From f7070b16f977442bc437bb13a9115386968dfcb2 Mon Sep 17 00:00:00 2001 From: Lukasz Zajaczkowski Date: Fri, 2 Dec 2022 13:13:26 +0100 Subject: [PATCH] introduce lua script --- plural/helm/console/Chart.yaml | 2 +- plural/helm/console/values.yaml.lua | 110 ++++++++++++++++++++++++++++ plural/helm/console/values.yaml.tpl | 105 -------------------------- 3 files changed, 111 insertions(+), 106 deletions(-) create mode 100755 plural/helm/console/values.yaml.lua delete mode 100644 plural/helm/console/values.yaml.tpl diff --git a/plural/helm/console/Chart.yaml b/plural/helm/console/Chart.yaml index 9c50d86523..bb8548e2bc 100644 --- a/plural/helm/console/Chart.yaml +++ b/plural/helm/console/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 0.3.6 description: A chart for plural console name: console -version: 0.7.28 +version: 0.7.29 dependencies: - name: test-base repository: https://pluralsh.github.io/module-library diff --git a/plural/helm/console/values.yaml.lua b/plural/helm/console/values.yaml.lua new file mode 100755 index 0000000000..ce58edd624 --- /dev/null +++ b/plural/helm/console/values.yaml.lua @@ -0,0 +1,110 @@ +valuesYaml = { + global={ + application={ + links={ + { description= "console web ui", + url=Var.Values.console_dns + } + } + } + }, + + enabled=true, + ingressClass="nginx", + replicaCount=2, + provider=Var.Provider, + license=Var.License, + ingress={ + console_dns=Var.Values.console_dns + }, + serviceAccount= { + create=true, + annotations="eks.amazonaws.com/role-arn: arn:aws:iam::" .. Var.Project .. ":role/" ..Var.Cluster .. "-console" + }, + secrets={ + jwt=dedupe(Var, "console.secrets.jwt", randAlphaNum(20)), + admin_name=default("someone", Var.Values.admin_name), + admin_email=dedupe(Var, "console.secrets.admin_email", default("someone@example.com", Var.Config.Email)), + admin_password=dedupe(Var, "console.secrets.admin_password", randAlphaNum(20)), + cluster_name=Var.Cluster, + erlang=dedupe(Var, "console.secrets.erlang", randAlphaNum(14)), + id_rsa=ternary(Var.Values.private_key, dedupe(Var, "console.secrets.id_rsa", ""), hasKey (Var.Values, "private_key")), + id_rsa_pub=ternary(Var.Values.public_key, dedupe(Var, "console.secrets.id_rsa_pub", ""), hasKey(Var.Values, "public_key")), + ssh_passphrase=ternary(Var.Values.passphrase, dedupe(Var, "console.secrets.ssh_passphrase", ""), hasKey(Var.Values, "passphrase")), + git_access_token=ternary(Var.Values.access_token, dedupe(Var, "console.secrets.git_access_token", ""), hasKey(Var.Values, "access_token")), + git_user=default("console", Var.Values.git_user), + git_email=default("console@plural.sh", Var.Values.git_email), + git_url="", + repo_root="", + branch_name="", + config="", + key="", + } +} + +if Var.Provider == "kind" then + valuesYaml.ingress.annotations = { + "external-dns.alpha.kubernetes.io/target: '127.0.0.1'" + } + valuesYaml.replicaCount=1 +end + +if Var.Provider == "google" then + valuesYaml.serviceAccount.create = false +end + +if Var.Provider == "azure" then + valuesYaml.podLabels={ + "aadpodidbinding: console" + } + valuesYaml.consoleIdentityId=importValue("Terraform", "console_msi_id") + valuesYaml.consoleIdentityClientId=importValue("Terraform", "console_msi_client_id") + + valuesYaml.extraEnv={ + { + name="ARM_USE_MSI", + value = true + + }, + { + name="ARM_SUBSCRIPTION_ID", + value=Var.Context.SubscriptionId + }, + { + name="ARM_TENANT_ID", + value= Var.Context.TenantId + } + } + +end + +if Var.OIDC ~= nil then + valuesYaml.secrets.plural_client_id=Var.OIDC.ClientId + valuesYaml.secrets.plural_client_secret=Var.OIDC.ClientSecret +end + +if Var.Values.is_demo then + valuesYaml.secrets.is_demo=Var.Values.is_demo +end + +if Var.Values.console_dns then + local gitUrl=dig("console", "secrets", "git_url", "default", Var) + local identity=pathJoin(repoRoot(), ".plural-crypt", "identity") + if gitUrl == "default" or gitUrl == "" then + valuesYaml.secrets.git_url=repoUrl() + else + valuesYaml.secrets.git_url=gitUrl + end + + valuesYaml.secrets.repo_root=repoName() + valuesYaml.secrets.branch_name=branchName() + valuesYaml.secrets.config=readFile(pathJoin(homeDir(),".plural","config.yml")) + + if fileExists(identity) then + valuesYaml.secrets.identity=readFile(identity) + elseif dig("console", "secrets", "identity", "default", Var) ~= "default" then + valuesYaml.secrets.identity= Var.console.secrets.identity + else + valuesYaml.secrets.key=readFile(pathJoin(homeDir(), ".plural", "key")) + end +end diff --git a/plural/helm/console/values.yaml.tpl b/plural/helm/console/values.yaml.tpl deleted file mode 100644 index 3cb01a4692..0000000000 --- a/plural/helm/console/values.yaml.tpl +++ /dev/null @@ -1,105 +0,0 @@ -global: - application: - links: - - description: console web ui - url: {{ .Values.console_dns }} - -{{- if eq .Provider "kind" }} -replicaCount: 1 -{{- end }} - -ingress: - console_dns: {{ .Values.console_dns }} - {{- if eq .Provider "kind" }} - annotations: - external-dns.alpha.kubernetes.io/target: "127.0.0.1" - {{- end }} - -provider: {{ .Provider }} - -{{ if eq .Provider "azure" }} -podLabels: - aadpodidbinding: console - -consoleIdentityId: {{ importValue "Terraform" "console_msi_id" }} -consoleIdentityClientId: {{ importValue "Terraform" "console_msi_client_id" }} -{{ end }} - -{{- if or (eq .Provider "azure") .Configuration.loki }} -extraEnv: -{{- if .Configuration.loki }} -- name: LOKI_HOST - value: http://loki-loki-distributed-gateway.loki -{{- end }} -{{ if eq .Provider "azure" }} -- name: ARM_USE_MSI - value: 'true' -- name: ARM_SUBSCRIPTION_ID - value: {{ .Context.SubscriptionId }} -- name: ARM_TENANT_ID - value: {{ .Context.TenantId }} -{{- end }} -{{- end }} - -serviceAccount: -{{ if eq .Provider "google" }} - create: false -{{ end }} - annotations: - eks.amazonaws.com/role-arn: arn:aws:iam::{{ .Project }}:role/{{ .Cluster }}-console - -secrets: - jwt: {{ dedupe . "console.secrets.jwt" (randAlphaNum 20) }} - admin_name: {{ .Values.admin_name }} - admin_email: {{ dedupe . "console.secrets.admin_email" (default "someone@example.com" .Config.Email) }} - admin_password: {{ dedupe . "console.secrets.admin_password" (randAlphaNum 20) }} -{{ if .Values.console_dns }} -{{ $gitUrl := dig "console" "secrets" "git_url" "default" .}} -{{ if or (eq $gitUrl "default") (not $gitUrl) }} - git_url: {{ repoUrl }} -{{ else }} - git_url: {{ $gitUrl }} -{{ end }} - repo_root: {{ repoName }} - branch_name: {{ branchName }} - config: {{ readFile (homeDir ".plural" "config.yml") | quote }} -{{ $identity := pathJoin repoRoot ".plural-crypt" "identity" }} -{{ if fileExists $identity }} - identity: {{ readFile $identity | quote }} -{{ else if ne (dig "console" "secrets" "identity" "default" .) "default" }} - identity: {{ .console.secrets.identity | quote }} -{{ end }} - key: {{ dedupe . "console.secrets.key" (readFile (homeDir ".plural" "key")) | quote }} -{{ else }} - git_url: '' - repo_root: '' - branch_name: '' - config: '' - key: '' -{{ end }} - cluster_name: {{ .Cluster }} - erlang: {{ dedupe . "console.secrets.erlang" (randAlphaNum 14) }} - id_rsa: {{ ternary .Values.private_key (dedupe . "console.secrets.id_rsa" "") (hasKey .Values "private_key") | quote }} - id_rsa_pub: {{ ternary .Values.public_key (dedupe . "console.secrets.id_rsa_pub" "") (hasKey .Values "public_key") | quote }} - ssh_passphrase: {{ ternary .Values.passphrase (dedupe . "console.secrets.ssh_passphrase" "") (hasKey .Values "passphrase") | quote }} - git_access_token: {{ ternary .Values.access_token (dedupe . "console.secrets.git_access_token" "") (hasKey .Values "access_token") | quote }} - git_user: {{ default "console" .Values.git_user }} - git_email: {{ default "console@plural.sh" .Values.git_email }} -{{ if .OIDC }} - plural_client_id: {{ .OIDC.ClientId }} - plural_client_secret: {{ .OIDC.ClientSecret }} -{{ end }} -{{ if .Values.is_demo }} - is_demo: {{ .Values.is_demo }} -{{ end }} - -license: {{ .License | quote }} - -{{- if .Values.testBase.enabled }} -test-base: - enabled: true - secret: - CYPRESS_EMAIL: {{ .Values.testBase.cypressEmail }} - CYPRESS_PASSWORD: {{ .Values.testBase.cypressPassword }} - CYPRESS_BASE_URL: https://{{ .Values.console_dns }}/ -{{- end }}