alexlebens/helm-charts
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Releases 521 Activity

feat: add rclone for bucket mirror
All checks were successful
release-charts-rclone-bucket / release (push) Successful in 28s
Details
lint-and-test / lint-helm (push) Successful in 54s
Details
renovate / renovate (push) Successful in 1m20s
Details
lint-and-test / chart-testing (push) Successful in 2m45s
Details

Browse Source
This commit is contained in:
Alex Lebens
2026-04-25 20:42:45 -05:00
parent 9b50e6b890
commit 5cb8e9d43e
8 changed files with 570 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
charts/rclone-bucket/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,90 @@
{{/*
Generate the root name
*/}}
{{- define "rclone.name" -}}
{{- if .Values.nameOverride }}
{{- .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-rclone" .Values.rclone.source.bucketName | trunc 63 | trimSuffix "-" -}}
{{- end }}
{{- end }}
{{/*
Generate the secret name
*/}}
{{- define "rclone.sourceSecretName" -}}
{{- if .Values.secret.externalSecret.enabled }}
{{- if .Values.secret.externalSecret.source.nameOverride }}
{{- .Values.secret.externalSecret.source.nameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-rclone-config" .Values.rclone.source.bucketName -}}
{{- end }}
{{- else if .Values.secret.existingSecretSource.name }}
{{- printf "%s" .Values.secret.existingSecretSource.name -}}
{{- else }}
{{ fail "No Secret Name Found!" }}
{{- end }}
{{- end }}
{{- define "rclone.destinationSecretName" -}}
{{- if .Values.secret.externalSecret.enabled }}
{{- if .Values.secret.externalSecret.destination.nameOverride }}
{{- .Values.secret.externalSecret.destination.nameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-rclone-config" .Values.rclone.destination.bucketName -}}
{{- end }}
{{- else if .Values.secret.existingSecretDestination.name }}
{{- printf "%s" .Values.secret.existingSecretDestination.name -}}
{{- else }}
{{ fail "No Secret Name Found!" }}
{{- end }}
{{- end }}
{{/*
Common env names
*/}}
{{- define "secret.envAccessKey" -}}
ACCESS_KEY_ID
{{- end }}
{{- define "secret.envSecretKey" -}}
ACCESS_SECRET_KEY
{{- end }}
{{- define "secret.envRegion" -}}
ACCESS_REGION
{{- end }}
{{- define "secret.envSrcEndpoint" -}}
SRC_ENDPOINT
{{- end }}
{{- define "secret.envDestEndpoint" -}}
DEST_ENDPOINT
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "secret.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "secret.labels" -}}
helm.sh/chart: {{ include "secret.chart" $ }}
{{ include "secret.selectorLabels" $ }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.Version | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.secret.externalSecret.additionalLabels }}
{{ toYaml . }}
{{- end }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "secret.selectorLabels" -}}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
{{- end }}

131
charts/rclone-bucket/templates/common.yaml Normal file
View File

@@ -0,0 +1,131 @@
{{- include "bjw-s.common.loader.init" . }}
{{- define "rclone.hardcodedValues" -}}
global:
nameOverride: {{ include "rclone.name" . }}
fullNameOverride: {{ include "rclone.name" . }}
controllers:
main:
type: cronjob
{{- with .Values.cronJob }}
cronjob:
{{- toYaml . | nindent 6 }}
{{ end }}
containers:
sync:
image:
repository: {{ .Values.image.repository }}
tag: {{ .Values.image.tag }}
pullPolicy: {{ .Values.image.pullPolicy }}
args:
- sync
- src:{{ .Values.rclone.source.bucketName }}
- dest:{{ .Values.rclone.destination.bucketName }}
- --s3-no-check-bucket
- --verbose
env:
- name: RCLONE_S3_PROVIDER
value: {{ .Values.rclone.providerType }}
- name: RCLONE_CONFIG_SRC_TYPE
value: s3
- name: RCLONE_CONFIG_SRC_PROVIDER
value: {{ .Values.rclone.source.providerType }}
- name: RCLONE_CONFIG_SRC_ENV_AUTH
value: false
- name: RCLONE_CONFIG_SRC_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: {{ include "rclone.sourceSecretName" . }}
key: {{ include "secret.envAccessKey" . }}
- name: RCLONE_CONFIG_SRC_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: {{ include "rclone.sourceSecretName" . }}
key: {{ include "secret.envSecretKey" . }}
- name: RCLONE_CONFIG_SRC_REGION
valueFrom:
secretKeyRef:
name: {{ include "rclone.sourceSecretName" . }}
key: {{ include "secret.envRegion" . }}
- name: RCLONE_CONFIG_SRC_ENDPOINT
valueFrom:
secretKeyRef:
name: {{ include "rclone.sourceSecretName" . }}
key: {{ include "secret.envSrcEndpoint" . }}
- name: RCLONE_CONFIG_SRC_S3_FORCE_PATH_STYLE
value: {{ .Values.rclone.source.forcePathStyle }}
- name: RCLONE_CONFIG_DEST_TYPE
value: s3
- name: RCLONE_CONFIG_DEST_PROVIDER
value: {{ .Values.rclone.destination.providerType }}
- name: RCLONE_CONFIG_DEST_ENV_AUTH
value: false
- name: RCLONE_CONFIG_DEST_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: {{ include "rclone.destinationSecretName" . }}
key: {{ include "secret.envAccessKey" . }}
- name: RCLONE_CONFIG_DEST_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: {{ include "rclone.destinationSecretName" . }}
key: {{ include "secret.envSecretKey" . }}
- name: RCLONE_CONFIG_DEST_REGION
valueFrom:
secretKeyRef:
name: {{ include "rclone.destinationSecretName" . }}
key: {{ include "secret.envRegion" . }}
- name: RCLONE_CONFIG_DEST_ENDPOINT
valueFrom:
secretKeyRef:
name: {{ include "rclone.destinationSecretName" . }}
key: {{ include "secret.envDestEndpoint" . }}
- name: RCLONE_CONFIG_SRC_DEST_FORCE_PATH_STYLE
value: {{ .Values.rclone.destination.forcePathStyle }}
{{- if .Values.prune.enabled }}
prune:
image:
repository: {{ .Values.image.repository }}
tag: {{ .Values.image.tag }}
pullPolicy: {{ .Values.image.pullPolicy }}
args:
- delete
- dest:{{ .Values.rclone.destination.bucketName }}
- --min-age
- {{ .Values.prune.ageToPrune }}
- --verbose
env:
- name: RCLONE_CONFIG_DEST_TYPE
value: s3
- name: RCLONE_CONFIG_DEST_PROVIDER
value: {{ .Values.rclone.destination.providerType }}
- name: RCLONE_CONFIG_DEST_ENV_AUTH
value: false
- name: RCLONE_CONFIG_DEST_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: {{ include "rclone.destinationSecretName" . }}
key: {{ include "secret.envAccessKey" . }}
- name: RCLONE_CONFIG_DEST_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: {{ include "rclone.destinationSecretName" . }}
key: {{ include "secret.envSecretKey" . }}
- name: RCLONE_CONFIG_DEST_REGION
valueFrom:
secretKeyRef:
name: {{ include "rclone.destinationSecretName" . }}
key: {{ include "secret.envRegion" . }}
- name: RCLONE_CONFIG_DEST_ENDPOINT
valueFrom:
secretKeyRef:
name: {{ include "rclone.destinationSecretName" . }}
key: {{ include "secret.envDestEndpoint" . }}
- name: RCLONE_CONFIG_SRC_S3_FORCE_PATH_STYLE
value: {{ .Values.rclone.destination.forcePathStyle }}
{{- end }}
{{- end -}}
{{- $_ := mergeOverwrite .Values (include "rclone.hardcodedValues" . | fromYaml) -}}
{{/* Render the templates */}}
{{ include "bjw-s.common.loader.generate" . }}

69
charts/rclone-bucket/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,69 @@
{{- if .Values.secret.externalSecret.enabled }}
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: {{ include "rclone.sourceSecretName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "secret.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "rclone.sourceSecretName" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: {{ .Values.secret.externalSecret.storeName | required "External Secret store name is required" }}
data:
- secretKey: {{ include "secret.envAccessKey" . }}
remoteRef:
key: {{ .Values.secret.externalSecret.source.credentials.path }}
property: {{ .Values.secret.externalSecret.source.credentials.keyIdProperty }}
- secretKey: {{ include "secret.envSecretKey" . }}
remoteRef:
key: {{ .Values.secret.externalSecret.source.credentials.path }}
property: {{ .Values.secret.externalSecret.source.credentials.secretKeyProperty }}
- secretKey: {{ include "secret.envRegion" . }}
remoteRef:
key: {{ .Values.secret.externalSecret.source.credentials.path }}
property: {{ .Values.secret.externalSecret.source.credentials.regionProperty }}
- secretKey: {{ include "secret.envSrcEndpoint" . }}
remoteRef:
key: {{ .Values.secret.externalSecret.source.config.path }}
property: {{ .Values.secret.externalSecret.source.config.endpointProperty }}
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: {{ include "rclone.destinationSecretName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "secret.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "rclone.destinationSecretName" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: {{ .Values.secret.externalSecret.storeName | required "External Secret store name is required" }}
data:
- secretKey: {{ include "secret.envAccessKey" . }}
remoteRef:
key: {{ .Values.secret.externalSecret.destination.credentials.path }}
property: {{ .Values.secret.externalSecret.destination.credentials.keyIdProperty }}
- secretKey: {{ include "secret.envSecretKey" . }}
remoteRef:
key: {{ .Values.secret.externalSecret.destination.credentials.path }}
property: {{ .Values.secret.externalSecret.destination.credentials.keyIdProperty }}
- secretKey: {{ include "secret.envRegion" . }}
remoteRef:
key: {{ .Values.secret.externalSecret.destination.credentials.path }}
property: {{ .Values.secret.externalSecret.destination.credentials.keyIdProperty }}
- secretKey: {{ include "secret.envDestEndpoint" . }}
remoteRef:
key: {{ .Values.secret.externalSecret.destination.config.path }}
property: {{ .Values.secret.externalSecret.destination.config.endpointProperty }}
{{- end }}