Coder: Helm chart and configuration
Change-Id: I43515c289001bf1407aee1f9734151a261a7808a
diff --git a/charts/coder/templates/NOTES.txt b/charts/coder/templates/NOTES.txt
new file mode 100644
index 0000000..18fc33c
--- /dev/null
+++ b/charts/coder/templates/NOTES.txt
@@ -0,0 +1,6 @@
+{{/*
+Deprecation notices:
+*/}}
+
+Enjoy Coder! Please create an issue at https://github.com/coder/coder if you run
+into any problems! :)
diff --git a/charts/coder/templates/_coder.tpl b/charts/coder/templates/_coder.tpl
new file mode 100644
index 0000000..d0846ec
--- /dev/null
+++ b/charts/coder/templates/_coder.tpl
@@ -0,0 +1,108 @@
+{{/*
+Service account to merge into the libcoder template
+*/}}
+{{- define "coder.serviceaccount" -}}
+{{- end -}}
+
+{{/*
+Deployment to merge into the libcoder template
+*/}}
+{{- define "coder.deployment" -}}
+spec:
+ template:
+ spec:
+ containers:
+ -
+{{ include "libcoder.containerspec" (list . "coder.containerspec") | indent 8}}
+
+{{- end -}}
+
+{{/*
+ContainerSpec for the Coder container of the Coder deployment
+*/}}
+{{- define "coder.containerspec" -}}
+args:
+{{- if .Values.coder.commandArgs }}
+ {{- toYaml .Values.coder.commandArgs | nindent 12 }}
+{{- else }}
+ {{- if .Values.coder.workspaceProxy }}
+- wsproxy
+ {{- end }}
+- server
+{{- end }}
+{{- if .Values.coder.envFrom }}
+envFrom:
+{{- with .Values.coder.envFrom }}
+{{ toYaml . }}
+{{- end }}
+{{- end }}
+env:
+- name: CODER_HTTP_ADDRESS
+ value: "0.0.0.0:8080"
+- name: CODER_PROMETHEUS_ADDRESS
+ value: "0.0.0.0:2112"
+{{- if .Values.provisionerDaemon.pskSecretName }}
+- name: CODER_PROVISIONER_DAEMON_PSK
+ valueFrom:
+ secretKeyRef:
+ name: {{ .Values.provisionerDaemon.pskSecretName | quote }}
+ key: psk
+{{- end }}
+ # Set the default access URL so a `helm apply` works by default.
+ # See: https://github.com/coder/coder/issues/5024
+{{- $hasAccessURL := false }}
+{{- range .Values.coder.env }}
+{{- if eq .name "CODER_ACCESS_URL" }}
+{{- $hasAccessURL = true }}
+{{- end }}
+{{- end }}
+{{- if and (not $hasAccessURL) .Values.coder.envUseClusterAccessURL }}
+- name: CODER_ACCESS_URL
+ value: {{ include "coder.defaultAccessURL" . | quote }}
+{{- end }}
+# Used for inter-pod communication with high-availability.
+- name: KUBE_POD_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+- name: CODER_DERP_SERVER_RELAY_URL
+ value: "http://$(KUBE_POD_IP):8080"
+{{- include "coder.tlsEnv" . }}
+{{- with .Values.coder.env }}
+{{ toYaml . }}
+{{- end }}
+ports:
+- name: "http"
+ containerPort: 8080
+ protocol: TCP
+ {{- if eq (include "coder.tlsEnabled" .) "true" }}
+- name: "https"
+ containerPort: 8443
+ protocol: TCP
+ {{- end }}
+ {{- range .Values.coder.env }}
+ {{- if eq .name "CODER_PROMETHEUS_ENABLE" }}
+ {{/*
+ This sadly has to be nested to avoid evaluating the second part
+ of the condition too early and potentially getting type errors if
+ the value is not a string (like a `valueFrom`). We do not support
+ `valueFrom` for this env var specifically.
+ */}}
+ {{- if eq .value "true" }}
+- name: "prometheus-http"
+ containerPort: 2112
+ protocol: TCP
+ {{- end }}
+ {{- end }}
+ {{- end }}
+readinessProbe:
+ httpGet:
+ path: /healthz
+ port: "http"
+ scheme: "HTTP"
+livenessProbe:
+ httpGet:
+ path: /healthz
+ port: "http"
+ scheme: "HTTP"
+{{- end }}
diff --git a/charts/coder/templates/coder.yaml b/charts/coder/templates/coder.yaml
new file mode 100644
index 0000000..65eaac0
--- /dev/null
+++ b/charts/coder/templates/coder.yaml
@@ -0,0 +1,5 @@
+---
+{{ include "libcoder.serviceaccount" (list . "coder.serviceaccount") }}
+
+---
+{{ include "libcoder.deployment" (list . "coder.deployment") }}
diff --git a/charts/coder/templates/extra-templates.yaml b/charts/coder/templates/extra-templates.yaml
new file mode 100644
index 0000000..e047658
--- /dev/null
+++ b/charts/coder/templates/extra-templates.yaml
@@ -0,0 +1,4 @@
+{{- range .Values.extraTemplates }}
+---
+{{ include "coder.renderTemplate" (dict "value" . "context" $) }}
+{{- end }}
diff --git a/charts/coder/templates/ingress.yaml b/charts/coder/templates/ingress.yaml
new file mode 100644
index 0000000..7dd2a13
--- /dev/null
+++ b/charts/coder/templates/ingress.yaml
@@ -0,0 +1,54 @@
+
+{{- if .Values.coder.ingress.enable }}
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: coder
+ labels:
+ {{- include "coder.labels" . | nindent 4 }}
+ annotations:
+ {{- toYaml .Values.coder.ingress.annotations | nindent 4 }}
+spec:
+ {{- if .Values.coder.ingress.className }}
+ {{/* If this is set to an empty string it fails validation on K8s */}}
+ ingressClassName: {{ .Values.coder.ingress.className | quote }}
+ {{- end }}
+
+ rules:
+ - host: {{ .Values.coder.ingress.host | quote }}
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: coder
+ port:
+ name: "http"
+
+ {{- if .Values.coder.ingress.wildcardHost }}
+ - host: {{ include "coder.ingressWildcardHost" . | quote }}
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: coder
+ port:
+ name: "http"
+ {{- end }}
+
+ {{- if .Values.coder.ingress.tls.enable }}
+ tls:
+ - hosts:
+ - {{ .Values.coder.ingress.host | quote }}
+ secretName: {{ .Values.coder.ingress.tls.secretName | quote}}
+ {{- if .Values.coder.ingress.tls.wildcardSecretName }}
+ - hosts:
+ - {{ include "coder.ingressWildcardHost" . | quote }}
+ secretName: {{ .Values.coder.ingress.tls.wildcardSecretName | quote}}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/coder/templates/rbac.yaml b/charts/coder/templates/rbac.yaml
new file mode 100644
index 0000000..07fb36d
--- /dev/null
+++ b/charts/coder/templates/rbac.yaml
@@ -0,0 +1 @@
+{{ include "libcoder.rbac.tpl" . }}
diff --git a/charts/coder/templates/service.yaml b/charts/coder/templates/service.yaml
new file mode 100644
index 0000000..1881f99
--- /dev/null
+++ b/charts/coder/templates/service.yaml
@@ -0,0 +1,41 @@
+{{- if .Values.coder.service.enable }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: coder
+ labels:
+ {{- include "coder.labels" . | nindent 4 }}
+ annotations:
+ {{- toYaml .Values.coder.service.annotations | nindent 4 }}
+spec:
+ type: {{ .Values.coder.service.type }}
+ sessionAffinity: {{ .Values.coder.service.sessionAffinity }}
+ ports:
+ - name: "http"
+ port: 80
+ targetPort: "http"
+ protocol: TCP
+ {{ if eq .Values.coder.service.type "NodePort" }}
+ nodePort: {{ .Values.coder.service.httpNodePort }}
+ {{ end }}
+ {{- if eq (include "coder.tlsEnabled" .) "true" }}
+ - name: "https"
+ port: 443
+ targetPort: "https"
+ protocol: TCP
+ {{ if eq .Values.coder.service.type "NodePort" }}
+ nodePort: {{ .Values.coder.service.httpsNodePort }}
+ {{ end }}
+ {{- end }}
+ {{- if eq "LoadBalancer" .Values.coder.service.type }}
+ {{- with .Values.coder.service.loadBalancerIP }}
+ loadBalancerIP: {{ . | quote }}
+ {{- end }}
+ {{- with .Values.coder.service.externalTrafficPolicy }}
+ externalTrafficPolicy: {{ . | quote }}
+ {{- end }}
+ {{- end }}
+ selector:
+ {{- include "coder.selectorLabels" . | nindent 4 }}
+{{- end }}