Adding Remote repo support for Helm

examples/helm-keda/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+*.gotmpl

examples/helm-keda/Chart.yaml

@@ -0,0 +1,29 @@
+apiVersion: v2
+name: keda
+description: Event-based autoscaler for workloads on Kubernetes
+
+# Specify the Kubernetes version range that we support.
+# We allow pre-release versions for cloud-specific Kubernetes versions such as  v1.21.5-gke.1302 or v1.18.9-eks-d1db3c
+kubeVersion: ">=v1.23.0-0"
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+version: 2.12.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application.
+appVersion: 2.12.0
+
+home: https://github.com/kedacore/keda
+icon: https://raw.githubusercontent.com/kedacore/keda/main/images/keda-logo-500x500-white.png
+sources:
+  - https://github.com/kedacore/keda
+maintainers:
+  - name: Ahmed ElSayed
+    email: [email protected]
+  - name: Jorge Turrado
+    email: [email protected]
+  - name: Tom Kerkhove
+    email: [email protected]
+  - name: Zbynek Roubalik
+    email: [email protected]

examples/helm-keda/README.md.gotmpl

@@ -0,0 +1,176 @@
+<p align="center"><img src="https://raw.githubusercontent.com/kedacore/keda/main/images/keda-logo-transparent.png" width="300"/></p>
+<p style="font-size: 25px" align="center"><b>Kubernetes-based Event Driven Autoscaling</b></p>
+
+KEDA allows for fine grained autoscaling (including to/from zero) for event driven Kubernetes workloads.  KEDA serves as a Kubernetes Metrics Server and allows users to define autoscaling rules using a dedicated Kubernetes custom resource definition.
+
+KEDA can run on both the cloud and the edge, integrates natively with Kubernetes components such as the Horizontal Pod Autoscaler, and has no external dependencies.
+
+---
+<p align="center">
+We are a Cloud Native Computing Foundation (CNCF) graduated project.
+
+<img src="https://raw.githubusercontent.com/kedacore/keda/main/images/logo-cncf.svg" height="75px">
+</p>
+
+---
+
+## TL;DR
+
+```console
+helm repo add kedacore https://kedacore.github.io/charts
+helm repo update
+
+kubectl create namespace keda
+helm install keda kedacore/keda --namespace keda --version {{ template "chart.appVersion" . }}
+```
+
+## Introduction
+
+This chart bootstraps KEDA infrastructure on a Kubernetes cluster using the Helm package manager.
+
+As part of that, it will install all the required Custom Resource Definitions (CRD).
+
+## Installing the Chart
+
+To install the chart with the release name `keda`:
+
+```console
+$ kubectl create namespace keda
+$ helm install keda kedacore/keda --namespace keda --version {{ template "chart.appVersion" . }}
+```
+
+## Uninstalling the Chart
+
+To uninstall/delete the `keda` Helm chart:
+
+```console
+helm uninstall keda
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Configuration
+
+The following table lists the configurable parameters of the KEDA chart and
+their default values.
+
+### General parameters
+
+| Parameter | Type | Default | Description |
+|-----------|------|---------|-------------|
+{{- range .Values }}
+  {{- if not (or (contains "operator" .Key) (contains "keda" .Key) (contains "opentelemetry" .Key) (contains "prometheus" .Key) (contains "metricServer" .Key) (contains "metricsServer" .Key) (contains "metricsApiServer" .Key) (contains "metricsAdapter" .Key) (contains "webhooks" .Key) (hasPrefix "service." .Key) ) }}
+| `{{ .Key }}` | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} |
+  {{- end }}
+{{- end }}
+
+### Operator
+
+| Parameter | Type | Default | Description |
+|-----------|------|---------|-------------|
+{{- range .Values }}
+  {{- if and (or (contains "operator" .Key) (contains "keda" .Key)) (not (or (contains "opentelemetry" .Key) (contains "prometheus" .Key))) }}
+| `{{ .Key }}` | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} |
+  {{- end }}
+{{- end }}
+
+### Metrics server
+
+| Parameter | Type | Default | Description |
+|-----------|------|---------|-------------|
+{{- range .Values }}
+  {{- if and (or (contains "metricServer" .Key) (contains "metricsServer" .Key) (contains "metricsApiServer" .Key) (contains "metricsAdapter" .Key) (hasPrefix "service." .Key)) (not (or (contains "opentelemetry" .Key) (contains "prometheus" .Key)))}}
+| `{{ .Key }}` | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} |
+  {{- end }}
+{{- end }}
+
+### Operations
+
+| Parameter | Type | Default | Description |
+|-----------|------|---------|-------------|
+{{- range .Values }}
+  {{- if or (contains "opentelemetry" .Key) (contains "prometheus" .Key) }}
+| `{{ .Key }}` | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} |
+  {{- end }}
+{{- end }}
+
+### Admission Webhooks
+
+| Parameter | Type | Default | Description |
+|-----------|------|---------|-------------|
+{{- range .Values }}
+  {{- if contains "webhooks" .Key }}
+| `{{ .Key }}` | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} |
+  {{- end }}
+{{- end }}
+
+Specify each parameter using the `--set key=value[,key=value]` argument to
+`helm install`. For example:
+
+```console
+$ helm install keda kedacore/keda --namespace keda \
+               --set image.keda.tag=<different tag from app version> \
+               --set image.metricsApiServer.tag=<different tag from app version> \
+               --set image.webhooks.tag=<different tag from app version>
+```
+
+Alternatively, a YAML file that specifies the values for the above parameters can
+be provided while installing the chart. For example,
+
+```console
+helm install keda kedacore/keda --namespace keda -f values.yaml
+```
+
+## KEDA is secure by default
+
+Our default configuration strives to be as secure as possible. Because of that, KEDA will run as non-root and be secure-by-default:
+```yaml
+securityContext:
+  operator:
+    capabilities:
+      drop:
+      - ALL
+    allowPrivilegeEscalation: false
+    readOnlyRootFilesystem: true
+    seccompProfile:
+      type: RuntimeDefault
+  metricServer:
+    capabilities:
+      drop:
+      - ALL
+    allowPrivilegeEscalation: false
+    ## Metrics server needs to write the self-signed cert. See FAQ for discussion of options.
+    # readOnlyRootFilesystem: true
+    seccompProfile:
+      type: RuntimeDefault
+  webhooks:
+    capabilities:
+      drop:
+      - ALL
+    allowPrivilegeEscalation: false
+    readOnlyRootFilesystem: true
+    seccompProfile:
+      type: RuntimeDefault
+
+podSecurityContext:
+  operator:
+    runAsNonRoot: true
+  metricServer:
+    runAsNonRoot: true
+  webhooks:
+    runAsNonRoot: true
+```
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
+
+[Affinity]: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/
+[Deployment upgrade strategy]: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
+[GCP Workload Identity]: https://keda.sh/docs/2.10/authentication-providers/gcp-workload-identity/
+[Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
+[Pod security context]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+[Security context]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+[Pod Topology Constraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+[RelabelConfig Spec]: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.RelabelConfig
+[resource request & limits]: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+[ServiceMonitor Spec]: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.ServiceMonitor

examples/helm-keda/templates/NOTES.txt

@@ -0,0 +1,65 @@
+{{- if .Values.asciiArt }}
+:::^.     .::::^:     :::::::::::::::    .:::::::::.                   .^.                  
+7???~   .^7????~.     7??????????????.   :?????????77!^.              .7?7.                 
+7???~  ^7???7~.       ~!!!!!!!!!!!!!!.   :????!!!!7????7~.           .7???7.                
+7???~^7????~.                            :????:    :~7???7.         :7?????7.               
+7???7????!.           ::::::::::::.      :????:      .7???!        :7??77???7.              
+7????????7:           7???????????~      :????:       :????:      :???7?5????7.             
+7????!~????^          !77777777777^      :????:       :????:     ^???7?#P7????7.            
+7???~  ^????~                            :????:      :7???!     ^???7J#@J7?????7.           
+7???~   :7???!.                          :????:   .:~7???!.    ~???7Y&@#7777????7.          
+7???~    .7???7:      !!!!!!!!!!!!!!!    :????7!!77????7^     ~??775@@@GJJYJ?????7.         
+7???~     .!????^     7?????????????7.   :?????????7!~:      !????G@@@@@@@@5??????7:        
+::::.       :::::     :::::::::::::::    .::::::::..        .::::JGGGB@@@&7:::::::::        
+                                                                      ?@@#~                  
+                                                                      P@B^                   
+                                                                    :&G:                    
+                                                                    !5.                     
+                                                                    .        
+{{- end -}}    
+
+Kubernetes Event-driven Autoscaling (KEDA) - Application autoscaling made simple.
+
+Get started by deploying Scaled Objects to your cluster:
+    - Information about Scaled Objects : https://keda.sh/docs/latest/concepts/
+    - Samples: https://github.com/kedacore/samples
+
+Get information about the deployed ScaledObjects:
+  kubectl get scaledobject [--namespace <namespace>]
+
+Get details about a deployed ScaledObject:
+  kubectl describe scaledobject <scaled-object-name> [--namespace <namespace>]
+
+Get information about the deployed ScaledObjects:
+  kubectl get triggerauthentication [--namespace <namespace>]
+
+Get details about a deployed ScaledObject:
+  kubectl describe triggerauthentication <trigger-authentication-name> [--namespace <namespace>]
+
+Get an overview of the Horizontal Pod Autoscalers (HPA) that KEDA is using behind the scenes:
+  kubectl get hpa [--all-namespaces] [--namespace <namespace>]
+
+{{- if .Values.prometheus.operator.serviceMonitor.relabellings}}
+-------------------------------------------------------------------------------------
+WARNING - prometheus.operator.serviceMonitor.relabellings is deprecated, please migrate to prometheus.operator.serviceMonitor.relabelings instead.
+-------------------------------------------------------------------------------------
+{{- end }}
+{{- if .Values.prometheus.metricServer.serviceMonitor.relabellings}}
+WARNING - prometheus.metricServer.serviceMonitor.relabellings is deprecated, please migrate to prometheus.metricServer.serviceMonitor.relabelings instead.
+{{- end }}
+{{- if .Values.prometheus.webhooks.serviceMonitor.relabellings}}
+-------------------------------------------------------------------------------------
+WARNING - prometheus.webhooks.serviceMonitor.relabellings is deprecated, please migrate to prometheus.webhooks.serviceMonitor.relabelings instead.
+-------------------------------------------------------------------------------------
+{{- end }}
+
+{{- if lt .Capabilities.KubeVersion.Minor "26" }}
+-------------------------------------------------------------------------------------
+WARNING - Running on unsupported Kubernetes version "1.{{.Capabilities.KubeVersion.Minor}}". KEDA 2.12 is supported and tested on Kubernetes "1.26" or higher. See https://keda.sh/docs/2.12/operate/cluster/ for details.
+-------------------------------------------------------------------------------------
+{{- end }}
+
+Learn more about KEDA:
+- Documentation: https://keda.sh/
+- Support: https://keda.sh/support/
+- File an issue: https://github.com/kedacore/keda/issues/new/choose

examples/helm-keda/templates/_helpers.tpl

@@ -0,0 +1,25 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "keda.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Generate basic labels
+*/}}
+{{- define "keda.labels" }}
+helm.sh/chart: {{ include "keda.chart" . }}
+app.kubernetes.io/component: operator
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/part-of: {{ .Values.operator.name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion }}
+{{- end }}
+{{- if .Values.additionalLabels }}
+{{ toYaml .Values.additionalLabels }}
+{{- end }}
+{{- end }}

examples/helm-keda/templates/cert-manager/keda-issuer.yaml

@@ -0,0 +1,14 @@
+{{- if .Values.certificates.certManager.enabled }}
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  {{- with .Values.additionalAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  name: {{ .Values.operator.name }}-issuer
+  namespace: {{ .Release.Namespace }}
+spec:
+  ca:
+    secretName: {{ .Values.certificates.certManager.caSecretName }}
+{{- end }}

examples/helm-keda/templates/cert-manager/keda-tls-certificate.yaml

@@ -0,0 +1,34 @@
+{{- if .Values.certificates.certManager.enabled }}
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ .Values.operator.name }}-tls-certificates
+  namespace: {{ .Release.Namespace }}
+spec:
+  commonName: {{ .Values.operator.name }}
+  dnsNames:
+  - {{ .Values.operator.name }}.{{ .Release.Namespace }}
+  - {{ .Values.operator.name }}.{{ .Release.Namespace }}.svc
+  - {{ .Values.operator.name }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}
+  - {{ .Values.operator.name }}-metrics-apiserver.{{ .Release.Namespace }}
+  - {{ .Values.operator.name }}-metrics-apiserver.{{ .Release.Namespace }}.svc
+  - {{ .Values.operator.name }}-metrics-apiserver.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}
+  - {{ .Values.webhooks.name }}.{{ .Release.Namespace }}
+  - {{ .Values.webhooks.name }}.{{ .Release.Namespace }}.svc
+  - {{ .Values.webhooks.name }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}
+  secretName: {{ .Values.certificates.secretName }}
+  secretTemplate:
+    {{- toYaml .Values.certificates.certManager.secretTemplate | nindent 4 }}
+  usages:
+    - server auth
+    - client auth
+  privateKey:
+    algorithm: RSA
+    size: 2048
+  duration: 8760h0m0s # 1 year
+  renewBefore: 5840h0m0s # 8 months
+  issuerRef:
+    name: {{ .Values.operator.name }}-issuer
+    kind: Issuer
+    group: cert-manager.io
+{{- end }}

examples/helm-keda/templates/cert-manager/self-ca.yaml

@@ -0,0 +1,22 @@
+{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.generateCA }}
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ .Values.operator.name }}-ca
+  namespace: {{ .Release.Namespace }}
+spec:
+  isCA: true
+  commonName: {{ .Values.operator.name }}
+  secretName: {{ .Values.certificates.certManager.caSecretName }}
+  secretTemplate:
+    {{- toYaml .Values.certificates.certManager.secretTemplate | nindent 4 }}
+  privateKey:
+    algorithm: RSA
+    size: 2048
+  duration: 8760h0m0s # 1 year
+  renewBefore: 5840h0m0s # 8 months
+  issuerRef:
+    name: {{ .Values.operator.name }}-selfsigned-issuer
+    kind: Issuer
+    group: cert-manager.io
+{{- end }}