{{- define "addons-values" }}
clusterBackup:
  enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") .Values.addons.clusterBackup.enabled) }}

  {{- with omit .Values.addons.clusterBackup "enabled" }}
  {{- toYaml . | nindent 2 }}
  {{- end }}

  {{- if eq .Values.global.platform "aws" }}
  # AWS
  extraEnv:
    - name: AWS_DEFAULT_REGION
      value: {{ .Values.global.aws.region }}
  {{- end }}

forseti:
  enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") .Values.addons.forseti.enabled) }}

  {{- with omit .Values.addons.forseti "enabled" }}
  {{- toYaml . | nindent 2 }}
  {{- end }}

  {{- if eq .Values.global.platform "aws" }}
  # AWS
  aws:
    region: {{ $.Values.global.aws.region }}
    iamRoleArn: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.kubezeroForseti"
  {{- end }}

external-dns:
  enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") (index .Values "addons" "external-dns" "enabled")) }}

  {{- with omit (index .Values "addons" "external-dns") "enabled" }}
  {{- toYaml . | nindent 2 }}
  {{- end }}

  {{- if eq .Values.global.platform "aws" }}
  # AWS
  txtOwnerId: {{ .Values.global.clusterName }}
  provider: aws
  extraArgs:
    - "--aws-zone-type=public"
    - "--aws-zones-cache-duration=1h"
  env:
    - name: AWS_ROLE_ARN
      value: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.externalDNS"
    - name: AWS_WEB_IDENTITY_TOKEN_FILE
      value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
    - name: AWS_STS_REGIONAL_ENDPOINTS
      value: "regional"
    - name: METADATA_TRIES
      value: "0"
  extraVolumes:
  - name: aws-token
    projected:
      sources:
      - serviceAccountToken:
          path: token
          expirationSeconds: 86400
          audience: "sts.amazonaws.com"
  extraVolumeMounts:
  - name: aws-token
    mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
    readOnly: true
  {{- end }}

cluster-autoscaler:
  enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") (index .Values "addons" "cluster-autoscaler" "enabled")) }}

  autoDiscovery:
    clusterName: {{ .Values.global.clusterName }}

  {{- if not .Values.global.highAvailable }}
  extraArgs:
    leader-elect: false
  {{- end }}

  {{- with omit (index .Values "addons" "cluster-autoscaler") "enabled" }}
  {{- toYaml . | nindent 2 }}
  {{- end }}

  {{- with .Values.metrics }}
  serviceMonitor:
    enabled: {{ .enabled }}
  # Buggy atm due to integer vs. string issue
  # prometheusRule:
  #  enabled: {{ .enabled }}
  {{- end }}

  {{- if eq .Values.global.platform "aws" }}
  # AWS
  awsRegion: {{ .Values.global.aws.region }}

  extraEnv:
    AWS_ROLE_ARN: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.clusterAutoScaler"
    AWS_WEB_IDENTITY_TOKEN_FILE: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
    AWS_STS_REGIONAL_ENDPOINTS: "regional"
  extraVolumes:
  - name: aws-token
    projected:
      sources:
      - serviceAccountToken:
          path: token
          expirationSeconds: 86400
          audience: "sts.amazonaws.com"
  extraVolumeMounts:
  - name: aws-token
    mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
    readOnly: true
  {{- end }}

{{- with .Values.addons.fuseDevicePlugin }}
fuseDevicePlugin:
  {{- toYaml . | nindent 2 }}
{{- end }}

{{- with index .Values "addons" "nvidia-device-plugin" }}
nvidia-device-plugin:
  {{- toYaml . | nindent 2 }}
{{- end }}

{{- with index .Values "addons" "sealed-secrets" }}
sealed-secrets:
  {{- toYaml . | nindent 2 }}

  {{- with $.Values.metrics }}
  metrics:
    serviceMonitor:
      enabled: {{ .enabled }}
  {{- end }}
{{- end }}

{{- with index .Values "addons" "py-kube-downscaler" }}
py-kube-downscaler:
  {{- toYaml . | nindent 2 }}
{{- end }}

# AWS only
{{- if eq .Values.global.platform "aws" }}
aws-node-termination-handler:
  enabled: {{ default "true" (index .Values "addons" "aws-node-termination-handler" "enabled") }}

  {{- with omit (index .Values "addons" "aws-node-termination-handler") "enabled" }}
  {{- toYaml . | nindent 2 }}
  {{- end }}

  {{- with .Values.metrics }}
  enablePrometheusServer: {{ .enabled }}
  {{- end }}

  queueURL: "https://sqs.{{ .Values.global.aws.region }}.amazonaws.com/{{ .Values.global.aws.accountId }}/{{ .Values.global.clusterName }}_Nth"
  managedTag: "zdt:kubezero:nth:{{ .Values.global.clusterName }}"
  extraEnv:
    - name: AWS_ROLE_ARN
      value: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.awsNth"
    - name: AWS_WEB_IDENTITY_TOKEN_FILE
      value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
    - name: AWS_STS_REGIONAL_ENDPOINTS
      value: "regional"
    - name: METADATA_TRIES
      value: "0"

aws-eks-asg-rolling-update-handler:
  enabled: {{ default "true" (index .Values "addons" "aws-eks-asg-rolling-update-handler" "enabled") }}

  {{- with omit (index .Values "addons" "aws-eks-asg-rolling-update-handler") "enabled" }}
  {{- toYaml . | nindent 2 }}
  {{- end }}

  environmentVars:
    - name: CLUSTER_NAME
      value: {{ .Values.global.clusterName }}
    - name: AWS_REGION
      value: {{ .Values.global.aws.region }}
    - name: EXECUTION_INTERVAL
      value: "60"
    - name: METRICS
      value: "{{ .Values.metrics.enabled }}"
    - name: EAGER_CORDONING
      value: "true"
    - name: SLOW_MODE
      value: "true"
    - name: AWS_ROLE_ARN
      value: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.awsRuh"
    - name: AWS_WEB_IDENTITY_TOKEN_FILE
      value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
    - name: AWS_STS_REGIONAL_ENDPOINTS
      value: "regional"

{{- with .Values.addons.awsNeuron }}
awsNeuron:
  {{- toYaml . | nindent 2 }}
{{- end }}

{{- end }}

{{- end }}

{{- define "addons-argo" }}
{{- end }}

{{ include "kubezero-app.app" . }}