From efb0468237b4465ac3c726771b4d08f227b84fed Mon Sep 17 00:00:00 2001 From: MRColor Date: Fri, 3 Jan 2025 17:38:06 +0100 Subject: [PATCH 1/5] feat(helm\coder\templates\service.yaml): support nodePort specification for LoadBalancer services, expanding #8993 work --- helm/coder/templates/service.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/helm/coder/templates/service.yaml b/helm/coder/templates/service.yaml index 5bf78d04095f6..23bb4e430bf78 100644 --- a/helm/coder/templates/service.yaml +++ b/helm/coder/templates/service.yaml @@ -16,7 +16,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - {{ if eq .Values.coder.service.type "NodePort" }} + {{ if or (eq .Values.coder.service.type "NodePort") (eq .Values.coder.service.type "LoadBalancer") }} nodePort: {{ .Values.coder.service.httpNodePort }} {{ end }} {{- if eq (include "coder.tlsEnabled" .) "true" }} @@ -24,7 +24,7 @@ spec: port: 443 targetPort: "https" protocol: TCP - {{ if eq .Values.coder.service.type "NodePort" }} + {{ if or (eq .Values.coder.service.type "NodePort") (eq .Values.coder.service.type "LoadBalancer") }} nodePort: {{ .Values.coder.service.httpsNodePort }} {{ end }} {{- end }} From cd8842069b1f6a761f1fa73d1ca433204712b4c6 Mon Sep 17 00:00:00 2001 From: MRColor Date: Fri, 3 Jan 2025 17:57:35 +0100 Subject: [PATCH 2/5] chore(helm\coder\values.yaml): updated inline comments to reflect the changes for nodeport values use cases --- helm/coder/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/helm/coder/values.yaml b/helm/coder/values.yaml index 0b6e7182a4c8f..c1f39526dd3d9 100644 --- a/helm/coder/values.yaml +++ b/helm/coder/values.yaml @@ -288,11 +288,11 @@ coder: # https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer annotations: {} # coder.service.httpNodePort -- Enabled if coder.service.type is set to - # NodePort. If not set, Kubernetes will allocate a port from the default + # NodePort or LoadBalancer. If not set, Kubernetes will allocate a port from the default # range, 30000-32767. httpNodePort: "" # coder.service.httpsNodePort -- Enabled if coder.service.type is set to - # NodePort. If not set, Kubernetes will allocate a port from the default + # NodePort or LoadBalancer. If not set, Kubernetes will allocate a port from the default # range, 30000-32767. httpsNodePort: "" From 4c2b7a4ca27ec5c8db08ae43a23e9bcdc76a264f Mon Sep 17 00:00:00 2001 From: MRColor Date: Thu, 16 Jan 2025 17:53:59 +0000 Subject: [PATCH 3/5] chore(helm): adjust nodeport whitespace in service.yaml template for better readability --- helm/coder/templates/service.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/helm/coder/templates/service.yaml b/helm/coder/templates/service.yaml index 23bb4e430bf78..de81d57c2a306 100644 --- a/helm/coder/templates/service.yaml +++ b/helm/coder/templates/service.yaml @@ -16,17 +16,17 @@ spec: port: 80 targetPort: "http" protocol: TCP - {{ if or (eq .Values.coder.service.type "NodePort") (eq .Values.coder.service.type "LoadBalancer") }} + {{- if or (eq .Values.coder.service.type "NodePort") (eq .Values.coder.service.type "LoadBalancer") }} nodePort: {{ .Values.coder.service.httpNodePort }} - {{ end }} + {{- end }} {{- if eq (include "coder.tlsEnabled" .) "true" }} - name: "https" port: 443 targetPort: "https" protocol: TCP - {{ if or (eq .Values.coder.service.type "NodePort") (eq .Values.coder.service.type "LoadBalancer") }} + {{- if or (eq .Values.coder.service.type "NodePort") (eq .Values.coder.service.type "LoadBalancer") }} nodePort: {{ .Values.coder.service.httpsNodePort }} - {{ end }} + {{- end }} {{- end }} {{- if eq "LoadBalancer" .Values.coder.service.type }} {{- with .Values.coder.service.loadBalancerIP }} From 25f85d060dfa847ab461c8cd9b2e2ca570809673 Mon Sep 17 00:00:00 2001 From: MRColor Date: Thu, 16 Jan 2025 17:57:08 +0000 Subject: [PATCH 4/5] feat(tests): added LoadBalancer nodePort type test cases and updated golden files --- helm/coder/tests/chart_test.go | 4 + .../tests/testdata/auto_access_url_1.golden | 2 +- .../tests/testdata/auto_access_url_2.golden | 2 +- .../tests/testdata/auto_access_url_3.golden | 2 +- helm/coder/tests/testdata/command.golden | 2 +- helm/coder/tests/testdata/command_args.golden | 2 +- .../tests/testdata/default_values.golden | 2 +- helm/coder/tests/testdata/env_from.golden | 2 +- .../tests/testdata/extra_templates.golden | 2 +- .../tests/testdata/labels_annotations.golden | 2 +- helm/coder/tests/testdata/prometheus.golden | 2 - .../tests/testdata/provisionerd_psk.golden | 2 +- helm/coder/tests/testdata/sa.golden | 2 +- helm/coder/tests/testdata/sa_disabled.golden | 2 +- .../tests/testdata/sa_extra_rules.golden | 2 +- .../testdata/svc_loadbalancer_class.golden | 2 +- .../testdata/svc_loadbalancer_nodeport.golden | 190 ++++++++++++++++++ .../testdata/svc_loadbalancer_nodeport.yaml | 8 + helm/coder/tests/testdata/tls.golden | 4 +- helm/coder/tests/testdata/topology.golden | 2 +- .../tests/testdata/workspace_proxy.golden | 2 +- 21 files changed, 220 insertions(+), 20 deletions(-) create mode 100644 helm/coder/tests/testdata/svc_loadbalancer_nodeport.golden create mode 100644 helm/coder/tests/testdata/svc_loadbalancer_nodeport.yaml diff --git a/helm/coder/tests/chart_test.go b/helm/coder/tests/chart_test.go index 34513d375e90d..cf5232285897f 100644 --- a/helm/coder/tests/chart_test.go +++ b/helm/coder/tests/chart_test.go @@ -100,6 +100,10 @@ var testCases = []testCase{ name: "svc_loadbalancer_class", expectedError: "", }, + { + name: "svc_loadbalancer_nodeport", + expectedError: "", + }, } type testCase struct { diff --git a/helm/coder/tests/testdata/auto_access_url_1.golden b/helm/coder/tests/testdata/auto_access_url_1.golden index a55a7413fb95b..db2d9500255fc 100644 --- a/helm/coder/tests/testdata/auto_access_url_1.golden +++ b/helm/coder/tests/testdata/auto_access_url_1.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/auto_access_url_2.golden b/helm/coder/tests/testdata/auto_access_url_2.golden index c7dd0b3c8780b..4f9c8c2627c49 100644 --- a/helm/coder/tests/testdata/auto_access_url_2.golden +++ b/helm/coder/tests/testdata/auto_access_url_2.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/auto_access_url_3.golden b/helm/coder/tests/testdata/auto_access_url_3.golden index 2a07c1e42f050..b848a82862c76 100644 --- a/helm/coder/tests/testdata/auto_access_url_3.golden +++ b/helm/coder/tests/testdata/auto_access_url_3.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/command.golden b/helm/coder/tests/testdata/command.golden index 9897e34382d6c..f4ea75558dd51 100644 --- a/helm/coder/tests/testdata/command.golden +++ b/helm/coder/tests/testdata/command.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/command_args.golden b/helm/coder/tests/testdata/command_args.golden index 126127838b89c..f90c190a81107 100644 --- a/helm/coder/tests/testdata/command_args.golden +++ b/helm/coder/tests/testdata/command_args.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/default_values.golden b/helm/coder/tests/testdata/default_values.golden index f5d6b2ad2c82f..f1a9b7ebf6153 100644 --- a/helm/coder/tests/testdata/default_values.golden +++ b/helm/coder/tests/testdata/default_values.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/env_from.golden b/helm/coder/tests/testdata/env_from.golden index caef038614e90..6d8bb6426d12b 100644 --- a/helm/coder/tests/testdata/env_from.golden +++ b/helm/coder/tests/testdata/env_from.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/extra_templates.golden b/helm/coder/tests/testdata/extra_templates.golden index 437b7ce13d15d..53a4f95ebcdcc 100644 --- a/helm/coder/tests/testdata/extra_templates.golden +++ b/helm/coder/tests/testdata/extra_templates.golden @@ -99,7 +99,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/labels_annotations.golden b/helm/coder/tests/testdata/labels_annotations.golden index c6598737d2410..c0f796466f8ec 100644 --- a/helm/coder/tests/testdata/labels_annotations.golden +++ b/helm/coder/tests/testdata/labels_annotations.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/prometheus.golden b/helm/coder/tests/testdata/prometheus.golden index a16fcc1a08493..c199a20410842 100644 --- a/helm/coder/tests/testdata/prometheus.golden +++ b/helm/coder/tests/testdata/prometheus.golden @@ -90,9 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - nodePort: - selector: app.kubernetes.io/name: coder app.kubernetes.io/instance: release-name diff --git a/helm/coder/tests/testdata/provisionerd_psk.golden b/helm/coder/tests/testdata/provisionerd_psk.golden index 93f9e817ebc80..45fb6c89fb18d 100644 --- a/helm/coder/tests/testdata/provisionerd_psk.golden +++ b/helm/coder/tests/testdata/provisionerd_psk.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/sa.golden b/helm/coder/tests/testdata/sa.golden index 386131531bef4..86825a4621797 100644 --- a/helm/coder/tests/testdata/sa.golden +++ b/helm/coder/tests/testdata/sa.golden @@ -91,7 +91,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/sa_disabled.golden b/helm/coder/tests/testdata/sa_disabled.golden index 3911c8a134164..dbdbc0dc8f090 100644 --- a/helm/coder/tests/testdata/sa_disabled.golden +++ b/helm/coder/tests/testdata/sa_disabled.golden @@ -76,7 +76,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/sa_extra_rules.golden b/helm/coder/tests/testdata/sa_extra_rules.golden index 5766f45c6c829..a93252b339060 100644 --- a/helm/coder/tests/testdata/sa_extra_rules.golden +++ b/helm/coder/tests/testdata/sa_extra_rules.golden @@ -104,7 +104,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/svc_loadbalancer_class.golden b/helm/coder/tests/testdata/svc_loadbalancer_class.golden index f3d3182910c98..0bb55dbd4246c 100644 --- a/helm/coder/tests/testdata/svc_loadbalancer_class.golden +++ b/helm/coder/tests/testdata/svc_loadbalancer_class.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" loadBalancerClass: "test" selector: diff --git a/helm/coder/tests/testdata/svc_loadbalancer_nodeport.golden b/helm/coder/tests/testdata/svc_loadbalancer_nodeport.golden new file mode 100644 index 0000000000000..bf089e859f8ce --- /dev/null +++ b/helm/coder/tests/testdata/svc_loadbalancer_nodeport.golden @@ -0,0 +1,190 @@ +--- +# Source: coder/templates/coder.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: coder + app.kubernetes.io/part-of: coder + app.kubernetes.io/version: 0.1.0 + helm.sh/chart: coder-0.1.0 + name: coder +--- +# Source: coder/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: coder-workspace-perms +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +--- +# Source: coder/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: "coder" +subjects: + - kind: ServiceAccount + name: "coder" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: coder-workspace-perms +--- +# Source: coder/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: coder + labels: + helm.sh/chart: coder-0.1.0 + app.kubernetes.io/name: coder + app.kubernetes.io/instance: release-name + app.kubernetes.io/part-of: coder + app.kubernetes.io/version: "0.1.0" + app.kubernetes.io/managed-by: Helm + annotations: + {} +spec: + type: LoadBalancer + sessionAffinity: None + ports: + - name: "http" + port: 80 + targetPort: "http" + protocol: TCP + nodePort: 30080 + externalTrafficPolicy: "Cluster" + selector: + app.kubernetes.io/name: coder + app.kubernetes.io/instance: release-name +--- +# Source: coder/templates/coder.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + labels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: coder + app.kubernetes.io/part-of: coder + app.kubernetes.io/version: 0.1.0 + helm.sh/chart: coder-0.1.0 + name: coder +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/name: coder + template: + metadata: + annotations: {} + labels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: coder + app.kubernetes.io/part-of: coder + app.kubernetes.io/version: 0.1.0 + helm.sh/chart: coder-0.1.0 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/instance + operator: In + values: + - coder + topologyKey: kubernetes.io/hostname + weight: 1 + containers: + - args: + - server + command: + - /opt/coder + env: + - name: CODER_HTTP_ADDRESS + value: 0.0.0.0:8080 + - name: CODER_PROMETHEUS_ADDRESS + value: 0.0.0.0:2112 + - name: CODER_ACCESS_URL + value: http://coder.default.svc.cluster.local + - name: KUBE_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: CODER_DERP_SERVER_RELAY_URL + value: http://$(KUBE_POD_IP):8080 + image: ghcr.io/coder/coder:latest + imagePullPolicy: IfNotPresent + lifecycle: {} + livenessProbe: + httpGet: + path: /healthz + port: http + scheme: HTTP + name: coder + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + httpGet: + path: /healthz + port: http + scheme: HTTP + resources: {} + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: null + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + volumeMounts: [] + restartPolicy: Always + serviceAccountName: coder + terminationGracePeriodSeconds: 60 + volumes: [] diff --git a/helm/coder/tests/testdata/svc_loadbalancer_nodeport.yaml b/helm/coder/tests/testdata/svc_loadbalancer_nodeport.yaml new file mode 100644 index 0000000000000..2c9d933acc531 --- /dev/null +++ b/helm/coder/tests/testdata/svc_loadbalancer_nodeport.yaml @@ -0,0 +1,8 @@ +coder: + image: + tag: latest + + service: + type: LoadBalancer + httpNodePort: 30080 + httpsNodePort: 30043 diff --git a/helm/coder/tests/testdata/tls.golden b/helm/coder/tests/testdata/tls.golden index 33b1a85b9d56b..17c99538f32a9 100644 --- a/helm/coder/tests/testdata/tls.golden +++ b/helm/coder/tests/testdata/tls.golden @@ -90,12 +90,12 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: - name: "https" port: 443 targetPort: "https" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/topology.golden b/helm/coder/tests/testdata/topology.golden index 5f6bb512a30a6..f1a5506fb04fc 100644 --- a/helm/coder/tests/testdata/topology.golden +++ b/helm/coder/tests/testdata/topology.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder diff --git a/helm/coder/tests/testdata/workspace_proxy.golden b/helm/coder/tests/testdata/workspace_proxy.golden index 4ac30acbad86b..797bcae2716e9 100644 --- a/helm/coder/tests/testdata/workspace_proxy.golden +++ b/helm/coder/tests/testdata/workspace_proxy.golden @@ -90,7 +90,7 @@ spec: port: 80 targetPort: "http" protocol: TCP - + nodePort: externalTrafficPolicy: "Cluster" selector: app.kubernetes.io/name: coder From e7baf75f0d942182b7c0045fcc8187eab26ff313 Mon Sep 17 00:00:00 2001 From: MRColor Date: Thu, 16 Jan 2025 21:47:52 +0100 Subject: [PATCH 5/5] chore(tests): added nodePort type test and updated LoadBalancer type test --- helm/coder/tests/chart_test.go | 6 +- ...odeport.golden => svc_loadbalancer.golden} | 0 ...er_nodeport.yaml => svc_loadbalancer.yaml} | 0 helm/coder/tests/testdata/svc_nodeport.golden | 189 ++++++++++++++++++ helm/coder/tests/testdata/svc_nodeport.yaml | 8 + 5 files changed, 202 insertions(+), 1 deletion(-) rename helm/coder/tests/testdata/{svc_loadbalancer_nodeport.golden => svc_loadbalancer.golden} (100%) rename helm/coder/tests/testdata/{svc_loadbalancer_nodeport.yaml => svc_loadbalancer.yaml} (100%) create mode 100644 helm/coder/tests/testdata/svc_nodeport.golden create mode 100644 helm/coder/tests/testdata/svc_nodeport.yaml diff --git a/helm/coder/tests/chart_test.go b/helm/coder/tests/chart_test.go index cf5232285897f..6c0b181a30550 100644 --- a/helm/coder/tests/chart_test.go +++ b/helm/coder/tests/chart_test.go @@ -101,7 +101,11 @@ var testCases = []testCase{ expectedError: "", }, { - name: "svc_loadbalancer_nodeport", + name: "svc_nodeport", + expectedError: "", + }, + { + name: "svc_loadbalancer", expectedError: "", }, } diff --git a/helm/coder/tests/testdata/svc_loadbalancer_nodeport.golden b/helm/coder/tests/testdata/svc_loadbalancer.golden similarity index 100% rename from helm/coder/tests/testdata/svc_loadbalancer_nodeport.golden rename to helm/coder/tests/testdata/svc_loadbalancer.golden diff --git a/helm/coder/tests/testdata/svc_loadbalancer_nodeport.yaml b/helm/coder/tests/testdata/svc_loadbalancer.yaml similarity index 100% rename from helm/coder/tests/testdata/svc_loadbalancer_nodeport.yaml rename to helm/coder/tests/testdata/svc_loadbalancer.yaml diff --git a/helm/coder/tests/testdata/svc_nodeport.golden b/helm/coder/tests/testdata/svc_nodeport.golden new file mode 100644 index 0000000000000..90d63444c7c6c --- /dev/null +++ b/helm/coder/tests/testdata/svc_nodeport.golden @@ -0,0 +1,189 @@ +--- +# Source: coder/templates/coder.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: {} + labels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: coder + app.kubernetes.io/part-of: coder + app.kubernetes.io/version: 0.1.0 + helm.sh/chart: coder-0.1.0 + name: coder +--- +# Source: coder/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: coder-workspace-perms +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +--- +# Source: coder/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: "coder" +subjects: + - kind: ServiceAccount + name: "coder" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: coder-workspace-perms +--- +# Source: coder/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: coder + labels: + helm.sh/chart: coder-0.1.0 + app.kubernetes.io/name: coder + app.kubernetes.io/instance: release-name + app.kubernetes.io/part-of: coder + app.kubernetes.io/version: "0.1.0" + app.kubernetes.io/managed-by: Helm + annotations: + {} +spec: + type: NodePort + sessionAffinity: None + ports: + - name: "http" + port: 80 + targetPort: "http" + protocol: TCP + nodePort: 30080 + selector: + app.kubernetes.io/name: coder + app.kubernetes.io/instance: release-name +--- +# Source: coder/templates/coder.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: {} + labels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: coder + app.kubernetes.io/part-of: coder + app.kubernetes.io/version: 0.1.0 + helm.sh/chart: coder-0.1.0 + name: coder +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/name: coder + template: + metadata: + annotations: {} + labels: + app.kubernetes.io/instance: release-name + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: coder + app.kubernetes.io/part-of: coder + app.kubernetes.io/version: 0.1.0 + helm.sh/chart: coder-0.1.0 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/instance + operator: In + values: + - coder + topologyKey: kubernetes.io/hostname + weight: 1 + containers: + - args: + - server + command: + - /opt/coder + env: + - name: CODER_HTTP_ADDRESS + value: 0.0.0.0:8080 + - name: CODER_PROMETHEUS_ADDRESS + value: 0.0.0.0:2112 + - name: CODER_ACCESS_URL + value: http://coder.default.svc.cluster.local + - name: KUBE_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: CODER_DERP_SERVER_RELAY_URL + value: http://$(KUBE_POD_IP):8080 + image: ghcr.io/coder/coder:latest + imagePullPolicy: IfNotPresent + lifecycle: {} + livenessProbe: + httpGet: + path: /healthz + port: http + scheme: HTTP + name: coder + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + httpGet: + path: /healthz + port: http + scheme: HTTP + resources: {} + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: null + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + volumeMounts: [] + restartPolicy: Always + serviceAccountName: coder + terminationGracePeriodSeconds: 60 + volumes: [] diff --git a/helm/coder/tests/testdata/svc_nodeport.yaml b/helm/coder/tests/testdata/svc_nodeport.yaml new file mode 100644 index 0000000000000..aabca00393ae1 --- /dev/null +++ b/helm/coder/tests/testdata/svc_nodeport.yaml @@ -0,0 +1,8 @@ +coder: + image: + tag: latest + + service: + type: NodePort + httpNodePort: 30080 + httpsNodePort: 30043