From dd82ac3ec974187ff2f4a6ad7f9063f0cfc1192c Mon Sep 17 00:00:00 2001 From: Chris Date: Tue, 7 Apr 2020 20:04:08 +0200 Subject: [PATCH 1/2] Migrate to helm-docs --- .ci/helm-docs.sh | 12 +++++++++++ .github/workflows/test.yml | 8 +++++++ znapzend/Chart.yaml | 2 +- znapzend/values.yaml | 44 +++++++++++++++++++++++++++++--------- 4 files changed, 55 insertions(+), 11 deletions(-) create mode 100755 .ci/helm-docs.sh diff --git a/.ci/helm-docs.sh b/.ci/helm-docs.sh new file mode 100755 index 0000000..40bbc5e --- /dev/null +++ b/.ci/helm-docs.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -euo pipefail + +HELM_DOCS_VERSION="0.11.1" + +# install helm-docs +curl --silent --show-error --fail --location --output /tmp/helm-docs.tar.gz https://github.com/norwoodj/helm-docs/releases/download/v"${HELM_DOCS_VERSION}"/helm-docs_"${HELM_DOCS_VERSION}"_Linux_x86_64.tar.gz +tar -xf /tmp/helm-docs.tar.gz helm-docs + +# validate docs +./helm-docs +git diff --exit-code diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9769cd5..efe7faf 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -30,3 +30,11 @@ jobs: - name: Run Chart unit tests run: | find . -type f -name go.mod | xargs -I % bash -c 'cd "$(dirname %)" && go test ./...' + + docs: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v1 + - name: Check if documentation is on par with Chart changes + run: .ci/helm-docs.sh diff --git a/znapzend/Chart.yaml b/znapzend/Chart.yaml index f54a159..be5ab3c 100644 --- a/znapzend/Chart.yaml +++ b/znapzend/Chart.yaml @@ -14,7 +14,7 @@ description: Znapzend Helm Chart for automated ZFS snapshot & replication # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 0.3.1 +version: 0.3.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. diff --git a/znapzend/values.yaml b/znapzend/values.yaml index 34da8e9..540b52d 100644 --- a/znapzend/values.yaml +++ b/znapzend/values.yaml @@ -1,82 +1,106 @@ # Default values for znapzend. +# replicaCount -- Only increase if you have multiple Nodes with AntiAffinity, +# otherwise it does not make sense to run > 1 replicas on the same node replicaCount: 1 image: + # image.repository -- Znapzend image repository repository: docker.io/oetiker/znapzend + # image.tag -- Znapzend image tag (version) tag: master + # image.pullPolicy -- pullPolicy: IfNotPresent +# imagePullSecrets -- List of image pull secrets if you use a privately hosted image imagePullSecrets: [] nameOverride: "" fullnameOverride: "" podSecurityContext: {} - # fsGroup: 2000 +# securityContext -- The current image requires to run privileged in order to access ZFS securityContext: - # The current image requires to run privileged in order to access ZFS allowPrivilegeEscalation: true privileged: true resources: {} serviceAccount: - # Specifies whether a service account should be created + # serviceAccount.create -- Specifies whether a service account should be created create: true - # Annotations to add to the service account + # serviceAccount.annotations -- Annotations to add to the service account annotations: {} # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template + # serviceAccount.name -- If not set and create is true, a name is generated using the fullname template name: +# env -- A dict with KEY: VALUE pairs env: {} host: + # host.zfsDevice -- The device on the host which is used by the 'zfs' binary within the container zfsDevice: /dev/zfs ssh: + # ssh.path -- Path where your SSH config and identities get mounted in the container path: /root/.ssh + # ssh.config -- ssh_config(5)-compatible file content to configure SSH options when connecting + config: # config: | # Host my-host # IdentityFile ~/.ssh/my-id # User myuser -# externalSecretName: my-own-ssh-secret + # ssh.externalSecretName -- Set this value if you provide your own secret with SSH config + externalSecretName: + # ssh.identities -- Provide a private key for each SSH identity, see values.yaml for an example identities: {} # id_ed25519: | # -----BEGIN OPENSSH PRIVATE KEY----- # ... # -----END OPENSSH PRIVATE KEY----- -# knownHosts: + # ssh.knownHosts -- List of {host, pubKey} dicts where the public key of each host is configured + knownHosts: # - host: my-host # pubKey: ssh-ed25519 AAAAC3NzaC... metrics: + # metrics.enabled -- Enable the znapzend metrics exporter for Prometheus enabled: true jobs: + # metrics.jobs.register -- String list of datasets that should be registered right at startup register: [] + # metrics.env -- A dict with KEY: VALUE pairs as environment variables for the exporter env: {} image: + # metrics.image.repository -- Exporter image repository repository: docker.io/braindoctor/znapzend-exporter + # metrics.image.tag -- Exporter image tag tag: v0.1.0 pullPolicy: IfNotPresent - imagePullSecrets: [] service: + # metrics.service.enabled -- Whether to enable a Service object for metrics endpoint + # if metrics.enabled is true enabled: true type: ClusterIP + # metrics.service.port -- Port on which the service is reachable port: 8080 -# nodePort: 30090 + # metrics.service.nodePort -- NodePort if service type is not ClusterIP + nodePort: 0 ingress: + # metrics.ingress.enabled -- Useful if your Prometheus is outside of the cluster enabled: false annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" + # metrics.ingress.hosts -- See Kubernetes Docs for a guide to setup Ingress hosts hosts: - - host: chart-example.local + - host: paths: [] + # metrics.ingress.hosts -- See Kubernetes Docs for a guide to setup TLS on Ingress tls: [] # - secretName: chart-example-tls # hosts: From 2058e2729c726a3fa2e9923d9862c291a95edd28 Mon Sep 17 00:00:00 2001 From: Chris Date: Tue, 7 Apr 2020 20:05:13 +0200 Subject: [PATCH 2/2] [znapzend] Generate documentation from helm-docs --- znapzend/README.md | 114 +++++++++++++++++++++------------------------ 1 file changed, 52 insertions(+), 62 deletions(-) diff --git a/znapzend/README.md b/znapzend/README.md index ed993cb..6e143d8 100644 --- a/znapzend/README.md +++ b/znapzend/README.md @@ -1,62 +1,52 @@ -# Znapzend Chart - -[Znapzend](https://github.com/oetiker/znapzend) - zfs backup with remote capabilities and mbuffer integration. http://www.znapzend.org - -[Znapzend Exporter](https://github.com/ccremer/znapzend-exporter) - a Znapzend exporter for Prometheus - -## TL;DR; - -```console -helm install ccremer/znapzend -``` - -> **Important**: By default, znapzend runs as a privileged container in order to access ZFS. - -## Configuration - -The following table lists the configurable chart specific parameters. For default values consult `values.yaml`. - -| Parameter | Description | -| --- | --- | -| `host.zfsDevice` | Path of the ZFS device on the host (bind-mounted to container) | -| `ssh.path` | Path where the SSH files are being mounted | -| `ssh.config` | Specify the contents of the `ssh_config(5)` config file | -| `ssh.identities` | List all private keys to access remote SSH server for znapzend targets | -| `ssh.knownHosts` | List of known_hosts entries | -| `ssh.knownHosts[].host` | Hostname of the known Host | -| `ssh.knownHosts[].pubKey` | Public Key of the known Host (e.g. `ssh-rsa AA...`) | -| `ssh.externalSecretName` | Specify the name of the existing secret with the private keys, makes `ssh.knownHosts`, `ssh.config` and `ssh.identities` ineffective | -| `metrics.enabled` | If the znapzend-exporter should be enabled | -| `metrics.jobs.register[]` | List of ZFS datasets that are expected in the metrics | -| `metrics.env` | Additional environment Variables for znapzend-exporter | -| `metrics.service.enabled` | Whether the metrics service is enabled for Prometheus scrapes | - -There are far more parameters, including common ones (`image.tag`, etc.) - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, - -```console -helm install --name my-release -f values.yaml ccremer/znapzend -``` - -> **Tip**: You can use the default [values.yaml](values.yaml) - -## Testing - -### Template testing - -This chart uses some Go code to test the generated templates against the -Kubernetes client API. With this we are more flexible than `helm lint`, as -linting would not catch errors such as: "If we are in clustered mode, we expect -an init container, otherwise not". The test code would also catch typos in a -limited manner (e.g. if `initContainer` is spelled `initcontainer`, it will -generate an error). - -```console -cd znapzend -helm dep build -cd test -go test ./... -``` +znapzend +======== +Znapzend Helm Chart for automated ZFS snapshot & replication + +Current chart version is `0.3.2` + + + + + +## Chart Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| env | object | `{}` | A dict with KEY: VALUE pairs | +| fullnameOverride | string | `""` | | +| host.zfsDevice | string | `"/dev/zfs"` | The device on the host which is used by the 'zfs' binary within the container | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"docker.io/oetiker/znapzend"` | Znapzend image repository | +| image.tag | string | `"master"` | Znapzend image tag (version) | +| imagePullSecrets | list | `[]` | List of image pull secrets if you use a privately hosted image | +| metrics.enabled | bool | `true` | Enable the znapzend metrics exporter for Prometheus | +| metrics.env | object | `{}` | A dict with KEY: VALUE pairs as environment variables for the exporter | +| metrics.image.pullPolicy | string | `"IfNotPresent"` | | +| metrics.image.repository | string | `"docker.io/braindoctor/znapzend-exporter"` | Exporter image repository | +| metrics.image.tag | string | `"v0.1.0"` | Exporter image tag | +| metrics.ingress.annotations | object | `{}` | | +| metrics.ingress.enabled | bool | `false` | Useful if your Prometheus is outside of the cluster | +| metrics.ingress.hosts | list | `[{"host":null,"paths":[]}]` | See Kubernetes Docs for a guide to setup TLS on Ingress | +| metrics.ingress.tls | list | `[]` | | +| metrics.jobs.register | list | `[]` | String list of datasets that should be registered right at startup | +| metrics.resources | object | `{}` | | +| metrics.service.enabled | bool | `true` | Whether to enable a Service object for metrics endpoint if metrics.enabled is true | +| metrics.service.nodePort | int | `0` | NodePort if service type is not ClusterIP | +| metrics.service.port | int | `8080` | Port on which the service is reachable | +| metrics.service.type | string | `"ClusterIP"` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | Only increase if you have multiple Nodes with AntiAffinity, otherwise it does not make sense to run > 1 replicas on the same node | +| resources | object | `{}` | | +| securityContext | object | `{"allowPrivilegeEscalation":true,"privileged":true}` | The current image requires to run privileged in order to access ZFS | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `nil` | If not set and create is true, a name is generated using the fullname template | +| ssh.config | string | `nil` | ssh_config(5)-compatible file content to configure SSH options when connecting | +| ssh.externalSecretName | string | `nil` | Set this value if you provide your own secret with SSH config | +| ssh.identities | object | `{}` | Provide a private key for each SSH identity, see values.yaml for an example | +| ssh.knownHosts | string | `nil` | List of {host, pubKey} dicts where the public key of each host is configured | +| ssh.path | string | `"/root/.ssh"` | Path where your SSH config and identities get mounted in the container | +| tolerations | list | `[]` | |