chore(well-known)!: couple of well-known changes that removes ingress and kubernetes network policy

We don't provide ingresses and network policies in our standard. Also remove non-standard readme
2024-11-14 20:00:32 +01:00 · 2024-11-14 20:00:32 +01:00 · 5ae9e55f9f
commit 5ae9e55f9f
parent 811ca49df3
5 changed files with 1 additions and 268 deletions
--- a/charts/well-known/Chart.yaml
+++ b/charts/well-known/Chart.yaml
@ -8,9 +8,8 @@ version: 2.0.9
 maintainers:
 - email: tommy@252.no
  name: Tommy Skaug
 home: https://code.252.no/pub/charts/src/branch/main/charts/well-known
 sources:
- https://code.252.no/tommy/well-known
+- https://code.252.no/pub/well-known
 keywords:
 - well-known
 - server
--- a/charts/well-known/README.md
+++ b/charts/well-known/README.md
@ -1,98 +0,0 @@
 # well-known
 ## TL;DR;
 ```console
 helm repo add k8status https://stenic.github.io/well-known/
 helm install well-known --namespace well-known well-known/well-known
 ```
 ## Introduction
 This chart installs `well-known` on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 ## Prerequisites
 - Kubernetes 1.18+
 - Helm 3.0+
 ## Installing the Chart
 To install the chart with the release name `my-release`:
 ```console
 helm repo add well-known https://stenic.github.io/well-known/
 helm install well-known --namespace well-known well-known/well-known
 ```
 These commands deploy well-known on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
 > **Tip**: List all releases using `helm list`
 ## Uninstalling the Chart
 To uninstall/delete the `my-release` deployment:
 ```console
 helm delete my-release
 ```
 The command removes all the Kubernetes components associated with the chart and deletes the release.
 ## Configuration
 The following tables list the configurable parameters of the well-known chart and their default values.
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | affinity | object | `{}` |  |
 | autoscaling.enabled | bool | `false` |  |
 | autoscaling.maxReplicas | int | `100` |  |
 | autoscaling.minReplicas | int | `1` |  |
 | autoscaling.targetCPUUtilizationPercentage | int | `80` |  |
 | fullnameOverride | string | `""` |  |
 | image.pullPolicy | string | `"Always"` |  |
 | image.repository | string | `"ghcr.io/stenic/well-known"` |  |
 | image.tag | string | `""` |  |
 | imagePullSecrets | list | `[]` |  |
 | ingress.annotations | object | `{}` |  |
 | ingress.className | string | `""` |  |
 | ingress.enabled | bool | `false` |  |
 | ingress.hosts[0].host | string | `"chart-example.local"` |  |
 | ingress.hosts[0].paths[0].path | string | `"/.well-known/"` |  |
 | ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
 | ingress.tls | list | `[]` |  |
 | nameOverride | string | `""` |  |
 | networkpolicies.enabled | bool | `false` |  |
 | networkpolicies.kubeApiServerCIDR | string | `"<IP>/32"` |  |
 | nodeSelector | object | `{}` |  |
 | podAnnotations | object | `{}` |  |
 | podSecurityContext | object | `{}` |  |
 | replicaCount | int | `2` |  |
 | resources.limits.cpu | string | `"50m"` |  |
 | resources.limits.memory | string | `"64Mi"` |  |
 | resources.requests.cpu | string | `"20m"` |  |
 | resources.requests.memory | string | `"32Mi"` |  |
 | securityContext.allowPrivilegeEscalation | bool | `false` |  |
 | securityContext.capabilities.drop[0] | string | `"ALL"` |  |
 | securityContext.readOnlyRootFilesystem | bool | `true` |  |
 | securityContext.runAsNonRoot | bool | `true` |  |
 | serviceAccount.annotations | object | `{}` |  |
 | serviceAccount.create | bool | `true` |  |
 | serviceAccount.name | string | `""` |  |
 | tolerations | list | `[]` |  |
 | webserver.image.pullPolicy | string | `"Always"` |  |
 | webserver.image.repository | string | `"nginxinc/nginx-unprivileged"` |  |
 | webserver.image.tag | string | `"1.23"` |  |
 | webserver.resources.limits.cpu | string | `"50m"` |  |
 | webserver.resources.limits.memory | string | `"24Mi"` |  |
 | webserver.resources.requests.cpu | string | `"10m"` |  |
 | webserver.resources.requests.memory | string | `"10Mi"` |  |
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
 Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
 ```console
 helm install my-release -f values.yaml well-known/well-known
 ```
--- a/charts/well-known/README.md.gotmpl
+++ b/charts/well-known/README.md.gotmpl
@ -1,57 +0,0 @@
 {{ template "chart.header" . }}
 ## TL;DR;
 ```console
 helm repo add k8status https://stenic.github.io/well-known/
 helm install well-known --namespace well-known well-known/{{ template "chart.name" . }}
 ```
 ## Introduction
 This chart installs `{{ template "chart.name" . }}` on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 ## Prerequisites
 - Kubernetes 1.18+
 - Helm 3.0+
 ## Installing the Chart
 To install the chart with the release name `my-release`:
 ```console
 helm repo add well-known https://stenic.github.io/well-known/
 helm install well-known --namespace well-known well-known/{{ template "chart.name" . }}
 ```
 These commands deploy {{ template "chart.name" . }} on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
 > **Tip**: List all releases using `helm list`
 ## Uninstalling the Chart
 To uninstall/delete the `my-release` deployment:
 ```console
 helm delete my-release
 ```
 The command removes all the Kubernetes components associated with the chart and deletes the release.
 ## Configuration
 The following tables list the configurable parameters of the {{ template "chart.name" . }} chart and their default values.
 {{ template "chart.valuesTable" . }}
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
 Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
 ```console
 helm install my-release -f values.yaml well-known/{{ template "chart.name" . }}
 ```
--- a/charts/well-known/templates/ingress.yaml
+++ b/charts/well-known/templates/ingress.yaml
@ -1,62 +0,0 @@
 {{- if .Values.ingress.enabled -}}
 {{- $fullName := include "well-known.fullname" . -}}
 {{- $svcPort := .Values.service.port -}}
 {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
  {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
  {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
  {{- end }}
 {{- end }}
 {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1
 {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1beta1
 {{- else -}}
 apiVersion: extensions/v1beta1
 {{- end }}
 kind: Ingress
 metadata:
  name: {{ $fullName }}
  namespace: {{ .Release.Namespace }}
  labels:
    {{- include "well-known.labels" . | nindent 4 }}
  {{- with .Values.ingress.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 spec:
  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
  ingressClassName: {{ .Values.ingress.className }}
  {{- end }}
  {{- if .Values.ingress.tls }}
  tls:
    {{- range .Values.ingress.tls }}
    - hosts:
        {{- range .hosts }}
        - {{ . | quote }}
        {{- end }}
      secretName: {{ .secretName }}
    {{- end }}
  {{- end }}
  rules:
    {{- range .Values.ingress.hosts }}
    - host: {{ .host | quote }}
      http:
        paths:
          {{- range .paths }}
          - path: {{ .path }}
            {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
            pathType: {{ .pathType }}
            {{- end }}
            backend:
              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
              service:
                name: {{ $fullName }}
                port:
                  number: {{ $svcPort }}
              {{- else }}
              serviceName: {{ $fullName }}
              servicePort: {{ $svcPort }}
              {{- end }}
          {{- end }}
    {{- end }}
 {{- end }}
--- a/charts/well-known/templates/networkpolicy.yaml
+++ b/charts/well-known/templates/networkpolicy.yaml
@ -1,49 +0,0 @@
 {{- if .Values.networkpolicies.enabled -}}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  name: {{ include "well-known.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels:
    {{- include "well-known.labels" . | nindent 4 }}
 spec:
  podSelector:
    matchLabels:
 	    {{- include "well-known.selectorLabels" . | nindent 6 }}
  policyTypes:
    - Ingress
    - Egress
  ingress:
    # Accept all traffic on http port
    - ports:
        - port: http
          protocol: TCP
  egress:
    # Allow all traffic to the kubernetes API
    {{- range .Values.networkpolicies.kubeApi }}
    - to:
        {{- range .addresses }}
        - ipBlock:
            cidr: {{ . }}/32
        {{- end }}
      ports:
        {{- range .ports | default (list 443) }}
        - port: {{ . }}
          protocol: TCP
        {{- end }}
    {{- end }}
    # Allow traffic to kube-dns
    - to:
        - namespaceSelector:
            matchLabels:
              kubernetes.io/metadata.name: kube-system
          podSelector:
            matchLabels:
              k8s-app: kube-dns
      ports:
        - port: 53
          protocol: UDP
        - port: 53
          protocol: TCP
 {{- end -}}