Skip to content

Commit

Permalink
refactor(falco-talon): allow namespace overwrite and prefer use fulln…
Browse files Browse the repository at this point in the history 
…ame for resources naming

Uniformized the chart resources name and overwrite according to falco codebase

Signed-off-by: LeoFVO <[email protected]>
  • Loading branch information
@leofvo
leofvo committed Oct 15, 2024
1 parent f717e3b commit 163e903
Show file tree
Hide file tree
Showing 11 changed files with 59 additions and 28 deletions.
25 changes: 25 additions & 0 deletions charts/falco-talon/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,38 @@ Expand the name of the chart.
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "falco-talon.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}

{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "falco-talon.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/*
Allow the release namespace to be overridden
*/}}
{{- define "falco-talon.namespace" -}}
{{- default .Release.Namespace .Values.namespaceOverride -}}
{{- end -}}

{{/*
Return the appropriate apiVersion for ingress.
*/}}
Expand Down
4 changes: 2 additions & 2 deletions charts/falco-talon/templates/clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ template "falco-talon.name" .}}
name: {{ template "falco-talon.fullname" .}}
labels:
{{- include "falco-talon.labels" . | nindent 4 }}
rules:
Expand All @@ -12,7 +12,7 @@ rules:
resources:
- podsecuritypolicies
resourceNames:
- {{ template "falco-talon.name" . }}
- {{ template "falco-talon.fullname" . }}
verbs:
- use
{{- end }}
3 changes: 2 additions & 1 deletion charts/falco-talon/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "falco-talon.name" . }}-rules
name: {{ include "falco-talon.fullname" . }}-rules
namespace: {{ include "falco-talon.namespace" . }}
labels:
{{- include "falco-talon.labels" . | nindent 4 }}
data:
Expand Down
10 changes: 5 additions & 5 deletions charts/falco-talon/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,15 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "falco-talon.name" . }}
name: {{ include "falco-talon.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "falco-talon.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "falco-talon.name" . }}
app.kubernetes.io/name: {{ include "falco-talon.fullname" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
template:
metadata:
Expand All @@ -22,7 +22,7 @@ spec:
annotations:
timestamp: {{ now }}
spec:
serviceAccountName: {{ include "falco-talon.name" . }}
serviceAccountName: {{ include "falco-talon.fullname" . }}
{{- if .Values.priorityClassName }}
priorityClassName: "{{ .Values.priorityClassName }}"
{{- end }}
Expand Down Expand Up @@ -88,7 +88,7 @@ spec:
volumes:
- name: "rules"
configMap:
name: "{{ include "falco-talon.name" . }}-rules"
name: "{{ include "falco-talon.fullname" . }}-rules"
- name: "config"
secret:
secretName: "{{ include "falco-talon.name" . }}-config"
secretName: "{{ include "falco-talon.fullname" . }}-config"
4 changes: 2 additions & 2 deletions charts/falco-talon/templates/ingress.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
{{- if .Values.ingress.enabled -}}
{{- $name := include "falco-talon.name" . -}}
{{- $name := include "falco-talon.fullname" . -}}
{{- $ingressApiIsStable := eq (include "falco-talon.ingress.isStable" .) "true" -}}
{{- $ingressSupportsPathType := eq (include "falco-talon.ingress.supportsPathType" .) "true" -}}
---
apiVersion: {{ include "falco-talon.ingress.apiVersion" . }}
kind: Ingress
metadata:
name: {{ $name }}
namespace: {{ .Release.Namespace }}
namespace: {{ include "falco-talon.namespace" . }}
labels:
{{- include "falco-talon.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
Expand Down
2 changes: 1 addition & 1 deletion charts/falco-talon/templates/podsecuritypolicy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: {{ template "falco-talon.name" . }}
name: {{ template "falco-talon.fullname" . }}
labels:
{{- include "falco-talon.labels" . | nindent 4 }}
spec:
Expand Down
22 changes: 11 additions & 11 deletions charts/falco-talon/templates/rbac.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,18 +2,18 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "falco-talon.name" . }}
namespace: {{ .Release.Namespace }}
name: {{ include "falco-talon.fullname" . }}
namespace: {{ include "falco-talon.namespace" . }}
labels:
{{- include "falco-talon.labels" . | nindent 4 }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "falco-talon.name" . }}
namespace: {{ .Release.Namespace }}
name: {{ include "falco-talon.fullname" . }}
namespace: {{ include "falco-talon.namespace" . }}
labels:
app.kubernetes.io/name: {{ include "falco-talon.name" . }}
app.kubernetes.io/name: {{ include "falco-talon.fullname" . }}
helm.sh/chart: {{ include "falco-talon.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
Expand Down Expand Up @@ -184,26 +184,26 @@ rules:
resources:
- podsecuritypolicies
resourceNames:
- {{ template "falco-talon.name" . }}
- {{ template "falco-talon.fullname" . }}
verbs:
- use
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "falco-talon.name" . }}
namespace: {{ .Release.Namespace }}
name: {{ include "falco-talon.fullname" . }}
namespace: {{ include "falco-talon.namespace" . }}
labels:
app.kubernetes.io/name: {{ include "falco-talon.name" . }}
app.kubernetes.io/name: {{ include "falco-talon.fullname" . }}
helm.sh/chart: {{ include "falco-talon.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "falco-talon.name" . }}
name: {{ include "falco-talon.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ include "falco-talon.name" . }}
name: {{ include "falco-talon.fullname" . }}
namespace: {{ .Release.Namespace }}
3 changes: 2 additions & 1 deletion charts/falco-talon/templates/secrets.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ include "falco-talon.name" . }}-config
name: {{ include "falco-talon.fullname" . }}-config
namespace: {{ include "falco-talon.namespace" . }}
labels:
{{- include "falco-talon.labels" . | nindent 4 }}
stringData:
Expand Down
4 changes: 2 additions & 2 deletions charts/falco-talon/templates/servicemonitor.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ metadata:
{{- with .Values.serviceMonitor.additionalLabels }}
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "falco-talon.name" . }}
namespace: {{ .Release.Namespace }}
name: {{ include "falco-talon.fullname" . }}
namespace: {{ include "falco-talon.namespace" . }}
spec:
endpoints:
- port: {{ .Values.serviceMonitor.port }}
Expand Down
4 changes: 2 additions & 2 deletions charts/falco-talon/templates/services.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "falco-talon.name" . }}
namespace: {{ .Release.Namespace }}
name: {{ include "falco-talon.fullname" . }}
namespace: {{ include "falco-talon.namespace" . }}
labels:
{{- include "falco-talon.labels" . | nindent 4 }}
{{- with .Values.service.annotations }}
Expand Down
6 changes: 5 additions & 1 deletion charts/falco-talon/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,12 @@ podSecurityContext:
imagePullSecrets: []
# - registrySecretName

# -- override name
# -- Put here the new name if you want to override the release name used for Falco-talon components.
nameOverride: ""
# -- Same as nameOverride but for the fullname.
fullnameOverride: ""
# -- Override the deployment namespace
namespaceOverride: ""

# -- extra env
extraEnv:
Expand Down

0 comments on commit 163e903

Please sign in to comment.