Add helm chart for the operator installation (#90)

* Add helm chart

* Update documentation

* Do not override secret on chart updates

Author: samm-git

.github/workflows/chart.yml

@@ -0,0 +1,32 @@
+name: Release Charts
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "[email protected]"
+
+      - name: Install Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.8.1
+
+      - name: Run chart-releaser
+        uses: helm/[email protected]
+        with:
+          charts_dir: charts
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

README.md

@@ -66,7 +66,7 @@ data:
   POSTGRES_DEFAULT_DATABASE: cG9zdGdyZXM=
 ```
 
-To install the operator, follow the steps below.
+To install the operator using kustomize, follow the steps below.
 
 1. Configure Postgres credentials for the operator in `deploy/secret.yaml`
 2. Create namespace if needed with\
@@ -78,6 +78,15 @@ To install the operator, follow the steps below.
     or by using [kustomize](https://github.com/kubernetes-sigs/kustomize) directly\
     `kustomize build deploy/ | apply -f -`
 
+Alternatively you can install operator using Helm Chart located in the 
+`charts/ext-postgres-operator` subdirectory. Sample installation commands provided below:
+
+```
+helm repo add ext-postgres-operator https://movetokube.github.io/postgres-operator/
+helm install -n operators ext-postgres-operator  ext-postgres-operator/ext-postgres-operator
+```
+See [values.yaml](charts/ext-postgres-operator/values.yaml) for the possible values to define.
+
 ## CRs
 
 ### Postgres

charts/ext-postgres-operator/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/ext-postgres-operator/Chart.yaml

@@ -0,0 +1,16 @@
+apiVersion: v2
+name: ext-postgres-operator
+description: A Helm chart for the External Postgres operator
+
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.2
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.1.1"

charts/ext-postgres-operator/crds/db.movetokube.com_postgres_crd.yaml

@@ -0,0 +1,90 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: postgres.db.movetokube.com
+spec:
+  group: db.movetokube.com
+  names:
+    kind: Postgres
+    listKind: PostgresList
+    plural: postgres
+    singular: postgres
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: Postgres is the Schema for the postgres API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: PostgresSpec defines the desired state of Postgres
+            properties:
+              database:
+                type: string
+              dropOnDelete:
+                type: boolean
+              extensions:
+                items:
+                  type: string
+                type: array
+                x-kubernetes-list-type: set
+              masterRole:
+                type: string
+              schemas:
+                items:
+                  type: string
+                type: array
+                x-kubernetes-list-type: set
+            required:
+            - database
+            type: object
+          status:
+            description: PostgresStatus defines the observed state of Postgres
+            properties:
+              extensions:
+                items:
+                  type: string
+                type: array
+                x-kubernetes-list-type: set
+              roles:
+                description: PostgresRoles stores the different group roles for database
+                properties:
+                  owner:
+                    type: string
+                  reader:
+                    type: string
+                  writer:
+                    type: string
+                required:
+                - owner
+                - reader
+                - writer
+                type: object
+              schemas:
+                items:
+                  type: string
+                type: array
+                x-kubernetes-list-type: set
+              succeeded:
+                type: boolean
+            required:
+            - roles
+            - succeeded
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}

charts/ext-postgres-operator/crds/db.movetokube.com_postgresusers_crd.yaml

@@ -0,0 +1,71 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: postgresusers.db.movetokube.com
+spec:
+  group: db.movetokube.com
+  names:
+    kind: PostgresUser
+    listKind: PostgresUserList
+    plural: postgresusers
+    singular: postgresuser
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: PostgresUser is the Schema for the postgresusers API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: PostgresUserSpec defines the desired state of PostgresUser
+            properties:
+              database:
+                type: string
+              privileges:
+                type: string
+              role:
+                type: string
+              secretName:
+                type: string
+            required:
+            - database
+            - role
+            - secretName
+            type: object
+          status:
+            description: PostgresUserStatus defines the observed state of PostgresUser
+            properties:
+              databaseName:
+                type: string
+              postgresGroup:
+                type: string
+              postgresLogin:
+                type: string
+              postgresRole:
+                type: string
+              succeeded:
+                type: boolean
+            required:
+            - databaseName
+            - postgresGroup
+            - postgresLogin
+            - postgresRole
+            - succeeded
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}

charts/ext-postgres-operator/templates/_helpers.tpl

@@ -0,0 +1,63 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "chart.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "chart.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "chart.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "chart.labels" -}}
+helm.sh/chart: {{ include "chart.chart" . }}
+{{ include "chart.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "chart.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "chart.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{- define "chart.selectorLabelsDev" -}}
+app.kubernetes.io/name: {{ include "chart.name" . }}-dev
+app.kubernetes.io/instance: {{ .Release.Name }}-dev
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "chart.serviceAccountName" -}}
+{{- default (include "chart.fullname" .) .Values.serviceAccount.name }}
+{{- end }}

charts/ext-postgres-operator/templates/operator.yaml

@@ -0,0 +1,44 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "chart.fullname" . }}
+  labels:
+    {{- include "chart.labels" . | nindent 4 }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "chart.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "chart.selectorLabels" . | nindent 8 }}
+    spec:
+      serviceAccountName: {{ include "chart.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          command:
+          - postgres-operator
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          envFrom:
+            - secretRef:
+                name: {{ include "chart.fullname" . }}
+          env:
+            - name: WATCH_NAMESPACE
+              value: ""
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: OPERATOR_NAME
+              value: {{ include "chart.fullname" . }}