eclipse-mosquitto · ekazakas · Apr 11, 2024 · May 5, 2024 · May 5, 2024 · May 5, 2024
diff --git a/deploy/chart/.helmignore b/deploy/chart/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/deploy/chart/Chart.yaml b/deploy/chart/Chart.yaml
@@ -0,0 +1,14 @@
+apiVersion: v2
+appVersion: 2.0.18
+name: mosquitto
+description: Mosquitto MQTT broker
+type: application
+version: 1.0.0
+keywords:
+  - mqtt
+  - mosquitto
+maintainers:
+  - name: Eduardas Kazakas
+    email: eduardas.kazakas@gmail.com
+sources:
+  - https://github.com/mosquitto/tree/master/deploy/chart
diff --git a/deploy/chart/templates/_helpers.tpl b/deploy/chart/templates/_helpers.tpl
@@ -0,0 +1,97 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+
+{{- define "mosquitto.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "mosquitto.name" -}}
+{{- default .Chart.Name .Values.mosquitto.nameOverride | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "mosquitto.fullname" -}}
+{{- $name := default .Chart.Name .Values.mosquitto.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" $name .Release.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "mosquitto.labels.standard" -}}
+app.kubernetes.io/name: {{ include "mosquitto.name" . }}
+helm.sh/chart: {{ include "mosquitto.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/version: {{ required ".Values.mosquitto.imageTag is required!" .Values.mosquitto.imageTag | quote }}
+{{- end -}}
+
+{{- define "mosquitto.labels.matchLabels" -}}
+app.kubernetes.io/name: {{ include "mosquitto.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}
+
+{{- define "mosquitto.capabilities.kubeVersion" -}}
+{{- .Capabilities.KubeVersion.Version -}}
+{{- end -}}
+
+{{- define "mosquitto.capabilities.ingress.apiVersion" -}}
+{{- if semverCompare "<1.14-0" (include "mosquitto.capabilities.kubeVersion" .) -}}
+{{- print "extensions/v1beta1" -}}
+{{- else if semverCompare "<1.19-0" (include "mosquitto.capabilities.kubeVersion" .) -}}
+{{- print "networking.k8s.io/v1beta1" -}}
+{{- else -}}
+{{- print "networking.k8s.io/v1" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "mosquitto.capabilities.policy.apiVersion" -}}
+{{- if semverCompare "<1.21-0" (include "mosquitto.capabilities.kubeVersion" .) -}}
+{{- print "policy/v1beta1" -}}
+{{- else -}}
+{{- print "policy/v1" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "mosquitto.capabilities.rbac.apiVersion" -}}
+{{- if semverCompare "<1.17-0" (include "mosquitto.capabilities.kubeVersion" .) -}}
+{{- print "rbac.authorization.k8s.io/v1beta1" -}}
+{{- else -}}
+{{- print "rbac.authorization.k8s.io/v1" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "mosquitto.capabilities.statefulset.apiVersion" -}}
+{{- if semverCompare "<1.14-0" (include "mosquitto.capabilities.kubeVersion" .) -}}
+{{- print "apps/v1beta1" -}}
+{{- else -}}
+{{- print "apps/v1" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "mosquitto.ingress.backend" -}}
+{{- $apiVersion := (include "mosquitto.capabilities.ingress.apiVersion" .context) -}}
+{{- if or (eq $apiVersion "extensions/v1beta1") (eq $apiVersion "networking.k8s.io/v1beta1") -}}
+serviceName: {{ .serviceName }}
+servicePort: {{ .servicePort }}
+{{- else -}}
+service:
+  name: {{ .serviceName }}
+  port:
+    {{- if typeIs "string" .servicePort }}
+    name: {{ .servicePort }}
+    {{- else if or (typeIs "int" .servicePort) (typeIs "float64" .servicePort) }}
+    number: {{ .servicePort | int }}
+    {{- end }}
+{{- end -}}
+{{- end -}}
+
+{{- define "mosquitto.ingress.supportsPathType" -}}
+{{- if semverCompare "<1.18-0" (include "mosquitto.capabilities.kubeVersion" .) -}}
+{{- print "false" -}}
+{{- else -}}
+{{- print "true" -}}
+{{- end -}}
+{{- end -}}
diff --git a/deploy/chart/templates/configmap.yaml b/deploy/chart/templates/configmap.yaml
@@ -0,0 +1,45 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "mosquitto.fullname" . }}
+  labels: {{- include "mosquitto.labels.standard" . | nindent 4 }}
+    {{- with .Values.mosquitto.common.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.configMap.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.mosquitto.common.annotations .Values.mosquitto.configMap.annotations }}
+  annotations:
+    {{- with .Values.mosquitto.common.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.configMap.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- end }}
+data:
+  mosquitto.conf: |
+    log_dest stdout
+    {{ .Values.mosquitto.configFile }}
+    {{- if .Values.mosquitto.authentication.passwordFile }}
+    password_file {{ required ".Values.mosquitto.authentication.passwordFilePath is required!" .Values.mosquitto.authentication.passwordFilePath | quote }}
+    {{- end }}
+    {{- if .Values.mosquitto.authorization.aclFile }}
+    acl_file {{ required ".Values.mosquitto.authorization.aclFilePath is required!" .Values.mosquitto.authorization.aclFilePath | quote }}
+    {{- end }}
+    {{- if .Values.mosquitto.persistence.enabled }}
+    persistence true
+    persistence_location {{ required ".Values.mosquitto.persistence.location is required!" .Values.mosquitto.persistence.location }}
+    {{- end }}
+    listener {{ required ".Values.mosquitto.ports.mqtt is required!" .Values.mosquitto.ports.mqtt.containerPort }}
+    {{- if .Values.mosquitto.ports.websocket.enabled }}
+    listener {{ required ".Values.mosquitto.ports.websocket.containerPort is required!" .Values.mosquitto.ports.websocket.containerPort }}
+    protocol websockets
+    {{- end }}
+    {{- if .Values.mosquitto.ports.mqtts.enabled }}
+    listener {{ required ".Values.mosquitto.ports.mqtts.containerPort is required!" .Values.mosquitto.ports.mqtts.containerPort }}
+    cafile /etc/ssl/certs/ca-certificates.crt
+    keyfile {{ required ".Values.mosquitto.certificateLocation is required!" .Values.mosquitto.certificateLocation }}/tls.key
+    certfile {{ required ".Values.mosquitto.certificateLocation is required!" .Values.mosquitto.certificateLocation }}/tls.crt
+    {{- end }}
diff --git a/deploy/chart/templates/ingress.yaml b/deploy/chart/templates/ingress.yaml
@@ -0,0 +1,44 @@
+{{- if .Values.mosquitto.ingress.enabled -}}
+apiVersion: {{ include "mosquitto.capabilities.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  name: {{ include "mosquitto.fullname" . }}
+  labels: {{- include "mosquitto.labels.standard" . | nindent 4 }}
+    {{- with .Values.mosquitto.common.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.ingress.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.mosquitto.common.annotations .Values.mosquitto.ingress.annotations }}
+  annotations:
+    {{- with .Values.mosquitto.common.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.ingress.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- end }}
+spec:
+  rules:
+    {{- range $host := (required ".Values.mosquitto.ingress.hosts is required" .Values.mosquitto.ingress.hosts) }}
+    - host: {{ required "$host.name is required!" $host.name }}
+      http:
+        paths:
+          {{- range $path := (required "$host.paths is required" $host.paths) }}
+          - path: {{ required "$path.name is required" $path.name }}
+            {{- if eq "true" (include "mosquitto.ingress.supportsPathType" $) }}
+            pathType: {{ $path.type | default "ImplementationSpecific" }}
+            {{- end }}
+            backend: {{- include "mosquitto.ingress.backend" (dict "serviceName" (include "mosquitto.fullname" $) "servicePort" (required "$path.port is required!" $path.port) "context" $) | nindent 14 }}
+          {{- end }}
+    {{- end }}
+  {{- if .Values.mosquitto.ingress.tls.enabled }}
+  tls:
+    - secretName: {{ printf "%s-certs" (include "mosquitto.fullname" .) }}
+      hosts:
+        {{- range $host := (required ".Values.mosquitto.ingress.hosts is required!" .Values.mosquitto.ingress.hosts) }}
+        - {{ printf "%s" (required "$host.name is required" $host.name) }}
+        {{- end }}
+  {{- end }}
+{{- end -}}
diff --git a/deploy/chart/templates/poddisruptionbudget.yaml b/deploy/chart/templates/poddisruptionbudget.yaml
@@ -0,0 +1,33 @@
+{{- $minAvailableIsSet := not (kindIs "invalid" .Values.mosquitto.podDisruptionBudget.minAvailable) }}
+{{- $maxUnavailableIsSet := not (kindIs "invalid" .Values.mosquitto.podDisruptionBudget.maxUnavailable) }}
+{{- if or $minAvailableIsSet $maxUnavailableIsSet }}
+apiVersion: {{ include "mosquitto.capabilities.policy.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "mosquitto.fullname" . }}
+  labels: {{- include "mosquitto.labels.standard" . | nindent 4 }}
+    {{- with .Values.mosquitto.common.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.podDisruptionBudget.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.mosquitto.common.annotations .Values.mosquitto.podDisruptionBudget.annotations }}
+  annotations:
+    {{- with .Values.mosquitto.common.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.podDisruptionBudget.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- end }}
+spec:
+  {{- if $minAvailableIsSet }}
+  minAvailable: {{ required ".Values.mosquitto.podDisruptionBudget.minAvailable is required!" .Values.mosquitto.podDisruptionBudget.minAvailable }}
+  {{- end }}
+  {{- if $maxUnavailableIsSet }}
+  maxUnavailable: {{ required ".Values.mosquitto.podDisruptionBudget.maxUnavailable is required!" .Values.mosquitto.podDisruptionBudget.maxUnavailable }}
+  {{- end }}
+  selector:
+    matchLabels: {{- include "mosquitto.labels.matchLabels" . | nindent 6 }}
+{{- end }}
diff --git a/deploy/chart/templates/role.yaml b/deploy/chart/templates/role.yaml
@@ -0,0 +1,26 @@
+{{- if .Values.mosquitto.rbac.create -}}
+apiVersion: {{ include "mosquitto.capabilities.rbac.apiVersion" . }}
+kind: Role
+metadata:
+  name: {{ include "mosquitto.fullname" . }}
+  labels: {{- include "mosquitto.labels.standard" . | nindent 4 }}
+    {{- with .Values.mosquitto.common.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.role.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.mosquitto.common.annotations .Values.mosquitto.role.annotations }}
+  annotations:
+    {{- with .Values.mosquitto.common.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.role.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- end }}
+rules:
+  - apiGroups: [""]
+    resources: ["secrets", "pods"]
+    verbs: ["get", "list", "watch"]
+{{- end -}}
diff --git a/deploy/chart/templates/rolebinding.yaml b/deploy/chart/templates/rolebinding.yaml
@@ -0,0 +1,30 @@
+{{- if .Values.mosquitto.rbac.create -}}
+apiVersion: {{ include "mosquitto.capabilities.rbac.apiVersion" . }}
+kind: RoleBinding
+metadata:
+  name: {{ include "mosquitto.fullname" . }}
+  labels: {{- include "mosquitto.labels.standard" . | nindent 4 }}
+    {{- with .Values.mosquitto.common.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.roleBinding.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.mosquitto.common.annotations .Values.mosquitto.roleBinding.annotations }}
+  annotations:
+    {{- with .Values.mosquitto.common.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.roleBinding.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- end }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "mosquitto.fullname" . }}
+    namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: Role
+  name: {{ include "mosquitto.fullname" . }}
+  apiGroup: rbac.authorization.k8s.io
+{{- end -}}
diff --git a/deploy/chart/templates/secret.yaml b/deploy/chart/templates/secret.yaml
@@ -0,0 +1,30 @@
+{{- if or .Values.mosquitto.authentication.passwordFile .Values.mosquitto.authorization.aclFile }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "mosquitto.fullname" . }}
+  labels: {{- include "mosquitto.labels.standard" . | nindent 4 }}
+    {{- with .Values.mosquitto.common.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.secret.labels }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.mosquitto.common.annotations .Values.mosquitto.secret.annotations }}
+  annotations:
+    {{- with .Values.mosquitto.common.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+    {{- with .Values.mosquitto.secret.annotations }}
+    {{- toYaml . | trim | nindent 4 }}
+    {{- end }}
+  {{- end }}
+type: Opaque
+data:
+  {{- with .Values.mosquitto.mosquitto.passwordFile }}
+  passwordFile: {{ . | b64enc | quote }}
+  {{- end }}
+  {{- with .Values.mosquitto.authorization.aclFile }}
+  aclFile: {{ . | b64enc | quote }}
+  {{- end }}
+{{- end }}