rancher/osbuilder
1
0
Fork 0
mirror of https://github.com/kairos-io/osbuilder.git synced 2025-09-18 16:34:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

add osartifact helm chart

Browse Source
This commit is contained in:
Sebastian Florek
2025-01-17 16:50:51 +01:00
parent 66dca00b4d
commit 346f78ccea
6 changed files with 279 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
.github/workflows/osartifact-chart.yml vendored Normal file
View File

@@ -0,0 +1,31 @@
name: Publish OS Artifact Chart
on:
push:
paths:
- charts/osartifact
branches:
- master
jobs:
publish:
name: Publish Helm Chart
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Run chart-releaser
id: release
uses: helm/chart-releaser-action@v1.5.0
with:
config: "./.github/configs/cr.yaml"
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

5
charts/osartifact/Chart.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: v2
name: osartifact
description: A Helm chart for OSArtifact CRD deployment
type: application
version: 0.1.0

62
charts/osartifact/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "osartifact.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "osartifact.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "osartifact.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "osartifact.labels" -}}
helm.sh/chart: {{ include "osartifact.chart" . }}
{{ include "osartifact.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "osartifact.selectorLabels" -}}
app.kubernetes.io/name: {{ include "osartifact.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "osartifact.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "osartifact.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

42
charts/osartifact/templates/osartifact.yaml Normal file
View File

@@ -0,0 +1,42 @@
apiVersion: build.kairos.io/v1alpha2
kind: OSArtifact
metadata:
name: '{{ include "osartifact.fullname" . }}'
spec:
imageName: {{ .Values.image }}
iso: true
{{- if .Values.device }}
model: {{ .Values.device }}
{{- end }}
fileBundles:
{{- range $key, $value := .Values.defaultBundles }}
{{ $key }}: {{ $value }}
{{- end }}
{{- range $key, $value := .Values.bundles }}
{{ $key }}: {{ $value }}
{{- end }}
{{- range $key, $value := .Values.extraBundles }}
{{ $key }}: {{ $value }}
{{- end }}
cloudConfigRef:
name: '{{ include "osartifact.fullname" . }}-cloud-config'
key: 'cloud-config.yaml'
exporters:
- template:
spec:
restartPolicy: Never
containers:
- name: upload
image: quay.io/curl/curl
command:
- /bin/sh
args:
- -c
- |
for f in $(ls /artifacts)
do
curl -T /artifacts/$f http://osartifactbuilder-operator-osbuilder-nginx/upload/$f
done
volumeMounts:
- name: artifacts
mountPath: /artifacts

76
charts/osartifact/templates/secret.yaml Normal file
View File

@@ -0,0 +1,76 @@
{{ $secret := (lookup "v1" "Secret" .Release.Namespace .Values.tokenSecret.name) }}
kind: Secret
apiVersion: v1
metadata:
name: '{{ include "osartifact.fullname" . }}-cloud-config'
stringData:
cloud-config.yaml: |
#cloud-config
hostname: plural-edge-{{ `{{ trunc 10 .MachineID }}` }}
users:
- name: {{ .Values.username }}
passwd: {{ .Values.password }}
{{- with .Values.defaultUser }}
groups: [
{{- range .groups -}}
{{- if eq . ($.Values.defaultUser.groups | last) -}}
"{{ . }}"
{{- else -}}
"{{ . }}",
{{- end -}}
{{- end -}}
]
{{- if .ssh_authorized_keys}}
ssh_authorized_keys:
{{- .ssh_authorized_keys | toYaml | nindent 10 }}
{{- end }}
{{- end }}
{{- if .Values.extraUserCloudConfig }}
{{- .Values.extraUserCloudConfig | toYaml | nindent 6 }}
{{- end }}
write_files:
- path: /etc/rancher/k3s/registries.yaml
permissions: "0644"
content: |
mirrors:
"*":
k3s:
enabled: true
replace_args: true
args:
- --node-name={{ .Values.nodeName }}
- --embedded-registry
- --disable=traefik,servicelb
bundles:
- targets:
- run:///plural-bundle.tar
local_file: true
{{- range $key, $value := .Values.defaultBundles }}
- targets:
- run://{{ $key }}.tar
local_file: true
{{- end }}
{{- range $key, $value := .Values.bundles }}
- targets:
- run://{{ $key }}.tar
local_file: true
{{- end }}
{{- range $key, $value := .Values.extraBundles }}
- targets:
- run://{{ $key }}.tar
local_file: true
{{- end }}
plural:
token: {{ index $secret .Values.tokenSecret.key }}
url: {{ .Values.url }}
{{- if .Values.extraUserCloudConfig }}
{{ .Values.extraCloudConfig | toYaml | nindent 4 }}
{{- end }}

63
charts/osartifact/values.yaml Normal file
View File

@@ -0,0 +1,63 @@
# Kubernetes node name
nodeName: plural-edge
# Base image used for building customized plural ISO
image: quay.io/kairos/alpine:3.19-standard-arm64-rpi4-v3.2.4-k3sv1.31.3-k3s1
# Target device. Currently supported values: rpi4
device: rpi4
# Username that will be used to access the device over SSH
username: plural
# Password for the default user that will be used to access the device over SSH
password: ~
# Optional Plural user email that will be attached to the autogenerated device bootstrap token. It will be visible in audit logs
email: ~
# Name of the Plural project that will be attached to the device bootstrap token
project: default
# Console URL that will be used by the device to join the fleet, i.e. console.plrl-xyz.onplural.sh
url: ~
tokenSecret:
# Name of the secret that holds the bootstrap token
name: ~
# Key in the secret that holds the bootstrap token
key: token
# A list of our required bundles that should be added to the result ISO image.
defaultBundles:
plural-bundle: ghcr.io/pluralsh/kairos-plural-bundle:0.1.4
# A list of our optional bundles that should be added to the result ISO image.
bundles:
plural-images-bundle: ghcr.io/pluralsh/kairos-plural-images-bundle:0.1.1
plural-trust-manager-bundle: ghcr.io/pluralsh/kairos-plural-trust-manager-bundle:0.1.0
# A list of extra bundles that should be added to the result ISO image.
extraBundles: {}
# Additional config for the default user
defaultUser:
groups:
- admin
ssh_authorized_keys: []
# Extra cloud config for the user. It allows extending user config with additional configuration.
# extraUserCloudConfig:
# - name: newuser
# passwd: somenewpasswd
extraUserCloudConfig: ~
# Extra cloud config. Examples can be found here: https://kairos.io/docs/reference/configuration/
#extraCloudConfig:
# stages:
# network:
# - name: "Setup users"
# authorized_keys:
# kairos:
# - github:myusername
extraCloudConfig: ~