feat(charts): add pdb and topology spread constrants

Author: moabu

charts/janssen/charts/auth-server-key-rotation/templates/_helpers.tpl

@@ -50,7 +50,7 @@ Create user custom defined  envs
 {{- define "auth-server-key-rotation.usr-envs"}}
 {{- range $key, $val := .Values.usrEnvs.normal }}
 - name: {{ $key }}
-  value: {{ $val }}
+  value: {{ $val | quote }}
 {{- end }}
 {{- end }}
 
@@ -63,6 +63,6 @@ Create user custom defined secret envs
   valueFrom:
     secretKeyRef:
       name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
-      key: {{ $key }}
+      key: {{ $key | quote }}
 {{- end }}
 {{- end }}

charts/janssen/charts/auth-server/templates/_helpers.tpl

@@ -50,7 +50,7 @@ Create user custom defined  envs
 {{- define "auth-server.usr-envs"}}
 {{- range $key, $val := .Values.usrEnvs.normal }}
 - name: {{ $key }}
-  value: {{ $val }}
+  value: {{ $val | quote }}
 {{- end }}
 {{- end }}
 
@@ -63,6 +63,36 @@ Create user custom defined secret envs
   valueFrom:
     secretKeyRef:
       name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
-      key: {{ $key }}
+      key: {{ $key | quote }}
 {{- end }}
 {{- end }}
+
+{{/*
+Create topologySpreadConstraints lists
+*/}}
+{{- define "auth-server.topology-spread-constraints"}}
+{{- range $key, $val := .Values.topologySpreadConstraints }}
+- maxSkew: {{ $val.maxSkew }}
+  {{- if $val.minDomains }}
+  minDomains: {{ $val.minDomains }} # optional; beta since v1.25
+  {{- end}}
+  {{- if $val.topologyKey }}
+  topologyKey: {{ $val.topologyKey }}
+  {{- end}}
+  {{- if $val.whenUnsatisfiable }}
+  whenUnsatisfiable: {{ $val.whenUnsatisfiable }}
+  {{- end}}
+  labelSelector:
+    matchLabels:
+      app: {{ $.Release.Name }}-{{ include "auth-server.name" $ }}
+  {{- if $val.matchLabelKeys }}
+  matchLabelKeys: {{ $val.matchLabelKeys }} # optional; alpha since v1.25
+  {{- end}}
+  {{- if $val.nodeAffinityPolicy }}
+  nodeAffinityPolicy: {{ $val.nodeAffinityPolicy }} # optional; alpha since v1.25
+  {{- end}}
+  {{- if $val.nodeTaintsPolicy }}
+  nodeTaintsPolicy: {{ $val.nodeTaintsPolicy }} # optional; alpha since v1.25
+  {{- end}}
+{{- end }}
+{{- end }}

charts/janssen/charts/auth-server/templates/auth-server-pdb.yaml

@@ -0,0 +1,11 @@
+{{ if .Values.pdb.enabled -}}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "auth-server.fullname" . }}
+spec:
+  maxUnavailable: {{ .Values.pdb.maxUnavailable }}
+  selector:
+    matchLabels:
+      app: {{ .Release.Name }}-{{ include "auth-server.name" . }}
+{{- end }}

charts/janssen/charts/auth-server/templates/deployment.yml

@@ -37,6 +37,10 @@ spec:
       dnsConfig:
 {{ toYaml . | indent 8 }}
     {{- end }}
+      {{- if .Values.topologySpreadConstraints }}
+      topologySpreadConstraints:
+        {{- include "auth-server.topology-spread-constraints" . | indent 8 }}
+      {{- end }}
       containers:
       - name: {{ include "auth-server.name" . }}
         imagePullPolicy: {{ .Values.image.pullPolicy }}

charts/janssen/charts/config-api/templates/_helpers.tpl

@@ -47,22 +47,52 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{/*
 Create user custom defined  envs
 */}}
-{{- define "oxauth.usr-envs"}}
+{{- define "config-api.usr-envs"}}
 {{- range $key, $val := .Values.usrEnvs.normal }}
 - name: {{ $key }}
-  value: {{ $val }}
+  value: {{ $val | quote }}
 {{- end }}
 {{- end }}
 
 {{/*
 Create user custom defined secret envs
 */}}
-{{- define "oxauth.usr-secret-envs"}}
+{{- define "config-api.usr-secret-envs"}}
 {{- range $key, $val := .Values.usrEnvs.secret }}
 - name: {{ $key }}
   valueFrom:
     secretKeyRef:
       name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
-      key: {{ $key }}
+      key: {{ $key | quote }}
 {{- end }}
 {{- end }}
+
+{{/*
+Create topologySpreadConstraints lists
+*/}}
+{{- define "config-api.topology-spread-constraints"}}
+{{- range $key, $val := .Values.topologySpreadConstraints }}
+- maxSkew: {{ $val.maxSkew }}
+  {{- if $val.minDomains }}
+  minDomains: {{ $val.minDomains }} # optional; beta since v1.25
+  {{- end}}
+  {{- if $val.topologyKey }}
+  topologyKey: {{ $val.topologyKey }}
+  {{- end}}
+  {{- if $val.whenUnsatisfiable }}
+  whenUnsatisfiable: {{ $val.whenUnsatisfiable }}
+  {{- end}}
+  labelSelector:
+    matchLabels:
+      app: {{ $.Release.Name }}-{{ include "config-api.name" $ }}
+  {{- if $val.matchLabelKeys }}
+  matchLabelKeys: {{ $val.matchLabelKeys }} # optional; alpha since v1.25
+  {{- end}}
+  {{- if $val.nodeAffinityPolicy }}
+  nodeAffinityPolicy: {{ $val.nodeAffinityPolicy }} # optional; alpha since v1.25
+  {{- end}}
+  {{- if $val.nodeTaintsPolicy }}
+  nodeTaintsPolicy: {{ $val.nodeTaintsPolicy }} # optional; alpha since v1.25
+  {{- end}}
+{{- end }}
+{{- end }}

charts/janssen/charts/config-api/templates/config-api-pdb.yaml

@@ -0,0 +1,11 @@
+{{ if .Values.pdb.enabled -}}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "config-api.fullname" . }}
+spec:
+  maxUnavailable: {{ .Values.pdb.maxUnavailable }}
+  selector:
+    matchLabels:
+      app: {{ .Release.Name }}-{{ include "config-api.name" . }}
+{{- end }}

charts/janssen/charts/config-api/templates/deployment.yaml

@@ -37,9 +37,16 @@ spec:
       dnsConfig:
 {{ toYaml . | indent 8 }}
     {{- end }}
+      {{- if .Values.topologySpreadConstraints }}
+      topologySpreadConstraints:
+        {{- include "config-api.topology-spread-constraints" . | indent 8 }}
+      {{- end }}
       containers:
         - name: {{ include "config-api.name" . }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          env:
+            {{- include "config-api.usr-envs" . | indent 12 }}
+            {{- include "config-api.usr-secret-envs" . | indent 12 }}
           securityContext:
             runAsUser: 1000
             runAsNonRoot: true

charts/janssen/charts/config/templates/_helpers.tpl

@@ -50,7 +50,7 @@ Create user custom defined  envs
 {{- define "config.usr-envs"}}
 {{- range $key, $val := .Values.usrEnvs.normal }}
 - name: {{ $key }}
-  value: {{ $val }}
+  value: {{ $val | quote }}
 {{- end }}
 {{- end }}
 
@@ -63,7 +63,7 @@ Create user custom defined secret envs
   valueFrom:
     secretKeyRef:
       name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
-      key: {{ $key }}
+      key: {{ $key | quote }}
 {{- end }}
 {{- end }}
 

charts/janssen/charts/config/templates/user-custom-envs.yaml

@@ -37,7 +37,7 @@ metadata:
 {{- end }}
 data:
   {{- range $key, $val := .Values.global.usrEnvs.normal }}
-  {{ $key }}: {{ $val }}
+  {{ $key }}: {{ $val | quote }}
   {{- end}}
 {{- end}}
 {{ if .Values.usrEnvs.secret }}

charts/janssen/charts/fido2/templates/_helpers.tpl

@@ -50,7 +50,7 @@ Create user custom defined  envs
 {{- define "fido2.usr-envs"}}
 {{- range $key, $val := .Values.usrEnvs.normal }}
 - name: {{ $key }}
-  value: {{ $val }}
+  value: {{ $val | quote }}
 {{- end }}
 {{- end }}
 
@@ -63,6 +63,36 @@ Create user custom defined secret envs
   valueFrom:
     secretKeyRef:
       name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
-      key: {{ $key }}
+      key: {{ $key | quote }}
 {{- end }}
 {{- end }}
+
+{{/*
+Create topologySpreadConstraints lists
+*/}}
+{{- define "fido2.topology-spread-constraints"}}
+{{- range $key, $val := .Values.topologySpreadConstraints }}
+- maxSkew: {{ $val.maxSkew }}
+  {{- if $val.minDomains }}
+  minDomains: {{ $val.minDomains }} # optional; beta since v1.25
+  {{- end}}
+  {{- if $val.topologyKey }}
+  topologyKey: {{ $val.topologyKey }}
+  {{- end}}
+  {{- if $val.whenUnsatisfiable }}
+  whenUnsatisfiable: {{ $val.whenUnsatisfiable }}
+  {{- end}}
+  labelSelector:
+    matchLabels:
+      app: {{ $.Release.Name }}-{{ include "fido2.name" $ }}
+  {{- if $val.matchLabelKeys }}
+  matchLabelKeys: {{ $val.matchLabelKeys }} # optional; alpha since v1.25
+  {{- end}}
+  {{- if $val.nodeAffinityPolicy }}
+  nodeAffinityPolicy: {{ $val.nodeAffinityPolicy }} # optional; alpha since v1.25
+  {{- end}}
+  {{- if $val.nodeTaintsPolicy }}
+  nodeTaintsPolicy: {{ $val.nodeTaintsPolicy }} # optional; alpha since v1.25
+  {{- end}}
+{{- end }}
+{{- end }}

charts/janssen/charts/fido2/templates/deployment.yml

@@ -37,6 +37,10 @@ spec:
       dnsConfig:
 {{ toYaml . | indent 8 }}
     {{- end }}
+      {{- if .Values.topologySpreadConstraints }}
+      topologySpreadConstraints:
+        {{- include "fido2.topology-spread-constraints" . | indent 8 }}
+      {{- end }}
       containers:
       - name: {{ include "fido2.name" . }}
         imagePullPolicy: {{ .Values.image.pullPolicy }}

charts/janssen/charts/fido2/templates/fido2-pdb.yaml

@@ -0,0 +1,11 @@
+{{ if .Values.pdb.enabled -}}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "fido2.fullname" . }}
+spec:
+  maxUnavailable: {{ .Values.pdb.maxUnavailable }}
+  selector:
+    matchLabels:
+      app: {{ .Release.Name }}-{{ include "fido2.name" . }}
+{{- end }}

charts/janssen/charts/opendj/templates/_helpers.tpl

@@ -50,7 +50,7 @@ Create user custom defined  envs
 {{- define "opendj.usr-envs"}}
 {{- range $key, $val := .Values.usrEnvs.normal }}
 - name: {{ $key }}
-  value: {{ $val }}
+  value: {{ $val | quote }}
 {{- end }}
 {{- end }}
 
@@ -63,6 +63,36 @@ Create user custom defined secret envs
   valueFrom:
     secretKeyRef:
       name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
-      key: {{ $key }}
+      key: {{ $key | quote }}
 {{- end }}
 {{- end }}
+
+{{/*
+Create topologySpreadConstraints lists
+*/}}
+{{- define "opendj.topology-spread-constraints"}}
+{{- range $key, $val := .Values.topologySpreadConstraints }}
+- maxSkew: {{ $val.maxSkew }}
+  {{- if $val.minDomains }}
+  minDomains: {{ $val.minDomains }} # optional; beta since v1.25
+  {{- end}}
+  {{- if $val.topologyKey }}
+  topologyKey: {{ $val.topologyKey }}
+  {{- end}}
+  {{- if $val.whenUnsatisfiable }}
+  whenUnsatisfiable: {{ $val.whenUnsatisfiable }}
+  {{- end}}
+  labelSelector:
+    matchLabels:
+      app: {{ $.Release.Name }}-{{ include "opendj.name" $ }}
+  {{- if $val.matchLabelKeys }}
+  matchLabelKeys: {{ $val.matchLabelKeys }} # optional; alpha since v1.25
+  {{- end}}
+  {{- if $val.nodeAffinityPolicy }}
+  nodeAffinityPolicy: {{ $val.nodeAffinityPolicy }} # optional; alpha since v1.25
+  {{- end}}
+  {{- if $val.nodeTaintsPolicy }}
+  nodeTaintsPolicy: {{ $val.nodeTaintsPolicy }} # optional; alpha since v1.25
+  {{- end}}
+{{- end }}
+{{- end }}

charts/janssen/charts/opendj/templates/opendj-pdb.yaml

@@ -0,0 +1,11 @@
+{{ if .Values.pdb.enabled -}}
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "opendj.fullname" . }}
+spec:
+  maxUnavailable: {{ .Values.pdb.maxUnavailable }}
+  selector:
+    matchLabels:
+      app: {{ include "opendj.name" $ }}
+{{- end }}

charts/janssen/charts/opendj/templates/statefulset.yaml

@@ -46,6 +46,10 @@ spec:
           configMap:
             name: {{ $.Release.Name }}-oxjans
       {{- end }}
+      {{- if .Values.topologySpreadConstraints }}
+      topologySpreadConstraints:
+        {{- include "opendj.topology-spread-constraints" . | indent 8 }}
+      {{- end }}
       containers:
       - name: {{ include "opendj.name" $ }}
         imagePullPolicy: {{ $.Values.image.pullPolicy }}

charts/janssen/charts/persistence/templates/_helpers.tpl

@@ -61,7 +61,7 @@ Create user custom defined  envs
 {{- define "persistence.usr-envs"}}
 {{- range $key, $val := .Values.usrEnvs.normal }}
 - name: {{ $key }}
-  value: {{ $val }}
+  value: {{ $val | quote }}
 {{- end }}
 {{- end }}
 
@@ -74,6 +74,6 @@ Create user custom defined secret envs
   valueFrom:
     secretKeyRef:
       name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
-      key: {{ $key }}
+      key: {{ $key | quote }}
 {{- end }}
 {{- end }}