Feat cronjob (#23)

Make possible to declare cronTabs inside docker-compose file.

⇒ Also, add multiple compose file injection with `-c` arguments 

⇒ Also, fixes “ignore depends on” for same pod 

⇒ Also fixes
 
* fix [Be able to specify compose.yml files and its override #21](https://github.com/metal3d/katenary/issues/21)
* fix [Be able to ignore ports to expose in a katenary.io/ports list #16](https://github.com/metal3d/katenary/issues/16)

And more fixes… (later, we will use branches in a better way, that was a hard, long fix process)

helm/configAndSecretMap.go

@@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"io/ioutil"
+	"katenary/tools"
 	"strings"
 )
 
@@ -31,8 +32,7 @@ func NewConfigMap(name, path string) *ConfigMap {
 	base.Metadata.Name = ReleaseNameTpl + "-" + name
 	base.Metadata.Labels[K+"/component"] = name
 	if path != "" {
-		//base.Metadata.Labels[K+"/path"] = path
-		base.Metadata.Labels[K+"/path"] = `{{ "` + path + `" | quote }}`
+		base.Metadata.Labels[K+"/path"] = tools.PathToName(path)
 	}
 	return &ConfigMap{
 		K8sBase: base,
@@ -97,7 +97,7 @@ func NewSecret(name, path string) *Secret {
 	base.Metadata.Name = ReleaseNameTpl + "-" + name
 	base.Metadata.Labels[K+"/component"] = name
 	if path != "" {
-		base.Metadata.Labels[K+"/path"] = `{{ "` + path + `" | quote }}`
+		base.Metadata.Labels[K+"/path"] = tools.PathToName(path)
 	}
 	return &Secret{
 		K8sBase: base,

helm/cronTab.go

@@ -0,0 +1,70 @@
+package helm
+
+type CronTab struct {
+	*K8sBase `yaml:",inline"`
+	Spec     CronSpec `yaml:"spec"`
+}
+type CronSpec struct {
+	Schedule                   string      `yaml:"schedule"`
+	JobTemplate                JobTemplate `yaml:"jobTemplate"`
+	SuccessfulJobsHistoryLimit int         `yaml:"successfulJobsHistoryLimit"`
+	FailedJobsHistoryLimit     int         `yaml:"failedJobsHistoryLimit"`
+	ConcurrencyPolicy          string      `yaml:"concurrencyPolicy"`
+}
+type JobTemplate struct {
+	Spec JobSpecDescription `yaml:"spec"`
+}
+
+type JobSpecDescription struct {
+	Template JobSpecTemplate `yaml:"template"`
+}
+
+type JobSpecTemplate struct {
+	Metadata Metadata `yaml:"metadata"`
+	Spec     Job      `yaml:"spec"`
+}
+
+type Job struct {
+	ServiceAccount     string      `yaml:"serviceAccount,omitempty"`
+	ServiceAccountName string      `yaml:"serviceAccountName,omitempty"`
+	Containers         []Container `yaml:"containers"`
+	RestartPolicy      string      `yaml:"restartPolicy,omitempty"`
+}
+
+func NewCrontab(name, image, command, schedule string, serviceAccount *ServiceAccount) *CronTab {
+	cron := &CronTab{
+		K8sBase: NewBase(),
+	}
+	cron.K8sBase.ApiVersion = "batch/v1"
+	cron.K8sBase.Kind = "CronJob"
+
+	cron.K8sBase.Metadata.Name = ReleaseNameTpl + "-" + name
+	cron.K8sBase.Metadata.Labels[K+"/component"] = name
+	cron.Spec.Schedule = schedule
+	cron.Spec.SuccessfulJobsHistoryLimit = 3
+	cron.Spec.FailedJobsHistoryLimit = 3
+	cron.Spec.ConcurrencyPolicy = "Forbid"
+	cron.Spec.JobTemplate.Spec.Template.Metadata = Metadata{
+		Labels: cron.K8sBase.Metadata.Labels,
+	}
+	cron.Spec.JobTemplate.Spec.Template.Spec = Job{
+		ServiceAccount:     serviceAccount.Name(),
+		ServiceAccountName: serviceAccount.Name(),
+		RestartPolicy:      "OnFailure",
+	}
+	if command != "" {
+		cron.AddCommand(command, image, name)
+	}
+
+	return cron
+}
+
+// AddCommand adds a command to the cron job
+func (c *CronTab) AddCommand(command, image, name string) {
+	container := Container{
+		Name:    name,
+		Image:   image,
+		Command: []string{"sh", "-c", command},
+	}
+	c.Spec.JobTemplate.Spec.Template.Spec.Containers = append(c.Spec.JobTemplate.Spec.Template.Spec.Containers, container)
+}

helm/deployment.go

@@ -12,6 +12,7 @@ func NewDeployment(name string) *Deployment {
 	d.K8sBase.ApiVersion = "apps/v1"
 	d.K8sBase.Kind = "Deployment"
 	d.K8sBase.Metadata.Labels[K+"/component"] = name
+	d.K8sBase.Metadata.Labels[K+"/resource"] = "deployment"
 	return d
 }
 
@@ -24,6 +25,13 @@ type DepSpec struct {
 func NewDepSpec() *DepSpec {
 	return &DepSpec{
 		Replicas: 1,
+		Template: PodTemplate{
+			Metadata: Metadata{
+				Labels: map[string]string{
+					K + "/resource": "deployment",
+				},
+			},
+		},
 	}
 }
 

helm/labels.go

@@ -7,17 +7,19 @@ import (
 
 const ReleaseNameTpl = "{{ .Release.Name }}"
 const (
-	LABEL_MAP_ENV     = K + "/mapenv"
-	LABEL_ENV_SECRET  = K + "/secret-envfiles"
-	LABEL_PORT        = K + "/ports"
-	LABEL_INGRESS     = K + "/ingress"
-	LABEL_VOL_CM      = K + "/configmap-volumes"
-	LABEL_HEALTHCHECK = K + "/healthcheck"
-	LABEL_SAMEPOD     = K + "/same-pod"
-	LABEL_VOLUMEFROM  = K + "/volume-from"
-	LABEL_EMPTYDIRS   = K + "/empty-dirs"
-	LABEL_IGNORE      = K + "/ignore"
-	LABEL_SECRETVARS  = K + "/secret-vars"
+	LABEL_MAP_ENV        = K + "/mapenv"
+	LABEL_ENV_SECRET     = K + "/secret-envfiles"
+	LABEL_PORT           = K + "/ports"
+	LABEL_CONTAINER_PORT = K + "/container-ports"
+	LABEL_INGRESS        = K + "/ingress"
+	LABEL_VOL_CM         = K + "/configmap-volumes"
+	LABEL_HEALTHCHECK    = K + "/healthcheck"
+	LABEL_SAMEPOD        = K + "/same-pod"
+	LABEL_VOLUMEFROM     = K + "/volume-from"
+	LABEL_EMPTYDIRS      = K + "/empty-dirs"
+	LABEL_IGNORE         = K + "/ignore"
+	LABEL_SECRETVARS     = K + "/secret-vars"
+	LABEL_CRON           = K + "/crontabs"
 
 	//deprecated: use LABEL_MAP_ENV instead
 	LABEL_ENV_SERVICE = K + "/env-to-service"
@@ -25,37 +27,48 @@ const (
 
 // GetLabelsDocumentation returns the documentation for the labels.
 func GetLabelsDocumentation() string {
-	t, _ := template.New("labels").Parse(`
-# Labels
-{{.LABEL_IGNORE      | printf "%-33s"}}: ignore the container, it will not yied any object in the helm chart
-{{.LABEL_SECRETVARS  | printf "%-33s"}}: secret variables to push on a secret file
-{{.LABEL_ENV_SECRET  | printf "%-33s"}}: set the given file names as a secret instead of configmap
-{{.LABEL_MAP_ENV     | printf "%-33s"}}: map environment variable to a template string (yaml style)
-{{.LABEL_PORT        | printf "%-33s"}}: set the ports to expose as a service (coma separated)
-{{.LABEL_INGRESS     | printf "%-33s"}}: set the port to expose in an ingress (coma separated)
-{{.LABEL_VOL_CM      | printf "%-33s"}}: specifies that the volumes points on a configmap (coma separated)
-{{.LABEL_SAMEPOD     | printf "%-33s"}}: specifies that the pod should be deployed in the same pod than the given service name
-{{.LABEL_VOLUMEFROM  | printf "%-33s"}}: specifies that the volumes to be mounted from the given service (yaml style)
-{{.LABEL_EMPTYDIRS   | printf "%-33s"}}: specifies that the given volume names should be "emptyDir" instead of persistentVolumeClaim (coma separated)
-{{.LABEL_HEALTHCHECK | printf "%-33s"}}: specifies that the container should be monitored by a healthcheck, **it overrides the docker-compose healthcheck**. 
+	t, _ := template.New("labels").Parse(`# Labels
+{{.LABEL_IGNORE         | printf "%-33s"}}: ignore the container, it will not yied any object in the helm chart (bool)
+{{.LABEL_SECRETVARS     | printf "%-33s"}}: secret variables to push on a secret file (coma separated)
+{{.LABEL_ENV_SECRET     | printf "%-33s"}}: set the given file names as a secret instead of configmap (coma separated)
+contaienr in {{.LABEL_MAP_ENV        | printf "%-33s"}}: map environment variable to a template string (yaml style, object)
+{{.LABEL_PORT           | printf "%-33s"}}: set the ports to assign on the container in pod + expose as a service (coma separated)
+{{.LABEL_CONTAINER_PORT | printf "%-33s"}}: set the ports to assign on the contaienr in pod but avoid service (coma separated)
+{{.LABEL_INGRESS        | printf "%-33s"}}: set the port to expose in an ingress (coma separated)
+{{.LABEL_VOL_CM         | printf "%-33s"}}: specifies that the volumes points on a configmap (coma separated)
+{{.LABEL_SAMEPOD        | printf "%-33s"}}: specifies that the pod should be deployed in the same pod than the
+{{ printf "%-34s" ""}   } given service name (string)
+{{.LABEL_VOLUMEFROM     | printf "%-33s"}}: specifies that the volumes to be mounted from the given service (yaml style)
+{{.LABEL_EMPTYDIRS      | printf "%-33s"}}: specifies that the given volume names should be "emptyDir" instead of
+{{ printf "%-34s" ""}   } persistentVolumeClaim (coma separated)
+{{.LABEL_CRON           | printf "%-33s"}}: specifies a cronjobs to create (yaml style, array) - this will create a
+{{ printf "%-34s" ""}} cronjob, a service account, a role and a rolebinding to start the command with "kubectl"
+{{ printf "%-34s" ""}} The form is the following:
+{{ printf "%-34s" ""}} - command: the command to run
+{{ printf "%-34s" ""}}   schedule: the schedule to run the command (e.g. "@daily" or "*/1 * * * *")
+{{ printf "%-34s" ""}}   image: the image to use for the command (default to "bitnami/kubectl")
+{{ printf "%-34s" ""}}   allPods: true if you want to run the command on all pods (default to false)
+{{.LABEL_HEALTHCHECK | printf "%-33s"}}: specifies that the container should be monitored by a healthcheck,
+{{ printf "%-34s" ""}} **it overrides the docker-compose healthcheck**. 
 {{ printf "%-34s" ""}} You can use these form of label values:
-{{ printf "%-35s" ""}}- "http://[not used address][:port][/path]" to specify an http healthcheck
-{{ printf "%-35s" ""}}- "tcp://[not used address]:port" to specify a tcp healthcheck
-{{ printf "%-35s" ""}}- other string is condidered as a "command" healthcheck
-    `)
+{{ printf "%-35s" ""}}  -> http://[ignored][:port][/path] to specify an http healthcheck
+{{ printf "%-35s" ""}}  -> tcp://[ignored]:port to specify a tcp healthcheck
+{{ printf "%-35s" ""}}  -> other string is condidered as a "command" healthcheck`)
 	buff := bytes.NewBuffer(nil)
 	t.Execute(buff, map[string]string{
-		"LABEL_ENV_SECRET":  LABEL_ENV_SECRET,
-		"LABEL_PORT":        LABEL_PORT,
-		"LABEL_INGRESS":     LABEL_INGRESS,
-		"LABEL_VOL_CM":      LABEL_VOL_CM,
-		"LABEL_HEALTHCHECK": LABEL_HEALTHCHECK,
-		"LABEL_SAMEPOD":     LABEL_SAMEPOD,
-		"LABEL_VOLUMEFROM":  LABEL_VOLUMEFROM,
-		"LABEL_EMPTYDIRS":   LABEL_EMPTYDIRS,
-		"LABEL_IGNORE":      LABEL_IGNORE,
-		"LABEL_MAP_ENV":     LABEL_MAP_ENV,
-		"LABEL_SECRETVARS":  LABEL_SECRETVARS,
+		"LABEL_ENV_SECRET":     LABEL_ENV_SECRET,
+		"LABEL_PORT":           LABEL_PORT,
+		"LABEL_CONTAINER_PORT": LABEL_CONTAINER_PORT,
+		"LABEL_INGRESS":        LABEL_INGRESS,
+		"LABEL_VOL_CM":         LABEL_VOL_CM,
+		"LABEL_HEALTHCHECK":    LABEL_HEALTHCHECK,
+		"LABEL_SAMEPOD":        LABEL_SAMEPOD,
+		"LABEL_VOLUMEFROM":     LABEL_VOLUMEFROM,
+		"LABEL_EMPTYDIRS":      LABEL_EMPTYDIRS,
+		"LABEL_IGNORE":         LABEL_IGNORE,
+		"LABEL_MAP_ENV":        LABEL_MAP_ENV,
+		"LABEL_SECRETVARS":     LABEL_SECRETVARS,
+		"LABEL_CRON":           LABEL_CRON,
 	})
 	return buff.String()
 }

helm/role.go

@@ -0,0 +1,38 @@
+package helm
+
+type Rule struct {
+	ApiGroup  []string `yaml:"apiGroups,omitempty"`
+	Resources []string `yaml:"resources,omitempty"`
+	Verbs     []string `yaml:"verbs,omitempty"`
+}
+
+type Role struct {
+	*K8sBase `yaml:",inline"`
+	Rules    []Rule `yaml:"rules,omitempty"`
+}
+
+func NewCronRole(name string) *Role {
+	role := &Role{
+		K8sBase: NewBase(),
+	}
+
+	role.K8sBase.Metadata.Name = ReleaseNameTpl + "-" + name + "-cron-executor"
+	role.K8sBase.Kind = "Role"
+	role.K8sBase.ApiVersion = "rbac.authorization.k8s.io/v1"
+	role.K8sBase.Metadata.Labels[K+"/component"] = name
+
+	role.Rules = []Rule{
+		{
+			ApiGroup:  []string{""},
+			Resources: []string{"pods", "pods/log"},
+			Verbs:     []string{"get", "list", "watch", "create", "update", "patch", "delete"},
+		},
+		{
+			ApiGroup:  []string{""},
+			Resources: []string{"pods/exec"},
+			Verbs:     []string{"create"},
+		},
+	}
+
+	return role
+}

helm/roleBinding.go

@@ -0,0 +1,44 @@
+package helm
+
+type RoleRef struct {
+	Kind     string `yaml:"kind"`
+	Name     string `yaml:"name"`
+	APIGroup string `yaml:"apiGroup"`
+}
+
+type Subject struct {
+	Kind      string `yaml:"kind"`
+	Name      string `yaml:"name"`
+	Namespace string `yaml:"namespace"`
+}
+
+type RoleBinding struct {
+	*K8sBase `yaml:",inline"`
+	RoleRef  RoleRef   `yaml:"roleRef,omitempty"`
+	Subjects []Subject `yaml:"subjects,omitempty"`
+}
+
+func NewRoleBinding(name string, user *ServiceAccount, role *Role) *RoleBinding {
+	rb := &RoleBinding{
+		K8sBase: NewBase(),
+	}
+
+	rb.K8sBase.Kind = "RoleBinding"
+	rb.K8sBase.Metadata.Name = ReleaseNameTpl + "-" + name + "-cron-allow"
+	rb.K8sBase.ApiVersion = "rbac.authorization.k8s.io/v1"
+	rb.K8sBase.Metadata.Labels[K+"/component"] = name
+
+	rb.RoleRef.Kind = "Role"
+	rb.RoleRef.Name = role.Metadata.Name
+	rb.RoleRef.APIGroup = "rbac.authorization.k8s.io"
+
+	rb.Subjects = []Subject{
+		{
+			Kind:      "ServiceAccount",
+			Name:      user.Metadata.Name,
+			Namespace: "{{ .Release.Namespace }}",
+		},
+	}
+
+	return rb
+}

helm/service.go

@@ -1,5 +1,7 @@
 package helm
 
+import "strconv"
+
 // Service is a Kubernetes service.
 type Service struct {
 	*K8sBase `yaml:",inline"`
@@ -24,6 +26,7 @@ type ServicePort struct {
 	Protocol   string `yaml:"protocol"`
 	Port       int    `yaml:"port"`
 	TargetPort int    `yaml:"targetPort"`
+	Name       string `yaml:"name"`
 }
 
 // NewServicePort creates a new initialized service port.
@@ -32,6 +35,7 @@ func NewServicePort(port, target int) *ServicePort {
 		Protocol:   "TCP",
 		Port:       port,
 		TargetPort: port,
+		Name:       "port-" + strconv.Itoa(target),
 	}
 }
 

helm/serviceAccount.go

@@ -0,0 +1,18 @@
+package helm
+
+// ServiceAccount defines a service account
+type ServiceAccount struct {
+	*K8sBase `yaml:",inline"`
+}
+
+// NewServiceAccount creates a new service account with a given name.
+func NewServiceAccount(name string) *ServiceAccount {
+	sa := &ServiceAccount{
+		K8sBase: NewBase(),
+	}
+	sa.K8sBase.Kind = "ServiceAccount"
+	sa.K8sBase.ApiVersion = "v1"
+	sa.K8sBase.Metadata.Name = ReleaseNameTpl + "-" + name + "-cron-user"
+	sa.K8sBase.Metadata.Labels[K+"/component"] = name
+	return sa
+}