github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/ingress-nginx/templates/_helpers.tpl (about) 1 {{/* vim: set filetype=mustache: */}} 2 {{/* 3 Expand the name of the chart. 4 */}} 5 {{- define "ingress-nginx.name" -}} 6 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 {{- end -}} 8 9 {{/* 10 Create chart name and version as used by the chart label. 11 */}} 12 {{- define "ingress-nginx.chart" -}} 13 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 14 {{- end -}} 15 16 {{/* 17 Create a default fully qualified app name. 18 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 19 */}} 20 {{- define "ingress-nginx.fullname" -}} 21 {{- if .Values.fullnameOverride -}} 22 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 23 {{- else -}} 24 {{- $name := default .Chart.Name .Values.nameOverride -}} 25 {{- if contains $name .Release.Name -}} 26 {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 27 {{- else -}} 28 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 29 {{- end -}} 30 {{- end -}} 31 {{- end -}} 32 33 34 {{/* 35 Container SecurityContext. 36 */}} 37 {{- define "controller.containerSecurityContext" -}} 38 {{- if .Values.controller.containerSecurityContext -}} 39 {{- toYaml .Values.controller.containerSecurityContext -}} 40 {{- else -}} 41 capabilities: 42 drop: 43 - ALL 44 add: 45 - NET_BIND_SERVICE 46 {{- if .Values.controller.image.chroot }} 47 - SYS_CHROOT 48 {{- end }} 49 runAsUser: {{ .Values.controller.image.runAsUser }} 50 allowPrivilegeEscalation: {{ .Values.controller.image.allowPrivilegeEscalation }} 51 {{- end }} 52 {{- end -}} 53 54 {{/* 55 Get specific image 56 */}} 57 {{- define "ingress-nginx.image" -}} 58 {{- if .chroot -}} 59 {{- printf "%s-chroot" .image -}} 60 {{- else -}} 61 {{- printf "%s" .image -}} 62 {{- end }} 63 {{- end -}} 64 65 {{/* 66 Get specific image digest 67 */}} 68 {{- define "ingress-nginx.imageDigest" -}} 69 {{- if .chroot -}} 70 {{- if .digestChroot -}} 71 {{- printf "@%s" .digestChroot -}} 72 {{- end }} 73 {{- else -}} 74 {{ if .digest -}} 75 {{- printf "@%s" .digest -}} 76 {{- end -}} 77 {{- end -}} 78 {{- end -}} 79 80 {{/* 81 Create a default fully qualified controller name. 82 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 83 */}} 84 {{- define "ingress-nginx.controller.fullname" -}} 85 {{- printf "%s-%s" (include "ingress-nginx.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}} 86 {{- end -}} 87 88 {{/* 89 Construct a unique electionID. 90 Users can provide an override for an explicit electionID if they want via `.Values.controller.electionID` 91 */}} 92 {{- define "ingress-nginx.controller.electionID" -}} 93 {{- $defElectionID := printf "%s-leader" (include "ingress-nginx.fullname" .) -}} 94 {{- $electionID := default $defElectionID .Values.controller.electionID -}} 95 {{- print $electionID -}} 96 {{- end -}} 97 98 {{/* 99 Construct the path for the publish-service. 100 101 By convention this will simply use the <namespace>/<controller-name> to match the name of the 102 service generated. 103 104 Users can provide an override for an explicit service they want bound via `.Values.controller.publishService.pathOverride` 105 106 */}} 107 {{- define "ingress-nginx.controller.publishServicePath" -}} 108 {{- $defServiceName := printf "%s/%s" "$(POD_NAMESPACE)" (include "ingress-nginx.controller.fullname" .) -}} 109 {{- $servicePath := default $defServiceName .Values.controller.publishService.pathOverride }} 110 {{- print $servicePath | trimSuffix "-" -}} 111 {{- end -}} 112 113 {{/* 114 Create a default fully qualified default backend name. 115 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 116 */}} 117 {{- define "ingress-nginx.defaultBackend.fullname" -}} 118 {{- printf "%s-%s" (include "ingress-nginx.fullname" .) .Values.defaultBackend.name | trunc 63 | trimSuffix "-" -}} 119 {{- end -}} 120 121 {{/* 122 Common labels 123 */}} 124 {{- define "ingress-nginx.labels" -}} 125 helm.sh/chart: {{ include "ingress-nginx.chart" . }} 126 {{ include "ingress-nginx.selectorLabels" . }} 127 {{- if .Chart.AppVersion }} 128 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 129 {{- end }} 130 app.kubernetes.io/part-of: {{ template "ingress-nginx.name" . }} 131 app.kubernetes.io/managed-by: {{ .Release.Service }} 132 {{- if .Values.commonLabels}} 133 {{ toYaml .Values.commonLabels }} 134 {{- end }} 135 {{- end -}} 136 137 {{/* 138 Selector labels 139 */}} 140 {{- define "ingress-nginx.selectorLabels" -}} 141 app.kubernetes.io/name: {{ include "ingress-nginx.name" . }} 142 app.kubernetes.io/instance: {{ .Release.Name }} 143 {{- end -}} 144 145 {{/* 146 Create the name of the controller service account to use 147 */}} 148 {{- define "ingress-nginx.serviceAccountName" -}} 149 {{- if .Values.serviceAccount.create -}} 150 {{ default (include "ingress-nginx.fullname" .) .Values.serviceAccount.name }} 151 {{- else -}} 152 {{ default "default" .Values.serviceAccount.name }} 153 {{- end -}} 154 {{- end -}} 155 156 {{/* 157 Create the name of the backend service account to use - only used when podsecuritypolicy is also enabled 158 */}} 159 {{- define "ingress-nginx.defaultBackend.serviceAccountName" -}} 160 {{- if .Values.defaultBackend.serviceAccount.create -}} 161 {{ default (printf "%s-backend" (include "ingress-nginx.fullname" .)) .Values.defaultBackend.serviceAccount.name }} 162 {{- else -}} 163 {{ default "default-backend" .Values.defaultBackend.serviceAccount.name }} 164 {{- end -}} 165 {{- end -}} 166 167 {{/* 168 Return the appropriate apiGroup for PodSecurityPolicy. 169 */}} 170 {{- define "podSecurityPolicy.apiGroup" -}} 171 {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 172 {{- print "policy" -}} 173 {{- else -}} 174 {{- print "extensions" -}} 175 {{- end -}} 176 {{- end -}} 177 178 {{/* 179 Check the ingress controller version tag is at most three versions behind the last release 180 */}} 181 {{- define "isControllerTagValid" -}} 182 {{- if not (semverCompare ">=0.27.0-0" .Values.controller.image.tag) -}} 183 {{- fail "Controller container image tag should be 0.27.0 or higher" -}} 184 {{- end -}} 185 {{- end -}} 186 187 {{/* 188 IngressClass parameters. 189 */}} 190 {{- define "ingressClass.parameters" -}} 191 {{- if .Values.controller.ingressClassResource.parameters -}} 192 parameters: 193 {{ toYaml .Values.controller.ingressClassResource.parameters | indent 4}} 194 {{ end }} 195 {{- end -}} 196 197 {{/* 198 Extra modules. 199 */}} 200 {{- define "extraModules" -}} 201 202 - name: {{ .name }} 203 image: {{ .image }} 204 command: ['sh', '-c', '/usr/local/bin/init_module.sh'] 205 {{- if (.containerSecurityContext) }} 206 securityContext: {{ .containerSecurityContext | toYaml | nindent 4 }} 207 {{- end }} 208 volumeMounts: 209 - name: {{ toYaml "modules"}} 210 mountPath: {{ toYaml "/modules_mount"}} 211 212 {{- end -}} 213 214 {{/* 215 Create a default fully qualified name with the release namesapce. 216 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 217 */}} 218 {{- define "ingress-nginx.namespacedfullname" -}} 219 {{- printf "%s-%s" .Release.Namespace (include "ingress-nginx.fullname" .) | trunc 63 | trimSuffix "-" -}} 220 {{- end -}}