kanister profile chart added

charts/kanister-profile/.helmignore

@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj

charts/kanister-profile/Chart.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+description: A helm chart to create profile custom resource for kanister
+engine: gotpl
+name: kanister-profile
+home: https://kanister.io/
+version: 0.112.0
+maintainers:
+  - email: [email protected]
+    name: tdmanv
+  - email: [email protected]
+    name: depohmel
+icon: https://kasten.io/assets/img/kanister-logo.png
+appVersion: 0.1.0
+source: https://github.com/kanisterio/kanister

charts/kanister-profile/README.md

@@ -0,0 +1,85 @@
+# Profile CustomResource
+
+Profile CustomResources (CRs) are used to provide configuration information to
+[Kanister](https://kanister.io), a framework that enables application-level data
+management on Kubernetes.
+
+## TL;DR;
+
+```bash
+# Add the Kanister helm repo
+$ helm repo add kanister https://charts.kanister.io/
+
+# Create a Profile with the default name in the kanister namespace and AWS credentials set
+$ helm install kanister/profile --namespace kanister \
+     --set defaultProfile=true \
+     --set location.type='s3Compliant' \
+     --set aws.accessKey="${AWS_ACCESS_KEY}" \
+     --set aws.secretKey="${AWS_SECRET_KEY}" \
+     --set location.bucket='my-kanister-bucket'
+
+# Create a Profile with GCP credentials set
+$ helm install kanister/profile --namespace kanister \
+     --set defaultProfile=true \
+     --set location.type='gcs' \
+     --set gcp.projectID="my-project-ID" \
+     --set-file gcp.serviceKey='path-to-json-file-containing-google-app-credentials' \
+     --set location.bucket='my-kanister-bucket'
+```
+
+## Overview
+
+This chart installs a Profile CR for [Kanister](http://kanister.io) using the
+[Helm](https://helm.sh) package manager.
+
+Profiles provide strongly-typed configuration for Kanister.  Because a Profile
+is structured, the Kanister framework is able to provide support for advanced
+features. Rather than relying on one-off implementations in Blueprints that
+consume ConfigMaps Kanister introspect and use configuration from Profiles.
+
+The schema for Profiles is specified by the CustomResourceDefinition (CRD),
+which can be found [here](https://github.com/kanisterio/kanister/blob/master/pkg/apis/cr/v1alpha1/types.go#L234).
+
+Currently Profiles can be used to configure access to object storage compatible
+with the [S3 protocol](https://docs.aws.amazon.com/AmazonS3/latest/API/Welcome.html).
+
+## Prerequisites
+
+- Kubernetes 1.7+ with Beta APIs enabled or 1.9+ without Beta APIs.
+- Kanister version 0.10.0 with `profiles.cr.kanister.io` CRD installed
+
+> **Note**: The Kanister controller will create the Profile CRD at Startup.
+
+## Configuration
+
+The following table lists the configurable PostgreSQL Kanister blueprint and
+Profile CR parameters and their default values. The Profile CR parameters are
+passed to the profile sub-chart.
+
+| Parameter        | Description                                                                                                                        | Default   |
+| ---              | ---                                                                                                                                | ---       |
+| `defaultProfile` | (Optional) Set to ``true`` to create a profile with name `default-profile`.                                                        | ``false`` |
+| `profileName`    | (Required if `! defaultProfile`) Name of the Profile CR.                                                                           | `nil`     |
+| `aws.accessKey`   | (Required if gcp creds not set) API Key for an s3 compatible object store.                                                                              | `nil`     |
+| `aws.secretKey`   | (Required if gcp creds not set) Corresponding secret for `accessKey`.                                                                                   | `nil`     |
+| `gcp.projectID`      | (Required if aws creds not set) Project ID of the google application.                                          | `nil`     |
+| `gcp.serviceKey`     | (Required if aws creds not set) Path to json file containing google application credentials.                                          | `nil`     |
+| `location.type`      | (Optional) Location type: s3Compliant or gcs.                                          | `nil`     |
+| `location.bucket`      | (Required if location.type is set) Bucket used to store Kanister artifacts.<br><br>The bucket must already exist.                                          | `nil`     |
+| `location.region`      | (Optional) Region to be used for the bucket.                                                                                       | `nil`     |
+| `location.endpoint`    | (Optional) The URL for an s3 compatible object store provider. Can be omitted if provider is AWS. Required for any other provider. | `nil`     |
+| `verifySSL`      | (Optional) Set to ``false`` to disable SSL verification on the s3 endpoint.                                                        | `true`    |
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm
+install`. For example:
+
+```bash
+$ helm install kanister/profile my-profile-release --namespace kanister \
+     --set profileName='my-profile' \
+     --set location.type='s3Compliant' \
+     --set location.endpoint='https://my-custom-s3-provider:9000' \
+     --set aws.accessKey="${AWS_ACCESS_KEY}" \
+     --set aws.secretKey="${AWS_SECRET_KEY}" \
+     --set location.bucket='my-kanister-bucket' \
+     --set verifySSL='true'
+```

charts/kanister-profile/ci/list-values.yaml

@@ -0,0 +1,4 @@
+s3:
+  accessKey: SomeBogusTestKey=
+  secretKey: SomeTestSecrest==
+  bucket: linttestname

charts/kanister-profile/templates/NOTES.txt

@@ -0,0 +1 @@
+This chart created a profile with name {{ template "profile.profileName" .}}

charts/kanister-profile/templates/_helpers.tpl

@@ -0,0 +1,42 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "profile.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Name of the profile to create
+*/}}
+{{- define "profile.profileName" -}}
+{{- if .Values.defaultProfile -}}
+    {{ .Values.defaultProfileName }}
+{{- else -}}
+    {{- required "If not creating a default profile, please provide a name for the profile by setting the parameter profileName" .Values.profileName -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "profile.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "profile.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/* Helm required labels */}}
+{{- define "profile.helmLabels" -}}
+heritage: {{ .Release.Service }}
+release: {{ .Release.Name }}
+chart: {{ template "profile.chart" . }}
+app: {{ template "profile.name" . }}
+{{- end -}}

charts/kanister-profile/templates/profile.yaml

@@ -0,0 +1,52 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "profile.profileName" . }}-creds
+  namespace: {{ .Release.Namespace }}
+  labels:
+{{ include "profile.helmLabels" . | indent 4 }}
+type: Opaque
+data:
+  {{- if .Values.aws.accessKey }}
+  aws_access_key_id: {{ .Values.aws.accessKey | b64enc | quote }}
+  aws_secret_access_key: {{ .Values.aws.secretKey | b64enc | quote }}
+  {{- else if .Values.gcp.projectID }}
+  project_id: {{ .Values.gcp.projectID | b64enc | quote }}
+  service_key: {{ .Values.gcp.serviceKey | b64enc | quote }}
+  {{- else if .Values.azure.storageAccount }}
+  storage_account: {{ .Values.azure.storageAccount | b64enc | quote }}
+  storage_key: {{ .Values.azure.storageKey | b64enc | quote }}
+  {{- end }}
+
+---
+apiVersion: cr.kanister.io/v1alpha1
+kind: Profile
+metadata:
+  name: {{ template "profile.profileName" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+{{ include "profile.helmLabels" . | indent 4 }}
+location:
+  type: {{ .Values.location.type | quote }}
+  bucket: {{ .Values.location.bucket | quote }}
+  endpoint: {{ .Values.location.endpoint }}
+  prefix: {{ .Values.location.prefix }}
+  region: {{ .Values.location.region }}
+credential:
+  type: keyPair
+  keyPair:
+    {{- if .Values.aws.accessKey }}
+    idField: aws_access_key_id
+    secretField: aws_secret_access_key
+    {{- else if .Values.gcp.projectID }}
+    idField: project_id
+    secretField: service_key
+    {{- else if .Values.azure.storageAccount }}
+    idField: storage_account
+    secretField: storage_key
+    {{- end }}
+    secret:
+      apiVersion: v1
+      name: {{ template "profile.profileName" . }}-creds
+      namespace: {{ .Release.Namespace }}
+skipSSLVerify: {{ not .Values.verifySSL }}

charts/kanister-profile/values.yaml

@@ -0,0 +1,27 @@
+# Default values for kanister-profile.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+defaultProfile: true
+defaultProfileName: default-profile
+profileName:
+
+location:
+  type:
+  bucket:
+  endpoint: ""
+  prefix: ""
+  region: ""
+
+aws:
+  accessKey:
+  secretKey:
+
+gcp:
+  projectID:
+  serviceKey:
+
+azure:
+  storageAccount:
+  storageKey:
+
+verifySSL: true