From 3d1c757902464aef04bfd2df745180789f61bafd Mon Sep 17 00:00:00 2001 From: Jan <46779261+98jan@users.noreply.github.com> Date: Wed, 20 Nov 2024 21:33:48 +0100 Subject: [PATCH] feat: initial draft of helm chart #64 --- .github/workflows/helm-release.yaml | 55 ++ charts/hopps/.helmignore | 23 + charts/hopps/Chart.lock | 21 + charts/hopps/Chart.yaml | 56 ++ charts/hopps/templates/_helpers.tpl | 199 +++++++ .../templates/az-document-ai/deployment.yaml | 77 +++ .../templates/az-document-ai/ingress.yaml | 43 ++ .../templates/az-document-ai/service.yaml | 15 + .../az-document-ai/serviceaccount.yaml | 13 + charts/hopps/templates/fin/deployment.yaml | 77 +++ charts/hopps/templates/fin/ingress.yaml | 43 ++ charts/hopps/templates/fin/service.yaml | 15 + .../hopps/templates/fin/serviceaccount.yaml | 13 + .../hopps/templates/frontend/deployment.yaml | 77 +++ charts/hopps/templates/frontend/ingress.yaml | 43 ++ charts/hopps/templates/frontend/service.yaml | 15 + .../templates/frontend/serviceaccount.yaml | 13 + charts/hopps/templates/org/deployment.yaml | 77 +++ charts/hopps/templates/org/ingress.yaml | 43 ++ charts/hopps/templates/org/service.yaml | 15 + .../hopps/templates/org/serviceaccount.yaml | 13 + charts/hopps/values.yaml | 521 ++++++++++++++++++ 22 files changed, 1467 insertions(+) create mode 100644 .github/workflows/helm-release.yaml create mode 100644 charts/hopps/.helmignore create mode 100644 charts/hopps/Chart.lock create mode 100644 charts/hopps/Chart.yaml create mode 100644 charts/hopps/templates/_helpers.tpl create mode 100644 charts/hopps/templates/az-document-ai/deployment.yaml create mode 100644 charts/hopps/templates/az-document-ai/ingress.yaml create mode 100644 charts/hopps/templates/az-document-ai/service.yaml create mode 100644 charts/hopps/templates/az-document-ai/serviceaccount.yaml create mode 100644 charts/hopps/templates/fin/deployment.yaml create mode 100644 charts/hopps/templates/fin/ingress.yaml create mode 100644 charts/hopps/templates/fin/service.yaml create mode 100644 charts/hopps/templates/fin/serviceaccount.yaml create mode 100644 charts/hopps/templates/frontend/deployment.yaml create mode 100644 charts/hopps/templates/frontend/ingress.yaml create mode 100644 charts/hopps/templates/frontend/service.yaml create mode 100644 charts/hopps/templates/frontend/serviceaccount.yaml create mode 100644 charts/hopps/templates/org/deployment.yaml create mode 100644 charts/hopps/templates/org/ingress.yaml create mode 100644 charts/hopps/templates/org/service.yaml create mode 100644 charts/hopps/templates/org/serviceaccount.yaml create mode 100644 charts/hopps/values.yaml diff --git a/.github/workflows/helm-release.yaml b/.github/workflows/helm-release.yaml new file mode 100644 index 00000000..82f1e1d7 --- /dev/null +++ b/.github/workflows/helm-release.yaml @@ -0,0 +1,55 @@ +name: Release Charts + +on: + push: + paths: + - 'charts/hopps/**' + branches: + - main + workflow_dispatch: # allow manual trigger + +# depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions +# see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token +permissions: + contents: read + packages: write + +jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Configure Git + run: | + git config user.name ${{ github.actor }} + git config user.email ${{ github.actor }}@users.noreply.github.com + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: 3.x + + - name: Install Python dependencies + run: pip install pyyaml yq + + - name: Get latest release version + id: get_latest_release + run: | + VERSION=$(yq '.version' charts/hopps/Chart.yaml) + echo "VERSION=$VERSION" >> $GITHUB_ENV + echo "Version: $VERSION" + + - name: Chart | push + uses: appany/helm-oci-chart-releaser@v0.4.2 + with: + name: hopps + repository: ${{ github.repository }} + path: charts/hopps + tag: ${{ env.VERSION }} + registry: ghcr.io + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/charts/hopps/.helmignore b/charts/hopps/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/hopps/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/hopps/Chart.lock b/charts/hopps/Chart.lock new file mode 100644 index 00000000..0279d495 --- /dev/null +++ b/charts/hopps/Chart.lock @@ -0,0 +1,21 @@ +dependencies: +- name: keycloak + repository: https://charts.bitnami.com/bitnami + version: 24.1.0 +- name: openfga + repository: https://openfga.github.io/helm-charts + version: 0.2.16 +- name: kafka-ui + repository: https://provectus.github.io/kafka-ui-charts + version: 0.7.6 +- name: kafka + repository: https://charts.bitnami.com/bitnami + version: 31.0.0 +- name: postgresql + repository: https://charts.bitnami.com/bitnami + version: 16.2.1 +- name: postgresql + repository: https://charts.bitnami.com/bitnami + version: 16.2.1 +digest: sha256:805d67991326d972a826255b81c0d74ef488843631cbddeb463d89e77a03accb +generated: "2024-11-17T16:45:08.263515+01:00" diff --git a/charts/hopps/Chart.yaml b/charts/hopps/Chart.yaml new file mode 100644 index 00000000..e54eac9c --- /dev/null +++ b/charts/hopps/Chart.yaml @@ -0,0 +1,56 @@ +apiVersion: v2 +name: hopps +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.0.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "0.0.1" + +dependencies: + - condition: keycloak.enabled + name: keycloak + # ToDo: make version controllable by dependabot + version: 24.1.0 + repository: https://charts.bitnami.com/bitnami + - condition: openfga.enabled + name: openfga + # ToDo: make version controllable by dependabot + version: 0.2.16 + repository: https://openfga.github.io/helm-charts + - condition: kafka-ui.enabled + name: kafka-ui + # ToDo: make version controllable by dependabot + version: 0.7.6 + repository: https://provectus.github.io/kafka-ui-charts + - condition: kafka.enabled + name: kafka + version: 31.0.0 + repository: https://charts.bitnami.com/bitnami + - condition: postgresql-fin.enabled + alias: postgresql-fin + name: postgresql + version: 16.2.1 + repository: https://charts.bitnami.com/bitnami + - condition: postgresql-org.enabled + alias: postgresql-org + name: postgresql + version: 16.2.1 + repository: https://charts.bitnami.com/bitnami + diff --git a/charts/hopps/templates/_helpers.tpl b/charts/hopps/templates/_helpers.tpl new file mode 100644 index 00000000..c9bbefb7 --- /dev/null +++ b/charts/hopps/templates/_helpers.tpl @@ -0,0 +1,199 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "hopps.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "hopps.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "hopps.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "hopps.labels" -}} +helm.sh/chart: {{ include "hopps.chart" . }} +{{ include "hopps.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "hopps.selectorLabels" -}} +app.kubernetes.io/name: {{ include "hopps.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "hopps.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "hopps.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + + +{{/* +Common labels +*/}} +{{- define "hopps.commonLabels" -}} +helm.sh/chart: {{ include "hopps.chart" . }} +app.kubernetes.io/part-of: {{ include "hopps.name" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Common selector labels +*/}} +{{- define "hopps.commonSelectorLabels" -}} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + + +{{/* +azDocumentAi labels +*/}} +{{- define "hopps.azDocumentAiLabels" -}} +{{ include "hopps.commonLabels" . }} +{{ include "hopps.azDocumentAiSelectorLabels" . }} +app.kubernetes.io/version: {{ .Chart.AppVersion }} +{{- end -}} +{{/* +azDocumentAi selector labels +*/}} +{{- define "hopps.azDocumentAiSelectorLabels" -}} +{{ include "hopps.commonSelectorLabels" . }} +app.kubernetes.io/name: {{ printf "%s-az-document-ai" (include "hopps.name" .) }} +app.kubernetes.io/component: az-document-ai +{{- end -}} +{{/* +azDocumentAi name +*/}} +{{- define "hopps.azDocumentAiName" -}} +{{- printf "%s-az-document-ai" (include "hopps.name" .) -}} +{{- end -}} +{{/* +azDocumentAi fully qualified name +*/}} +{{- define "hopps.azDocumentAiFullname" -}} +{{- printf "%s-az-document-ai" (include "hopps.fullname" .) -}} +{{- end -}} + + +{{/* +org labels +*/}} +{{- define "hopps.orgLabels" -}} +{{ include "hopps.commonLabels" . }} +{{ include "hopps.orgSelectorLabels" . }} +app.kubernetes.io/version: {{ .Chart.AppVersion }} +{{- end -}} +{{/* +org selector labels +*/}} +{{- define "hopps.orgSelectorLabels" -}} +{{ include "hopps.commonSelectorLabels" . }} +app.kubernetes.io/name: {{ printf "%s-org" (include "hopps.name" .) }} +app.kubernetes.io/component: org +{{- end -}} +{{/* +org name +*/}} +{{- define "hopps.orgName" -}} +{{- printf "%s-org" (include "hopps.name" .) -}} +{{- end -}} +{{/* +org fully qualified name +*/}} +{{- define "hopps.orgFullname" -}} +{{- printf "%s-org" (include "hopps.fullname" .) -}} +{{- end -}} + + +{{/* +fin labels +*/}} +{{- define "hopps.finLabels" -}} +{{ include "hopps.commonLabels" . }} +{{ include "hopps.finSelectorLabels" . }} +app.kubernetes.io/version: {{ .Chart.AppVersion }} +{{- end -}} +{{/* +fin selector labels +*/}} +{{- define "hopps.finSelectorLabels" -}} +{{ include "hopps.commonSelectorLabels" . }} +app.kubernetes.io/name: {{ printf "%s-fin" (include "hopps.name" .) }} +app.kubernetes.io/component: fin +{{- end -}} +{{/* +fin name +*/}} +{{- define "hopps.finName" -}} +{{- printf "%s-fin" (include "hopps.name" .) -}} +{{- end -}} +{{/* +fin fully qualified name +*/}} +{{- define "hopps.finFullname" -}} +{{- printf "%s-fin" (include "hopps.fullname" .) -}} +{{- end -}} + + +{{/* +frontend labels +*/}} +{{- define "hopps.frontendLabels" -}} +{{ include "hopps.commonLabels" . }} +{{ include "hopps.frontendSelectorLabels" . }} +app.kubernetes.io/version: {{ .Chart.AppVersion }} +{{- end -}} +{{/* +frontend selector labels +*/}} +{{- define "hopps.frontendSelectorLabels" -}} +{{ include "hopps.commonSelectorLabels" . }} +app.kubernetes.io/name: {{ printf "%s-frontend" (include "hopps.name" .) }} +app.kubernetes.io/component: frontend +{{- end -}} +{{/* +frontend name +*/}} +{{- define "hopps.frontendName" -}} +{{- printf "%s-frontend" (include "hopps.name" .) -}} +{{- end -}} +{{/* +frontend fully qualified name +*/}} +{{- define "hopps.frontendFullname" -}} +{{- printf "%s-frontend" (include "hopps.fullname" .) -}} +{{- end -}} diff --git a/charts/hopps/templates/az-document-ai/deployment.yaml b/charts/hopps/templates/az-document-ai/deployment.yaml new file mode 100644 index 00000000..f92f1497 --- /dev/null +++ b/charts/hopps/templates/az-document-ai/deployment.yaml @@ -0,0 +1,77 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "hopps.azDocumentAiFullname" . }} + labels: + {{- include "hopps.azDocumentAiLabels" . | nindent 4 }} +spec: + {{- if not .Values.azDocumentAi.autoscaling.enabled }} + replicas: {{ .Values.azDocumentAi.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "hopps.azDocumentAiSelectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.azDocumentAi.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "hopps.azDocumentAiSelectorLabels" . | nindent 8 }} + {{- with .Values.azDocumentAi.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.azDocumentAi.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.azDocumentAi.serviceAccount.create }} + serviceAccountName: {{ .Values.azDocumentAi.serviceAccount.name | default (include "hopps.azDocumentAiFullname" .) }} + {{- end }} + securityContext: + {{- toYaml .Values.azDocumentAi.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + {{- if .Values.azDocumentAi.envVars }} + env: + {{- toYaml .Values.azDocumentAi.envVars | nindent 12 }} + {{- end }} + securityContext: + {{- toYaml .Values.azDocumentAi.securityContext | nindent 12 }} + image: "{{ .Values.azDocumentAi.image.repository }}:{{ .Values.azDocumentAi.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.azDocumentAi.image.pullPolicy }} + {{- with .Values.azDocumentAi.envFrom }} + envFrom: {{ toYaml . | nindent 8 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.azDocumentAi.service.port }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.azDocumentAi.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.azDocumentAi.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.azDocumentAi.resources | nindent 12 }} + {{- with .Values.azDocumentAi.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.azDocumentAi.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.azDocumentAi.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.azDocumentAi.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.azDocumentAi.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/hopps/templates/az-document-ai/ingress.yaml b/charts/hopps/templates/az-document-ai/ingress.yaml new file mode 100644 index 00000000..207bfb73 --- /dev/null +++ b/charts/hopps/templates/az-document-ai/ingress.yaml @@ -0,0 +1,43 @@ +{{- if .Values.azDocumentAi.ingress.enabled -}} +{{- $fullName := include "hopps.azDocumentAiFullname" . -}} +{{- $ingressPath := .Values.azDocumentAi.ingress.path -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "hopps.azDocumentAiLabels" . | nindent 4 }} +{{- with .Values.azDocumentAi.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + {{- if or (.Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass") (.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass") }} + {{- if .Values.azDocumentAi.ingress.ingressClassName }} + ingressClassName: {{ .Values.azDocumentAi.ingress.ingressClassName }} + {{- end }} + {{- end }} +{{- if .Values.azDocumentAi.ingress.tls }} + tls: + {{- range .Values.azDocumentAi.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.azDocumentAi.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + - pathType: Prefix + path: {{ $ingressPath }} + backend: + service: + name: {{ $fullName }} + port: + name: http + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/hopps/templates/az-document-ai/service.yaml b/charts/hopps/templates/az-document-ai/service.yaml new file mode 100644 index 00000000..b1863911 --- /dev/null +++ b/charts/hopps/templates/az-document-ai/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "hopps.azDocumentAiFullname" . }} + labels: + {{- include "hopps.azDocumentAiLabels" . | nindent 4 }} +spec: + type: {{ .Values.azDocumentAi.service.type }} + ports: + - port: {{ .Values.azDocumentAi.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "hopps.azDocumentAiSelectorLabels" . | nindent 4 }} diff --git a/charts/hopps/templates/az-document-ai/serviceaccount.yaml b/charts/hopps/templates/az-document-ai/serviceaccount.yaml new file mode 100644 index 00000000..cf912a04 --- /dev/null +++ b/charts/hopps/templates/az-document-ai/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.azDocumentAi.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.azDocumentAi.serviceAccount.name | default (include "hopps.azDocumentAiFullname" .) }} + labels: + {{- include "hopps.azDocumentAiLabels" . | nindent 4 }} + {{- with .Values.azDocumentAi.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.azDocumentAi.serviceAccount.automount }} +{{- end }} diff --git a/charts/hopps/templates/fin/deployment.yaml b/charts/hopps/templates/fin/deployment.yaml new file mode 100644 index 00000000..3d6af411 --- /dev/null +++ b/charts/hopps/templates/fin/deployment.yaml @@ -0,0 +1,77 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "hopps.finFullname" . }} + labels: + {{- include "hopps.finLabels" . | nindent 4 }} +spec: + {{- if not .Values.fin.autoscaling.enabled }} + replicas: {{ .Values.fin.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "hopps.finSelectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.fin.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "hopps.finSelectorLabels" . | nindent 8 }} + {{- with .Values.fin.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.fin.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.fin.serviceAccount.create }} + serviceAccountName: {{ .Values.fin.serviceAccount.name | default (include "hopps.finFullname" .) }} + {{- end }} + securityContext: + {{- toYaml .Values.fin.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + {{- if .Values.fin.envVars }} + env: + {{- toYaml .Values.fin.envVars | nindent 12 }} + {{- end }} + securityContext: + {{- toYaml .Values.fin.securityContext | nindent 12 }} + image: "{{ .Values.fin.image.repository }}:{{ .Values.fin.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.fin.image.pullPolicy }} + {{- with .Values.fin.envFrom }} + envFrom: {{ toYaml . | nindent 8 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.fin.service.port }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.fin.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.fin.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.fin.resources | nindent 12 }} + {{- with .Values.fin.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.fin.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.fin.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.fin.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.fin.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/hopps/templates/fin/ingress.yaml b/charts/hopps/templates/fin/ingress.yaml new file mode 100644 index 00000000..27076084 --- /dev/null +++ b/charts/hopps/templates/fin/ingress.yaml @@ -0,0 +1,43 @@ +{{- if .Values.fin.ingress.enabled -}} +{{- $fullName := include "hopps.finFullname" . -}} +{{- $ingressPath := .Values.fin.ingress.path -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "hopps.finLabels" . | nindent 4 }} +{{- with .Values.fin.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + {{- if or (.Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass") (.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass") }} + {{- if .Values.fin.ingress.ingressClassName }} + ingressClassName: {{ .Values.fin.ingress.ingressClassName }} + {{- end }} + {{- end }} +{{- if .Values.fin.ingress.tls }} + tls: + {{- range .Values.fin.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.fin.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + - pathType: Prefix + path: {{ $ingressPath }} + backend: + service: + name: {{ $fullName }} + port: + name: http + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/hopps/templates/fin/service.yaml b/charts/hopps/templates/fin/service.yaml new file mode 100644 index 00000000..e1cf175a --- /dev/null +++ b/charts/hopps/templates/fin/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "hopps.finFullname" . }} + labels: + {{- include "hopps.finLabels" . | nindent 4 }} +spec: + type: {{ .Values.fin.service.type }} + ports: + - port: {{ .Values.fin.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "hopps.finSelectorLabels" . | nindent 4 }} diff --git a/charts/hopps/templates/fin/serviceaccount.yaml b/charts/hopps/templates/fin/serviceaccount.yaml new file mode 100644 index 00000000..5d4e1f46 --- /dev/null +++ b/charts/hopps/templates/fin/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.fin.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.fin.serviceAccount.name | default (include "hopps.finFullname" .) }} + labels: + {{- include "hopps.finLabels" . | nindent 4 }} + {{- with .Values.fin.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.fin.serviceAccount.automount }} +{{- end }} diff --git a/charts/hopps/templates/frontend/deployment.yaml b/charts/hopps/templates/frontend/deployment.yaml new file mode 100644 index 00000000..42e3f858 --- /dev/null +++ b/charts/hopps/templates/frontend/deployment.yaml @@ -0,0 +1,77 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "hopps.frontendFullname" . }} + labels: + {{- include "hopps.frontendLabels" . | nindent 4 }} +spec: + {{- if not .Values.frontend.autoscaling.enabled }} + replicas: {{ .Values.org.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "hopps.frontendSelectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.frontend.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "hopps.frontendSelectorLabels" . | nindent 8 }} + {{- with .Values.frontend.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.frontend.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.frontend.serviceAccount.create }} + serviceAccountName: {{ .Values.frontend.serviceAccount.name | default (include "hopps.frontendFullname" .) }} + {{- end }} + securityContext: + {{- toYaml .Values.frontend.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + {{- if .Values.frontend.envVars }} + env: + {{- toYaml .Values.frontend.envVars | nindent 12 }} + {{- end }} + securityContext: + {{- toYaml .Values.frontend.securityContext | nindent 12 }} + image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.frontend.image.pullPolicy }} + {{- with .Values.frontend.envFrom }} + envFrom: {{ toYaml . | nindent 8 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.frontend.service.port }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.frontend.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.frontend.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.frontend.resources | nindent 12 }} + {{- with .Values.frontend.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.frontend.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.frontend.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.frontend.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.frontend.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/hopps/templates/frontend/ingress.yaml b/charts/hopps/templates/frontend/ingress.yaml new file mode 100644 index 00000000..12ba4f76 --- /dev/null +++ b/charts/hopps/templates/frontend/ingress.yaml @@ -0,0 +1,43 @@ +{{- if .Values.frontend.ingress.enabled -}} +{{- $fullName := include "hopps.frontendFullname" . -}} +{{- $ingressPath := .Values.org.ingress.path -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "hopps.frontendLabels" . | nindent 4 }} +{{- with .Values.frontend.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + {{- if or (.Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass") (.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass") }} + {{- if .Values.org.ingress.ingressClassName }} + ingressClassName: {{ .Values.org.ingress.ingressClassName }} + {{- end }} + {{- end }} +{{- if .Values.frontend.ingress.tls }} + tls: + {{- range .Values.frontend.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.frontend.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + - pathType: Prefix + path: {{ $ingressPath }} + backend: + service: + name: {{ $fullName }} + port: + name: http + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/hopps/templates/frontend/service.yaml b/charts/hopps/templates/frontend/service.yaml new file mode 100644 index 00000000..a77fcbbb --- /dev/null +++ b/charts/hopps/templates/frontend/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "hopps.frontendFullname" . }} + labels: + {{- include "hopps.frontendLabels" . | nindent 4 }} +spec: + type: {{ .Values.frontend.service.type }} + ports: + - port: {{ .Values.frontend.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "hopps.frontendSelectorLabels" . | nindent 4 }} diff --git a/charts/hopps/templates/frontend/serviceaccount.yaml b/charts/hopps/templates/frontend/serviceaccount.yaml new file mode 100644 index 00000000..0deacdcb --- /dev/null +++ b/charts/hopps/templates/frontend/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.frontend.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.frontend.serviceAccount.name | default (include "hopps.frontendFullname" .) }} + labels: + {{- include "hopps.frontendLabels" . | nindent 4 }} + {{- with .Values.frontend.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.frontend.serviceAccount.automount }} +{{- end }} diff --git a/charts/hopps/templates/org/deployment.yaml b/charts/hopps/templates/org/deployment.yaml new file mode 100644 index 00000000..dca06a4c --- /dev/null +++ b/charts/hopps/templates/org/deployment.yaml @@ -0,0 +1,77 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "hopps.orgFullname" . }} + labels: + {{- include "hopps.orgLabels" . | nindent 4 }} +spec: + {{- if not .Values.org.autoscaling.enabled }} + replicas: {{ .Values.org.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "hopps.orgSelectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.org.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "hopps.orgSelectorLabels" . | nindent 8 }} + {{- with .Values.org.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.org.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.org.serviceAccount.create }} + serviceAccountName: {{ .Values.org.serviceAccount.name | default (include "hopps.orgFullname" .) }} + {{- end }} + securityContext: + {{- toYaml .Values.org.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + {{- if .Values.org.envVars }} + env: + {{- toYaml .Values.org.envVars | nindent 12 }} + {{- end }} + securityContext: + {{- toYaml .Values.org.securityContext | nindent 12 }} + image: "{{ .Values.org.image.repository }}:{{ .Values.org.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.org.image.pullPolicy }} + {{- with .Values.org.envFrom }} + envFrom: {{ toYaml . | nindent 8 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.org.service.port }} + protocol: TCP + livenessProbe: + {{- toYaml .Values.org.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.org.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.org.resources | nindent 12 }} + {{- with .Values.org.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.org.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.org.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.org.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.org.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/hopps/templates/org/ingress.yaml b/charts/hopps/templates/org/ingress.yaml new file mode 100644 index 00000000..36754e41 --- /dev/null +++ b/charts/hopps/templates/org/ingress.yaml @@ -0,0 +1,43 @@ +{{- if .Values.org.ingress.enabled -}} +{{- $fullName := include "hopps.orgFullname" . -}} +{{- $ingressPath := .Values.org.ingress.path -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "hopps.orgLabels" . | nindent 4 }} +{{- with .Values.org.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + {{- if or (.Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass") (.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass") }} + {{- if .Values.org.ingress.ingressClassName }} + ingressClassName: {{ .Values.org.ingress.ingressClassName }} + {{- end }} + {{- end }} +{{- if .Values.org.ingress.tls }} + tls: + {{- range .Values.org.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.org.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + - pathType: Prefix + path: {{ $ingressPath }} + backend: + service: + name: {{ $fullName }} + port: + name: http + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/hopps/templates/org/service.yaml b/charts/hopps/templates/org/service.yaml new file mode 100644 index 00000000..4e4ef89d --- /dev/null +++ b/charts/hopps/templates/org/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "hopps.orgFullname" . }} + labels: + {{- include "hopps.orgLabels" . | nindent 4 }} +spec: + type: {{ .Values.org.service.type }} + ports: + - port: {{ .Values.org.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "hopps.orgSelectorLabels" . | nindent 4 }} diff --git a/charts/hopps/templates/org/serviceaccount.yaml b/charts/hopps/templates/org/serviceaccount.yaml new file mode 100644 index 00000000..3779df48 --- /dev/null +++ b/charts/hopps/templates/org/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.org.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.org.serviceAccount.name | default (include "hopps.orgFullname" .) }} + labels: + {{- include "hopps.orgLabels" . | nindent 4 }} + {{- with .Values.org.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.org.serviceAccount.automount }} +{{- end }} diff --git a/charts/hopps/values.yaml b/charts/hopps/values.yaml new file mode 100644 index 00000000..b8ac4923 --- /dev/null +++ b/charts/hopps/values.yaml @@ -0,0 +1,521 @@ +global: + test: value + +nameOverride: "" +fullnameOverride: "" + +azDocumentAi: + replicaCount: 1 + # ToDo: should also be globally configurable + # List of imagePullSecrets for private image repositories + imagePullSecrets: [] + image: + # ToDo: should also be globally configurable + #registry: ghcr.io + repository: ghcr.io/hopps-app/hopps/az-document-ai + tag: "" + pullPolicy: IfNotPresent + envFrom: [] + # - configMapRef: + # name: name + envVars: [] + #- name: ENV_VAR + # value: value + ingress: + enabled: false + annotations: {} + ingressClassName: ~ + path: / + hosts: + - chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + podAnnotations: {} + podLabels: {} + podSecurityContext: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsNonRoot: true + runAsUser: 1000 + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + service: + type: ClusterIP + annotations: {} + labels: {} + port: 8100 + strategy: {} + # type: Recreate + autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + serviceMonitor: + enabled: false + namespace: ~ + scrapeInterval: 15s + scrapeTimeout: 15s + serviceAccount: + create: true + annotations: {} + # ToDo: make fallback name unique + name: az-document-ai + automount: false + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + resources: {} + # requests: + # cpu: 100m + # memory: 256Mi + # limits: + # cpu: 100m + # memory: 256Mi + # Node selector settings for scheduling the pod on specific nodes + nodeSelector: {} + # Tolerations settings for scheduling the pod based on node taints + tolerations: [] + # Affinity settings for controlling pod scheduling + affinity: {} + # ToDo: enable when endpoints are available + livenessProbe: {} + # failureThreshold: 3 + # httpGet: + # path: / + # port: http + # scheme: HTTP + # periodSeconds: 20 + # successThreshold: 1 + # timeoutSeconds: 2 + readinessProbe: {} + # failureThreshold: 3 + # httpGet: + # path: / + # port: http + # scheme: HTTP + # periodSeconds: 10 + # successThreshold: 1 + # timeoutSeconds: 1 + startupProbe: {} + # initialDelaySeconds: 1 + # periodSeconds: 5 + # timeoutSeconds: 1 + # successThreshold: 1 + # failureThreshold: 1 + # httpGet: + # scheme: HTTP + # path: / + # port: http + volumes: + - name: cache + emptyDir: {} + volumeMounts: + - name: cache + mountPath: /tmp +fin: + replicaCount: 1 + # ToDo: should also be globally configurable + # List of imagePullSecrets for private image repositories + imagePullSecrets: [] + image: + # ToDo: should also be globally configurable + #registry: ghcr.io + repository: ghcr.io/hopps-app/hopps/fin + tag: "" + pullPolicy: IfNotPresent + envFrom: [] + # - configMapRef: + # name: name + envVars: [] + #- name: ENV_VAR + # value: value + ingress: + enabled: false + annotations: {} + ingressClassName: ~ + path: / + hosts: + - chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + podAnnotations: {} + podLabels: {} + podSecurityContext: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsNonRoot: true + runAsUser: 1000 + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + service: + type: ClusterIP + annotations: {} + labels: {} + port: 8080 + strategy: {} + # type: Recreate + autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + serviceMonitor: + enabled: false + namespace: ~ + scrapeInterval: 15s + scrapeTimeout: 15s + serviceAccount: + create: true + annotations: {} + name: "" + automount: false + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + resources: {} + # requests: + # cpu: 100m + # memory: 256Mi + # limits: + # cpu: 100m + # memory: 256Mi + # Node selector settings for scheduling the pod on specific nodes + nodeSelector: {} + # Tolerations settings for scheduling the pod based on node taints + tolerations: [] + # Affinity settings for controlling pod scheduling + affinity: {} + # ToDo: allow healhchecks to be disable + # ToDo: enable when endpoints are available + livenessProbe: {} + # failureThreshold: 3 + # httpGet: + # path: / + # port: http + # scheme: HTTP + # periodSeconds: 20 + # successThreshold: 1 + # timeoutSeconds: 2 + readinessProbe: {} + # failureThreshold: 3 + # httpGet: + # path: / + # port: http + # scheme: HTTP + # periodSeconds: 10 + # successThreshold: 1 + # timeoutSeconds: 1 + startupProbe: {} + # initialDelaySeconds: 1 + # periodSeconds: 5 + # timeoutSeconds: 1 + # successThreshold: 1 + # failureThreshold: 1 + # httpGet: + # scheme: HTTP + # path: / + # port: http + volumes: + - name: cache + emptyDir: {} + volumeMounts: + - name: cache + mountPath: /tmp + +postgresql-fin: + enabled: true + nameOverride: fin-postgresql + auth: + database: fin + +org: + replicaCount: 1 + # ToDo: should also be globally configurable + # List of imagePullSecrets for private image repositories + imagePullSecrets: [] + image: + # ToDo: should also be globally configurable + #registry: ghcr.io + repository: ghcr.io/hopps-app/hopps/org + tag: "" + pullPolicy: IfNotPresent + envFrom: [] + # - configMapRef: + # name: name + envVars: [] + #- name: ENV_VAR + # value: value + ingress: + enabled: false + annotations: {} + ingressClassName: ~ + path: / + hosts: + - chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + podAnnotations: {} + podLabels: {} + podSecurityContext: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsNonRoot: true + runAsUser: 1000 + readOnlyRootFilesystem: true + seccompProfile: + type: RuntimeDefault + service: + type: ClusterIP + annotations: {} + labels: {} + port: 8080 + strategy: {} + # type: Recreate + autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + serviceMonitor: + enabled: false + namespace: ~ + scrapeInterval: 15s + scrapeTimeout: 15s + serviceAccount: + create: true + annotations: {} + name: "" + automount: false + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + resources: {} + # requests: + # cpu: 100m + # memory: 256Mi + # limits: + # cpu: 100m + # memory: 256Mi + # Node selector settings for scheduling the pod on specific nodes + nodeSelector: {} + # Tolerations settings for scheduling the pod based on node taints + tolerations: [] + # Affinity settings for controlling pod scheduling + affinity: {} + # ToDo: allow healhchecks to be disable + # ToDo: enable when endpoints are available + livenessProbe: {} + # failureThreshold: 3 + # httpGet: + # path: / + # port: http + # scheme: HTTP + # periodSeconds: 20 + # successThreshold: 1 + # timeoutSeconds: 2 + readinessProbe: {} + # failureThreshold: 3 + # httpGet: + # path: / + # port: http + # scheme: HTTP + # periodSeconds: 10 + # successThreshold: 1 + # timeoutSeconds: 1 + startupProbe: {} + # initialDelaySeconds: 1 + # periodSeconds: 5 + # timeoutSeconds: 1 + # successThreshold: 1 + # failureThreshold: 1 + # httpGet: + # scheme: HTTP + # path: / + # port: http + volumes: + - name: cache + emptyDir: {} + volumeMounts: + - name: cache + mountPath: /tmp + +postgresql-org: + enabled: true + nameOverride: org-postgresql + auth: + database: org + +frontend: + replicaCount: 1 + # ToDo: should also be globally configurable + # List of imagePullSecrets for private image repositories + imagePullSecrets: [] + image: + # ToDo: should also be globally configurable + #registry: ghcr.io + repository: ghcr.io/hopps-app/hopps/frontend + tag: "" + pullPolicy: IfNotPresent + envFrom: [] + # - configMapRef: + # name: name + envVars: [] + #- name: ENV_VAR + # value: value + ingress: + enabled: false + annotations: {} + ingressClassName: ~ + path: / + hosts: + - chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + podAnnotations: {} + podLabels: {} + podSecurityContext: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsNonRoot: true + runAsUser: 1000 + # ToDo: check if can be run with readonly root filesystem, following access is needed + # - /var/cache/nginx + # - /etc/nginx/config.d + # - /var/run/nginx.pid + readOnlyRootFilesystem: false + seccompProfile: + type: RuntimeDefault + service: + type: ClusterIP + annotations: {} + labels: {} + port: 8080 + strategy: {} + # type: Recreate + autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + serviceMonitor: + enabled: false + namespace: ~ + scrapeInterval: 15s + scrapeTimeout: 15s + serviceAccount: + create: true + annotations: {} + name: "" + automount: false + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + resources: {} + # requests: + # cpu: 100m + # memory: 256Mi + # limits: + # cpu: 100m + # memory: 256Mi + # Node selector settings for scheduling the pod on specific nodes + nodeSelector: {} + # Tolerations settings for scheduling the pod based on node taints + tolerations: [] + # Affinity settings for controlling pod scheduling + affinity: { } + # ToDo: allow healhchecks to be disable + # ToDo: enable when endpoints are available + livenessProbe: {} + # failureThreshold: 3 + # httpGet: + # path: / + # port: http + # scheme: HTTP + # periodSeconds: 20 + # successThreshold: 1 + # timeoutSeconds: 2 + readinessProbe: {} + # failureThreshold: 3 + # httpGet: + # path: / + # port: http + # scheme: HTTP + # periodSeconds: 10 + # successThreshold: 1 + # timeoutSeconds: 1 + startupProbe: {} + # initialDelaySeconds: 1 + # periodSeconds: 5 + # timeoutSeconds: 1 + # successThreshold: 1 + # failureThreshold: 1 + # httpGet: + # scheme: HTTP + # path: / + # port: http + volumes: + - name: cache + emptyDir: {} + volumeMounts: + - name: cache + mountPath: /var/cache/nginx + +# external dependencies +keycloak: + enabled: false + +kafka-ui: + enabled: false + #yamlApplicationConfig: + # kafka: + # clusters: + # - name: yaml + # # ToDo: url should automatically be calculated, dependent on the name of the release-name + # bootstrapServers: hopps-kafka:9092 + # auth: + # type: disabled + # management: + # health: + # ldap: + # enabled: false + # ingress: + # enabled: true + # ingressClassName: nginx + # annotations: {} + # # cert-manager.io/cluster-issuer: letsencrypt-prod + # tls: + # enabled: true + # secretName: kafka-tls + # # ToDo: mask domain + # host: kafka-ui.