diff --git a/packs/archivista-0.7.0/charts/archivista-0.7.0.tgz b/packs/archivista-0.7.0/charts/archivista-0.7.0.tgz new file mode 100644 index 0000000..1ed004d Binary files /dev/null and b/packs/archivista-0.7.0/charts/archivista-0.7.0.tgz differ diff --git a/packs/archivista-0.8.0/README.md b/packs/archivista-0.8.0/README.md new file mode 100644 index 0000000..7662436 --- /dev/null +++ b/packs/archivista-0.8.0/README.md @@ -0,0 +1,51 @@ +# Archivista + +![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +Helm chart for Archivista - a graph and storage service for in-toto attestations. + +## Prerequisites + +A MySQL database and S3 compatible store are needed to successfully install this Helm chart. +See [Archivista configuration](https://github.com/in-toto/archivista#configuration) for environment variables needed +to establish connections to each datastore. These environment variables can be added to this Helm chart using the value `deployment.env[]`. + +## Parameters + +| Key | Type | Default | +|--- |--- |--- | +| affinity | object | `{}` | +| autoscaling.enabled | bool | `false` | +| autoscaling.maxReplicas | int | `10` | +| autoscaling.minReplicas | int | `1` | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | +| deployment.env | list | `[]` | +| fullnameOverride | string | `""` | +| image.pullPolicy | string | `"IfNotPresent"` | +| image.repository | string | `"ghcr.io/testifysec/archivista"` | +| image.tag | string | `"0.1.1"` | +| ingress.annotations | object | `{}` | +| ingress.className | string | `""` | +| ingress.enabled | bool | `true` | +| ingress.hosts[0].host | string | `"archivista.localhost"` | +| ingress.hosts[0].path | string | `"/"` | +| ingress.tls | list | `[]` | +| nameOverride | string | `""` | +| nodeSelector | object | `{}` | +| podAnnotations | object | `{}` | +| podSecurityContext | object | `{}` | +| replicaCount | int | `1` | +| resources | object | `{}` | +| serviceAccount.annotations | object | `{}` | +| serviceAccount.create | bool | `false` | +| serviceAccount.name | string | `""` | +| service.port | int | `8082` | +| service.type | string | `"ClusterIP"` | +| tolerations | list | `[]` | + + +## References + +- [Archivista Helm Chart](https://github.com/in-toto/archivista/chart) +- [Archivista](https://github.com/in-toto/archivista) +- [in-toto](https://in-toto.io/) \ No newline at end of file diff --git a/packs/archivista-0.8.0/charts/.helmignore b/packs/archivista-0.8.0/charts/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/packs/archivista-0.8.0/charts/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/packs/archivista-0.8.0/charts/archivista-0.8.0.tgz b/packs/archivista-0.8.0/charts/archivista-0.8.0.tgz new file mode 100644 index 0000000..1d45a71 Binary files /dev/null and b/packs/archivista-0.8.0/charts/archivista-0.8.0.tgz differ diff --git a/packs/archivista-0.8.0/charts/archivista/Chart.yaml b/packs/archivista-0.8.0/charts/archivista/Chart.yaml new file mode 100644 index 0000000..62a2371 --- /dev/null +++ b/packs/archivista-0.8.0/charts/archivista/Chart.yaml @@ -0,0 +1,34 @@ +# Copyright 2024 The Archivista Contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v2 +name: archivista +description: A Helm chart for Archivista + +type: application +version: 0.5.1 + +keywords: + - attestation + +home: https://github.com/in-toto/ + +sources: + - https://github.com/in-toto/archivista/chart + - https://github.com/in-toto/archivista + +maintainers: + - name: in-toto + +appVersion: "0.8.0" diff --git a/packs/archivista-0.8.0/charts/archivista/LICENSE b/packs/archivista-0.8.0/charts/archivista/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/packs/archivista-0.8.0/charts/archivista/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packs/archivista-0.8.0/charts/archivista/templates/NOTES.txt b/packs/archivista-0.8.0/charts/archivista/templates/NOTES.txt new file mode 100644 index 0000000..3746b4e --- /dev/null +++ b/packs/archivista-0.8.0/charts/archivista/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. If GraphiQL is enabled, you can visit the URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "archivista.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "archivista.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "archivista.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "archivista.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/packs/archivista-0.8.0/charts/archivista/templates/_helpers.tpl b/packs/archivista-0.8.0/charts/archivista/templates/_helpers.tpl new file mode 100644 index 0000000..daf6d3b --- /dev/null +++ b/packs/archivista-0.8.0/charts/archivista/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "archivista.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "archivista.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "archivista.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "archivista.labels" -}} +helm.sh/chart: {{ include "archivista.chart" . }} +{{ include "archivista.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "archivista.selectorLabels" -}} +app.kubernetes.io/name: {{ include "archivista.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "archivista.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "archivista.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/packs/archivista-0.8.0/charts/archivista/templates/deployment.yaml b/packs/archivista-0.8.0/charts/archivista/templates/deployment.yaml new file mode 100644 index 0000000..ff8ffd2 --- /dev/null +++ b/packs/archivista-0.8.0/charts/archivista/templates/deployment.yaml @@ -0,0 +1,55 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "archivista.fullname" . }} + labels: + {{- include "archivista.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "archivista.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "archivista.selectorLabels" . | nindent 8 }} + spec: + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- toYaml .Values.deployment.env | nindent 12 }} + {{- with .Values.deployment.envFrom }} + envFrom: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: graphql + containerPort: 8082 + protocol: TCP + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "archivista.serviceAccountName" . }} diff --git a/packs/archivista-0.8.0/charts/archivista/templates/ingress.yaml b/packs/archivista-0.8.0/charts/archivista/templates/ingress.yaml new file mode 100644 index 0000000..0568138 --- /dev/null +++ b/packs/archivista-0.8.0/charts/archivista/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "archivista.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "archivista.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/packs/archivista-0.8.0/charts/archivista/templates/service.yaml b/packs/archivista-0.8.0/charts/archivista/templates/service.yaml new file mode 100644 index 0000000..9e1596e --- /dev/null +++ b/packs/archivista-0.8.0/charts/archivista/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "archivista.fullname" . }} + labels: + {{- include "archivista.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: graphql + protocol: TCP + name: graphql + selector: + {{- include "archivista.selectorLabels" . | nindent 4 }} diff --git a/packs/archivista-0.8.0/charts/archivista/templates/serviceaccount.yaml b/packs/archivista-0.8.0/charts/archivista/templates/serviceaccount.yaml new file mode 100644 index 0000000..3fac201 --- /dev/null +++ b/packs/archivista-0.8.0/charts/archivista/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "archivista.serviceAccountName" . }} + labels: + {{- include "archivista.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/packs/archivista-0.8.0/charts/archivista/values.yaml b/packs/archivista-0.8.0/charts/archivista/values.yaml new file mode 100644 index 0000000..54bc194 --- /dev/null +++ b/packs/archivista-0.8.0/charts/archivista/values.yaml @@ -0,0 +1,102 @@ +# Copyright 2023 The Archivista Contributors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +replicaCount: 1 + +image: + repository: ghcr.io/in-toto/archivista + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "0.8.0" + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + create: false + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +deployment: + env: [] + # - name: ARCHIVISTA_SQL_STORE_CONNECTION_STRING + # value: "user:pass@tcp(localhost:3306)/testify" + # - name: ARCHIVISTA_STORAGE_BACKEND + # value: "BLOB" + # - name: ARCHIVISTA_BLOB_STORE_ENDPOINT + # value: localhost:9000 + # - name: ARCHIVISTA_BLOB_STORE_ACCESS_KEY_ID + # value: testifytestifytestify + # - name: ARCHIVISTA_BLOB_STORE_SECRET_ACCESS_KEY_ID + # value: exampleexampleexample + # - name: ARCHIVISTA_BLOB_STORE_USE_TLS + # value: "FALSE" + # - name: ARCHIVISTA_BLOB_STORE_BUCKET_NAME + # value: attestations + + ## Allows the specification of a configmap or secret to set all key-value pairs as environment variables for Archivista + envFrom: [] + +service: + type: ClusterIP + port: 8082 + +ingress: + enabled: true + className: "" + annotations: {} + hosts: + - host: archivista.localhost + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - archivista.localhost + +resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 10 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/packs/archivista-0.8.0/logo.png b/packs/archivista-0.8.0/logo.png new file mode 100644 index 0000000..99b50fe Binary files /dev/null and b/packs/archivista-0.8.0/logo.png differ diff --git a/packs/archivista-0.8.0/pack.json b/packs/archivista-0.8.0/pack.json new file mode 100644 index 0000000..b0431ae --- /dev/null +++ b/packs/archivista-0.8.0/pack.json @@ -0,0 +1,16 @@ +{ + "addonType": "security", + "ansibleRoles": [], + "annotations": { + "source": "community", + "contributor": "spectrocloud" + }, + "cloudTypes": ["all"], + "displayName": "Archivista", + "eol": "", + "group": "", + "charts": ["charts/archivista-0.8.0.tgz"], + "layer": "addon", + "name": "archivista", + "version": "0.8.0" +} diff --git a/packs/archivista-0.8.0/values.yaml b/packs/archivista-0.8.0/values.yaml new file mode 100644 index 0000000..91382fc --- /dev/null +++ b/packs/archivista-0.8.0/values.yaml @@ -0,0 +1,110 @@ +pack: + namespace: "archivista" + content: + images: + - image: ghcr.io/in-toto/archivista:0.8.0 + +charts: + archivista: + # Copyright 2023 The Archivista Contributors + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + replicaCount: 1 + + image: + repository: ghcr.io/in-toto/archivista + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "0.8.0" + + nameOverride: "" + fullnameOverride: "" + + serviceAccount: + create: false + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + podAnnotations: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + deployment: + env: [] + # - name: ARCHIVISTA_SQL_STORE_CONNECTION_STRING + # value: "user:pass@tcp(localhost:3306)/testify" + # - name: ARCHIVISTA_STORAGE_BACKEND + # value: "BLOB" + # - name: ARCHIVISTA_BLOB_STORE_ENDPOINT + # value: localhost:9000 + # - name: ARCHIVISTA_BLOB_STORE_ACCESS_KEY_ID + # value: testifytestifytestify + # - name: ARCHIVISTA_BLOB_STORE_SECRET_ACCESS_KEY_ID + # value: exampleexampleexample + # - name: ARCHIVISTA_BLOB_STORE_USE_TLS + # value: "FALSE" + # - name: ARCHIVISTA_BLOB_STORE_BUCKET_NAME + # value: attestations + + ## Allows the specification of a configmap or secret to set all key-value pairs as environment variables for Archivista + envFrom: [] + + service: + type: ClusterIP + port: 8082 + + ingress: + enabled: true + className: "" + annotations: {} + hosts: + - host: archivista.localhost + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - archivista.localhost + + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 10 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + + nodeSelector: {} + + tolerations: [] + + affinity: {}