From e7517acff9be509371b6898a6df9840585a102f9 Mon Sep 17 00:00:00 2001 From: Juan Picado Date: Sun, 16 Jun 2024 10:40:37 +0200 Subject: [PATCH] migrate helm chart (#4685) * migrate heml chart * refactor * Update helm-lint-test.yaml * Update package.json * Update Chart.yaml * Update Chart.yaml * rename * Update helm-chart-lint-test.yaml --- .eslintignore | 1 + .github/workflows/helm-chart-lint-test.yaml | 47 ++++ .github/workflows/helm-chart-release.yml | 32 +++ .npmignore | 3 + .prettierignore | 1 + CODEOWNERS | 3 + charts/verdaccio/Chart.yaml | 22 ++ charts/verdaccio/templates/NOTES.txt | 25 ++ charts/verdaccio/templates/_helpers.tpl | 171 ++++++++++++ charts/verdaccio/templates/configmap.yaml | 9 + charts/verdaccio/templates/deployment.yaml | 153 +++++++++++ .../verdaccio/templates/htpasswd-secret.yaml | 14 + charts/verdaccio/templates/ingress.yaml | 92 +++++++ charts/verdaccio/templates/pvc.yaml | 26 ++ charts/verdaccio/templates/secret.yaml | 12 + .../verdaccio/templates/service-account.yaml | 13 + charts/verdaccio/templates/service.yaml | 38 +++ charts/verdaccio/values.yaml | 257 ++++++++++++++++++ ct.yaml | 7 + .../generator-verdaccio-plugin/package.json | 3 +- 20 files changed, 928 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/helm-chart-lint-test.yaml create mode 100644 .github/workflows/helm-chart-release.yml create mode 100644 CODEOWNERS create mode 100644 charts/verdaccio/Chart.yaml create mode 100644 charts/verdaccio/templates/NOTES.txt create mode 100644 charts/verdaccio/templates/_helpers.tpl create mode 100644 charts/verdaccio/templates/configmap.yaml create mode 100644 charts/verdaccio/templates/deployment.yaml create mode 100644 charts/verdaccio/templates/htpasswd-secret.yaml create mode 100644 charts/verdaccio/templates/ingress.yaml create mode 100644 charts/verdaccio/templates/pvc.yaml create mode 100644 charts/verdaccio/templates/secret.yaml create mode 100644 charts/verdaccio/templates/service-account.yaml create mode 100644 charts/verdaccio/templates/service.yaml create mode 100644 charts/verdaccio/values.yaml create mode 100644 ct.yaml diff --git a/.eslintignore b/.eslintignore index b9cd87714..a49480dfc 100644 --- a/.eslintignore +++ b/.eslintignore @@ -18,3 +18,4 @@ yarn.js packages/ui-components/storybook-static dist.js bundle.js +charts/ diff --git a/.github/workflows/helm-chart-lint-test.yaml b/.github/workflows/helm-chart-lint-test.yaml new file mode 100644 index 000000000..5d5682099 --- /dev/null +++ b/.github/workflows/helm-chart-lint-test.yaml @@ -0,0 +1,47 @@ +name: Lint and Test Helm Chart + +on: + pull_request: + paths: + - 'charts/**' + +jobs: + lint-test: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Helm + uses: azure/setup-helm@v4 + with: + version: v3.4.1 + + # Python is required because `ct lint` runs Yamale (https://github.com/23andMe/Yamale) and + # yamllint (https://github.com/adrienverge/yamllint) which require Python + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: 3.7 + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.6.1 + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --config ct.yaml) + if [[ -n "$changed" ]]; then + echo "::set-output name=changed::true" + fi + + - name: Run chart-testing (lint) + run: ct lint --config ct.yaml + + - name: Create kind cluster + uses: helm/kind-action@v1.9.0 + if: steps.list-changed.outputs.changed == 'true' + + - name: Run chart-testing (install) + run: ct install --config ct.yaml diff --git a/.github/workflows/helm-chart-release.yml b/.github/workflows/helm-chart-release.yml new file mode 100644 index 000000000..a04bb60af --- /dev/null +++ b/.github/workflows/helm-chart-release.yml @@ -0,0 +1,32 @@ +name: Release Helm Charts + +on: + push: + branches: + - master + paths: + - 'charts/**' + +jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Install Helm + uses: azure/setup-helm@v4 + with: + version: v3.4.0 + + - name: Run chart-releaser + uses: helm/chart-releaser-action@v1.5.0 + env: + CR_TOKEN: "${{ secrets.CR_TOKEN }}" diff --git a/.npmignore b/.npmignore index 7bf154a99..ffa24e86f 100644 --- a/.npmignore +++ b/.npmignore @@ -38,3 +38,6 @@ jest.config.js contrib/ storage_default_storage/ docker-bin/ + +# charts +charts/ diff --git a/.prettierignore b/.prettierignore index f3714612e..c8b0f5639 100644 --- a/.prettierignore +++ b/.prettierignore @@ -37,3 +37,4 @@ test/cli/e2e-yarn4/bin/yarn-4.0.0-rc.14.cjs yarn.js website/docs/api/* packages/ui-components/storybook-static/* +charts/ diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 000000000..77bea9a11 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,3 @@ +# Charts + +/charts @juanpicado diff --git a/charts/verdaccio/Chart.yaml b/charts/verdaccio/Chart.yaml new file mode 100644 index 000000000..617d493fd --- /dev/null +++ b/charts/verdaccio/Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v2 +description: A lightweight private node.js proxy registry +name: verdaccio +version: 4.17.0 +appVersion: 5.31.1 +home: https://verdaccio.org +icon: https://cdn.verdaccio.dev/logos/default.png +sources: + - https://verdaccio.org + - https://github.com/verdaccio/verdaccio +keywords: + - npm + - registry + - yarn + - pnpm + - javascript + - nodejs +maintainers: + - name: juanpicado + email: juanpicado19@gmail.com + - name: jhonmike + email: jhon.msdev@gmail.com diff --git a/charts/verdaccio/templates/NOTES.txt b/charts/verdaccio/templates/NOTES.txt new file mode 100644 index 000000000..53039dc9a --- /dev/null +++ b/charts/verdaccio/templates/NOTES.txt @@ -0,0 +1,25 @@ +1. Get the application URL by running these commands: +{{- $tls := .Values.ingress.tls }} +{{- if .Values.ingress.enabled }} + {{- range $host := .Values.ingress.hosts }} + {{- if $tls }} + https://{{ tpl $host $ }} + {{- else }} + http://{{ tpl $host $ }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "verdaccio.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "verdaccio.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "verdaccio.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "verdaccio.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/verdaccio/templates/_helpers.tpl b/charts/verdaccio/templates/_helpers.tpl new file mode 100644 index 000000000..6050c8ba5 --- /dev/null +++ b/charts/verdaccio/templates/_helpers.tpl @@ -0,0 +1,171 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "verdaccio.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "verdaccio.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "verdaccio.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "verdaccio.labels" -}} +helm.sh/chart: {{ include "verdaccio.chart" . }} +{{ include "verdaccio.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app: {{ include "verdaccio.fullname" . }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "verdaccio.selectorLabels" -}} +app.kubernetes.io/name: {{ include "verdaccio.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "verdaccio.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "verdaccio.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Renders a value that contains template. +Usage: +{{ include "tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }} +*/}} +{{- define "tplvalues.render" -}} + {{- if typeIs "string" .value }} + {{- tpl .value .context }} + {{- else }} + {{- tpl (.value | toYaml) .context }} + {{- end }} +{{- end -}} + +{{/* +Pod Labels + +spec: + template: + metadata: + labels: + {{- include "verdaccio.podLabels" . | nindent 8 }} +*/}} +{{- define "verdaccio.podLabels" -}} + {{- include "verdaccio.labels" . }} + {{- $global := .Values.global }} + {{- $local := .Values.podLabels }} + {{- $labels := dict }} + {{- if $global }} + {{- range $k,$v := $global.podLabels }} + {{- $labels = merge $labels (dict $k (tpl $v $)) }} + {{- end }} + {{- end }} + {{- if $local }} + {{- range $k,$v := $local }} + {{- $labels = merge $labels (dict $k (tpl $v $)) }} + {{- end }} + {{- end }} + {{- if (not (empty $labels)) }} + {{- toYaml $labels | nindent 0 }} + {{- end }} +{{- end -}} + +{{/* +Pod Annotations + +spec: + template: + metadata: + annotations: + {{- include "verdaccio.podAnnotations" . | nindent 8 }} +*/}} +{{- define "verdaccio.podAnnotations" -}} + {{- $global := .Values.global }} + {{- $local := .Values.podAnnotations }} + {{- $annotations := dict }} + {{- if $global }} + {{- range $k,$v := $global.podAnnotations }} + {{- $annotations = merge $annotations (dict $k (tpl $v $)) }} + {{- end }} + {{- end -}} + {{- if $local }} + {{- range $k,$v := $local }} + {{- $annotations = merge $annotations (dict $k (tpl $v $)) }} + {{- end }} + {{- end -}} + {{- if (not (empty $annotations)) }} + {{- toYaml $annotations }} + {{- end }} +{{- end }} + +{{/* +# templates/deployment.yaml +spec: + template: + spec: + {{- include "verdaccio.imagePullSecrets" . | nindent 6 }} + +# values.yaml +image: + pullSecrets: + - mypullsecret +*/}} +{{- define "verdaccio.imagePullSecrets" -}} + {{- $images := .Values.image }} + {{- $global := .Values.global }} + {{- $pullSecrets := list }} + + {{- if $global }} + {{- if $global.image }} + {{- range $global.image.pullSecrets -}} + {{- $pullSecrets = append $pullSecrets . -}} + {{- end -}} + {{- end -}} + {{- end -}} + + {{- range $images.pullSecrets -}} + {{- $pullSecrets = append $pullSecrets . -}} + {{- end -}} + + {{- if (not (empty $pullSecrets)) }} +imagePullSecrets: + {{- range $pullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/charts/verdaccio/templates/configmap.yaml b/charts/verdaccio/templates/configmap.yaml new file mode 100644 index 000000000..9a2c031f6 --- /dev/null +++ b/charts/verdaccio/templates/configmap.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "verdaccio.fullname" . }} + labels: + {{- include "verdaccio.labels" . | nindent 4 }} +data: + config.yaml: |- + {{- include "tplvalues.render" (dict "value" .Values.configMap "context" $) | nindent 4 }} diff --git a/charts/verdaccio/templates/deployment.yaml b/charts/verdaccio/templates/deployment.yaml new file mode 100644 index 000000000..6c0b0878e --- /dev/null +++ b/charts/verdaccio/templates/deployment.yaml @@ -0,0 +1,153 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "verdaccio.fullname" . }} + labels: + {{- include "verdaccio.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.replicaCountEnabled }} + replicas: {{ default 1 .Values.replicaCount }} + {{- end}} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "verdaccio.selectorLabels" . | nindent 6 }} + strategy: + {{- if .Values.persistence.enabled }} + type: Recreate + rollingUpdate: null + {{- else }} + type: RollingUpdate + {{- end }} + template: + metadata: + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + checksum/htpasswd-secret: {{ toJson .Values.secrets.htpasswd | sha256sum }} + {{- if .Values.secretEnvVars }} + checksum/env-secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} + {{- end }} + {{- include "verdaccio.podAnnotations" . | nindent 8 }} + labels: + {{- include "verdaccio.podLabels" . | nindent 8 }} + spec: + serviceAccountName: {{ include "verdaccio.serviceAccountName" . }} + {{- include "verdaccio.imagePullSecrets" . | nindent 6 }} + {{- with .Values.podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.extraInitContainers }} + initContainers: + {{- include "tplvalues.render" (dict "value" . "context" $) | nindent 8 }} + {{- end }} + containers: + - name: {{ template "verdaccio.name" . }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if or .Values.secretEnvVars .Values.existingSecret }} + envFrom: + {{- if .Values.secretEnvVars }} + - secretRef: + name: {{ template "verdaccio.fullname" . }}-env + {{- end }} + {{- if .Values.existingSecret }} + - secretRef: + name: {{ .Values.existingSecret }} + {{- end }} + {{- end }} + ports: + - containerPort: 4873 + name: http + livenessProbe: + httpGet: + path: /-/ping + port: http + {{- with .Values.livenessProbe }} + initialDelaySeconds: {{ .initialDelaySeconds | default 5 }} + periodSeconds: {{ .periodSeconds | default 10 }} + timeoutSeconds: {{ .timeoutSeconds | default 1 }} + successThreshold: {{ .successThreshold | default 1 }} + failureThreshold: {{ .failureThreshold | default 3 }} + {{- end }} + readinessProbe: + httpGet: + path: /-/ping + port: http + {{- with .Values.readinessProbe }} + initialDelaySeconds: {{ .initialDelaySeconds | default 5 }} + periodSeconds: {{ .periodSeconds | default 10 }} + timeoutSeconds: {{ .timeoutSeconds | default 1 }} + successThreshold: {{ .successThreshold | default 1 }} + failureThreshold: {{ .failureThreshold | default 3 }} + {{- end }} + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- with .Values.persistence.mounts }} + {{- include "tplvalues.render" (dict "value" . "context" $) | nindent 12 }} + {{- end }} + - mountPath: /verdaccio/storage + name: storage + readOnly: false + {{- if .Values.secrets.htpasswd }} + - mountPath: /verdaccio/storage/htpasswd + name: htpasswd + subPath: htpasswd + readOnly: true + {{- end }} + - mountPath: /verdaccio/conf + name: config + readOnly: true + {{- with .Values.extraEnvVars }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: config + configMap: + name: {{ .Values.existingConfigMap | default (include "verdaccio.fullname" .) }} + {{- if .Values.secrets.htpasswd }} + - name: htpasswd + secret: + secretName: {{ include "verdaccio.fullname" . }}-htpasswd + {{- end }} + {{- with .Values.persistence.volumes }} + {{- include "tplvalues.render" (dict "value" . "context" $) | nindent 6 }} + {{- end }} + - name: storage + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "verdaccio.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end -}} + {{- if .Values.affinity }} + affinity: + {{- toYaml .Values.affinity | nindent 8 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: + {{- toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: + {{- toYaml .Values.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.priorityClass.enabled }} + priorityClassName: {{ .Values.priorityClass.name }} + {{- end }} + {{- if .Values.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml .Values.topologySpreadConstraints | nindent 8 }} + {{- end }} diff --git a/charts/verdaccio/templates/htpasswd-secret.yaml b/charts/verdaccio/templates/htpasswd-secret.yaml new file mode 100644 index 000000000..48a6f6cb8 --- /dev/null +++ b/charts/verdaccio/templates/htpasswd-secret.yaml @@ -0,0 +1,14 @@ +{{- if .Values.secrets.htpasswd }} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ template "verdaccio.fullname" . }}-htpasswd + labels: + {{- include "verdaccio.labels" . | nindent 4 }} +stringData: + htpasswd: | + {{- range $user := .Values.secrets.htpasswd }} + {{ htpasswd $user.username $user.password | toString }} + {{- end }} +{{- end }} diff --git a/charts/verdaccio/templates/ingress.yaml b/charts/verdaccio/templates/ingress.yaml new file mode 100644 index 000000000..ef8636a9b --- /dev/null +++ b/charts/verdaccio/templates/ingress.yaml @@ -0,0 +1,92 @@ +{{- if .Values.ingress.enabled }} +{{- $fullName := include "verdaccio.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- $paths := .Values.ingress.paths -}} +{{- $ingressExtraPaths := .Values.ingress.extraPaths -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "verdaccio.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- include "tplvalues.render" (dict "value" . "context" $) | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + rules: + {{- if .Values.ingress.hosts }} + {{- range $host := .Values.ingress.hosts }} + - host: {{ tpl $host $ | quote }} + http: + paths: + {{- range $ingressExtraPaths }} + - path: {{ default "/" .path | quote }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ default $fullName .service }} + port: + number: {{ default $svcPort .port }} + {{- else }} + serviceName: {{ default $fullName .service }} + servicePort: {{ default $svcPort .port }} + {{- end }} + {{- end }} + {{- range $p := $paths }} + - path: {{ $p }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: Prefix + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- else }} + - http: + paths: + {{- range $p := $paths }} + - path: {{ $p }} + pathType: Prefix + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- if .Values.ingress.tls }} + tls: + {{- toYaml .Values.ingress.tls | nindent 4 }} + {{- end -}} +{{- end}} diff --git a/charts/verdaccio/templates/pvc.yaml b/charts/verdaccio/templates/pvc.yaml new file mode 100644 index 000000000..99d0f1496 --- /dev/null +++ b/charts/verdaccio/templates/pvc.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "verdaccio.fullname" . }} + labels: + {{- include "verdaccio.labels" . | nindent 4 }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- if .Values.persistence.storageClass }} + {{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" + {{- end }} + {{- end }} + {{- with .Values.persistence.selector }} + selector: + {{- include "tplvalues.render" (dict "value" . "context" $) | nindent 4 }} + {{- end -}} + +{{- end }} diff --git a/charts/verdaccio/templates/secret.yaml b/charts/verdaccio/templates/secret.yaml new file mode 100644 index 000000000..8a97b5414 --- /dev/null +++ b/charts/verdaccio/templates/secret.yaml @@ -0,0 +1,12 @@ +{{- if .Values.secretEnvVars }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "verdaccio.fullname" . }}-env + labels: + {{- include "verdaccio.labels" . | nindent 4 }} +stringData: + {{- range $header, $value := .Values.secretEnvVars }} + {{ printf "%s" (upper (replace "-" "_" $header)) }}: {{ tpl (toString $value) $ }} + {{- end }} +{{- end }} diff --git a/charts/verdaccio/templates/service-account.yaml b/charts/verdaccio/templates/service-account.yaml new file mode 100644 index 000000000..1486fb9e4 --- /dev/null +++ b/charts/verdaccio/templates/service-account.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "verdaccio.serviceAccountName" . }} + labels: + {{- include "verdaccio.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/verdaccio/templates/service.yaml b/charts/verdaccio/templates/service.yaml new file mode 100644 index 000000000..4acb3cb6c --- /dev/null +++ b/charts/verdaccio/templates/service.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "verdaccio.fullname" . }} + labels: + {{- include "verdaccio.labels" . | nindent 4 }} + {{- if .Values.service.annotations }} + annotations: + {{- toYaml .Values.service.annotations | nindent 4 }} + {{- end }} +spec: + {{- if .Values.service.clusterIP }} + clusterIP: "{{ .Values.service.clusterIP }}" + {{- end }} + {{- if .Values.service.externalIPs }} + externalIPs: + {{- toYaml .Values.service.externalIPs | nindent 4 }} + {{- end }} + {{- if .Values.service.loadBalancerIP }} + loadBalancerIP: "{{ .Values.service.loadBalancerIP }}" + {{- end }} + {{- if .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} + {{- end }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: {{ .Values.service.name }} + {{- if contains "NodePort" .Values.service.type }} + {{- if .Values.service.nodePort }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + {{- end }} + selector: + {{- include "verdaccio.selectorLabels" . | nindent 4 }} + type: {{ .Values.service.type }} diff --git a/charts/verdaccio/values.yaml b/charts/verdaccio/values.yaml new file mode 100644 index 000000000..7e832fd95 --- /dev/null +++ b/charts/verdaccio/values.yaml @@ -0,0 +1,257 @@ +image: + repository: verdaccio/verdaccio + # tag: 5.21.1 + pullPolicy: IfNotPresent + pullSecrets: [] + # - dockerhub-secret + +nameOverride: "" +fullnameOverride: "" + +service: + annotations: {} + clusterIP: "" + + ## List of IP addresses at which the service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + + loadBalancerIP: "" + loadBalancerSourceRanges: [] + port: 4873 + type: ClusterIP + # nodePort: 31873 + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} + +## Affinity for pod assignment +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## +affinity: {} + +## Tolerations for nodes +tolerations: [] + +## Additional pod labels +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} + +## Additional pod annotations +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} + +replicaCountEnabled: true +replicaCount: 1 + +revisionHistoryLimit: 10 + +## Define Probes +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes +livenessProbe: {} + # initialDelaySeconds: 0 + # periodSeconds: 10 + # timeoutSeconds: 1 + # successThreshold: 1 + # failureThreshold: 3 +readinessProbe: {} + # initialDelaySeconds: 0 + # periodSeconds: 10 + # timeoutSeconds: 1 + # successThreshold: 1 + # failureThreshold: 3 + +resources: {} + # requests: + # cpu: 100m + # memory: 512Mi + # limits: + # cpu: 100m + # memory: 512Mi + +ingress: + enabled: false + className: "" + paths: + - / + # Use this to define, ALB ingress's actions annotation based routing. Ex: for ssl-redirect + # Ref: https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/guide/tasks/ssl_redirect/ + extraPaths: [] +# hosts: +# - npm.blah.com +# annotations: +# kubernetes.io/ingress.class: nginx +# tls: +# - secretName: secret +# hosts: +# - npm.blah.com + +## Service account +serviceAccount: + # Specifies whether a service account should be created + create: false + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the Chart's fullname template + name: "" + +# Extra Environment Values - allows yaml definitions +# extraEnvVars: +# - name: VALUE_FROM_SECRET +# valueFrom: +# secretKeyRef: +# name: secret_name +# key: secret_key +# - name: REGULAR_VAR +# value: ABC +extraEnvVars: + - name: VERDACCIO_PORT + value: "4873" + +## Secret Environment Variables +## Use this to pass sensitive key:values to the container via k8s secret +secretEnvVars: {} + # SECRET_ENV_VAR: secretValue + # corp_artifactory: foo + # npmjs: bar + +## Existing Secret +## Existing secret containing environment variables to be passed to the container +existingSecret: "" + +# Extra Init Containers - allows yaml definitions +extraInitContainers: [] + +configMap: | + # This is the config file used for the docker images + # It allows all users to do anything, so don't use it on production systems. + # + # Do not configure host and port under `listen` in this file + # as it will be ignored when using docker. + # see https://github.com/verdaccio/verdaccio/blob/master/docs/docker.md#docker-and-custom-port-configuration + # + # Look here for more config file examples: + # https://github.com/verdaccio/verdaccio/tree/master/conf + # + + # path to a directory with all packages + storage: /verdaccio/storage/data + + web: + # WebUI is enabled as default, if you want disable it, just uncomment this line + #enable: false + title: Verdaccio + + auth: + htpasswd: + # Do not change this path if secrets htpasswd is used. + file: /verdaccio/storage/htpasswd + # Maximum amount of users allowed to register, defaults to "+infinity". + # You can set this to -1 to disable registration. + #max_users: 1000 + + # a list of other known repositories we can talk to + uplinks: + npmjs: + url: https://registry.npmjs.org/ + agent_options: + keepAlive: true + maxSockets: 40 + maxFreeSockets: 10 + + packages: + '@*/*': + # scoped packages + access: $all + publish: $authenticated + proxy: npmjs + + '**': + # allow all users (including non-authenticated users) to read and + # publish all packages + # + # you can specify usernames/groupnames (depending on your auth plugin) + # and three keywords: "$all", "$anonymous", "$authenticated" + access: $all + + # allow all known users to publish packages + # (anyone can register by default, remember?) + publish: $authenticated + + # if package is not available locally, proxy requests to 'npmjs' registry + proxy: npmjs + + # To use `npm audit` uncomment the following section + middlewares: + audit: + enabled: true + + # log settings + log: {type: stdout, format: pretty, level: http} + # log: {type: file, path: verdaccio.log, level: info} + +persistence: + enabled: true + ## A manually managed Persistent Volume and Claim + ## Requires Persistence.Enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + + ## Verdaccio data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + + accessMode: ReadWriteOnce + size: 8Gi + ## selector can be used to match an existing PersistentVolume + ## selector: + ## matchLabels: + ## app: my-app + selector: {} + + volumes: + # - name: nothing + # emptyDir: {} + mounts: + # - mountPath: /var/nothing + # name: nothing + # readOnly: true + +podSecurityContext: + fsGroup: 101 +securityContext: + runAsUser: 10001 + +priorityClass: + enabled: false + # name: "" + +existingConfigMap: false + +# Secrets +secrets: + # list of users and password for htpasswd plugin + # This this is mounted as /verdaccio/auth/htpasswd on pods + htpasswd: [] + # - username: "test" + # password: "test" + # - username: "blah" + # password: "blah" + +# Annotations to set on the deployment +annotations: {} + +## Pod Topology Spread Constraints +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/ +topologySpreadConstraints: [] diff --git a/ct.yaml b/ct.yaml new file mode 100644 index 000000000..ed873ea30 --- /dev/null +++ b/ct.yaml @@ -0,0 +1,7 @@ +# See https://github.com/helm/chart-testing#configuration +remote: origin +chart-dirs: + - charts +chart-repos: + - verdaccio=https://charts.verdaccio.org +helm-extra-args: --timeout 600s diff --git a/packages/tools/generator-verdaccio-plugin/package.json b/packages/tools/generator-verdaccio-plugin/package.json index 1a7c03bde..da255422e 100644 --- a/packages/tools/generator-verdaccio-plugin/package.json +++ b/packages/tools/generator-verdaccio-plugin/package.json @@ -42,7 +42,8 @@ "type-check": "tsc --noEmit -p tsconfig.build.json", "build:types": "tsc --emitDeclarationOnly -p tsconfig.build.json", "build": "babel src/ --out-dir generators/ --copy-files --extensions \".ts,.tsx\" --source-maps --ignore src/app/templates", - "test": "vitest run --pool=forks", + "test": "echo \"on development\" && exit 0", + "test:new": "vitest run --pool=forks", "lint": "eslint --max-warnings 0 \"**/*.{js,ts}\"" }, "license": "MIT"