feat(baserow): add baserow (#2529)
* feat(baserow): add baserow * fix port and add secret key and root * use default redis username * rofs * try puid 0 * change port * remvoe puid * run with probes also * whoops
This commit is contained in:
34
charts/incubator/baserow/Chart.yaml
Normal file
34
charts/incubator/baserow/Chart.yaml
Normal file
@@ -0,0 +1,34 @@
|
||||
apiVersion: v2
|
||||
appVersion: "10.6.2"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 9.2.9
|
||||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
repository: https://charts.truecharts.org/
|
||||
version: 7.0.48
|
||||
- condition: redis.enabled
|
||||
name: redis
|
||||
repository: https://charts.truecharts.org
|
||||
version: 2.0.40
|
||||
description: Baserow is an open source no-code database tool and Airtable alternative.
|
||||
home: https://github.com/truecharts/apps/tree/master/charts/stable/baserow
|
||||
icon: https://truecharts.org/_static/img/appicons/baserow.png
|
||||
keywords:
|
||||
- baserow
|
||||
kubeVersion: '>=1.16.0-0'
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: baserow
|
||||
sources:
|
||||
- https://hub.docker.com/r/baserow/baserow
|
||||
- https://gitlab.com/bramw/baserow/
|
||||
version: 0.0.1
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- productivity
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/grade: U
|
||||
383
charts/incubator/baserow/questions.yaml
Normal file
383
charts/incubator/baserow/questions.yaml
Normal file
@@ -0,0 +1,383 @@
|
||||
# Include{groups}
|
||||
portals:
|
||||
open:
|
||||
protocols:
|
||||
- "$kubernetes-resource_configmap_portal_protocol"
|
||||
host:
|
||||
- "$kubernetes-resource_configmap_portal_host"
|
||||
ports:
|
||||
- "$kubernetes-resource_configmap_portal_port"
|
||||
questions:
|
||||
- variable: portal
|
||||
group: "Container Image"
|
||||
label: "Configure Portal Button"
|
||||
schema:
|
||||
type: dict
|
||||
hidden: true
|
||||
attrs:
|
||||
- variable: enabled
|
||||
label: "Enable"
|
||||
description: "enable the portal button"
|
||||
schema:
|
||||
hidden: true
|
||||
editable: false
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{global}
|
||||
- variable: controller
|
||||
group: "Controller"
|
||||
label: ""
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: advanced
|
||||
label: "Show Advanced Controller Settings"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
show_subquestions_if: true
|
||||
subquestions:
|
||||
- variable: type
|
||||
description: "Please specify type of workload to deploy"
|
||||
label: "(Advanced) Controller Type"
|
||||
schema:
|
||||
type: string
|
||||
default: "deployment"
|
||||
required: true
|
||||
enum:
|
||||
- value: "deployment"
|
||||
description: "Deployment"
|
||||
- value: "statefulset"
|
||||
description: "Statefulset"
|
||||
- value: "daemonset"
|
||||
description: "Daemonset"
|
||||
- variable: replicas
|
||||
description: "Number of desired pod replicas"
|
||||
label: "Desired Replicas"
|
||||
schema:
|
||||
type: int
|
||||
default: 1
|
||||
required: true
|
||||
- variable: strategy
|
||||
description: "Please specify type of workload to deploy"
|
||||
label: "(Advanced) Update Strategy"
|
||||
schema:
|
||||
type: string
|
||||
default: "Recreate"
|
||||
required: true
|
||||
enum:
|
||||
- value: "Recreate"
|
||||
description: "Recreate: Kill existing pods before creating new ones"
|
||||
- value: "RollingUpdate"
|
||||
description: "RollingUpdate: Create new pods and then kill old ones"
|
||||
- value: "OnDelete"
|
||||
description: "(Legacy) OnDelete: ignore .spec.template changes"
|
||||
# Include{controllerExpert}
|
||||
- variable: env
|
||||
group: "Container Configuration"
|
||||
label: "Image Environment"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: BASEROW_PUBLIC_URL
|
||||
label: "BASEROW_PUBLIC_URL"
|
||||
description: "The public URL or IP that will be used to access baserow. Always should start with http:// https:// even if accessing via an IP address."
|
||||
schema:
|
||||
type: string
|
||||
required: true
|
||||
default: ""
|
||||
- variable: enable_mail_settings
|
||||
label: "Enable Mail Settings"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
show_subquestions_if: true
|
||||
subquestions:
|
||||
- variable: FROM_EMAIL
|
||||
label: "FROM_EMAIL"
|
||||
description: "The public URL or IP that will be used to access baserow. Always should start with http:// https:// even if accessing via an IP address."
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: EMAIL_SMTP
|
||||
label: "EMAIL_SMTP"
|
||||
description: "If set to any non empty value then Baserow will start sending emails using the configuration options below. If not set then Baserow will not send emails and just log them to the Celery worker logs instead."
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
enum:
|
||||
- value: ""
|
||||
description: "Disabled"
|
||||
- value: "true"
|
||||
description: "Enabled"
|
||||
- variable: EMAIL_SMTP_USE_TLS
|
||||
label: "EMAIL_SMTP_USE_TLS"
|
||||
description: "If set to any non empty value then Baserow will attempt to send emails using TLS."
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
enum:
|
||||
- value: ""
|
||||
description: "Disabled"
|
||||
- value: "true"
|
||||
description: "Enabled"
|
||||
- variable: EMAIL_SMTP_HOST
|
||||
label: "EMAIL_SMTP_HOST"
|
||||
description: "The host of the external SMTP server that Baserow should use to send emails."
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: EMAIL_SMTP_PORT
|
||||
label: "EMAIL_SMTP_PORT"
|
||||
description: "The port used to connect to $EMAIL_SMTP_HOST on."
|
||||
schema:
|
||||
type: int
|
||||
default: 587
|
||||
- variable: EMAIL_SMTP_USER
|
||||
label: "EMAIL_SMTP_USER"
|
||||
description: "The username to authenticate with $EMAIL_SMTP_HOST when sending emails."
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: EMAIL_SMTP_PASSWORD
|
||||
label: "EMAIL_SMTP_PASSWORD"
|
||||
description: "The password to authenticate with $EMAIL_SMTP_HOST when sending emails."
|
||||
schema:
|
||||
type: string
|
||||
private: true
|
||||
default: ""
|
||||
|
||||
|
||||
# Include{containerConfig}
|
||||
|
||||
- variable: service
|
||||
group: "Networking and Services"
|
||||
label: "Configure Service(s)"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: main
|
||||
label: "Main Service"
|
||||
description: "The Primary service on which the healthcheck runs, often the webUI"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
# Include{serviceSelector}
|
||||
- variable: main
|
||||
label: "Main Service Port Configuration"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: port
|
||||
label: "Port"
|
||||
description: "This port exposes the container port on the service"
|
||||
schema:
|
||||
type: int
|
||||
default: 10228
|
||||
required: true
|
||||
- variable: advanced
|
||||
label: "Show Advanced settings"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
show_subquestions_if: true
|
||||
subquestions:
|
||||
- variable: protocol
|
||||
label: "Port Type"
|
||||
schema:
|
||||
type: string
|
||||
default: "HTTP"
|
||||
enum:
|
||||
- value: HTTP
|
||||
description: "HTTP"
|
||||
- value: "HTTPS"
|
||||
description: "HTTPS"
|
||||
- value: TCP
|
||||
description: "TCP"
|
||||
- value: "UDP"
|
||||
description: "UDP"
|
||||
- variable: nodePort
|
||||
label: "Node Port (Optional)"
|
||||
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
|
||||
schema:
|
||||
type: int
|
||||
min: 9000
|
||||
max: 65535
|
||||
- variable: targetPort
|
||||
label: "Target Port"
|
||||
description: "The internal(!) port on the container the Application runs on"
|
||||
schema:
|
||||
type: int
|
||||
default: 10228
|
||||
|
||||
- variable: serviceexpert
|
||||
group: "Networking and Services"
|
||||
label: "Show Expert Config"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
show_subquestions_if: true
|
||||
subquestions:
|
||||
- variable: hostNetwork
|
||||
group: "Networking and Services"
|
||||
label: "Host-Networking (Complicated)"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{serviceExpert}
|
||||
|
||||
# Include{serviceList}
|
||||
|
||||
- variable: persistence
|
||||
label: "Integrated Persistent Storage"
|
||||
description: "Integrated Persistent Storage"
|
||||
group: "Storage and Persistence"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: data
|
||||
label: "App Data Storage"
|
||||
description: "Stores the Application Data."
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: type
|
||||
label: "Type of Storage"
|
||||
description: "Sets the persistence type, Anything other than PVC could break rollback!"
|
||||
schema:
|
||||
type: string
|
||||
default: "simplePVC"
|
||||
enum:
|
||||
- value: "simplePVC"
|
||||
description: "PVC (simple)"
|
||||
- value: "simpleHP"
|
||||
description: "HostPath (simple)"
|
||||
- value: "emptyDir"
|
||||
description: "emptyDir"
|
||||
- value: "pvc"
|
||||
description: "pvc"
|
||||
- value: "hostPath"
|
||||
description: "hostPath"
|
||||
# Include{persistenceBasic}
|
||||
- variable: hostPath
|
||||
label: "hostPath"
|
||||
description: "Path inside the container the storage is mounted"
|
||||
schema:
|
||||
show_if: [["type", "=", "hostPath"]]
|
||||
type: hostpath
|
||||
- variable: medium
|
||||
label: "EmptyDir Medium"
|
||||
schema:
|
||||
show_if: [["type", "=", "emptyDir"]]
|
||||
type: string
|
||||
default: ""
|
||||
enum:
|
||||
- value: ""
|
||||
description: "Default"
|
||||
- value: "Memory"
|
||||
description: "Memory"
|
||||
# Include{persistenceAdvanced}
|
||||
|
||||
# Include{persistenceList}
|
||||
|
||||
- variable: ingress
|
||||
label: ""
|
||||
group: "Ingress"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: main
|
||||
label: "Main Ingress"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
# Include{ingressDefault}
|
||||
|
||||
# Include{ingressTLS}
|
||||
|
||||
# Include{ingressTraefik}
|
||||
|
||||
# Include{ingressExpert}
|
||||
|
||||
# Include{ingressList}
|
||||
|
||||
# Include{security}
|
||||
|
||||
- variable: advancedSecurity
|
||||
label: "Show Advanced Security Settings"
|
||||
group: "Security and Permissions"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
show_subquestions_if: true
|
||||
subquestions:
|
||||
- variable: securityContext
|
||||
label: "Security Context"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{securityContextAdvanced}
|
||||
|
||||
- variable: podSecurityContext
|
||||
group: "Security and Permissions"
|
||||
label: "Pod Security Context"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
|
||||
# Include{advanced}
|
||||
|
||||
# Include{addons}
|
||||
20
charts/incubator/baserow/templates/_secrets.tpl
Normal file
20
charts/incubator/baserow/templates/_secrets.tpl
Normal file
@@ -0,0 +1,20 @@
|
||||
{{/* Define the secrets */}}
|
||||
{{- define "baserow.secrets" -}}
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
metadata:
|
||||
name: baserow-secrets
|
||||
{{- $baserowprevious := lookup "v1" "Secret" .Release.Namespace "baserow-secrets" }}
|
||||
{{- $secret_key := "" }}
|
||||
data:
|
||||
{{- if $baserowprevious}}
|
||||
SECRET_KEY: {{ index $baserowprevious.data "SECRET_KEY" }}
|
||||
{{- else }}
|
||||
{{- $secret_key := randAlphaNum 32 }}
|
||||
SECRET_KEY: {{ $secret_key | b64enc }}
|
||||
{{- end }}
|
||||
|
||||
{{- end -}}
|
||||
8
charts/incubator/baserow/templates/common.yaml
Normal file
8
charts/incubator/baserow/templates/common.yaml
Normal file
@@ -0,0 +1,8 @@
|
||||
{{/* Make sure all variables are set properly */}}
|
||||
{{- include "common.setup" . }}
|
||||
|
||||
{{/* Render secrets for baserow */}}
|
||||
{{- include "baserow.secrets" . }}
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "common.postSetup" . }}
|
||||
75
charts/incubator/baserow/values.yaml
Normal file
75
charts/incubator/baserow/values.yaml
Normal file
@@ -0,0 +1,75 @@
|
||||
image:
|
||||
repository: baserow/baserow
|
||||
tag: 1.9.1@sha256:df822c1f8d71f8f91ad6f732348104108bbb91ce782ce7240c5c2beddf22723b
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: false
|
||||
runAsNonRoot: false
|
||||
|
||||
podSecurityContext:
|
||||
runAsUser: 0
|
||||
runAsGroup: 0
|
||||
|
||||
env:
|
||||
DATABASE_NAME: "{{ .Values.postgresql.postgresqlDatabase }}"
|
||||
DATABASE_USER: "{{ .Values.postgresql.postgresqlUsername }}"
|
||||
DATABASE_PORT: "5432"
|
||||
REDIS_USER: "{{ .Values.redis.redisUsername }}"
|
||||
REDIS_PORT: "6379"
|
||||
REDIS_PROTOCOL: "redis"
|
||||
BASEROW_CADDY_ADDRESSES: ":{{ .Values.service.main.ports.main.port }}"
|
||||
# User Defined
|
||||
BASEROW_PUBLIC_URL: "http://localhost:10228"
|
||||
|
||||
envValueFrom:
|
||||
DATABASE_HOST:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: plainhost
|
||||
DATABASE_PASSWORD:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: postgresql-password
|
||||
REDIS_HOST:
|
||||
secretKeyRef:
|
||||
name: rediscreds
|
||||
key: plainhost
|
||||
REDIS_PASSWORD:
|
||||
secretKeyRef:
|
||||
name: rediscreds
|
||||
key: redis-password
|
||||
SECRET_KEY:
|
||||
secretKeyRef:
|
||||
name: baserow-secrets
|
||||
key: SECRET_KEY
|
||||
|
||||
probes:
|
||||
liveness:
|
||||
path: "/_health"
|
||||
readiness:
|
||||
path: "/_health"
|
||||
startup:
|
||||
path: "/_health"
|
||||
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
main:
|
||||
port: 10228
|
||||
|
||||
persistence:
|
||||
data:
|
||||
enabled: true
|
||||
mountPath: "/baserow/data"
|
||||
|
||||
postgresql:
|
||||
enabled: true
|
||||
existingSecret: "dbcreds"
|
||||
postgresqlUsername: baserow
|
||||
postgresqlDatabase: baserow
|
||||
|
||||
redis:
|
||||
enabled: true
|
||||
existingSecret: "rediscreds"
|
||||
redisUsername: "default"
|
||||
Reference in New Issue
Block a user