This is an automated email from the ASF dual-hosted git repository. kezhenxu94 pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/skywalking-kubernetes.git
The following commit(s) were added to refs/heads/master by this push: new 8cf4be8 Add `cert-manager` sub-chart as quick start (#115) 8cf4be8 is described below commit 8cf4be873ca693340408b854d128d97fd088614e Author: kezhenxu94 <kezhenx...@apache.org> AuthorDate: Fri Mar 24 17:44:18 2023 +0800 Add `cert-manager` sub-chart as quick start (#115) Also unify the feature switch name to `enabled`. --- .gitignore | 4 +++ chart/operator/Chart.yaml | 5 ++++ chart/operator/README.md | 31 +++++++++++----------- chart/operator/templates/_helpers.tpl | 9 +------ chart/operator/templates/cert.yaml | 10 +++++-- chart/operator/templates/configmap.yaml | 6 ++--- chart/operator/templates/deployment.yaml | 12 ++++----- chart/operator/templates/java-agent-configmap.yaml | 4 +-- chart/operator/templates/service.yaml | 6 ++--- chart/operator/templates/webhook.yaml | 4 +-- chart/operator/values.yaml | 11 ++++++-- test/e2e/swck/e2e.yaml | 1 + 12 files changed, 60 insertions(+), 43 deletions(-) diff --git a/.gitignore b/.gitignore index 2f4c86e..7e8eb29 100644 --- a/.gitignore +++ b/.gitignore @@ -4,4 +4,8 @@ .vscode chart/skywalking/charts/ chart/skywalking/Chart.lock +chart/operator/charts +chart/operator/Chart.lock +chart/adapter/charts +chart/adapter/Chart.lock *.tgz diff --git a/chart/operator/Chart.yaml b/chart/operator/Chart.yaml index c6dab8f..b7e3693 100644 --- a/chart/operator/Chart.yaml +++ b/chart/operator/Chart.yaml @@ -26,3 +26,8 @@ maintainers: email: hanahm...@gmail.com - name: dashanji email: dashan...@gmail.com +dependencies: + - name: cert-manager + version: 1.9.1 + repository: https://charts.jetstack.io + condition: cert-manager.enabled diff --git a/chart/operator/README.md b/chart/operator/README.md index 6e54aed..406b3be 100644 --- a/chart/operator/README.md +++ b/chart/operator/README.md @@ -37,21 +37,22 @@ The command removes all the operator components associated with the chart and de The following table lists the configurable parameters of the operator chart and their default values. -| Parameter | Description | Default | -|--------------------------------------------------------------|--------------------------------------------------------------------------------------------------|--------------------------------------| -| `fullnameOverride` | Override fullname | `nil` | -| `.replicaCount` | The replicas of operator | `1` | -| `.serviceAccountName` | The service account name of operator | `skywalking-swck-controller-manager` | -| `.image.repository` | Operator container image name | `docker.io/apache/skywalking-swck` | -| `.image.pullPolicy` | Operator container image pull policy | `IfNotPresent` | -| `.image.tag` | Operator container image tag | `v0.7.0` | -| `.metrics.service.port` | The port for the operator metrics service | `8443` | -| `.webhook.service.port` | The port for the operator web hook service | `9443` | -| `.resources.limits.cpu` | The limits of cpu in the operator | `200m` | -| `.resources.limits.memory` | The limits of memory in the operator | `300Mi` | -| `.resources.requests.cpu` | The requests of cpu in the operator | `200m` | -| `.resources.requests.memory` | The requests of memory in the operator | `300Mi` | -| `.affinity` | The affinity policy of operator | `{}` | +| Parameter | Description | Default | +|------------------------------|------------------------------------------------------------------------------------------------------------------------------|--------------------------------------| +| `fullnameOverride` | Override fullname | `nil` | +| `.replicaCount` | The replicas of operator | `1` | +| `.serviceAccountName` | The service account name of operator | `skywalking-swck-controller-manager` | +| `.image.repository` | Operator container image name | `docker.io/apache/skywalking-swck` | +| `.image.pullPolicy` | Operator container image pull policy | `IfNotPresent` | +| `.image.tag` | Operator container image tag | `v0.7.0` | +| `.metrics.service.port` | The port for the operator metrics service | `8443` | +| `.webhook.service.port` | The port for the operator web hook service | `9443` | +| `.resources.limits.cpu` | The limits of cpu in the operator | `200m` | +| `.resources.limits.memory` | The limits of memory in the operator | `300Mi` | +| `.resources.requests.cpu` | The requests of cpu in the operator | `200m` | +| `.resources.requests.memory` | The requests of memory in the operator | `300Mi` | +| `.affinity` | The affinity policy of operator | `{}` | +| `cert-manager.enabled` | Whether to install demo cert-manager. DO NOT use this in production, this is for quick start. | `false` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, diff --git a/chart/operator/templates/_helpers.tpl b/chart/operator/templates/_helpers.tpl index e6a38f5..26cfe39 100644 --- a/chart/operator/templates/_helpers.tpl +++ b/chart/operator/templates/_helpers.tpl @@ -15,13 +15,6 @@ See the License for the specific language governing permissions and limitations under the License. */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "operator.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). @@ -63,7 +56,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} Selector labels */}} {{- define "operator.selectorLabels" -}} -app.kubernetes.io/name: {{ include "operator.name" . }} +app.kubernetes.io/name: {{ include "operator.fullname" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} diff --git a/chart/operator/templates/cert.yaml b/chart/operator/templates/cert.yaml index 6a945be..2f43d41 100644 --- a/chart/operator/templates/cert.yaml +++ b/chart/operator/templates/cert.yaml @@ -13,12 +13,15 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{- if .Values.webhook.enable }} +{{- if .Values.webhook.enabled }} apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: {{ include "operator.fullname" . }}-serving-cert namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "2" spec: dnsNames: - {{ include "operator.fullname" . }}-webhook-service.{{ .Release.Namespace }}.svc @@ -33,6 +36,9 @@ kind: Issuer metadata: name: {{ include "operator.fullname" . }}-selfsigned-issuer namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "1" spec: selfSigned: {} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/chart/operator/templates/configmap.yaml b/chart/operator/templates/configmap.yaml index 265e4b1..8590b73 100644 --- a/chart/operator/templates/configmap.yaml +++ b/chart/operator/templates/configmap.yaml @@ -41,14 +41,14 @@ data: kind: ControllerManagerConfig health: healthProbeBindAddress: :8081 - {{- if .Values.webhook.enable }} + {{- if .Values.webhook.enabled }} metrics: bindAddress: 127.0.0.1:8080 {{- end }} - {{- if .Values.webhook.enable }} + {{- if .Values.webhook.enabled }} webhook: port: {{ .Values.webhook.service.port }} {{- end }} leaderElection: leaderElect: true - resourceName: v1alpha1.swck.skywalking.apache.org \ No newline at end of file + resourceName: v1alpha1.swck.skywalking.apache.org diff --git a/chart/operator/templates/deployment.yaml b/chart/operator/templates/deployment.yaml index e8c2ac4..8206931 100644 --- a/chart/operator/templates/deployment.yaml +++ b/chart/operator/templates/deployment.yaml @@ -47,7 +47,7 @@ spec: initialDelaySeconds: 15 periodSeconds: 20 name: manager - {{- if .Values.webhook.enable }} + {{- if .Values.webhook.enabled }} ports: - containerPort: {{ .Values.webhook.service.port }} name: webhook-server @@ -64,7 +64,7 @@ spec: securityContext: {{- toYaml .Values.securityContext | nindent 10 }} volumeMounts: - {{- if .Values.webhook.enable }} + {{- if .Values.webhook.enabled }} - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true @@ -73,7 +73,7 @@ spec: name: manager-config subPath: controller_manager_config.yaml - args: - {{- if .Values.metrics.enable }} + {{- if .Values.metrics.enabled }} - --secure-listen-address=0.0.0.0:{{ .Values.metrics.service.port }} {{- end }} - --upstream=http://127.0.0.1:8080/ @@ -81,7 +81,7 @@ spec: - --v=10 image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 name: kube-rbac-proxy - {{- if .Values.metrics.enable }} + {{- if .Values.metrics.enabled }} ports: - containerPort: {{ .Values.metrics.service.port }} name: https @@ -92,7 +92,7 @@ spec: serviceAccountName: {{ include "operator.fullname" . }}-controller-manager terminationGracePeriodSeconds: 10 volumes: - {{- if .Values.webhook.enable }} + {{- if .Values.webhook.enabled }} - name: cert secret: defaultMode: 420 @@ -104,4 +104,4 @@ spec: {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/chart/operator/templates/java-agent-configmap.yaml b/chart/operator/templates/java-agent-configmap.yaml index 6161bfe..6e80871 100644 --- a/chart/operator/templates/java-agent-configmap.yaml +++ b/chart/operator/templates/java-agent-configmap.yaml @@ -1,4 +1,4 @@ -{{- if .Values.webhook.enable }} +{{- if .Values.webhook.enabled }} apiVersion: v1 kind: ConfigMap metadata: @@ -13,4 +13,4 @@ data: collector.backend_service=${SW_AGENT_COLLECTOR_BACKEND_SERVICES:127.0.0.1:11800} # Please refer to https://skywalking.apache.org/docs/skywalking-java/latest/en/setup/service-agent/java-agent/configurations/#table-of-agent-configuration-properties to get more details. -{{- end }} \ No newline at end of file +{{- end }} diff --git a/chart/operator/templates/service.yaml b/chart/operator/templates/service.yaml index 83231a5..0d8e2d1 100644 --- a/chart/operator/templates/service.yaml +++ b/chart/operator/templates/service.yaml @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{- if .Values.metrics.enable }} +{{- if .Values.metrics.enabled }} apiVersion: v1 kind: Service metadata: @@ -31,7 +31,7 @@ spec: control-plane: {{ include "operator.fullname" . }}-controller-manager {{- end }} --- -{{- if .Values.webhook.enable }} +{{- if .Values.webhook.enabled }} apiVersion: v1 kind: Service metadata: @@ -44,4 +44,4 @@ spec: targetPort: {{ .Values.webhook.service.port }} selector: control-plane: {{ include "operator.fullname" . }}-controller-manager -{{- end }} \ No newline at end of file +{{- end }} diff --git a/chart/operator/templates/webhook.yaml b/chart/operator/templates/webhook.yaml index 4d38c08..db16a44 100644 --- a/chart/operator/templates/webhook.yaml +++ b/chart/operator/templates/webhook.yaml @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{- if .Values.webhook.enable }} +{{- if .Values.webhook.enabled }} apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: @@ -412,4 +412,4 @@ webhooks: resources: - uis sideEffects: None -{{- end }} \ No newline at end of file +{{- end }} diff --git a/chart/operator/values.yaml b/chart/operator/values.yaml index f10c96c..ddbed3a 100644 --- a/chart/operator/values.yaml +++ b/chart/operator/values.yaml @@ -27,7 +27,7 @@ image: securityContext: allowPrivilegeEscalation: false metrics: - enable: true + enabled: true service: port: 8443 # install crds @@ -36,7 +36,7 @@ crds: # enable webhook. webhook: # If set to false, java agent injector is disabled. - enable: true + enabled: true service: port: 9443 resources: @@ -51,3 +51,10 @@ resources: cpu: 200m memory: 300Mi affinity: {} + +nameOverride: "" +fullnameOverride: "" + +cert-manager: + enabled: false + installCRDs: true diff --git a/test/e2e/swck/e2e.yaml b/test/e2e/swck/e2e.yaml index 57ac70a..c83863e 100644 --- a/test/e2e/swck/e2e.yaml +++ b/test/e2e/swck/e2e.yaml @@ -40,6 +40,7 @@ setup: for: condition=Available - name: Install operator command: | + helm dep up chart/operator helm install operator chart/operator --namespace=skywalking-swck-system \ --create-namespace \ --set fullnameOverride=skywalking-swck