Skip to content

Instantly share code, notes, and snippets.

@x95castle1

x95castle1/01-workload.yaml

Last active August 19, 2024 18:54
Show Gist options
  • Save x95castle1/2f089fe4d3fe1de651f8d9adbdc5226e to your computer and use it in GitHub Desktop.
Save x95castle1/2f089fe4d3fe1de651f8d9adbdc5226e to your computer and use it in GitHub Desktop.
Download ZIP
Example GIST that demonstrates how to add a custom param for tolerations onto a Pod Intent
Raw
01-workload.yaml
#@data/values
---
workload:
metadata:
name: test
labels:
test: test
spec:
params:
ports: 8080
serviceAccount: default
tolerations:
- key: "example-key"
operator: "Exists"
effect: "NoSchedule"
- key: "my-key"
operator: "Exists"
effect: "NoSchedule"
image: myimage
Raw
02-convention-template.yaml
#@ load("@ytt:data", "data")
#@ load("@ytt:assert", "assert")
#@ def param(key):
#@ if not key in data.values.params:
#@ return None
#@ end
#@ return data.values.params[key]
#@ end
#@ def maven_param(key):
#@ if not key in data.values.params["maven"]:
#@ return None
#@ end
#@ return data.values.params["maven"][key]
#@ end
#@ def maven_repository_url():
#@ if maven_param("repository") and "url" in maven_param("repository"):
#@ return maven_param("repository")["url"]
#@ elif param("maven_repository_url"):
#@ return param("maven_repository_url")
#@ else:
#@ return None
#@ end
#@ end
#@ def merge_labels(fixed_values):
#@ labels = {}
#@ if hasattr(data.values.workload.metadata, "labels"):
#@ exclusions = "[\"" + "\", \"".join(["kapp.k14s.io/app", "kapp.k14s.io/association"]) + "\"]"
#@ for k,v in dict(data.values.workload.metadata.labels).items():
#@ if k not in exclusions:
#@ labels[k] = v
#@ end
#@ end
#@ end
#@ labels.update(fixed_values)
#@ return labels
#@ end
#@ def build_fixed_annotations():
#@ fixed_annotations = { "developer.conventions/target-containers": "workload", "apps.tanzu.vmware.com/correlationid": correlationId() }
#@ if param("debug"):
#@ fixed_annotations["apps.tanzu.vmware.com/debug"] = param("debug")
#@ end
#@ if param("live-update"):
#@ fixed_annotations["apps.tanzu.vmware.com/live-update"] = param("live-update")
#@ end
#@ return fixed_annotations
#@ end
#@ def merge_annotations(fixed_values):
#@ annotations = {}
#@ if hasattr(data.values.workload.metadata, "annotations"):
#@ # DEPRECATED: remove in a future release
#@ annotations.update(data.values.workload.metadata.annotations)
#@ end
#@ if type(param("annotations")) == "dict" or type(param("annotations")) == "struct":
#@ annotations.update(param("annotations"))
#@ end
#@ annotations.update(fixed_values)
#@ return annotations
#@ end
#@ def isWorkloadType(type):
#@ return data.values.workload.metadata.labels["apps.tanzu.vmware.com/workload-type"] == type
#@ end
#@ def correlationId():
#@ if hasattr(data.values.workload, "annotations") and hasattr(data.values.workload.annotations, "apps.tanzu.vmware.com/correlationid"):
#@ return data.values.workload.annotations["apps.tanzu.vmware.com/correlationid"]
#@ end
#@ url = ""
#@ if hasattr(data.values.workload.spec, "source"):
#@ if hasattr(data.values.workload.spec.source, "git"):
#@ url = data.values.workload.spec.source.git.url
#@ elif hasattr(data.values.workload.spec.source, "image"):
#@ url = data.values.workload.spec.source.image.split("@")[0]
#@ end
#@ url = url + "?sub_path=" + getattr(data.values.workload.spec.source, "subPath", "/")
#@ end
#@ if param("maven"):
#@ url = maven_repository_url() + "/" + maven_param("groupId").replace(".", "/") + "/" + maven_param("artifactId")
#@ end
#@ if hasattr(data.values.workload.spec, "image"):
#@ url = data.values.workload.spec.image.split("@",1)[0]
#@ url = url.split(":",1)[0]
#@ end
#@ return url
#@ end
apiVersion: conventions.carto.run/v1alpha1
kind: PodIntent
metadata:
name: #@ data.values.workload.metadata.name
labels: #@ merge_labels({ "app.kubernetes.io/component": "intent" })
spec:
serviceAccountName: #@ data.values.params.serviceAccount
template:
metadata:
annotations: #@ merge_annotations(build_fixed_annotations())
labels: #@ merge_labels({ "app.kubernetes.io/component": "run", "carto.run/workload-name": data.values.workload.metadata.name })
spec:
serviceAccountName: #@ data.values.params.serviceAccount
containers:
- name: workload
image: #@ data.values.image
securityContext:
allowPrivilegeEscalation: false
runAsUser: 1000
runAsNonRoot: true
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
#! apply ports configuration for server workloads only
#@ if hasattr(data.values.workload.metadata, "labels") and isWorkloadType("server"):
#@ hasattr(data.values.params, "ports") and len(data.values.params.ports) or assert.fail("one or more ports param must be provided.")
ports:
#@ for p in data.values.params.ports:
#@ cp = getattr(p, "containerPort", p.port)
#@ type(cp) in ("string", "int") or fail("containerPort must be a string or int")
- containerPort: #@ int(cp)
#@ end
#@ end
#@ if hasattr(data.values.workload.spec, "env"):
env:
#@ for var in data.values.workload.spec.env:
- name: #@ var.name
#@ if/end hasattr(var, "value"):
value: #@ var.value
#@ if/end hasattr(var, "valueFrom"):
valueFrom: #@ var.valueFrom
#@ end
#@ end
#@ if/end hasattr(data.values.workload.spec, "resources"):
resources: #@ data.values.workload.spec["resources"]
#@ if/end hasattr(data.values.params, "tolerations"):
tolerations: #@ data.values.params.tolerations
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment