lionsdev/helm-chart-lions-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: chart Helm parent lions-app v1.0.0 — templates hardened (secretKeyRef, readOnlyRootFS, NetworkPolicy, ExternalSecret, PDB, SM, HPA)

Browse Source
This commit is contained in:
dahoud
2026-04-22 14:22:00 +00:00
commit ab865631fe
16 changed files with 1074 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,98 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Nom de l'app = nom du release Helm.
Pattern DGBF : tout est nommé pareil (Deployment, Service, Ingress, ConfigMap…).
*/}}
{{- define "lions-app.name" -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Chart fullname = name + chart version (pour helm.sh/chart label).
*/}}
{{- define "lions-app.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels — appliqués sur TOUTES les ressources.
Conformes aux recommendations Kubernetes (app.kubernetes.io/*).
*/}}
{{- define "lions-app.labels" -}}
app.kubernetes.io/name: {{ include "lions-app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: lions-infrastructure
helm.sh/chart: {{ include "lions-app.chart" . }}
project: lions-infrastructure-2025
{{- with .Values.commonLabels }}
{{ toYaml . }}
{{- end }}
{{- end -}}
{{/*
Selector labels — stables (ne changent jamais), utilisés par Service et Deployment.
"app" est gardé pour compatibilité avec les legacy deployments Lions.
*/}}
{{- define "lions-app.selectorLabels" -}}
app: {{ include "lions-app.name" . }}
app.kubernetes.io/name: {{ include "lions-app.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{/*
Image reference complète : registry/repo/name:tag
*/}}
{{- define "lions-app.image" -}}
{{- $registry := .Values.image.registry | default "registry.lions.dev" -}}
{{- $repo := .Values.image.repository | default "lionsdev" -}}
{{- $name := .Values.image.name | default (include "lions-app.name" .) -}}
{{- $tag := .Values.image.tag | default .Chart.AppVersion -}}
{{- printf "%s/%s/%s:%s" $registry $repo $name $tag -}}
{{- end -}}
{{/*
Nom du ServiceAccount.
*/}}
{{- define "lions-app.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{- .Values.serviceAccount.name | default (include "lions-app.name" .) -}}
{{- else -}}
{{- .Values.serviceAccount.name | default "default" -}}
{{- end -}}
{{- end -}}
{{/*
Nom du K8s Secret cible de l'ExternalSecret.
*/}}
{{- define "lions-app.secretName" -}}
{{- include "lions-app.name" . -}}-secrets
{{- end -}}
{{/*
Nom du TLS secret de l'Ingress.
*/}}
{{- define "lions-app.tlsSecretName" -}}
{{- include "lions-app.name" . -}}-tls
{{- end -}}
{{/*
Path de l'Ingress selon le mode (simple ou prefix-strip).
*/}}
{{- define "lions-app.ingressPath" -}}
{{- if .Values.ingress.pathPrefix.enabled -}}
{{- printf "%s(/|$)(.*)" .Values.ingress.pathPrefix.strip -}}
{{- else -}}
{{- .Values.ingress.path | default "/" -}}
{{- end -}}
{{- end -}}
{{- define "lions-app.ingressPathType" -}}
{{- if .Values.ingress.pathPrefix.enabled -}}
ImplementationSpecific
{{- else -}}
{{- .Values.ingress.pathType | default "Prefix" -}}
{{- end -}}
{{- end -}}