[stable/spinnaker] Leverage Halyard for installation (helm#6407)

* Use Halyard for Spinnaker installation

* Bump spinnaker version in Chart.yaml

* Add whitespace in helpers

* Remove dependency on Jenkins

* Fix cleanup

* Fix NOTES command for exec into hal

* No longer need override_config_map helper

* Simplify cleanup job

* Remove halyard-pvc empty file

* Update README

* Add lwander as maintainer of Spinnaker chart

* Make halyard-local config simpler

* Remove type: Opaque from kubeconfig map

* Mount GCS key on Halyard statefulset

* Fix credentials when using kubeConfig.enabled

* Allow custom config to be provided at install time.

* Fix port-forward commands in README

* Configure Halyard's RBAC

* Use redis deployed by helm

* Use Deck to route /gate requests

* Fix RBAC in default configuration

* Scope template helper names

* Helper for resource metadata

* Enable spinnakerFeatureFlags

* Fix deck service name

* Basic S3 support.

setting access keys is optional, if they are unset, the implicit
credentials from your environment will be used.

* Smallish updates.

* Runs the install script with bash -xe for log output.
* Makes the install script somewhat idempotent in the case of chart
  upgrades on an existing halyard config state.
* Fully qualifies serviceaccount names.
* Whitespace fixes.

* Enable 'jobs' feature flag by default

* Fix typo in README

* Follow RBAC best practices for chart

* Remove trailing space

* update helm dependencies

Update minio and redis deps to be their current releases

* support username/password for docker registry

* fix variable condition for registrysecret

* remove rogue sleep command from debugging

* add readme info about using secret for registry passwords

* fix writing the secret key to hal's config

* Enable artifacts by default

* Allow Halyard and Spinnaker SAs to be configurable

* Use custom SA in halyard SS if passed

* Default to version 1.8.4 of Spinnaker

* Simplify ingress values, fix nodeports for svcs

* Slight change; moving 'host' to be under Ingress resource

* Updater Spinnaker to 1.8.5

* Make nodeport exposure idempotent

* Add newline

* Add newline

* Add newline

* Add newline

Signed-off-by: Jakob Niggel <info@jakobniggel.de>

stable/spinnaker/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v1
 description: Open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence.
 name: spinnaker
-version: 0.6.0
-appVersion: 1.6.0
+version: 1.0.0
+appVersion: 1.8.5
 home: http://spinnaker.io/
 sources:
 - https://github.com/spinnaker
@@ -11,3 +11,5 @@ icon: https://pbs.twimg.com/profile_images/669205226994319362/O7OjwPrh_400x400.p
 maintainers:
 - name: viglesiasce
   email: viglesias@google.com
+- name: lwander
+  email: lwander@google.com

stable/spinnaker/OWNERS

@@ -0,0 +1,6 @@
+approvers:
+- viglesiasce
+- lwander
+reviewers:
+- viglesiasce
+- lwander

stable/spinnaker/README.md

@@ -3,8 +3,8 @@
 [Spinnaker](http://spinnaker.io/) is an open source, multi-cloud continuous delivery platform.
 
 ## Chart Details
-This chart will provision a fully functional and fully featured Spinnaker installation 
-that can deploy and manage applications in the cluster that it is deployed to. 
+This chart will provision a fully functional and fully featured Spinnaker installation
+that can deploy and manage applications in the cluster that it is deployed to.
 
 Redis and Minio are used as the stores for Spinnaker state.
 
@@ -15,10 +15,10 @@ For more information on Spinnaker and its capabilities, see it's [documentation]
 To install the chart with the release name `my-release`:
 
 ```bash
-$ helm install --name my-release stable/spinnaker
+$ helm install --name my-release stable/spinnaker --timeout 600
 ```
 
-Note that this chart pulls in many different Docker images so can take a while to fully install. 
+Note that this chart pulls in many different Docker images so can take a while to fully install.
 
 ## Configuration
 
@@ -55,5 +55,64 @@ for Spinnaker. If you want to add arbitrary clusters need to do the following:
       contexts:
       # Names of contexts available in the uploaded kubeconfig
       - my-context
+      # This is the context from the list above that you would like
+      # to deploy Spinnaker itself to.
+      deploymentContext: my-context
     ```
 
+## Specifying Docker Registries and Valid Images (Repositories)
+
+Spinnaker will only give you access to Docker images that have been whitelisted, if you're using a private registry or a private repository you also need to provide credentials.  Update the following values of the chart to do so:
+
+    ```yaml
+    dockerRegistries:
+    - name: dockerhub
+      address: index.docker.io
+      repositories:
+        - library/alpine
+        - library/ubuntu
+        - library/centos
+        - library/nginx
+    # - name: gcr
+    #   address: https://gcr.io
+    #   username: _json_key
+    #   password: '<INSERT YOUR SERVICE ACCOUNT JSON HERE>'
+    #   email: 1234@5678.com
+    ```
+
+You can provide passwords as a Helm value, or you can use a pre-created secret containing your registry passwords.  The secret should have an item per Registry in the format: `<registry name>: <password>`. In which case you'll specify the secret to use in `dockerRegistryAccountSecret` like so:
+
+    ```yaml
+    dockerRegistryAccountSecret: myregistry-secrets
+    ```
+
+## Customizing your installation
+
+### Manual
+While the default installation is ready to handle your Kubernetes deployments, there are
+many different integrations that you can turn on with Spinnaker. In order to customize
+Spinnaker, you can use the [Halyard](https://www.spinnaker.io/reference/halyard/) command line `hal`
+to edit the configuration and apply it to what has already been deployed.
+
+Halyard has an in-cluster daemon that stores your configuration. You can exec a shell in this pod to
+make and apply your changes. The Halyard daemon is configured with a persistent volume to ensure that
+your configuration data persists any node failures, reboots or upgrades.
+
+For example:
+
+```shell
+$ helm install -n cd stable/spinnaker
+$ kubectl exec -it cd-spinnaker-halyard-0 bash
+spinnaker@cd-spinnaker-halyard-0:/workdir$ hal version list
+```
+
+### Automated
+If you have known set of commands that you'd like to run after the base config steps or if
+you'd like to override some settings before the Spinnaker deployment is applied, you can enable
+the `halyard.additionalConfig.enabled` flag. You will need to create a config map that contains a key
+containing the `hal` commands you'd like to run. You can set the key via the config map name via `halyard.additionalConfig.configMapName` and the key via `halyard.additionalConfig.configMapKey`. The `DAEMON_ENDPOINT` environment variable can be used in your custom commands to
+get a prepopulated URL that points to your Halyard daemon within the cluster. For example:
+
+```shell
+hal --daemon-endpoint $DAEMON_ENDPOINT config security authn oauth2 enable
+```