient \
python-swiftclient
EOF
diff --git a/images/senlin/Dockerfile b/images/senlin/Dockerfile
deleted file mode 100644
index 659e137..0000000
--- a/images/senlin/Dockerfile
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright (c) 2024 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-ARG RELEASE
-
-FROM registry.atmosphere.dev/library/openstack-venv-builder:${RELEASE} AS build
-ARG SENLIN_GIT_REF=ec5fae997686c64c3c1192b231b2434e6a6aeb1c
-ADD --keep-git-dir=true https://opendev.org/openstack/senlin.git#${SENLIN_GIT_REF} /src/senlin
-RUN git -C /src/senlin fetch --unshallow
-RUN --mount=type=cache,mode=0755,target=/root/.cache/pip,sharing=private <<EOF bash -xe
-pip3 install \
- --constraint /upper-constraints.txt \
- /src/senlin
-EOF
-
-FROM registry.atmosphere.dev/library/openstack-python-runtime:${RELEASE}
-COPY --from=build --link /var/lib/openstack /var/lib/openstack
diff --git a/internal/openstack_helm/openstack_helm.go b/internal/openstack_helm/openstack_helm.go
index e66c335..5280e16 100644
--- a/internal/openstack_helm/openstack_helm.go
+++ b/internal/openstack_helm/openstack_helm.go
@@ -23,7 +23,6 @@
Nova *NovaConf `yaml:"nova,omitempty"`
Octavia *OctaviaConf `yaml:"octavia,omitempty"`
Placement *PlacementConf `yaml:"placement,omitempty"`
- Senlin *SenlinConf `yaml:"senlin,omitempty"`
Staffeln *StaffelnConf `yaml:"staffeln,omitempty"`
}
diff --git a/internal/openstack_helm/senlin.go b/internal/openstack_helm/senlin.go
deleted file mode 100644
index 5cb3e40..0000000
--- a/internal/openstack_helm/senlin.go
+++ /dev/null
@@ -1,10 +0,0 @@
-package openstack_helm
-
-type SenlinConf struct {
- API SenlinAPIConf `yaml:"senlin_api"`
- Database *DatabaseConf `yaml:"database,omitempty"`
-}
-
-type SenlinAPIConf struct {
- Workers int32 `yaml:"workers"`
-}
diff --git a/molecule/aio/group_vars/all/molecule.yml b/molecule/aio/group_vars/all/molecule.yml
index 34cff39..898f142 100644
--- a/molecule/aio/group_vars/all/molecule.yml
+++ b/molecule/aio/group_vars/all/molecule.yml
@@ -165,18 +165,6 @@
server: 1
rpc_server: 1
-senlin_helm_values:
- conf:
- senlin:
- DEFAULT:
- debug: "{{ lookup('env', 'ATMOSPHERE_DEBUG') | default('false', True) }}"
- pod:
- replicas:
- api: 1
- conductor: 1
- engine: 1
- health_manager: 1
-
heat_helm_values:
conf:
heat:
diff --git a/playbooks/generate_workspace.yml b/playbooks/generate_workspace.yml
index f73de6a..faeeeff 100644
--- a/playbooks/generate_workspace.yml
+++ b/playbooks/generate_workspace.yml
@@ -225,7 +225,6 @@
openstack_helm_endpoints_nova_novnc_host: "vnc.{{ domain_name }}"
openstack_helm_endpoints_octavia_api_host: "load-balancer.{{ domain_name }}"
openstack_helm_endpoints_placement_api_host: "placement.{{ domain_name }}"
- openstack_helm_endpoints_senlin_api_host: "clustering.{{ domain_name }}"
openstack_helm_endpoints_magnum_api_host: "container-infra.{{ domain_name }}"
openstack_helm_endpoints_magnum_registry_host: "container-infra-registry.{{ domain_name }}"
openstack_helm_endpoints_rgw_host: "object-store.{{ domain_name }}"
diff --git a/roles/defaults/vars/main.yml b/roles/defaults/vars/main.yml
index 1f7517c..5b64bed 100644
--- a/roles/defaults/vars/main.yml
+++ b/roles/defaults/vars/main.yml
@@ -189,12 +189,6 @@
rabbitmq_topology_operator: docker.io/rabbitmqoperator/messaging-topology-operator:1.13.0
rook_ceph: docker.io/rook/ceph:v1.14.2
secretgen_controller: ghcr.io/carvel-dev/secretgen-controller@sha256:59ec05ce5847bfd70c8e04f08b5195e918c8f6fbb947ffc91b456494a2958fd5
- senlin_api: "registry.atmosphere.dev/library/senlin:{{ atmosphere_release }}"
- senlin_conductor: "registry.atmosphere.dev/library/senlin:{{ atmosphere_release }}"
- senlin_db_sync: "registry.atmosphere.dev/library/senlin:{{ atmosphere_release }}"
- senlin_engine_cleaner: "registry.atmosphere.dev/library/senlin:{{ atmosphere_release }}"
- senlin_engine: "registry.atmosphere.dev/library/senlin:{{ atmosphere_release }}"
- senlin_health_manager: "registry.atmosphere.dev/library/senlin:{{ atmosphere_release }}"
staffeln_db_sync: "registry.atmosphere.dev/library/staffeln:{{ atmosphere_release }}"
staffeln_conductor: "registry.atmosphere.dev/library/staffeln:{{ atmosphere_release }}"
staffeln_api: "registry.atmosphere.dev/library/staffeln:{{ atmosphere_release }}"
diff --git a/roles/horizon/vars/main.yml b/roles/horizon/vars/main.yml
index b4c2130..31ebb28 100644
--- a/roles/horizon/vars/main.yml
+++ b/roles/horizon/vars/main.yml
@@ -46,7 +46,6 @@
- monitoring
- neutron_vpnaas_dashboard
- octavia_dashboard
- - senlin_dashboard
manifests:
ingress_api: false
service_ingress_api: false
diff --git a/roles/openstack_cli/defaults/main.yml b/roles/openstack_cli/defaults/main.yml
index 9a58d41..b1d004d 100644
--- a/roles/openstack_cli/defaults/main.yml
+++ b/roles/openstack_cli/defaults/main.yml
@@ -25,7 +25,6 @@
- python3-octaviaclient
- python3-openstackclient
- python3-osc-placement
- - python3-senlinclient
- python3-swiftclient
# URL for the Ubuntu Cloud Archive repository
diff --git a/roles/openstack_helm_endpoints/defaults/main.yml b/roles/openstack_helm_endpoints/defaults/main.yml
index 33aec1c..0b43aba 100644
--- a/roles/openstack_helm_endpoints/defaults/main.yml
+++ b/roles/openstack_helm_endpoints/defaults/main.yml
@@ -371,36 +371,6 @@
openstack_helm_endpoints_magnum_rabbitmq_password: "{{ undef(hint='You must specify an Magnum RabbitMQ password') }}"
# ]]]
-# .. envvar:: openstack_helm_endpoints_senlin_api_host [[[
-#
-# API hostname for OpenStack Clustering Service
-openstack_helm_endpoints_senlin_api_host: "{{ undef(hint='You must specify a Senlin API hostname') }}"
-
- # ]]]
-# .. envvar:: openstack_helm_endpoints_senlin_region_name [[[
-#
-# Region name for service
-openstack_helm_endpoints_senlin_region_name: "{{ openstack_helm_endpoints_region_name }}"
-
- # ]]]
-# .. envvar:: openstack_helm_endpoints_senlin_keystone_password [[[
-#
-# Keystone password for service
-openstack_helm_endpoints_senlin_keystone_password: "{{ undef(hint='You must specify a Senlin Keystone password') }}"
-
- # ]]]
-# .. envvar:: openstack_helm_endpoints_senlin_mariadb_password [[[
-#
-# Database password for service
-openstack_helm_endpoints_senlin_mariadb_password: "{{ undef(hint='You must specify a Senlin MariaDB password') }}"
-
- # ]]]
-# .. envvar:: openstack_helm_endpoints_senlin_rabbitmq_password [[[
-#
-# RabbitMQ password for service
-openstack_helm_endpoints_senlin_rabbitmq_password: "{{ undef(hint='You must specify a Senlin RabbitMQ password') }}"
-
- # ]]]
# .. envvar:: openstack_helm_endpoints_heat_api_host [[[
#
# API hostname for OpenStack Orchestration Service
diff --git a/roles/openstack_helm_endpoints/vars/main.yml b/roles/openstack_helm_endpoints/vars/main.yml
index f2356cb..029fb6c 100644
--- a/roles/openstack_helm_endpoints/vars/main.yml
+++ b/roles/openstack_helm_endpoints/vars/main.yml
@@ -384,31 +384,6 @@
api:
public: 443
-_openstack_helm_endpoints_clustering:
- identity:
- auth:
- senlin:
- region_name: "{{ openstack_helm_endpoints_senlin_region_name }}"
- username: "senlin-{{ openstack_helm_endpoints_senlin_region_name }}"
- password: "{{ openstack_helm_endpoints_senlin_keystone_password }}"
- clustering:
- scheme:
- public: https
- host_fqdn_override:
- public:
- host: "{{ openstack_helm_endpoints_senlin_api_host }}"
- port:
- api:
- public: 443
- oslo_db:
- auth:
- senlin:
- password: "{{ openstack_helm_endpoints_senlin_mariadb_password }}"
- oslo_messaging:
- auth:
- senlin:
- password: "{{ openstack_helm_endpoints_senlin_rabbitmq_password }}"
-
_openstack_helm_endpoints_orchestration:
identity:
auth:
diff --git a/roles/senlin/defaults/main.yml b/roles/senlin/defaults/main.yml
index a0a5493..2ed2bef 100644
--- a/roles/senlin/defaults/main.yml
+++ b/roles/senlin/defaults/main.yml
@@ -13,10 +13,4 @@
# under the License.
senlin_helm_release_name: senlin
-senlin_helm_chart_path: "../../charts/senlin/"
-senlin_helm_chart_ref: /usr/local/src/senlin
-
senlin_helm_release_namespace: openstack
-senlin_helm_values: {}
-
-senlin_ingress_annotations: {}
diff --git a/roles/senlin/meta/main.yml b/roles/senlin/meta/main.yml
index 9d77b7d..d4c1a5a 100644
--- a/roles/senlin/meta/main.yml
+++ b/roles/senlin/meta/main.yml
@@ -14,7 +14,7 @@
galaxy_info:
author: VEXXHOST, Inc.
- description: Ansible role for OpenStack Senlin
+ description: Ansible role for OpenStack Senlin (Deprecated)
license: Apache-2.0
min_ansible_version: 5.5.0
standalone: false
@@ -27,14 +27,3 @@
versions:
- focal
- jammy
-
-dependencies:
- - role: defaults
- - role: openstack_helm_endpoints
- vars:
- openstack_helm_endpoints_repo_name: openstack-helm
- openstack_helm_endpoints_chart: senlin
- - role: vexxhost.kubernetes.upload_helm_chart
- vars:
- upload_helm_chart_src: "{{ senlin_helm_chart_path }}"
- upload_helm_chart_dest: "{{ senlin_helm_chart_ref }}"
diff --git a/roles/senlin/tasks/main.yml b/roles/senlin/tasks/main.yml
index c043a3e..569bb59 100644
--- a/roles/senlin/tasks/main.yml
+++ b/roles/senlin/tasks/main.yml
@@ -12,21 +12,46 @@
# License for the specific language governing permissions and limitations
# under the License.
-- name: Deploy Helm chart
+- name: Remove OpenStack endpoints
+ openstack.cloud.endpoint:
+ cloud: atmosphere
+ service: senlin
+ endpoint_interface: "{{ item }}"
+ url: endpoint
+ region: "{{ openstack_helm_endpoints_region_name }}"
+ state: absent
+ loop:
+ - public
+ - admin
+ - internal
+
+- name: Remove OpenStack service
+ openstack.cloud.catalog_service:
+ cloud: atmosphere
+ name: senlin
+ service_type: clustering
+ state: absent
+
+- name: Remove Ingress
+ kubernetes.core.k8s:
+ state: absent
+ definition:
+ apiVersion: networking.k8s.io/v1
+ kind: Ingress
+ metadata:
+ name: clustering
+ namespace: "{{ senlin_helm_release_namespace }}"
+
+- name: Remove Helm chart
run_once: true
kubernetes.core.helm:
name: "{{ senlin_helm_release_name }}"
- chart_ref: "{{ senlin_helm_chart_ref }}"
release_namespace: "{{ senlin_helm_release_namespace }}"
- create_namespace: true
kubeconfig: /etc/kubernetes/admin.conf
- values: "{{ _senlin_helm_values | combine(senlin_helm_values, recursive=True) }}"
+ state: absent
-- name: Create Ingress
- ansible.builtin.include_role:
- name: openstack_helm_ingress
- vars:
- openstack_helm_ingress_endpoint: clustering
- openstack_helm_ingress_service_name: senlin-api
- openstack_helm_ingress_service_port: 8778
- openstack_helm_ingress_annotations: "{{ senlin_ingress_annotations }}"
+- name: Remove OpenStack user
+ openstack.cloud.identity_user:
+ cloud: atmosphere
+ name: "senlin-{{ openstack_helm_endpoints_region_name }}"
+ domain: service
diff --git a/roles/senlin/vars/main.yml b/roles/senlin/vars/main.yml
deleted file mode 100644
index d1fcbdc..0000000
--- a/roles/senlin/vars/main.yml
+++ /dev/null
@@ -1,38 +0,0 @@
-# Copyright (c) 2022 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-_senlin_helm_values:
- endpoints: "{{ openstack_helm_endpoints }}"
- images:
- tags: "{{ atmosphere_images | vexxhost.atmosphere.openstack_helm_image_tags('senlin') }}"
- pod:
- replicas:
- api: 3
- conductor: 3
- engine: 3
- health_manager: 3
- conf:
- senlin:
- DEFAULT:
- log_config_append: null
- database:
- connection_recycle_time: 10
- max_pool_size: 1
- oslo_messaging_notifications:
- driver: noop
- senlin_api:
- workers: 2
- manifests:
- ingress_api: false
- service_ingress_api: false
diff --git a/roles/senlin/vars_test.go b/roles/senlin/vars_test.go
deleted file mode 100644
index f399407..0000000
--- a/roles/senlin/vars_test.go
+++ /dev/null
@@ -1,42 +0,0 @@
-package senlin
-
-import (
- _ "embed"
- "os"
- "testing"
-
- "github.com/goccy/go-yaml"
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-
- "github.com/vexxhost/atmosphere/internal/openstack_helm"
- "github.com/vexxhost/atmosphere/internal/testutils"
-)
-
-var (
- //go:embed vars/main.yml
- varsFile []byte
- vars Vars
-)
-
-type Vars struct {
- openstack_helm.HelmValues `yaml:"_senlin_helm_values"`
-}
-
-func TestMain(m *testing.M) {
- t := &testing.T{}
- err := yaml.UnmarshalWithOptions(varsFile, &vars)
- require.NoError(t, err)
-
- code := m.Run()
- os.Exit(code)
-}
-
-func TestHelmValues(t *testing.T) {
- vals, err := openstack_helm.CoalescedHelmValues("../../charts/senlin", &vars.HelmValues)
- require.NoError(t, err)
-
- assert.Equal(t, int32(2), vals.Conf.Senlin.API.Workers)
-
- testutils.TestDatabaseConf(t, vals.Conf.Senlin.Database)
-}
diff --git a/zuul.d/container-images/senlin.yaml b/zuul.d/container-images/senlin.yaml
deleted file mode 100644
index 55ad02c..0000000
--- a/zuul.d/container-images/senlin.yaml
+++ /dev/null
@@ -1,86 +0,0 @@
-# Copyright (c) 2024 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-- project:
- check:
- jobs:
- - atmosphere-build-container-image-senlin
- gate:
- jobs:
- - atmosphere-upload-container-image-senlin
- promote:
- jobs:
- - atmosphere-promote-container-image-senlin
-
-- job:
- name: atmosphere-build-container-image-senlin
- parent: atmosphere-build-container-image
- dependencies:
- - name: atmosphere-buildset-registry
- soft: false
- - name: atmosphere-build-container-image-ubuntu
- soft: true
- - name: atmosphere-build-container-image-ubuntu-cloud-archive
- soft: true
- - name: atmosphere-build-container-image-python-base
- soft: true
- - name: atmosphere-build-container-image-openstack-venv-builder
- soft: true
- - name: atmosphere-build-container-image-openstack-python-runtime
- soft: true
- vars: &container_image_vars
- promote_container_image_job: atmosphere-upload-container-image-senlin
- container_images:
- - context: images/senlin
- registry: registry.atmosphere.dev
- repository: registry.atmosphere.dev/library/senlin
- arch:
- - linux/amd64
- build_args:
- - "RELEASE={{ zuul.branch | replace('stable/', '') }}"
- - PROJECT=senlin
- tags:
- - "{{ zuul.branch | replace('stable/', '') }}"
- files: &container_image_files
- - images/ubuntu/.*
- - images/ubuntu-cloud-archive/.*
- - images/python-base/.*
- - images/openstack-venv-builder/.*
- - images/openstack-python-runtime/.*
- - images/senlin/.*
-
-- job:
- name: atmosphere-upload-container-image-senlin
- parent: atmosphere-upload-container-image
- dependencies:
- - name: atmosphere-buildset-registry
- soft: false
- - name: atmosphere-upload-container-image-ubuntu
- soft: true
- - name: atmosphere-upload-container-image-ubuntu-cloud-archive
- soft: true
- - name: atmosphere-upload-container-image-python-base
- soft: true
- - name: atmosphere-upload-container-image-openstack-venv-builder
- soft: true
- - name: atmosphere-upload-container-image-openstack-python-runtime
- soft: true
- vars: *container_image_vars
- files: *container_image_files
-
-- job:
- name: atmosphere-promote-container-image-senlin
- parent: atmosphere-promote-container-image
- vars: *container_image_vars
- files: *container_image_files
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index a0206ea..3a9f8c6 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -64,8 +64,6 @@
soft: true
- name: atmosphere-build-container-image-placement
soft: true
- - name: atmosphere-build-container-image-senlin
- soft: true
- name: atmosphere-build-container-image-staffeln
soft: true
- name: atmosphere-build-container-image-tempest
@@ -128,8 +126,6 @@
soft: true
- name: atmosphere-upload-container-image-placement
soft: true
- - name: atmosphere-upload-container-image-senlin
- soft: true
- name: atmosphere-upload-container-image-staffeln
soft: true
- name: atmosphere-upload-container-image-tempest