diff --git a/charts/incubator/portainer-ce/.helmignore b/charts/incubator/portainer-ce/.helmignore new file mode 100644 index 00000000000..77ca5567b26 --- /dev/null +++ b/charts/incubator/portainer-ce/.helmignore @@ -0,0 +1,30 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +# OWNERS file for Kubernetes +OWNERS +# helm-docs templates +*.gotmpl +# docs folder +/docs +# icon +icon.png diff --git a/charts/incubator/portainer-ce/Chart.yaml b/charts/incubator/portainer-ce/Chart.yaml new file mode 100644 index 00000000000..4df3cea77f0 --- /dev/null +++ b/charts/incubator/portainer-ce/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +appVersion: "10.6.2" +dependencies: + - name: common + repository: https://library-charts.truecharts.org + version: 10.5.10 +description: Container management made easy +home: https://truecharts.org/docs/charts/stable/portainer-ce +icon: https://truecharts.org/img/hotlink-ok/chart-icons/portainer-ce.png +keywords: + - portainer +kubeVersion: ">=1.16.0-0" +maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: portainer-ce +sources: + - https://docs.portainer.io/v/ce-2.11/start/install/server/kubernetes/baremetal + - https://hub.docker.com/r/portainer/portainer-ce +version: 0.0.1 +annotations: + truecharts.org/catagories: | + - management + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/charts/incubator/portainer-ce/README.md b/charts/incubator/portainer-ce/README.md new file mode 100644 index 00000000000..e69de29bb2d diff --git a/charts/incubator/portainer-ce/icon.png b/charts/incubator/portainer-ce/icon.png new file mode 100644 index 00000000000..9c7ab7db8f5 Binary files /dev/null and b/charts/incubator/portainer-ce/icon.png differ diff --git a/charts/incubator/portainer-ce/questions.yaml b/charts/incubator/portainer-ce/questions.yaml new file mode 100644 index 00000000000..70a15b72343 --- /dev/null +++ b/charts/incubator/portainer-ce/questions.yaml @@ -0,0 +1,191 @@ +# Include{groups} +portals: + open: +# Include{portalLink} +questions: +# Include{global} +# Include{controller} +# Include{controllerDeployment} +# Include{replicas} +# Include{replica1} +# Include{strategy} +# Include{recreate} +# Include{controllerExpert} +# Include{controllerExpertExtraArgs} + - variable: portainer + group: Container Configuration + label: Portainer Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: logo + label: Logo URL + description: Specifies the URL to the image to be displayed as a logo in the UI. If not specified, the Portainer logo is used instead. + schema: + type: string + default: "" + - variable: templates + label: Templates URL + description: Specifies the URL to the templates (apps) definitions. + schema: + type: string + default: "" + - variable: edge_compute + label: Edge Compute + description: Automatically enables Edge Compute features. + schema: + type: boolean + default: false + - variable: snapshot_interval + label: Snapshot Interval + description: Specifies the time interval between two environment snapshot jobs expressed as a string. For example 30s, 5m, 1h… Supported by the time.ParseDuration method + schema: + type: string + default: 5m + - variable: hide_labels + label: Hide Labels + description: Hides containers with a specific label in the UI. Format "label=value" + schema: + type: list + default: [] + items: + - variable: label + label: Label + schema: + type: string + default: "" +# Include{containerConfig} +# Include{serviceRoot} + - variable: main + label: Main Service + description: The Primary service on which the healthcheck runs, often the webUI + schema: + additional_attrs: true + type: dict + attrs: +# Include{serviceSelectorLoadBalancer} +# Include{serviceSelectorExtras} + - variable: main + label: Main Service Port Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + description: This port exposes the container port on the service + schema: + type: int + default: 10400 + required: true +# Include{advancedPortHTTPS} + - variable: targetPort + label: Target Port + description: The internal(!) port on the container the Application runs on + schema: + type: int + default: 9443 + - variable: edge + label: Edge Service + description: The Edge Service + schema: + additional_attrs: true + type: dict + attrs: +# Include{serviceSelectorLoadBalancer} +# Include{serviceSelectorExtras} + - variable: edge + label: Edge Service Port Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + description: This port exposes the container port on the service + schema: + type: int + default: 10401 + required: true +# Include{advancedPortTCP} + - variable: targetPort + label: Target Port + description: The internal(!) port on the container the Application runs on + schema: + type: int + default: 10401 +# Include{serviceExpertRoot} + default: false +# Include{serviceExpert} +# Include{serviceList} +# Include{persistenceRoot} + - variable: config + label: App Config Storage + description: Stores the Application Configuration. + schema: + additional_attrs: true + type: dict + attrs: +# Include{persistenceBasic} +# Include{persistenceAdvanced} +# Include{persistenceList} +# Include{ingressRoot} + - variable: main + label: Main Ingress + schema: + additional_attrs: true + type: dict + attrs: +# Include{ingressDefault} +# Include{ingressTLS} +# Include{ingressTraefik} +# Include{ingressExpert} +# Include{ingressList} +# Include{security} +# Include{securityContextAdvancedRoot} + - variable: privileged + label: Privileged mode + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: ReadOnly Root Filesystem + schema: + type: boolean + default: true + - variable: allowPrivilegeEscalation + label: Allow Privilege Escalation + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: runAsNonRoot + schema: + type: boolean + default: true +# Include{securityContextAdvanced} +# Include{podSecurityContextRoot} + - variable: runAsUser + label: runAsUser + description: The UserID of the user running the application + schema: + type: int + default: 568 + - variable: runAsGroup + label: runAsGroup + description: The groupID this App of the user running the application + schema: + type: int + default: 568 + - variable: fsGroup + label: fsGroup + description: The group that should own ALL storage. + schema: + type: int + default: 568 +# Include{podSecurityContextAdvanced} +# Include{resources} +# Include{advanced} +# Include{addons} +# Include{documentation} diff --git a/charts/incubator/portainer-ce/templates/_args.tpl b/charts/incubator/portainer-ce/templates/_args.tpl new file mode 100644 index 00000000000..300242f041e --- /dev/null +++ b/charts/incubator/portainer-ce/templates/_args.tpl @@ -0,0 +1,22 @@ +{{- define "portainer.args" -}} +args: + - --tunnel-port={{ .Values.service.edge.ports.edge.port }} + - --http-disabled + {{- with .Values.portainer.logo }} + - --logo={{ . }} + {{- end }} + {{- with .Values.portainer.templates }} + - --templates={{ . }} + {{- end }} + {{- if .Values.portainer.edge_compute }} + - --edge-compute + {{- end }} + {{- with .Values.portainer.snapshot_interval }} + - --snapshot-interval={{ . }} + {{- end }} + {{- if .Values.portainer.hide_labels }} + {{- range .Values.portainer.hide_labels }} + - --hide-label={{ . }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/charts/incubator/portainer-ce/templates/common.yaml b/charts/incubator/portainer-ce/templates/common.yaml new file mode 100644 index 00000000000..31fa3252a25 --- /dev/null +++ b/charts/incubator/portainer-ce/templates/common.yaml @@ -0,0 +1,10 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.common.loader.init" . }} + +{{- $newArgs := (include "portainer.args" . | fromYaml) }} +{{- $_ := set .Values "newArgs" $newArgs -}} +{{- $args := concat .Values.args .Values.newArgs.args }} +{{- $_ := set .Values "args" $args -}} + +{{/* Render the templates */}} +{{ include "tc.common.loader.apply" . }} diff --git a/charts/incubator/portainer-ce/values.yaml b/charts/incubator/portainer-ce/values.yaml new file mode 100644 index 00000000000..2aba8991584 --- /dev/null +++ b/charts/incubator/portainer-ce/values.yaml @@ -0,0 +1,72 @@ +image: + repository: tccr.io/truecharts/portainer-ce + tag: 2.15.1@sha256:fa301d57c2e4668a911ebedf920af5639dc101d3cea0a3266885a999a0c4398b + pullPolicy: IfNotPresent + +portainer: + # Logo URL + logo: "" + # Templates URL + templates: "" + # Enables Edge Compute Features + edge_compute: false + # Sets Snapshot interval + snapshot_interval: 5m + hide_labels: + # - label1=value1 + # - label2=value2 + +serviceAccount: + main: + enabled: true + +rbac: + main: + enabled: true + +probes: + liveness: + custom: true + spec: + httpGet: + path: / + port: 9443 + scheme: HTTPS + readiness: + custom: true + spec: + httpGet: + path: / + port: 9443 + scheme: HTTPS + startup: + custom: true + spec: + httpGet: + path: / + port: 9443 + scheme: HTTPS + +service: + main: + ports: + main: + port: 10400 + protocol: HTTPS + targetPort: 9443 + edge: + enabled: true + ports: + edge: + enabled: true + port: 10401 + protocol: + targetPort: 10401 + +persistence: + data: + enabled: true + mountPath: "/data" + +portal: + enabled: true diff --git a/cspell.config.yaml b/cspell.config.yaml index 68c0c862e2b..1fa920335ea 100644 --- a/cspell.config.yaml +++ b/cspell.config.yaml @@ -168,6 +168,7 @@ words: - playout - plex - plextraktsync + - portainer - preconfigured - prefs - preload