YAML refresher - image-puller

Part of PR jupyterhub#625.
consideRatio · Apr 18, 2018 · 96de78a · 96de78a
1 parent 7d4695a
commit 96de78a
Show file tree

Hide file tree

Showing 4 changed files with 56 additions and 46 deletions.
diff --git a/...erhub/templates/image-puller/_helper.yaml → ...lates/image-puller/_daemonset-helper.yaml b/...erhub/templates/image-puller/_helper.yaml → ...lates/image-puller/_daemonset-helper.yaml
@@ -1,7 +1,7 @@
-{{/*
-A template that returns an image-puller daemonset. It will use 
-- pre-helm-upgrade image pulling (pulls images before helm upgrades, temporary)
-- continuous image pulling (pulls images for cluster autoscalers, persistent)
+{{- /*
+Returns an image-puller daemonset. Two daemonsets will be created like this.
+- hook-image-puller: for pre helm upgrade image pulling (lives temporarily)
+- continuous-image-puller: for newly added nodes image pulling
 */}}
 {{- define "jupyterhub.imagePuller.daemonset" -}}
 kind: DaemonSet
@@ -14,12 +14,12 @@ metadata:
     {{- end }}
   {{- if .hook }}
   annotations:
-    # create it before installs/upgrades ...
+    {{- /*
+    Allows the daemonset to be deleted when the image-awaiter job is completed.
+    */}}
     "helm.sh/hook": pre-install,pre-upgrade
-    # ... and before the image-awaiter job ...
-    "helm.sh/hook-weight": "-10"
-    # ... but delete it in the end
     "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
+    "helm.sh/hook-weight": "-10"
   {{- end }}
 spec:
   selector:
@@ -44,25 +44,25 @@ spec:
             - /bin/sh
             - -c
             - echo "Pulling complete"
-        {{ if not .Values.singleuser.cloudMetadata.enabled }}
+        {{- if not .Values.singleuser.cloudMetadata.enabled }}
         - name: image-pull-metadata-block
           image: {{ .Values.singleuser.networkTools.image.name }}:{{ .Values.singleuser.networkTools.image.tag }}
           imagePullPolicy: IfNotPresent
           command:
             - /bin/sh
             - -c
             - echo "Pulling complete"
-        {{ end }}
-        {{ range $k, $v := .Values.prePuller.extraImages }}
-        - name: image-pull-{{ $k }}
+        {{- end }}
+        {{- range $k, $v := .Values.prePuller.extraImages }}
+        - name: image-pull-{{ $v.name }}
           image: {{ $v.name }}:{{ $v.tag }}
           imagePullPolicy: IfNotPresent
           command:
             - /bin/sh
             - -c
             - echo "Pulling complete"
-        {{ end }}
+        {{- end }}
       containers:
         - name: pause
           image: {{ .Values.prePuller.pause.image.name }}:{{ .Values.prePuller.pause.image.tag }}
-{{- end -}}
+{{- end }}
diff --git a/jupyterhub/templates/image-puller/daemonset.yaml b/jupyterhub/templates/image-puller/daemonset.yaml
@@ -1,20 +1,20 @@
-{{/*
+{{- /*
 The hook-image-puller daemonset will be created with the highest priority during
 helm upgrades. It's task is to pull the required images on all nodes. When the
 image-awaiter job confirms the required images to be pulled, the daemonset is
 deleted. Only then will the actual helm upgrade start.
 */}}
-{{- if .Values.prePuller.hook.enabled -}}
-{{- $_ := merge (dict "hook" true "componentPrefix" "hook-") . -}}
-{{ include "jupyterhub.imagePuller.daemonset" $_ }}
-{{- end -}}
+{{- if .Values.prePuller.hook.enabled }}
+{{- $_ := merge (dict "hook" true "componentPrefix" "hook-") . }}
+{{- include "jupyterhub.imagePuller.daemonset" $_ }}
+{{- end }}
 ---
-{{/*
+{{- /*
 The continuous-image-puller daemonset task is to pull required images to nodes
 that are added in between helm upgrades, for example by manually adding a node
 or by the cluster autoscaler.
 */}}
-{{- if .Values.prePuller.continuous.enabled -}}
-{{- $_ := merge (dict "hook" false "componentPrefix" "continuous-") . -}}
-{{ include "jupyterhub.imagePuller.daemonset" $_ }}
-{{- end -}}
+{{- if .Values.prePuller.continuous.enabled }}
+{{- $_ := merge (dict "hook" false "componentPrefix" "continuous-") . }}
+{{- include "jupyterhub.imagePuller.daemonset" $_ }}
+{{- end }}
diff --git a/jupyterhub/templates/image-puller/job.yaml b/jupyterhub/templates/image-puller/job.yaml
@@ -1,9 +1,11 @@
-# This job has a part to play in a helm upgrade process. It simply waits for the
-# hook-image-puller daemonset which is started slightly before this job to get 
-# its' pods running. If all those pods are running they must have pulled all the
-# required images on all nodes as they are used as init containers with a dummy
-# command.
-{{ if .Values.prePuller.hook.enabled }}
+{{- /*
+This job has a part to play in a helm upgrade process. It simply waits for the
+hook-image-puller daemonset which is started slightly before this job to get
+its' pods running. If all those pods are running they must have pulled all the
+required images on all nodes as they are used as init containers with a dummy
+command.
+*/}}
+{{- if .Values.prePuller.hook.enabled -}}
 apiVersion: batch/v1
 kind: Job
 metadata:
@@ -18,7 +20,7 @@ spec:
   template:
     spec:
       restartPolicy: Never
-      {{ if .Values.rbac.enabled }}
+      {{- if .Values.rbac.enabled }}
       serviceAccountName: hook-image-awaiter-{{ .Release.Name }}-{{ .Release.Revision }}-{{ .Release.Time.Seconds }}
       {{- end }}
       containers:
@@ -32,4 +34,4 @@ spec:
             - -api-server-address=https://$(KUBERNETES_SERVICE_HOST):$(KUBERNETES_SERVICE_PORT)
             - -namespace={{ .Release.Namespace }}
             - -daemonset=hook-image-puller-{{ .Release.Name }}-{{ .Release.Revision }}-{{ .Release.Time.Seconds }}
-{{ end }}
+{{- end }}
diff --git a/jupyterhub/templates/image-puller/rbac.yaml b/jupyterhub/templates/image-puller/rbac.yaml
@@ -1,7 +1,11 @@
-# Setup of permissions to be used by the hook-image-awaiter job
-{{ if .Values.prePuller.hook.enabled }}
-{{ if .Values.rbac.enabled }}
-# This service account...
+{{- /*
+Permissions to be used by the hook-image-awaiter job
+*/}}
+{{- if .Values.prePuller.hook.enabled }}
+{{- if .Values.rbac.enabled }}
+{{- /*
+This service account...
+*/ -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -13,7 +17,9 @@ metadata:
     "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
     "helm.sh/hook-weight": "0"
 ---
-# needs this role...
+{{- /*
+... will be used by this role...
+*/}}
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
@@ -25,11 +31,13 @@ metadata:
     "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
     "helm.sh/hook-weight": "0"
 rules:
-- apiGroups: ["apps"] # "" indicates the core API group
-  resources: ["daemonsets"]
-  verbs: ["get"]
+  - apiGroups: ["apps"]       # "" indicates the core API group
+    resources: ["daemonsets"]
+    verbs: ["get"]
 ---
-# and this part declares that service account to have that role.
+{{- /*
+... as declared by this binding.
+*/}}
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
@@ -41,12 +49,12 @@ metadata:
     "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
     "helm.sh/hook-weight": "0"
 subjects:
-- kind: ServiceAccount
-  namespace: {{ .Release.Namespace }}
-  name: hook-image-awaiter-{{ .Release.Name }}-{{ .Release.Revision }}-{{ .Release.Time.Seconds }}
+  - kind: ServiceAccount
+    namespace: {{ .Release.Namespace }}
+    name: hook-image-awaiter-{{ .Release.Name }}-{{ .Release.Revision }}-{{ .Release.Time.Seconds }}
 roleRef:
   kind: ClusterRole
   name: hook-image-awaiter-{{ .Release.Name }}-{{ .Release.Revision }}-{{ .Release.Time.Seconds }}
   apiGroup: rbac.authorization.k8s.io
-{{ end }}
-{{ end }}
+{{- end }}
+{{- end }}