blob: 706fcceb4378ca3b6785e0c87d0a34da420faeca [file] [log] [blame]
badhri854c028b32021-11-03 18:24:05 -05001{{- /*
2
3# Copyright 2020-present Open Networking Foundation
4#
5# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
6
7*/ -}}
8
9{{/*
10Renders a set of standardised labels
11*/}}
12{{- define "omec-sub-provision.metadata_labels" -}}
13{{- $application := index . 0 -}}
14{{- $context := index . 1 -}}
15release: {{ $context.Release.Name }}
16app: {{ $application }}
17{{- end -}}
18
19{{/*
20Render the given template.
21*/}}
22{{- define "omec-sub-provision.template" -}}
23{{- $name := index . 0 -}}
24{{- $context := index . 1 -}}
25{{- $last := base $context.Template.Name }}
26{{- $wtf := $context.Template.Name | replace $last $name -}}
27{{ include $wtf $context }}
28{{- end -}}
29
30{{/*
31Render ServiceAccount, Role, and RoleBinding required for kubernetes-entrypoint.
32*/}}
33{{- define "omec-sub-provision.service_account" -}}
34{{- $context := index . 1 -}}
35{{- $saName := index . 0 -}}
36{{- $saNamespace := $context.Release.Namespace }}
37---
38apiVersion: v1
39kind: ServiceAccount
40metadata:
41 name: {{ $saName }}
42 namespace: {{ $saNamespace }}
43 labels:
44{{ tuple $saName $context | include "omec-sub-provision.metadata_labels" | indent 4 }}
45---
46{{- if semverCompare ">=1.16-0" $context.Capabilities.KubeVersion.GitVersion }}
47apiVersion: rbac.authorization.k8s.io/v1
48{{- else }}
49apiVersion: rbac.authorization.k8s.io/v1beta1
50{{- end }}
51kind: RoleBinding
52metadata:
53 name: {{ $saName }}
54 namespace: {{ $saNamespace }}
55 labels:
56{{ tuple $saName $context | include "omec-sub-provision.metadata_labels" | indent 4 }}
57roleRef:
58 apiGroup: rbac.authorization.k8s.io
59 kind: Role
60 name: {{ $saName }}
61subjects:
62 - kind: ServiceAccount
63 name: {{ $saName }}
64 namespace: {{ $saNamespace }}
65---
66{{- if semverCompare ">=1.16-0" $context.Capabilities.KubeVersion.GitVersion }}
67apiVersion: rbac.authorization.k8s.io/v1
68{{- else }}
69apiVersion: rbac.authorization.k8s.io/v1beta1
70{{- end }}
71kind: Role
72metadata:
73 name: {{ $saName }}
74 namespace: {{ $saNamespace }}
75 labels:
76{{ tuple $saName $context | include "omec-sub-provision.metadata_labels" | indent 4 }}
77rules:
78 - apiGroups:
79 - ""
80 - extensions
81 - batch
82 - apps
83 verbs:
84 - get
85 - list
86 - patch
87 resources:
88 - statefulsets
89 - daemonsets
90 - jobs
91 - pods
92 - services
93 - endpoints
94 - configmaps
95{{- end -}}
96
97{{/*
98Render init container for coredump.
99*/}}
100{{- define "omec-sub-provision.coredump_init" -}}
101{{- $pod := index . 0 -}}
102{{- $context := index . 1 -}}
103- name: {{ $pod }}-coredump-init
104 image: {{ $context.Values.images.tags.init | quote }}
105 imagePullPolicy: {{ $context.Values.images.pullPolicy }}
106 securityContext:
107 privileged: true
108 runAsUser: 0
109 command: ["bash", "-xc"]
110 args:
111 - echo '/tmp/coredump/core.%h.%e.%t' > /mnt/host-rootfs/proc/sys/kernel/core_pattern
112 volumeMounts:
113 - name: host-rootfs
114 mountPath: /mnt/host-rootfs
115{{- end -}}