Fix/complex template improvements

.github/workflows/ci.yaml

@@ -82,6 +82,9 @@ jobs:
           helm lint complex -f complex/testing-values/values-volume-mounts.yaml
           helm lint complex -f complex/testing-values/values-initcontainers.yaml
           helm lint complex -f complex/testing-values/values-pvc-efs-shared.yaml
+          helm lint complex -f complex/testing-values/values-recreate.yaml
+          helm lint complex -f complex/testing-values/values-host-network.yaml
+          helm lint complex -f complex/testing-values/values-node-name.yaml
 
   template-test:
     runs-on: ubuntu-latest
@@ -123,7 +126,10 @@ jobs:
           helm template test ./complex --debug -f complex/testing-values/values-pod-disruption-budget.yaml
           helm template test ./complex --debug -f complex/testing-values/values-initcontainers.yaml
           helm template test ./complex --debug -f complex/testing-values/values-pvc-efs-shared.yaml
-
+          helm template test ./complex --debug -f complex/testing-values/values-recreate.yaml
+          helm template test ./complex --debug -f complex/testing-values/values-host-network.yaml
+          helm template test ./complex --debug -f complex/testing-values/values-node-name.yaml
+
           # Test infrastructure configurations
           helm template test ./complex --debug -f complex/testing-values/values-ingress.yaml
           helm template test ./complex --debug -f complex/testing-values/values-values-from.yaml

complex/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: complex
 description: For deploying applications with consumers and cronjobs
 type: application
-version: 1.8.3
+version: 1.8.4
 kubeVersion: ">= 1.25.0-0 < 2.0.0-0"
 
 dependencies:

complex/README.md

@@ -2,7 +2,7 @@
 
 # complex
 
-![Version: 1.6.0](https://img.shields.io/badge/Version-1.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
+![Version: 1.8.4](https://img.shields.io/badge/Version-1.8.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
 
 For deploying applications, consumers and cronjobs
 
@@ -222,7 +222,6 @@ Each init container supports the same properties as regular containers:
 | `resources` | CPU/memory requests and limits | No |
 | `volumeMounts` | Mount ConfigMaps or Secrets as files | No |
 
-
 ## Configuration Structure
 
 ### Global vs Component-Specific Configuration

complex/README.md.gotmpl

@@ -15,6 +15,7 @@ The **complex** Helm chart provides a comprehensive solution for deploying conta
 - **ConfigMap integration**: Environment variables and file mounting from ConfigMaps
 - **Secret integration**: Environment variables and file mounting from Secrets  
 - **Volume mounts**: Mount ConfigMaps and Secrets as files with custom paths
+- **Persistent storage**: Create new PVCs or reference existing ones for shared storage (EFS)
 - **Consumer workloads**: Support for consumer-type deployments
 - **CronJob support**: Scheduled job execution
 - **Enterprise features**: Immutable ConfigMaps, custom labels/annotations
@@ -355,6 +356,122 @@ components:
       secrets: []     # Empty array = no secret volumes
 ```
 
+## Persistent Volume Claims
+
+The chart supports creating PersistentVolumeClaims (PVCs) for components that need persistent storage. You can either create a new PVC or reference an existing one to share storage across multiple pods.
+
+### Creating a New PVC
+
+When `persistentVolumeClaim` is configured without `useExistingClaim`, the chart creates a new PVC for the component:
+
+```yaml
+components:
+  api:
+    type: http
+    persistentVolumeClaim:
+      size: 10Gi
+      accessModes:
+        - ReadWriteOnce
+      storageClassName: standard
+      # Optional: Add custom annotations (e.g., for EFS access points)
+      annotations:
+        efs.csi.aws.com/access-point-id: "fsap-0123456789abcdef0"
+      # Optional: Add custom labels
+      labels:
+        storage-tier: "premium"
+    volumeMounts:
+      others:
+        - name: data
+          mountPath: /app/data
+          readOnly: false
+```
+
+**PVC Properties:**
+
+| Property | Type | Default | Description |
+|----------|------|---------|-------------|
+| `size` | string | `"1Gi"` | Storage size (e.g., "1Gi", "10Gi") |
+| `accessModes` | array | `["ReadWriteOnce"]` | Access modes: `ReadWriteOnce`, `ReadOnlyMany`, `ReadWriteMany`, `ReadWriteOncePod` |
+| `storageClassName` | string | - | Storage class name for the PVC |
+| `annotations` | object | `{}` | Custom annotations (useful for storage-specific configurations) |
+| `labels` | object | `{}` | Custom labels |
+| `selector` | object | - | Label selector for binding to specific PVs |
+| `volumeName` | string | - | Name of the PersistentVolume to bind to |
+
+### Using an Existing PVC
+
+To share storage across multiple pods or reference a PVC created outside the chart, use `useExistingClaim`:
+
+```yaml
+components:
+  api:
+    type: http
+    persistentVolumeClaim:
+      useExistingClaim: true
+      existingClaimName: "shared-storage-pvc"
+    volumeMounts:
+      others:
+        - name: data
+          mountPath: /app/data
+          readOnly: false
+
+  worker:
+    type: consumer
+    persistentVolumeClaim:
+      useExistingClaim: true
+      existingClaimName: "shared-storage-pvc"  # Same PVC as api component
+    volumeMounts:
+      others:
+        - name: data
+          mountPath: /data
+          readOnly: false
+```
+
+**Benefits of Using Existing PVCs:**
+
+- **Shared storage**: Multiple pods can mount the same PVC (requires `ReadWriteMany` access mode)
+- **Pre-existing storage**: Reference PVCs created manually or by other charts
+- **Storage reuse**: Avoid creating duplicate PVCs for the same storage
+
+**Important Notes:**
+
+- When `useExistingClaim: true`, the chart does **not** create a PVC - it only references the existing one
+- The existing PVC must already exist in the same namespace
+- Ensure the PVC's access mode supports your use case (e.g., `ReadWriteMany` for multi-pod access)
+
+### Complete Example
+
+```yaml
+components:
+  # Component that creates a new PVC
+  web:
+    type: http
+    persistentVolumeClaim:
+      size: 5Gi
+      accessModes:
+        - ReadWriteMany  # Allows multiple pods to mount
+      storageClassName: efs-sc
+      annotations:
+        efs.csi.aws.com/access-point-id: "fsap-0123456789abcdef0"
+    volumeMounts:
+      others:
+        - name: data
+          mountPath: /usr/share/nginx/html
+
+  # Component that uses the existing PVC created above
+  api:
+    type: http
+    persistentVolumeClaim:
+      useExistingClaim: true
+      existingClaimName: "my-release-web"  # References the PVC created by web component
+    volumeMounts:
+      others:
+        - name: data
+          mountPath: /app/data
+```
+
+See `testing-values/values-pvc.yaml` and `testing-values/values-pvc-efs-shared.yaml` for more examples.
+
 ## Installation
 
 ```bash
@@ -445,6 +562,8 @@ The following complete configuration examples are available in the `testing-valu
 - [`values-minimal.yaml`](testing-values/values-minimal.yaml) - Basic HTTP service
 - [`values-configmap.yaml`](testing-values/values-configmap.yaml) - ConfigMap integration
 - [`values-volume-mounts.yaml`](testing-values/values-volume-mounts.yaml) - Volume mount examples
+- [`values-pvc.yaml`](testing-values/values-pvc.yaml) - PersistentVolumeClaim examples
+- [`values-pvc-efs-shared.yaml`](testing-values/values-pvc-efs-shared.yaml) - Shared storage with existing PVCs
 - [`values-consumer.yaml`](testing-values/values-consumer.yaml) - Consumer workloads
 - [`values-cronjob.yaml`](testing-values/values-cronjob.yaml) - Scheduled jobs
 - [`values-hpa.yaml`](testing-values/values-hpa.yaml) - Auto-scaling configuration

complex/templates/_container.tpl

@@ -50,7 +50,7 @@ volumeMounts:
 {{- range . }}
   - name: {{ .name }}
     mountPath: {{ .mountPath }}
-    readOnly: {{ .readOnly | default true }}
+    readOnly: {{ ne .readOnly false }}
     {{- if .subPath }}
     subPath: {{ .subPath }}
     {{- end }}
@@ -60,7 +60,7 @@ volumeMounts:
 {{- range . }}
   - name: {{ .name }}
     mountPath: {{ .mountPath }}
-    readOnly: {{ .readOnly | default true }}
+    readOnly: {{ ne .readOnly false }}
     {{- if .subPath }}
     subPath: {{ .subPath }}
     {{- end }}

complex/templates/keda-scaledobject.yaml

@@ -18,7 +18,7 @@ spec:
   triggers:
   {{- range $i, $trigger := $keda.triggers }}
     {{- if eq $trigger.type "kafka" }}
-      {{- $awsRegion := $trigger.awsRegion | default $.Values.global.keda.awsRegion }}
+      {{- $awsRegion := $trigger.awsRegion | default ($.Values.global.keda).awsRegion }}
       {{- if (not $awsRegion) }}
         {{- fail (printf "Kafka trigger for '%s' is missing required field(s)." $componentName) }}
       {{- end }}
@@ -41,7 +41,7 @@ spec:
         {{- end }}
 
     {{- else if eq $trigger.type "aws-sqs-queue" }}
-      {{- $awsRegion := $trigger.awsRegion | default $.Values.global.keda.awsRegion }}
+      {{- $awsRegion := $trigger.awsRegion | default ($.Values.global.keda).awsRegion }}
       {{- if (not $awsRegion) }}
         {{- fail (printf "SQS trigger for '%s' is missing required field(s)." $componentName) }}
       {{- end }}

complex/templates/keda-triggerauthentication.yaml

@@ -2,7 +2,7 @@
   {{- if and (eq $component.type "consumer") (hasKey $component "keda") }}
     {{- $name := include "component.name" (dict "name" $componentName "Release" $.Release) }}
     {{- range $i, $trigger := $component.keda.triggers }}
-      {{- if and (eq $trigger.type "aws-sqs-queue") (ne (default "operator" $trigger.identityOwner) "operator") (default true $trigger.triggerAuthEnabled) }}
+      {{- if and (eq $trigger.type "aws-sqs-queue") (ne (default "operator" $trigger.identityOwner) "operator") (ne $trigger.triggerAuthEnabled false) }}
 ---
 apiVersion: keda.sh/v1alpha1
 kind: TriggerAuthentication

complex/templates/serviceaccount.yaml

@@ -2,7 +2,7 @@
 {{- if and (ne $component.type "cronjob") (ne $component.type "pre-job") (ne $component.type "ingress") -}}
 {{- $kubeLabels := (merge (dict "name" $.Release.Name "instance" (printf "%s-%d" (include "component.name" (dict "name" $componentName "Release" $.Release)) $.Release.Revision) "component" $componentName) $.Values.global.metadata) -}}
 {{- if and $component.serviceAccountCreate $component.serviceAccountName }}
---
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -16,7 +16,7 @@ metadata:
 {{- end }}
 {{- end }}
 
-{{- if and .Values.global.serviceAccountCreate -}}
+{{- if .Values.global.serviceAccountCreate }}
 ---
 apiVersion: v1
 kind: ServiceAccount

complex/testing-values/values-host-network.yaml

@@ -0,0 +1,44 @@
+global:
+  container:
+    image:
+      repository: cookielab/deployer
+      tag: 1.0.0-rc2
+
+components:
+  edge:
+    type: http
+    replicas: 1
+    hostNetwork: true
+    dnsPolicy: ClusterFirstWithHostNet
+    strategyType: Recreate
+    ports:
+      - port: 8443
+    probes:
+      readinessProbe:
+        httpGet:
+          port: 8443
+          path: /health-check
+          scheme: HTTPS
+      livenessProbe:
+        httpGet:
+          port: 8443
+          path: /health-check
+          scheme: HTTPS
+    targetGroup:
+      arn: 'arn:fake'
+      securityGroupIds:
+        - sg-fake
+  worker-on-host:
+    type: consumer
+    replicas: 1
+    hostNetwork: true
+    dnsPolicy: ClusterFirstWithHostNet
+    command:
+      - bin/consume
+  scheduled-host-task:
+    type: cronjob
+    schedule: "*/5 * * * *"
+    hostNetwork: true
+    dnsPolicy: ClusterFirstWithHostNet
+    command:
+      - bin/cron-task

complex/testing-values/values-node-name.yaml

@@ -0,0 +1,43 @@
+global:
+  container:
+    image:
+      repository: cookielab/deployer
+      tag: 1.0.0-rc2
+
+components:
+  api:
+    type: http
+    replicas: 1
+    nodeName: ip-10-0-0-1.ec2.internal
+    ports:
+      - port: 3000
+    probes:
+      readinessProbe:
+        httpGet:
+          port: 8080
+          path: /health-check
+      livenessProbe:
+        httpGet:
+          port: 8080
+          path: /health-check
+    targetGroup:
+      arn: 'arn:fake'
+      securityGroupIds:
+        - sg-fake
+  pinned-worker:
+    type: consumer
+    replicas: 1
+    nodeName: ip-10-0-0-2.ec2.internal
+    command:
+      - bin/consume
+  pinned-cron:
+    type: cronjob
+    schedule: "0 * * * *"
+    nodeName: ip-10-0-0-3.ec2.internal
+    command:
+      - bin/cron-task
+  pinned-pre-job:
+    type: pre-job
+    nodeName: ip-10-0-0-4.ec2.internal
+    command:
+      - bin/migrate

complex/testing-values/values-recreate.yaml

@@ -0,0 +1,41 @@
+global:
+  container:
+    image:
+      repository: cookielab/deployer
+      tag: 1.0.0-rc2
+
+components:
+  api:
+    type: http
+    replicas: 1
+    strategyType: Recreate
+    ports:
+      - port: 3000
+    probes:
+      readinessProbe:
+        httpGet:
+          port: 8080
+          path: /health-check
+        periodSeconds: 30
+        timeoutSeconds: 15
+      livenessProbe:
+        httpGet:
+          port: 8080
+          path: /health-check
+    targetGroup:
+      arn: 'arn:fake'
+      securityGroupIds:
+        - sg-fake
+  worker:
+    type: consumer
+    strategyType: Recreate
+    command:
+      - bin/consume
+  rolling-worker:
+    type: consumer
+    strategyType: RollingUpdate
+    command:
+      - bin/consume
+    rollingUpdate:
+      maxUnavailable: 25%
+      maxSurge: 25%