feat(deploy): add Helm chart

Author: cryptobioz

deploy/charts/managed-postgres-operator/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: managed-postgres-operator
+description: A Helm chart for the managed-postgres-operator
+type: application
+version: 0.1.0
+appVersion: "1.16.0"

deploy/charts/managed-postgres-operator/crds

@@ -0,0 +1 @@
+../../crds

deploy/charts/managed-postgres-operator/templates/_helpers.tpl

@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "managed-postgres-operator.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "managed-postgres-operator.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "managed-postgres-operator.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "managed-postgres-operator.labels" -}}
+helm.sh/chart: {{ include "managed-postgres-operator.chart" . }}
+{{ include "managed-postgres-operator.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "managed-postgres-operator.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "managed-postgres-operator.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "managed-postgres-operator.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "managed-postgres-operator.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

deploy/charts/managed-postgres-operator/templates/clusterrole.yaml

@@ -0,0 +1,51 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "managed-postgres-operator.fullname" . }}
+  labels:
+    {{- include "managed-postgres-operator.labels" . | nindent 4 }}
+rules:
+  - apiGroups:
+      - managed-postgres-operator.hoppscale.com
+    resources:
+      - postgresdatabases
+      - postgresroles
+      - postgresschemas
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - managed-postgres-operator.hoppscale.com
+    resources:
+      - postgresdatabases/finalizers
+      - postgresroles/finalizers
+      - postgresschemas/finalizers
+    verbs:
+      - update
+  - apiGroups:
+      - managed-postgres-operator.hoppscale.com
+    resources:
+      - postgresdatabases/status
+      - postgresroles/status
+      - postgresschemas/status
+    verbs:
+      - get
+      - patch
+      - update
+  - apiGroups:
+      - ""
+    resources:
+      - secrets
+    verbs:
+      - create
+      - update
+      - get
+      - list
+      - watch
+{{- end }}

deploy/charts/managed-postgres-operator/templates/clusterrolebinding.yaml

@@ -0,0 +1,16 @@
+{{- if .Values.rbac.create }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "managed-postgres-operator.fullname" . }}
+  labels:
+    {{- include "managed-postgres-operator.labels" . | nindent 4 }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "managed-postgres-operator.serviceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: ClusterRole
+  name: {{ include "managed-postgres-operator.fullname" . }}
+  apiGroup: rbac.authorization.k8s.io
+{{- end }}

deploy/charts/managed-postgres-operator/templates/deployment.yaml

@@ -0,0 +1,56 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "managed-postgres-operator.fullname" . }}
+  labels:
+    {{- include "managed-postgres-operator.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "managed-postgres-operator.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "managed-postgres-operator.labels" . | nindent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "managed-postgres-operator.serviceAccountName" . }}
+      {{- with .Values.podSecurityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: {{ .Chart.Name }}
+          {{- with .Values.securityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          {{- with .Values.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}

deploy/charts/managed-postgres-operator/templates/serviceaccount.yaml

@@ -0,0 +1,13 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "managed-postgres-operator.serviceAccountName" . }}
+  labels:
+    {{- include "managed-postgres-operator.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
+{{- end }}

deploy/charts/managed-postgres-operator/values.yaml

@@ -0,0 +1,35 @@
+replicaCount: 1
+
+image:
+  repository: ghcr.io/hoppscale/managed-postgres-operator
+  pullPolicy: IfNotPresent
+  tag: latest
+
+imagePullSecrets: []
+
+nameOverride: ""
+fullnameOverride: ""
+
+rbac:
+  create: true
+
+serviceAccount:
+  create: true
+  automount: true
+  annotations: {}
+  name: ""
+
+podAnnotations: {}
+podLabels: {}
+
+podSecurityContext: {}
+
+securityContext: {}
+
+resources: {}
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}

deploy/crds/managed-postgres-operator.hoppscale.com_postgresdatabases.yaml

@@ -0,0 +1,96 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.17.2
+  name: postgresdatabases.managed-postgres-operator.hoppscale.com
+spec:
+  group: managed-postgres-operator.hoppscale.com
+  names:
+    kind: PostgresDatabase
+    listKind: PostgresDatabaseList
+    plural: postgresdatabases
+    singular: postgresdatabase
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: PostgresDatabase is the Schema for the postgresdatabases API.
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: PostgresDatabaseSpec defines the desired state of PostgresDatabase.
+            properties:
+              extensions:
+                description: Extensions is the list of database extensions to install
+                  on the database.
+                items:
+                  type: string
+                type: array
+              keepOnDelete:
+                description: KeepOnDelete will determine if the deletion of the object
+                  should drop the remote PostgreSQL database. Default is false.
+                type: boolean
+              name:
+                description: Name is the PostgreSQL database's name.
+                type: string
+                x-kubernetes-validations:
+                - message: name is immutable
+                  rule: self == oldSelf
+              owner:
+                description: Owner is the PostgreSQL database's owner. It must be
+                  a valid existing role.
+                type: string
+              preserveConnectionsOnDelete:
+                description: PreserveConnectionsOnDelete will determine if the deletion
+                  of the object should drop the existing connections to the remote
+                  PostgreSQL database. Default is false.
+                type: boolean
+              privilegesByRole:
+                additionalProperties:
+                  description: PostgresDatabasePrivilegesSpec defines the desired
+                    database privileges to grant to roles
+                  properties:
+                    connect:
+                      type: boolean
+                    create:
+                      type: boolean
+                    temporary:
+                      type: boolean
+                  type: object
+                description: PrivilegesByRole will grant privileges to roles
+                type: object
+            required:
+            - name
+            type: object
+          status:
+            description: PostgresDatabaseStatus defines the observed state of PostgresDatabase.
+            properties:
+              succeeded:
+                type: boolean
+            required:
+            - succeeded
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}