alexlebens/helm-charts
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Releases 444 Activity

add volsync target chart
All checks were successful
renovate / renovate (push) Successful in 24s
Details
lint-and-test / lint-helm (push) Successful in 21s
Details
release-charts-volsync-target / release (push) Successful in 33s
Details
lint-and-test / chart-testing (push) Successful in 39s
Details

Browse Source
This commit is contained in:
Alex Lebens
2025-12-15 17:35:29 -06:00
parent 0a62645f06
commit b1dae9cd3d
6 changed files with 505 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
charts/volsync-target/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,75 @@
{{/*
Expand the names
*/}}
{{- define "volsync.name" -}}
{{- if .Values.nameOverride }}
{{- .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-backup" .Values.pvcTarget -}}
{{- end }}
{{- end }}
{{- define "volsync.localRepoName" -}}
{{- if .Values.local.restic.repository }}
{{- .Values.local.restic.repository | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-secret-local" (include "volsync.name" .) -}}
{{- end }}
{{- end }}
{{- define "volsync.remoteRepoName" -}}
{{- if .Values.remote.restic.repository }}
{{- .Values.remote.restic.repository | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-secret-remote" (include "volsync.name" .) -}}
{{- end }}
{{- end }}
{{- define "volsync.externalRepoName" -}}
{{- if .Values.external.restic.repository }}
{{- .Values.external.restic.repository | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-secret-external" (include "volsync.name" .) -}}
{{- end }}
{{- end }}
{{/*
Allow the release namespace to be overridden for multi-namespace deployments in combined charts
*/}}
{{- define "volsync.namespace" -}}
{{- if .Values.namespaceOverride -}}
{{- .Values.namespaceOverride -}}
{{- else -}}
{{- .Release.Namespace -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "volsync.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "volsync.labels" -}}
helm.sh/chart: {{ include "volsync.chart" $ }}
{{ include "volsync.selectorLabels" $ }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.Version | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.additionalLabels }}
{{ toYaml . }}
{{- end }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "volsync.selectorLabels" -}}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/part-of: {{ .Release.Name }}
{{- end }}

182
charts/volsync-target/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,182 @@
{{- if and (.Values.local.enabled) (.Values.externalSecrets.enabled) }}
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: {{ include "volsync.localRepoName" . }}
namespace: {{ include "volsync.namespace" . }}
labels:
{{- include "volsync.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "volsync.localRepoName" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/{{ .Release.Namespace }}/{{ .Values.pvcTarget | required "PVC target is required" }}"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.volsyncPath | required "External Secret Volsync local path is required" }}
metadataPolicy: None
property: BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.volsyncPath | required "External Secret Volsync local path is required" }}
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential local path is required" }}
metadataPolicy: None
property: ACCESS_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential local path is required" }}
metadataPolicy: None
property: ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential local path is required" }}
metadataPolicy: None
property: ACCESS_SECRET_KEY
{{- end }}
{{- if and (.Values.remote.enabled) (.Values.externalSecrets.enabled) }}
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: {{ include "volsync.remoteRepoName" . }}
namespace: {{ include "volsync.namespace" . }}
labels:
{{- include "volsync.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "volsync.remoteRepoName" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/{{ .Release.Namespace }}/{{ .Values.pvcTarget | required "PVC target is required" }}"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.volsyncPath | required "External Secret Volsync remote path is required" }}
metadataPolicy: None
property: BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.volsyncPath | required "External Secret Volsync remote path is required" }}
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential remote path is required" }}
metadataPolicy: None
property: ACCESS_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential remote path is required" }}
metadataPolicy: None
property: ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential remote path is required" }}
metadataPolicy: None
property: ACCESS_SECRET_KEY
{{- end }}
{{- if and (.Values.external.enabled) (.Values.externalSecrets.enabled) }}
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: {{ include "volsync.externalRepoName" . }}
namespace: {{ include "volsync.namespace" . }}
labels:
{{- include "volsync.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "volsync.externalRepoName" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
target:
template:
mergePolicy: Merge
engineVersion: v2
data:
RESTIC_REPOSITORY: "{{ `{{ .BUCKET_ENDPOINT }}` }}/{{ .Release.Namespace }}/{{ .Values.pvcTarget | required "PVC target is required" }}"
data:
- secretKey: BUCKET_ENDPOINT
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.volsyncPath | required "External Secret Volsync external path is required" }}
metadataPolicy: None
property: BUCKET_ENDPOINT
- secretKey: RESTIC_PASSWORD
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.volsyncPath | required "External Secret Volsync external path is required" }}
metadataPolicy: None
property: RESTIC_PASSWORD
- secretKey: AWS_DEFAULT_REGION
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential external path is required" }}
metadataPolicy: None
property: AWS_DEFAULT_REGION
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential external path is required" }}
metadataPolicy: None
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: {{ .Values.local.externalSecret.credentialPath | required "External Secret Credential external path is required" }}
metadataPolicy: None
property: AWS_SECRET_ACCESS_KEY
{{- end }}

89
charts/volsync-target/templates/replication-source.yaml Normal file
View File

@@ -0,0 +1,89 @@
{{- if .Values.local.enabled }}
---
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: {{ include "volsync.name" . }}-source-local
namespace: {{ include "volsync.namespace" . }}
labels:
{{- include "volsync.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "volsync.name" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
sourcePVC: {{ .Values.pvcTarget }}
trigger:
schedule: {{ .Values.local.schedule }}
restic:
pruneIntervalDays: {{ .Values.local.restic.pruneIntervalDays }}
repository: {{ include "volsync.localRepoName" . }}
retain:
{{- with .Values.local.restic.retain }}
{{- toYaml . | nindent 6 }}
{{ end }}
copyMethod: {{ .Values.local.restic.copyMethod }}
storageClassName: {{ .Values.local.restic.storageClassName }}
volumeSnapshotClassName: {{ .Values.local.restic.volumeSnapshotClassName }}
cacheCapacity: {{ .Values.local.restic.cacheCapacity }}
{{- end }}
{{- if .Values.remote.enabled }}
---
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: {{ include "volsync.name" . }}-source-remote
namespace: {{ include "volsync.namespace" . }}
labels:
{{- include "volsync.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "volsync.name" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
sourcePVC: {{ .Values.pvcTarget | required "PVC target is required" }}
trigger:
schedule: {{ .Values.remote.schedule }}
restic:
pruneIntervalDays: {{ .Values.remote.restic.pruneIntervalDays }}
repository: {{ include "volsync.remoteRepoName" . }}
retain:
{{- with .Values.remote.restic.retain }}
{{- toYaml . | nindent 6 }}
{{ end }}
copyMethod: {{ .Values.remote.restic.copyMethod }}
storageClassName: {{ .Values.remote.restic.storageClassName }}
volumeSnapshotClassName: {{ .Values.remote.restic.volumeSnapshotClassName }}
cacheCapacity: {{ .Values.remote.restic.cacheCapacity }}
{{- end }}
{{- if .Values.external.enabled }}
---
apiVersion: volsync.backube/v1alpha1
kind: ReplicationSource
metadata:
name: {{ include "volsync.name" . }}-source-external
namespace: {{ include "volsync.namespace" . }}
labels:
{{- include "volsync.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ include "volsync.name" . }}
{{- with .Values.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
sourcePVC: {{ .Values.pvcTarget }}
trigger:
schedule: {{ .Values.external.schedule }}
restic:
pruneIntervalDays: {{ .Values.external.restic.pruneIntervalDays }}
repository: {{ include "volsync.externalRepoName" . }}
retain:
{{- with .Values.external.restic.retain }}
{{- toYaml . | nindent 6 }}
{{ end }}
copyMethod: {{ .Values.external.restic.copyMethod }}
storageClassName: {{ .Values.external.restic.storageClassName }}
volumeSnapshotClassName: {{ .Values.external.restic.volumeSnapshotClassName }}
cacheCapacity: {{ .Values.external.restic.cacheCapacity }}
{{- end }}