Skip to content

updating scoop template #230

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

updating scoop template #230

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3cb82e8
updating scoop template
YashasviDevtron Jun 27, 2024
68e1d08
Update values.yaml
YashasviDevtron Jun 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions charts/scoop/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
apiVersion: v1
name: dt-scoop
description: Chart to deploy scoop
type: application
version: 0.1.2
appVersion: "1.16.0"
maintainers:
- email: [email protected]
name: Devops-Team DEVTRON
Binary file added charts/scoop/dt-scoop-0.1.2.tgz
View file
Open in desktop
Binary file not shown.
32 changes: 32 additions & 0 deletions charts/scoop/templates/clusterrole.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
name: read-only-cluster-role-scoop
rules:
- apiGroups:
- '*'
resources:
- '*'

Check warning

Code scanning / SonarCloud

Wildcards should not be used to define RBAC permissions

<!--SONAR_ISSUE_KEY:AZBYC-7WDnc0ff4mZPyQ-->Do not use wildcards when defining RBAC permissions. <p>See more on <a href="https://sonarcloud.io/project/issues?id=devtron-labs_charts&issues=AZBYC-7WDnc0ff4mZPyQ&open=AZBYC-7WDnc0ff4mZPyQ&pullRequest=230">SonarCloud</a></p>
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- '*'

Check warning

Code scanning / SonarCloud

Wildcards should not be used to define RBAC permissions

<!--SONAR_ISSUE_KEY:AZBYC-7WDnc0ff4mZPyR-->Do not use wildcards when defining RBAC permissions. <p>See more on <a href="https://sonarcloud.io/project/issues?id=devtron-labs_charts&issues=AZBYC-7WDnc0ff4mZPyR&open=AZBYC-7WDnc0ff4mZPyR&pullRequest=230">SonarCloud</a></p>
verbs:
- get
- list
- watch
- apiGroups:
- apps
resources:
- '*'

Check warning

Code scanning / SonarCloud

Wildcards should not be used to define RBAC permissions

<!--SONAR_ISSUE_KEY:AZBYC-7WDnc0ff4mZPyS-->Do not use wildcards when defining RBAC permissions. <p>See more on <a href="https://sonarcloud.io/project/issues?id=devtron-labs_charts&issues=AZBYC-7WDnc0ff4mZPyS&open=AZBYC-7WDnc0ff4mZPyS&pullRequest=230">SonarCloud</a></p>
verbs:
- get
- list
- watch
---
12 changes: 12 additions & 0 deletions charts/scoop/templates/clusterrolebinding.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: read-only-user-crb-scoop
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: read-only-cluster-role-scoop
subjects:
- kind: ServiceAccount
name: scoop-sa
namespace: {{ $.Values.scoopnamespace | default .Release.Namespace }}
14 changes: 14 additions & 0 deletions charts/scoop/templates/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{{- if $.Values.ConfigMap.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ $.Values.ConfigMap.name }}
namespace: {{ $.Values.scoopnamespace | default .Release.Namespace }}
{{- if $.Values.ConfigMap.data }}
data:
{{ toYaml $.Values.ConfigMap.data | indent 2 }}
{{- end }}
{{- end}}



77 changes: 77 additions & 0 deletions charts/scoop/templates/deployment.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@

apiVersion: apps/v1
kind: Deployment
metadata:
name: scoop-deployment
labels:
{{- if $.Values.labels }}
{{ toYaml $.Values.labels | nindent 4 }}
{{- end }}
namespace: {{ $.Values.scoopnamespace | default .Release.Namespace }}
spec:
selector:
matchLabels:
app: scoop-chart
{{- if $.Values.scoop.replicacount }}
replicas: {{ $.Values.scoop.replicacount}}
{{- end }}
minReadySeconds: 60
template:
metadata:
labels:
app: scoop-chart
{{- if $.Values.labels }}
{{ toYaml $.Values.labels | indent 4 }}
{{- end }}
spec:

Check warning

Code scanning / SonarCloud

Service account tokens should not be mounted in pods

<!--SONAR_ISSUE_KEY:AZBYC-63Dnc0ff4mZPyP-->Set automountServiceAccountToken to false for this specification of kind Deployment. <p>See more on <a href="https://sonarcloud.io/project/issues?id=devtron-labs_charts&issues=AZBYC-63Dnc0ff4mZPyP&open=AZBYC-63Dnc0ff4mZPyP&pullRequest=230">SonarCloud</a></p>
serviceAccountName: scoop-sa
terminationGracePeriodSeconds: 30

{{- if $.Values.scoop.imagePullSecrets }}
imagePullSecrets:
- name: {{ $.Values.scoop.imagePullSecrets }}
{{- end }}
restartPolicy: Always

{{- if $.Values.volumes }}
volumes:
{{ toYaml $.Values.volumes | indent 8 }}
{{- end }}

containers:
- name: scoop-chart

Check warning

Code scanning / SonarCloud

Memory limits should be enforced

<!--SONAR_ISSUE_KEY:AZBYC-63Dnc0ff4mZPyO-->Specify a memory limit for this container. <p>See more on <a href="https://sonarcloud.io/project/issues?id=devtron-labs_charts&issues=AZBYC-63Dnc0ff4mZPyO&open=AZBYC-63Dnc0ff4mZPyO&pullRequest=230">SonarCloud</a></p>
image: {{ $.Values.scoop.imagename }}
imagePullPolicy: IfNotPresent
ports:
- name: app
containerPort: 8080
protocol: TCP
{{- if $.Values.env }}
env:
{{ toYaml $.Values.env | indent 12 }}
{{- end }}

{{- if or $.Values.ConfigMap.enabled $.Values.secrets.enabled }}
envFrom:
{{- if $.Values.ConfigMap.enabled }}
- configMapRef:
name: {{ $.Values.ConfigMap.name }}
{{- end }}

{{- if $.Values.secrets.enabled }}
- SecretRef:
name: {{ $.Values.secrets.name }}
{{- end }}
{{- end }}

{{- if $.Values.resources }}
resources:
{{ toYaml $.Values.resources | indent 12 }}
{{- end }}

{{- if $.Values.volumeMounts }}
volumeMounts:
{{ toYaml $.Values.volumeMounts | indent 12 }}
{{- end }}
revisionHistoryLimit: 3

13 changes: 13 additions & 0 deletions charts/scoop/templates/secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{{- if $.Values.secrets.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: {{ $.Values.secrets.name }}
namespace: {{ $.Values.scoopnamespace | default .Release.Namespace }}
type: Opaque
{{- if $.Values.secrets.data }}
data:
{{ toYaml $.Values.secrets.data | indent 2 }}
{{- end }}
{{- end }}

24 changes: 24 additions & 0 deletions charts/scoop/templates/service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
apiVersion: v1
kind: Service
metadata:
name: scoop-service
labels:
app: scoop-chart
{{- if $.Values.labels }}
{{ toYaml .Values.labels | indent 2 }}
{{- end }}
namespace: {{ $.Values.scoopnamespace | default .Release.Namespace }}
spec:
{{- with $.Values.service.type }}
type: {{ $.Values.service.type }}
{{- end }}
ports:
{{- with $.Values.service.port }}
- port: {{ $.Values.service.port }}
{{- end }}
targetPort: 8080
protocol: TCP
name: app
selector:
app: scoop-chart

10 changes: 10 additions & 0 deletions charts/scoop/templates/serviceaccount.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: scoop-sa
namespace: {{ $.Values.scoopnamespace | default .Release.Namespace }}





78 changes: 78 additions & 0 deletions charts/scoop/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

scoopnamespace: "monitoring"
# namespace where all the resource will be present
service:
type: ClusterIP
port: 80

scoop:
replicacount: 1
imagePullSecrets: devtron-image-pull
imagename: ""


env:
- name: X-PASS-KEY
value: "random-string"
- name: PASS_KEY
value: "random-string"
# X_PASS_KEY and PASS_KEY (should be same) is used for authentication
- name: RETENTION
value: "10080"
# period till which cache will be stored

# id of the cluster where scoop needs to get implemented
- name: CLUSTER_ID
value: "40"

# url to which scoop sends the metrics
- name: ORCHESTRATOR_URL
value: ""

#token of the orchestrator url
- name: TOKEN
value: ""
# sotring the cache of specified namespaces. If you do not specify it, by default, it will store the cache of all the namespaces.
# - name: CACHED_NAMESPACES
# value: monitoring


# Set enable to false, if you don't want to pass any configMapSecret
ConfigMap:
name: scoop-config
enabled: true
data: []
#: "key1value-1"
#key2: "keyvalue2"


# Set enable to false if you don't want to pass the values of secret.yaml from SecretRef
secrets:
name: scoop-secret
enabled: true
data: []


volumes:
# - name: log-volume
# emptyDir: {}


volumeMounts: []
# - name: log-volume
# mountPath: /var/log

resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
#limits:
#cpu: 1
#memory: 200Mi
#requests:
#cpu: 0.10
#memory: 100Mi