Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit ab19593

Browse files
genofiregenofire
committedApr 18, 2023
refactory deployment + add values for tests
1 parent 77b0cc3 commit ab19593

File tree

3 files changed

+75
-59
lines changed

3 files changed

+75
-59
lines changed
 

‎charts/authentik/ci/ct-values.yaml

+7
Original file line numberDiff line numberDiff line change
@@ -36,5 +36,12 @@ redis:
3636
enabled: true
3737
password: au7h3n71k
3838

39+
serviceAccount:
40+
create: true
41+
42+
sidecar:
43+
blueprints:
44+
enabled: true
45+
3946
blueprints:
4047
- authentik-ci-blueprint

‎charts/authentik/templates/deployment.yaml

+67-58
Original file line numberDiff line numberDiff line change
@@ -1,36 +1,36 @@
1-
{{- range list "server" "worker" }}
1+
{{- range $component := list "server" "worker" }}
22
---
33
apiVersion: apps/v1
44
kind: Deployment
55
metadata:
66
name: {{ printf "%s-%s" (include "common.names.fullname" $) . }}
77
labels:
88
{{- include "common.labels" $ | nindent 4 }}
9-
app.kubernetes.io/component: "{{ . }}"
9+
app.kubernetes.io/component: "{{ $component }}"
1010
spec:
11-
{{ if eq . "server" -}}
11+
{{- if eq . "server" }}
1212
replicas: {{ $.Values.replicas }}
13-
{{- else -}}
13+
{{- else }}
1414
replicas: {{ $.Values.worker.replicas }}
1515
{{- end }}
1616
selector:
1717
matchLabels:
1818
{{- include "common.labels.selectorLabels" $ | nindent 6 }}
19-
app.kubernetes.io/component: "{{ . }}"
19+
app.kubernetes.io/component: "{{ $component }}"
2020
template:
2121
metadata:
2222
labels:
2323
{{- include "common.labels.selectorLabels" $ | nindent 8 }}
24-
app.kubernetes.io/component: "{{ . }}"
24+
app.kubernetes.io/component: "{{ $component }}"
2525
app.kubernetes.io/version: "{{ $.Values.image.tag }}"
26-
{{- if $.Values.podAnnotations }}
26+
{{- with $.Values.podAnnotations }}
2727
annotations:
28-
{{- toYaml $.Values.podAnnotations | nindent 8 }}
28+
{{- toYaml . | nindent 8 }}
2929
{{- end }}
3030
spec:
31-
{{- if $.Values.image.pullSecrets }}
31+
{{- with $.Values.image.pullSecrets }}
3232
imagePullSecrets:
33-
{{- toYaml $.Values.image.pullSecrets | nindent 8 }}
33+
{{- toYaml . | nindent 8 }}
3434
{{- end }}
3535
{{- if $.Values.serviceAccount.create }}
3636
serviceAccountName: {{ include "common.names.fullname" $ }}
@@ -60,20 +60,25 @@ spec:
6060
{{- end }}
6161
{{- tpl (toYaml $initContainers) $ | nindent 8 }}
6262
{{- end }}
63-
{{ if eq . "server" -}}
63+
{{- if eq $component "server" }}
6464
priorityClassName: {{ $.Values.priorityClassName }}
65+
{{- with $.Values.securityContext }}
6566
securityContext:
66-
{{- toYaml $.Values.securityContext | nindent 8 }}
67-
{{- else -}}
67+
{{- toYaml . | nindent 8 }}
68+
{{- end }}
69+
{{- else }}
6870
priorityClassName: {{ $.Values.worker.priorityClassName }}
71+
{{- with $.Values.worker.securityContext }}
6972
securityContext:
70-
{{- toYaml $.Values.worker.securityContext | nindent 8 }}
73+
{{- toYaml . | nindent 8 }}
74+
{{- end }}
7175
{{- end }}
7276
containers:
7377
- name: {{ $.Chart.Name }}
7478
image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag }}{{- if $.Values.image.digest -}}@{{ $.Values.image.digest }}{{- end -}}"
7579
imagePullPolicy: "{{ $.Values.image.pullPolicy }}"
76-
args: [{{ quote . }}]
80+
args:
81+
- {{ $component | quote }}
7782
env:
7883
{{- range $k, $v := $.Values.env }}
7984
- name: {{ quote $k }}
@@ -85,31 +90,33 @@ spec:
8590
valueFrom:
8691
{{- toYaml $val | nindent 16 }}
8792
{{- end }}
88-
{{- with $.Values.envFrom }}
93+
{{- with $.Values.envFrom }}
8994
envFrom:
90-
{{- toYaml . | nindent 12 }}
91-
{{- end }}
95+
{{- toYaml . | nindent 12 }}
96+
{{- end }}
97+
9298
volumeMounts:
93-
{{- if $.Values.geoip.enabled }}
99+
{{- if $.Values.geoip.enabled }}
94100
- name: geoip-db
95101
mountPath: /geoip
96-
{{- end }}
102+
{{- end }}
103+
104+
{{- if eq $component "worker" -}}
97105
{{- if $.Values.sidecar.blueprints.enabled }}
98106
- name: sidecar-blueprints
99107
mountPath: /blueprints/sidecar
100108
{{- end }}
101-
{{- with $.Values.volumeMounts }}
102-
{{- toYaml . | nindent 12 }}
103-
{{- end }}
104-
{{ if eq . "worker" -}}
105-
{{- with $.Values.blueprints }}
106-
{{- range $name := . }}
109+
110+
{{- range $name := $.Values.blueprints }}
107111
- name: blueprints-{{ $name }}
108112
mountPath: /blueprints/mounted/{{ $name }}
109-
{{- end }}
110113
{{- end }}
111-
{{- end }}
112-
{{- if eq . "server" }}
114+
{{- end }}{{/* end worker */}}
115+
116+
{{- with $.Values.volumeMounts }}
117+
{{- toYaml . | nindent 12 }}
118+
{{- end }}
119+
113120
ports:
114121
- name: http
115122
containerPort: 9000
@@ -120,24 +127,24 @@ spec:
120127
- name: https
121128
containerPort: 9443
122129
protocol: TCP
123-
{{- if $.Values.livenessProbe.enabled }}
124-
{{- with omit $.Values.livenessProbe "enabled" }}
130+
131+
{{- with $.Values.livenessProbe }}
132+
{{- if .enabled }}
125133
livenessProbe:
126-
{{- toYaml . | nindent 12 }}
127-
{{- end }}
128-
{{- end }}
129-
{{- if $.Values.readinessProbe.enabled }}
130-
{{- with omit $.Values.readinessProbe "enabled" }}
134+
{{- toYaml . | nindent 12 }}
135+
{{- end }}
136+
{{- end }}
137+
{{- with $.Values.readinessProbe }}
138+
{{- if .enabled }}
131139
readinessProbe:
132-
{{- toYaml . | nindent 12 }}
133-
{{- end }}
134-
{{- end }}
135-
{{- end }}
136-
{{- with index $.Values.resources . }}
140+
{{- toYaml . | nindent 12 }}
141+
{{- end }}
142+
{{- end }}
143+
{{- with (get $.Values.resources $component) }}
137144
resources:
138-
{{- toYaml . | nindent 12 }}
139-
{{- end }}
140-
{{- if $.Values.geoip.enabled }}
145+
{{- toYaml . | nindent 12 }}
146+
{{- end }}
147+
{{- if $.Values.geoip.enabled }}
141148
- name: geoip-sidecar
142149
image: "{{ $.Values.geoip.image }}"
143150
env:
@@ -154,7 +161,8 @@ spec:
154161
volumeMounts:
155162
- name: geoip-db
156163
mountPath: /usr/share/GeoIP
157-
{{- end }}
164+
{{- end }}
165+
{{- if eq $component "worker" }}
158166
{{- with $.Values.sidecar.blueprints }}
159167
{{- if .enabled }}
160168
- name: sidecar-blueprints
@@ -183,7 +191,8 @@ spec:
183191
mountPath: /blueprints/sidecar
184192
{{- end }}
185193
{{- end }}
186-
{{- with $.Values.additionalContainers }}
194+
{{- end }}{{/* end worker */}}
195+
{{- with $.Values.additionalContainers }}
187196
{{- $additionalContainers := list }}
188197
{{- range $name, $container := . }}
189198
{{- if not $container.name -}}
@@ -194,24 +203,24 @@ spec:
194203
{{- tpl (toYaml $additionalContainers) $ | nindent 8 }}
195204
{{- end }}
196205
volumes:
197-
{{- if $.Values.geoip.enabled }}
206+
{{- if $.Values.geoip.enabled }}
198207
- name: geoip-db
199208
emptyDir: {}
200-
{{- end }}
201-
{{- if $.Values.sidecar.blueprints.enabled }}
209+
{{- end }}
210+
{{- if eq $component "worker" }}
211+
{{- if $.Values.sidecar.blueprints.enabled }}
202212
- name: sidecar-blueprints
203213
emptyDir: {}
204-
{{- end }}
205-
{{- with $.Values.volumes }}
206-
{{- toYaml . | nindent 8 }}
207-
{{- end }}
208-
{{ if eq . "worker" -}}
209-
{{- with $.Values.blueprints }}
210-
{{- range $name := . }}
214+
{{- end }}
215+
{{- range $name := $.Values.blueprints }}
211216
- name: blueprints-{{ $name }}
212217
configMap:
213218
name: {{ $name }}
214219
{{- end }}
215-
{{- end }}
216-
{{- end }}
220+
{{- end }}{{/* end worker */}}
221+
222+
{{- with $.Values.volumes }}
223+
{{- toYaml . | nindent 8 }}
224+
{{- end }}
225+
217226
{{- end }}

‎charts/authentik/values.yaml

+1-1
Original file line numberDiff line numberDiff line change
@@ -166,7 +166,7 @@ readinessProbe:
166166
periodSeconds: 10
167167

168168
serviceAccount:
169-
# -- Service account is needed for managed outposts
169+
# -- Service account is needed for managed outposts and sidecar for blueprints
170170
create: true
171171
annotations: {}
172172

0 commit comments

Comments
 (0)