Merge branch 'master' into feat/ingress-labels

.github/workflows/lint-test.yaml

@@ -37,7 +37,7 @@ jobs:
         run: ct lint --config ct.yaml
 
       - name: Create kind cluster
-        uses: helm/kind-action@v1.10.0
+        uses: helm/kind-action@v1.11.0
         if: steps.list-changed.outputs.changed == 'true'
 
       - name: Run chart-testing (install)

README.md

@@ -83,6 +83,7 @@ and their default values.
 
 | Parameter                          | Description                                                                      | Default                        |
 | ---------------------------------- | -------------------------------------------------------------------------------- | ------------------------------ |
+| `type`                             | The type of resource to create. Either `deployment` or `statefulset`. Note: Statefulset is primarly useful when Verdaccio is being used as an edge cache | `deployment` |
 | `annotations`                      | Annotations to set on the deployment                                             | `{}`                           |
 | `affinity`                         | Affinity for pod assignment                                                      | `{}`                           |
 | `existingConfigMap`                | Name of custom ConfigMap to use                                                  | `false`                        |
@@ -95,7 +96,7 @@ and their default values.
 | `persistence.accessMode`           | PVC Access Mode for Verdaccio volume                                             | `ReadWriteOnce`                |
 | `persistence.annotations`          | Annotations to add to the PVC                                                    | `{}`                           |
 | `persistence.enabled`              | Enable persistence using PVC                                                     | `true`                         |
-| `persistence.existingClaim`        | Use existing PVC                                                                 | `nil`                          |
+| `persistence.existingClaim`        | Use existing PVC. Ignored when `type` is `statefuleset`                                                                | `nil`                          |
 | `persistence.mounts`               | Additional mounts                                                                | `nil`                          |
 | `persistence.resourcePolicy`       | Set "keep" to avoid removing PVC during a helm delete operation                  | `""`                           |
 | `persistence.selector`             | Selector to match an existing Persistent Volume                                  | `{}` (evaluated as a template) |
@@ -225,7 +226,7 @@ $ helm install npm \
 
 Due to some breaking changes in Selector Labels and Security Contexts in Chart `3.0.0` you will need to migrate when upgrading.
 
-First off, the `securityContext.enabled` field has been removed.  
+First off, the `securityContext.enabled` field has been removed.
 In addition to this, `fsGroup` is not a valid Container Security Context field and has been migrated to the `podSecurityContext` instead.
 
 ```diff
@@ -238,8 +239,8 @@ podSecurityContext:
    runAsUser: 10001
 ```
 
-Secondly, the `apps.v1.Deployment.spec.selector` field is immutable and changes were made to Selector Labels which tries to update this.  
-To get around this, you will need to `kubectl delete deployment $deploymentName` before doing a `helm upgrade`  
+Secondly, the `apps.v1.Deployment.spec.selector` field is immutable and changes were made to Selector Labels which tries to update this.
+To get around this, you will need to `kubectl delete deployment $deploymentName` before doing a `helm upgrade`
 So long as your PVC is not destroyed, the new deployment will be rolled out with the same PVC as before and your data will remain intact.
 
 ### Migrating chart 3.x -> 4.x

charts/verdaccio/templates/deployment.yaml

@@ -1,3 +1,4 @@
+{{- if eq .Values.type "deployment" }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -180,3 +181,4 @@ spec:
       topologySpreadConstraints:
         {{- toYaml .Values.topologySpreadConstraints | nindent 8 }}
     {{- end }}
+{{- end -}}

charts/verdaccio/templates/pvc.yaml

@@ -1,4 +1,4 @@
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+{{- if and (eq .Values.type "deployment") (and .Values.persistence.enabled (not .Values.persistence.existingClaim)) -}}
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:

charts/verdaccio/templates/statefulset.yaml

@@ -0,0 +1,187 @@
+{{- if eq .Values.type "statefulset" -}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: {{ template "verdaccio.fullname" . }}
+  labels:
+    {{- include "verdaccio.labels" . | nindent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  serviceName: {{ template "verdaccio.fullname" . }}
+  {{- if .Values.replicaCountEnabled }}
+  replicas: {{ .Values.replicaCount }}
+  {{- else }}
+  replicas: 1
+  {{- end}}
+  selector:
+    matchLabels:
+      {{- include "verdaccio.selectorLabels" . | nindent 6 }}
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+        checksum/htpasswd-secret: {{ toJson .Values.secrets.htpasswd | sha256sum }}
+        {{- if .Values.secretEnvVars }}
+        checksum/env-secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
+        {{- end }}
+        {{- if .Values.cachingNginx.enabled }}
+        checksum/config-nginx: {{ include (print $.Template.BasePath "/configmap-nginx.yaml") . | sha256sum }}
+        {{- end }}
+        {{- include "verdaccio.podAnnotations" . | nindent 8 }}
+      labels:
+        {{- include "verdaccio.podLabels" . | nindent 8 }}
+    spec:
+      serviceAccountName: {{ include "verdaccio.serviceAccountName" . }}
+      {{- include "verdaccio.imagePullSecrets" . | nindent 6 }}
+      {{- with .Values.podSecurityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.extraInitContainers }}
+      initContainers:
+        {{- include "tplvalues.render" (dict "value" . "context" $) | nindent 8 }}
+      {{- end }}
+      containers:
+        {{- if .Values.cachingNginx.enabled }}
+        - name: {{ template "verdaccio.name" . }}-nginx
+          imagePullPolicy: {{ .Values.cachingNginx.pullPolicy }}
+          image: {{ .Values.cachingNginx.repository }}:{{ .Values.cachingNginx.tag }}
+          volumeMounts:
+            - name: config-volume
+              mountPath: /etc/nginx/nginx.conf
+              subPath: nginx.conf
+            - name: config-volume
+              mountPath: /etc/nginx/conf.d/default.conf
+              subPath: default.conf
+          resources:
+            {{ toYaml .Values.cachingNginx.resources | nindent 12 }}
+          ports:
+            - containerPort: 80
+              name: caching-nginx
+        {{- end }}
+        - name: {{ template "verdaccio.name" . }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          {{- if or .Values.secretEnvVars .Values.existingSecret }}
+          envFrom:
+            {{- if .Values.secretEnvVars }}
+            - secretRef:
+                name: {{ template "verdaccio.fullname" . }}-env
+            {{- end }}
+            {{- if .Values.existingSecret }}
+            - secretRef:
+                name: {{ .Values.existingSecret }}
+            {{- end }}
+          {{- end }}
+          ports:
+            - containerPort: 4873
+              name: http
+            {{- range .Values.extraPorts }}
+            - containerPort: {{ .port }}
+              name: {{ .targetPort }}
+            {{- end }}
+          livenessProbe:
+            httpGet:
+              path: /-/ping
+              port: http
+            {{- with .Values.livenessProbe }}
+            initialDelaySeconds: {{ .initialDelaySeconds | default 5 }}
+            periodSeconds: {{ .periodSeconds | default 10 }}
+            timeoutSeconds: {{ .timeoutSeconds | default 1 }}
+            successThreshold: {{ .successThreshold | default 1 }}
+            failureThreshold: {{ .failureThreshold | default 3 }}
+            {{- end }}
+          readinessProbe:
+            httpGet:
+              path: /-/ping
+              port: http
+            {{- with .Values.readinessProbe }}
+            initialDelaySeconds: {{ .initialDelaySeconds | default 5 }}
+            periodSeconds: {{ .periodSeconds | default 10 }}
+            timeoutSeconds: {{ .timeoutSeconds | default 1 }}
+            successThreshold: {{ .successThreshold | default 1 }}
+            failureThreshold: {{ .failureThreshold | default 3 }}
+            {{- end }}
+          {{- with .Values.securityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            {{- with .Values.persistence.mounts }}
+            {{- include "tplvalues.render" (dict "value" . "context" $) | nindent 12 }}
+            {{- end }}
+            - mountPath: /verdaccio/storage
+              name: storage
+              readOnly: false
+            {{- if .Values.secrets.htpasswd }}
+            - mountPath: /verdaccio/storage/htpasswd
+              name: htpasswd
+              subPath: htpasswd
+              readOnly: true
+            {{- end }}
+            - mountPath: /verdaccio/conf
+              name: config
+              readOnly: true
+          {{- with .Values.extraEnvVars }}
+          env:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      volumes:
+      - name: config
+        configMap:
+          name: {{ .Values.existingConfigMap | default (include "verdaccio.fullname" .) }}
+      {{- if .Values.secrets.htpasswd }}
+      - name: htpasswd
+        secret:
+          secretName: {{ include "verdaccio.fullname" . }}-htpasswd
+      {{- end }}
+      {{- if .Values.cachingNginx.enabled }}
+      - name: config-volume
+        configMap:
+          name: {{ include "verdaccio.fullname" . }}-nginx-config
+      {{- end }}
+      {{- with .Values.persistence.volumes }}
+      {{- include "tplvalues.render" (dict "value" . "context" $) | nindent 6 }}
+      {{- end }}
+    {{- if .Values.affinity }}
+      affinity:
+        {{- toYaml .Values.affinity | nindent 8 }}
+    {{- end }}
+    {{- if .Values.nodeSelector }}
+      nodeSelector:
+      {{- toYaml .Values.nodeSelector | nindent 8 }}
+    {{- end }}
+    {{- if .Values.tolerations }}
+      tolerations:
+      {{- toYaml .Values.tolerations | nindent 8 }}
+    {{- end }}
+    {{- if .Values.priorityClass.enabled }}
+      priorityClassName: {{ .Values.priorityClass.name }}
+    {{- end }}
+    {{- if .Values.topologySpreadConstraints }}
+      topologySpreadConstraints:
+        {{- toYaml .Values.topologySpreadConstraints | nindent 8 }}
+    {{- end }}
+  volumeClaimTemplates:
+  - metadata:
+      name: storage
+    spec:
+      accessModes: [ {{ .Values.persistence.accessMode | quote }} ]
+      {{- if (eq "-" .Values.persistence.storageClass) }}
+      storageClassName: ""
+      {{- else }}
+      storageClassName: "{{ .Values.persistence.storageClass }}"
+      {{- end }}
+      resources:
+        requests:
+          storage: {{ .Values.persistence.size | quote }}
+{{- end -}}

charts/verdaccio/values.yaml

@@ -5,6 +5,8 @@ image:
   pullSecrets: []
     # - dockerhub-secret
 
+type: deployment
+
 nameOverride: ""
 fullnameOverride: ""