Added storage provisioner

chart/templates/deployment.yaml

@@ -31,67 +31,6 @@ spec:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
-          env:
-            # PostgreSQL Host
-            - name: POSTGRES_HOST
-              {{- if .Values.config.postgres.host.fromSecret.enabled }}
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.config.postgres.host.fromSecret.secretName }}
-                  key: {{ .Values.config.postgres.host.fromSecret.key }}
-              {{- else }}
-              value: {{ .Values.config.postgres.host.value | quote }}
-              {{- end }}
-            # PostgreSQL Port
-            - name: POSTGRES_PORT
-              {{- if .Values.config.postgres.port.fromSecret.enabled }}
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.config.postgres.port.fromSecret.secretName }}
-                  key: {{ .Values.config.postgres.port.fromSecret.key }}
-              {{- else }}
-              value: {{ .Values.config.postgres.port.value | quote }}
-              {{- end }}
-            # PostgreSQL User
-            - name: POSTGRES_USER
-              {{- if .Values.config.postgres.user.fromSecret.enabled }}
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.config.postgres.user.fromSecret.secretName }}
-                  key: {{ .Values.config.postgres.user.fromSecret.key }}
-              {{- else }}
-              value: {{ .Values.config.postgres.user.value | quote }}
-              {{- end }}
-            # PostgreSQL Password
-            - name: POSTGRES_PASSWORD
-              {{- if .Values.config.postgres.password.fromSecret.enabled }}
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.config.postgres.password.fromSecret.secretName }}
-                  key: {{ .Values.config.postgres.password.fromSecret.key }}
-              {{- else }}
-              value: {{ .Values.config.postgres.password.value | quote }}
-              {{- end }}
-            # Certificate Manager
-            - name: CERT_MANAGER
-              {{- if .Values.config.certManager.fromSecret.enabled }}
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.config.certManager.fromSecret.secretName }}
-                  key: {{ .Values.config.certManager.fromSecret.key }}
-              {{- else }}
-              value: {{ .Values.config.certManager.value | quote }}
-              {{- end }}
-            # Istio Gateway
-            - name: ISTIO_GATEWAY
-              {{- if .Values.config.istioGateway.fromSecret.enabled }}
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.config.istioGateway.fromSecret.secretName }}
-                  key: {{ .Values.config.istioGateway.fromSecret.key }}
-              {{- else }}
-              value: {{ .Values.config.istioGateway.value | quote }}
-              {{- end }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
       {{- with .Values.nodeSelector }}

chart/values.yaml

@@ -50,54 +50,4 @@ nodeSelector: {}
 
 tolerations: []
 
-affinity: {}
-
-# Configuration for the homelab operator
-config:
-  # PostgreSQL database configuration
-  postgres:
-    host:
-      # Direct value (used when fromSecret.enabled is false)
-      value: "127.0.0.1"
-      # Secret reference (used when fromSecret.enabled is true)
-      fromSecret:
-        enabled: false
-        secretName: ""
-        key: "POSTGRES_HOST"
-    
-    port:
-      value: "5432"
-      fromSecret:
-        enabled: false
-        secretName: ""
-        key: "POSTGRES_PORT"
-    
-    user:
-      value: "postgres"
-      fromSecret:
-        enabled: false
-        secretName: ""
-        key: "POSTGRES_USER"
-    
-    password:
-      value: ""
-      fromSecret:
-        enabled: true  # Default to secret for sensitive data
-        secretName: "postgres-secret"
-        key: "POSTGRES_PASSWORD"
-  
-  # Certificate manager configuration
-  certManager:
-    value: "letsencrypt-prod"
-    fromSecret:
-      enabled: false
-      secretName: ""
-      key: "CERT_MANAGER"
-  
-  # Istio gateway configuration
-  istioGateway:
-    value: "istio-ingress"
-    fromSecret:
-      enabled: false
-      secretName: ""
-      key: "ISTIO_GATEWAY"
+affinity: {}

src/index.ts

@@ -5,6 +5,7 @@ import { Services } from './utils/service.ts';
 import { CustomResourceService } from './services/custom-resources/custom-resources.ts';
 import { WatcherService } from './services/watchers/watchers.ts';
 import { customResources } from './custom-resouces/custom-resources.ts';
+import { StorageProvider } from './storage-provider/storage-provider.ts';
 
 process.on('uncaughtException', (error) => {
   console.log('UNCAUGHT EXCEPTION');
@@ -29,6 +30,8 @@ process.on('unhandledRejection', (error) => {
 
 const services = new Services();
 const watcherService = services.get(WatcherService);
+const storageProvider = services.get(StorageProvider);
+await storageProvider.start();
 await watcherService
   .create({
     path: '/apis/apiextensions.k8s.io/v1/customresourcedefinitions',

src/storage-provider/storage-provider.ts

@@ -0,0 +1,73 @@
+import { mkdir } from 'fs/promises';
+
+import { V1PersistentVolume, type V1PersistentVolumeClaim } from '@kubernetes/client-node';
+
+import { Watcher, WatcherService } from '../services/watchers/watchers.ts';
+import type { Services } from '../utils/service.ts';
+import { ResourceService, type Resource } from '../services/resources/resources.ts';
+
+const PROVISIONER = 'reuse-local-path-provisioner';
+const LABEL_SELECTOR = `provisioner=${PROVISIONER}`;
+
+class StorageProvider {
+  #watcher: Watcher<V1PersistentVolumeClaim>;
+  #services: Services;
+
+  constructor(services: Services) {
+    this.#services = services;
+    const watchService = this.#services.get(WatcherService);
+    this.#watcher = watchService.create({
+      path: 'api/v1/persistantvolumeclaims',
+      list: (k8s) =>
+        k8s.api.listPersistentVolumeClaimForAllNamespaces({
+          labelSelector: LABEL_SELECTOR,
+        }),
+      verbs: ['add', 'update', 'delete'],
+      selector: LABEL_SELECTOR,
+    });
+    this.#watcher.on('changed', this.#handleChange);
+  }
+
+  #handleChange = async (pvc: Resource<V1PersistentVolumeClaim>) => {
+    const target = `/data/volumes/${pvc.namespace}/${pvc.name}`;
+    await mkdir(target, { recursive: true });
+    const resourceService = this.#services.get(ResourceService);
+    const pv = resourceService.get<V1PersistentVolume>({
+      apiVersion: 'v1',
+      kind: 'PersistantVolume',
+      name: pvc.name,
+      namespace: pvc.namespace,
+    });
+    await pv.load();
+    await pv.patch({
+      metadata: {
+        labels: {
+          provisioner: PROVISIONER,
+        },
+      },
+      spec: {
+        hostPath: {
+          path: target,
+        },
+        capacity: {
+          storage: pvc.spec?.resources?.requests?.storage ?? '1GB',
+        },
+        persistentVolumeReclaimPolicy: 'Retain',
+        accessModes: pvc.spec?.accessModes,
+        claimRef: {
+          uid: pvc.metadata?.uid,
+          resourceVersion: pvc.metadata?.resourceVersion,
+          apiVersion: pvc.apiVersion,
+          name: pvc.name,
+          namespace: pvc.namespace,
+        },
+      },
+    });
+  };
+
+  public start = async () => {
+    await this.#watcher.start();
+  };
+}
+
+export { StorageProvider };