From b944d195341600dd5eb9fe446fb9d820a4529edb Mon Sep 17 00:00:00 2001 From: Alan Bridgeman Date: Mon, 17 Feb 2025 16:10:15 -0600 Subject: [PATCH] Initial commit --- .gitignore | 8 ++ .helmignore | 8 ++ Chart.yaml | 11 ++ README.md | 6 + templates/cache-configmap.yaml | 12 ++ templates/cache-credentials-secret.yaml | 7 ++ templates/database.yaml | 29 +++++ ...ntials-config-map-postgres-controller.yaml | 16 +++ templates/db-credentials-config-map.yaml | 13 +++ ...b-password-secret-postgres-controller.yaml | 10 ++ templates/db-password-secret.yaml | 7 ++ templates/deployment.yaml | 75 +++++++++++++ templates/ingress.yaml | 21 ++++ templates/redis-deployment.yaml | 49 ++++++++ templates/redis-service.yaml | 15 +++ templates/service.yaml | 11 ++ values.yaml | 105 ++++++++++++++++++ 17 files changed, 403 insertions(+) create mode 100644 .gitignore create mode 100644 .helmignore create mode 100644 Chart.yaml create mode 100644 README.md create mode 100644 templates/cache-configmap.yaml create mode 100644 templates/cache-credentials-secret.yaml create mode 100644 templates/database.yaml create mode 100644 templates/db-credentials-config-map-postgres-controller.yaml create mode 100644 templates/db-credentials-config-map.yaml create mode 100644 templates/db-password-secret-postgres-controller.yaml create mode 100644 templates/db-password-secret.yaml create mode 100644 templates/deployment.yaml create mode 100644 templates/ingress.yaml create mode 100644 templates/redis-deployment.yaml create mode 100644 templates/redis-service.yaml create mode 100644 templates/service.yaml create mode 100644 values.yaml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f160051 --- /dev/null +++ b/.gitignore @@ -0,0 +1,8 @@ +# Mac OS +.DS_Store + +# Input file +input.json + +# Ignore the Helm chart's packaged tarball +*.tgz \ No newline at end of file diff --git a/.helmignore b/.helmignore new file mode 100644 index 0000000..1b248e9 --- /dev/null +++ b/.helmignore @@ -0,0 +1,8 @@ +# Ignore the ignore file +.helmignore +# Ignore the Helm chart's packaged tarball +*.tgz +# Ignore git files +*.git +# Ignore the input file +input.json diff --git a/Chart.yaml b/Chart.yaml new file mode 100644 index 0000000..002e43a --- /dev/null +++ b/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +appVersion: "1.0.0" +description: A Helm chart for deploying the Harbor Helm Index +home: https://helm.bridgemanaccessible.ca/harbor-helm-index +maintainers: + - email: alan@bridgemanaccessible.com + name: Alan Bridgeman +name: harbor-helm-index +sources: +- https://github.com/AlanBridgeman/harbor-helm-index +version: "1.0.0" diff --git a/README.md b/README.md new file mode 100644 index 0000000..581a7c9 --- /dev/null +++ b/README.md @@ -0,0 +1,6 @@ +# Harbor Helm Index Helm Chart +This Helm chart helps deploy the [Harbor Helm Index](https://github.com/AlanBridgeman/harbor-helm-index) software. + +Please be mindful that you'll need to edit the `values.yaml` this is because certain values have been redacted/generalized for privacy reasons. + +If you have any issues please create an issue on the Github repository. \ No newline at end of file diff --git a/templates/cache-configmap.yaml b/templates/cache-configmap.yaml new file mode 100644 index 0000000..10677f9 --- /dev/null +++ b/templates/cache-configmap.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-cache-configmap + namespace: {{ .Release.Namespace }} +data: + {{- if and (eq .Values.cache.type "redis") (.Values.cache.create) }} + hostname: {{ .Release.Name }}-redis + {{- else }} + hostname: {{ .Values.cache.hostname }} + {{- end }} + port: {{ .Values.cache.port | quote }} diff --git a/templates/cache-credentials-secret.yaml b/templates/cache-credentials-secret.yaml new file mode 100644 index 0000000..bbd7d8c --- /dev/null +++ b/templates/cache-credentials-secret.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-cache-credentials +type: Opaque +data: + password: {{ .Values.cache.password | b64enc }} diff --git a/templates/database.yaml b/templates/database.yaml new file mode 100644 index 0000000..d473a97 --- /dev/null +++ b/templates/database.yaml @@ -0,0 +1,29 @@ +{{- if and (eq .Values.database.type "postgres") (.Values.database.create) -}} +apiVersion: postgresql.org/v1 +kind: PostgresDatabase +metadata: + name: {{ .Release.Name }}-db + namespace: {{ .Release.Namespace }} +spec: + dbName: + envFrom: + configMapKeyRef: + - name: {{ .Release.Name }}-db-credentials + namespace: postgres-controller + key: db-name + dbRoleName: + envFrom: + configMapKeyRef: + - name: {{ .Release.Name }}-db-credentials + namespace: postgres-controller + key: db-user + dbRolePassword: + envFrom: + secretKeyRef: + - name: {{ .Release.Name }}-db-password + namespace: postgres-controller + key: password +{{- if .Values.database.instance_id }} + dbInstanceId: {{ .Values.database.instance_id }} +{{- end }} +{{- end -}} diff --git a/templates/db-credentials-config-map-postgres-controller.yaml b/templates/db-credentials-config-map-postgres-controller.yaml new file mode 100644 index 0000000..90b32c1 --- /dev/null +++ b/templates/db-credentials-config-map-postgres-controller.yaml @@ -0,0 +1,16 @@ +{{- if and (eq .Values.database.type "postgres") (.Values.database.create) -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-db-credentials + namespace: postgres-controller +data: + db-host: {{ .Values.database.host }} + db-name: {{ .Values.database.name }} + db-user: {{ .Values.database.user }} + {{- if .Values.database.port }} + db-port: {{ .Values.database.port | quote }} + {{- else }} + db-port: "5432" + {{- end }} +{{- end -}} diff --git a/templates/db-credentials-config-map.yaml b/templates/db-credentials-config-map.yaml new file mode 100644 index 0000000..a3eeff0 --- /dev/null +++ b/templates/db-credentials-config-map.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-db-credentials +data: + db-host: {{ .Values.database.host }} + db-name: {{ .Values.database.name }} + db-user: {{ .Values.database.user }} + {{- if .Values.database.port }} + db-port: {{ .Values.database.port | quote }} + {{- else }} + db-port: "5432" + {{- end }} diff --git a/templates/db-password-secret-postgres-controller.yaml b/templates/db-password-secret-postgres-controller.yaml new file mode 100644 index 0000000..f90a17c --- /dev/null +++ b/templates/db-password-secret-postgres-controller.yaml @@ -0,0 +1,10 @@ +{{- if and (eq .Values.database.type "postgres") (.Values.database.create) -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-db-password + namespace: postgres-controller +type: Opaque +data: + password: {{ .Values.database.password | b64enc }} +{{- end -}} diff --git a/templates/db-password-secret.yaml b/templates/db-password-secret.yaml new file mode 100644 index 0000000..0a26279 --- /dev/null +++ b/templates/db-password-secret.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-db-password +type: Opaque +data: + password: {{ .Values.database.password | b64enc }} diff --git a/templates/deployment.yaml b/templates/deployment.yaml new file mode 100644 index 0000000..b70b1c4 --- /dev/null +++ b/templates/deployment.yaml @@ -0,0 +1,75 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }} + labels: + app: {{ .Release.Name }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ .Release.Name }} + spec: + containers: + - name: {{ .Release.Name }} + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - containerPort: {{ .Values.container.port }} + env: + - name: NODE_ENV + value: {{ .Values.container.env }} + - name: PORT + value: "{{ .Values.container.port }}" + - name: COMPANY + value: "Bridgeman Accessible" + - name: WEBSITE_TITLE_SUFFIX + value: " - Bridgeman Accessible Helm Repo" + - name: HOSTNAME + value: "helm.bridgemanaccessible.ca" + # Database credentials + - name: DB_HOST + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-db-credentials + key: db-host + - name: DB_NAME + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-db-credentials + key: db-name + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name }}-db-password + key: password + - name: DB_PORT + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-db-credentials + key: db-port + - name: DB_USER + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-db-credentials + key: db-user + # Caching Server Variables + - name: CACHE_HOSTNAME + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-cache-configmap + key: hostname + - name: CACHE_PORT + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-cache-configmap + key: port + - name: CACHE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name }}-cache-credentials + key: password diff --git a/templates/ingress.yaml b/templates/ingress.yaml new file mode 100644 index 0000000..ca225a2 --- /dev/null +++ b/templates/ingress.yaml @@ -0,0 +1,21 @@ +{{- if .Values.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Release.Name }} + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - host: {{ .Values.ingress.host }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ .Release.Name }} + port: + number: 80 + ingressClassName: {{ .Values.ingress.class }} +{{- end -}} \ No newline at end of file diff --git a/templates/redis-deployment.yaml b/templates/redis-deployment.yaml new file mode 100644 index 0000000..70e80c0 --- /dev/null +++ b/templates/redis-deployment.yaml @@ -0,0 +1,49 @@ +{{- if and (eq .Values.cache.type "redis") (.Values.cache.create) -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-redis + labels: + app: redis +spec: + replicas: {{ .Values.cache.replicaCount }} + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + containers: + - name: redis + image: {{ .Values.cache.image.repository | default "bitnami/redis" }}:{{ .Values.cache.image.tag | default "7.0.5" }} + ports: + - containerPort: {{ .Values.cache.port }} + {{- if .Values.cache.tls.enabled }} + - containerPort: {{ .Values.cache.tls.port }} + {{- end }} + env: + - name: ALLOW_EMPTY_PASSWORD + value: "false" + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Release.Name }}-cache-credentials + key: password + - name: REDIS_DISABLE_COMMANDS + value: "FLUSHDB,FLUSHALL" + # TLS configuration + #- name: REDIS_TLS_ENABLED + # value: "{{ .Values.cache.tls.enabled }}" + #- name: REDIS_TLS_AUTH_CLIENTS + # value: "yes" + #- name: REDIS_TLS_PORT_NUMBER + # value: "{{ .Values.cache.tls.port }}" + volumeMounts: + - name: redis-data + mountPath: /bitnami/redis + volumes: + - name: redis-data + emptyDir: {} +{{- end -}} \ No newline at end of file diff --git a/templates/redis-service.yaml b/templates/redis-service.yaml new file mode 100644 index 0000000..a3ded46 --- /dev/null +++ b/templates/redis-service.yaml @@ -0,0 +1,15 @@ +{{- if and (eq .Values.cache.type "redis") (.Values.cache.create) -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-redis + labels: + app: redis +spec: + ports: + - port: {{ .Values.cache.port }} + targetPort: {{ .Values.cache.port }} + selector: + app: redis + type: ClusterIP +{{- end -}} \ No newline at end of file diff --git a/templates/service.yaml b/templates/service.yaml new file mode 100644 index 0000000..d59807e --- /dev/null +++ b/templates/service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }} +spec: + selector: + app: {{ .Release.Name }} + ports: + - protocol: TCP + port: 80 + targetPort: {{ .Values.container.port }} diff --git a/values.yaml b/values.yaml new file mode 100644 index 0000000..2ae9e90 --- /dev/null +++ b/values.yaml @@ -0,0 +1,105 @@ +# The number of instances (replicas) of the app to run +replicaCount: 1 + +image: + # The repository of the image to use for the app + # Should be in the format `/` + repository: "/harbor-helm-index" + # The specific image tag to use. It's recommended to use some kind of versioning tag scheme as it makes updating the container without having to fully redeploy easier. + # Ex. v1.0.0 + tag: "v1.0.0" + # How often the image should be pulled. The possible values are "Always", "Never", and "IfNotPresent" + # It's recommended for production to use "IfNotPresent" to avoid pulling the image every time the pod starts + # Though, for development, "Always" is recommended to ensure the latest changes are being tested + pullPolicy: "IfNotPresent" + +container: + # The port that the container listens on (Ex. 8080) + port: 8080 + + # The environment that the container is running in (Ex. development, production, etc...) + # This is used for the NODE_ENV environment variable + env: "production" + +ingress: + # We want an ingress resource if we are deploying to a cluster that has a ingress controller/load balancer + # This includes most public cloud providers like EKS, GKE, and AKS + enabled: true + # The DNS Name (Ex. helm.example.com) where the app will be accessible + host: "helm.example.com" + # The class of the ingress controller that is being used (defaulted here to an NGINX ingress controller as it's popular for Kubernetes clusters) + class: nginx + + + + +# Configuration for the relational database +database: + # The type of the relational database that is used. + # + # The following table lists the possible values for this field: + # + # | Value | Description | + # | ---------- | ------------------------------------------ | + # | `postgres` | Uses PostgreSQL as the relational database | + # + # Note, for use of `postgres`, it uses a [`postgres-controller` CRD](https://github.com/AlanBridgeman/postgres-controller) to create the database + # + type: "postgres" + + # If set to `true`, the database will be created as part of the deployment + # This uses the [`postgres-controller` CRD](https://github.com/AlanBridgeman/postgres-controller) to create the database + create: true + + # The host that the database is located on + host: "" + + # The name of the database to be used + name: "" + + # The user that is used to access the database + user: "" + + # The password that is used to access the database + password: "" + + # The port that the database listens on + #port: 5432 + + # Allows for distinguishing between multiple database instances/servers + #instance_id: "" + +# Configuration for cache server +cache: + type: "redis" + + # If to create a Redis instance/resource as part of the deployment process + create: true + + # The image to use for the Redis instance + # ONLY relevant if `create` is set to `true` + image: {} + + # The number of replicas of the Redis instance + # ONLY relevant if `create` is set to `true` + replicaCount: 1 + + # Hostname of the Redis server + # ONLY relevant if `create` is set to `false` + #hostName: "" + + # The password to use for the Redis server + password: "" + + # The port of the Redis server + port: "6379" + + # Redis TLS Configurations + tls: + # If TLS is enabled for the Redis instance + enabled: false + + # The port of the Redis instance for TLS + # ONLY relevant if `tls.enabled` is set to `true` + #port: "" +