diff --git a/charts/incubator/kitchenowl/.helmignore b/charts/incubator/kitchenowl/.helmignore new file mode 100644 index 00000000000..77ca5567b26 --- /dev/null +++ b/charts/incubator/kitchenowl/.helmignore @@ -0,0 +1,30 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +# OWNERS file for Kubernetes +OWNERS +# helm-docs templates +*.gotmpl +# docs folder +/docs +# icon +icon.png diff --git a/charts/incubator/kitchenowl/Chart.yaml b/charts/incubator/kitchenowl/Chart.yaml new file mode 100644 index 00000000000..3e109fe4ed0 --- /dev/null +++ b/charts/incubator/kitchenowl/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +appVersion: "0.20.1466" +dependencies: + - name: common + repository: https://library-charts.truecharts.org + version: 10.4.8 +deprecated: false +description: KitchenOwl is a smart self-hosted grocery list and recipe manager. +home: https://github.com/truecharts/charts/tree/master/charts/incubator/kitchenowl +icon: https://truecharts.org/img/chart-icons/kitchenowl.png +keywords: + - recipes + - kitchen + - grocery +kubeVersion: ">=1.16.0-0" +maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: kitchenowl +sources: + - https://tombursch.github.io/kitchenowl +type: application +version: 0.0.1 +annotations: + truecharts.org/catagories: | + - utilities + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/charts/incubator/kitchenowl/README.md b/charts/incubator/kitchenowl/README.md new file mode 100644 index 00000000000..e69de29bb2d diff --git a/charts/incubator/kitchenowl/icon.png b/charts/incubator/kitchenowl/icon.png new file mode 100644 index 00000000000..8cd56bf0418 Binary files /dev/null and b/charts/incubator/kitchenowl/icon.png differ diff --git a/charts/incubator/kitchenowl/questions.yaml b/charts/incubator/kitchenowl/questions.yaml new file mode 100644 index 00000000000..c420eca4fe2 --- /dev/null +++ b/charts/incubator/kitchenowl/questions.yaml @@ -0,0 +1,261 @@ +# Include{groups} +portals: + open: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" +questions: + - variable: portal + group: "Container Image" + label: "Configure Portal Button" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enable" + description: "enable the portal button" + schema: + hidden: true + editable: false + type: boolean + default: true +# Include{global} + - variable: controller + group: "Controller" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: advanced + label: "Show Advanced Controller Settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: type + description: "Please specify type of workload to deploy" + label: "(Advanced) Controller Type" + schema: + type: string + default: "deployment" + required: true + enum: + - value: "deployment" + description: "Deployment" + - value: "statefulset" + description: "Statefulset" + - value: "daemonset" + description: "Daemonset" + - variable: replicas + description: "Number of desired pod replicas" + label: "Desired Replicas" + schema: + type: int + default: 1 + required: true + - variable: strategy + description: "Please specify type of workload to deploy" + label: "(Advanced) Update Strategy" + schema: + type: string + default: "Recreate" + required: true + enum: + - value: "Recreate" + description: "Recreate: Kill existing pods before creating new ones" + - value: "RollingUpdate" + description: "RollingUpdate: Create new pods and then kill old ones" + - value: "OnDelete" + description: "(Legacy) OnDelete: ignore .spec.template changes" +# Include{controllerExpert} +# Include{containerConfig} + - variable: service + group: "Networking and Services" + label: "Configure Service(s)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + additional_attrs: true + type: dict + attrs: +# Include{serviceSelector} + - variable: main + label: "Main Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 10246 + required: true + - variable: advanced + label: "Show Advanced settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabled + label: "Enable the port" + schema: + type: boolean + default: true + - variable: protocol + label: "Port Type" + schema: + type: string + default: "HTTP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + default: 80 + - variable: serviceexpert + group: "Networking and Services" + label: "Show Expert Config" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + group: "Networking and Services" + label: "Host-Networking (Complicated)" + schema: + type: boolean + default: false +# Include{serviceExpert} +# Include{serviceList} + - variable: persistence + label: "Integrated Persistent Storage" + description: "Integrated Persistent Storage" + group: "Storage and Persistence" + schema: + additional_attrs: true + type: dict + attrs: + - variable: data + label: "App Data Storage" + description: "Stores the Application Data." + schema: + additional_attrs: true + type: dict + attrs: +# Include{persistenceBasic} +# Include{persistenceAdvanced} +# Include{persistenceList} + - variable: ingress + label: "" + group: "Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: +# Include{ingressDefault} +# Include{ingressTLS} +# Include{ingressTraefik} +# Include{ingressExpert} +# Include{ingressList} +# Include{security} + - variable: advancedSecurity + label: "Show Advanced Security Settings" + group: "Security and Permissions" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: securityContext + label: "Security Context" + schema: + additional_attrs: true + type: dict + attrs: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: false + - variable: allowPrivilegeEscalation + label: "Allow Privilege Escalation" + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: "runAsNonRoot" + schema: + type: boolean + default: false +# Include{securityContextAdvanced} + - variable: podSecurityContext + group: "Security and Permissions" + label: "Pod Security Context" + schema: + additional_attrs: true + type: dict + attrs: + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 0 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID this App of the user running the application" + schema: + type: int + default: 0 + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 +# Include{podSecurityContextAdvanced} +# Include{resources} +# Include{advanced} +# Include{addons} diff --git a/charts/incubator/kitchenowl/templates/_secrets.tpl b/charts/incubator/kitchenowl/templates/_secrets.tpl new file mode 100644 index 00000000000..6b6c8897ec8 --- /dev/null +++ b/charts/incubator/kitchenowl/templates/_secrets.tpl @@ -0,0 +1,20 @@ +{{/* Define the secrets */}} +{{- define "kitchenowl.secrets" -}} +--- + +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: kitchenowl-secrets +{{- $kitchenowlprevious := lookup "v1" "Secret" .Release.Namespace "kitchenowl-secrets" }} +{{- $jwt_secret := "" }} +data: + {{- if $kitchenowlprevious}} + JWT_SECRET_KEY: {{ index $kitchenowlprevious.data "JWT_SECRET_KEY" }} + {{- else }} + {{- $jwt_secret := randAlphaNum 32 }} + JWT_SECRET_KEY: {{ $jwt_secret | b64enc }} + {{- end }} + +{{- end -}} diff --git a/charts/incubator/kitchenowl/templates/common.yaml b/charts/incubator/kitchenowl/templates/common.yaml new file mode 100644 index 00000000000..b59eb1a0f0a --- /dev/null +++ b/charts/incubator/kitchenowl/templates/common.yaml @@ -0,0 +1,5 @@ +{{- include "tc.common.loader.init" . }} + +{{ include "kitchenowl.secrets" . }} + +{{ include "tc.common.loader.apply" . }} diff --git a/charts/incubator/kitchenowl/values.yaml b/charts/incubator/kitchenowl/values.yaml new file mode 100644 index 00000000000..eedfc58eaf1 --- /dev/null +++ b/charts/incubator/kitchenowl/values.yaml @@ -0,0 +1,55 @@ +image: + repository: tccr.io/truecharts/kitchenowl-web + pullPolicy: IfNotPresent + tag: beta@sha256:98bd597b1f863f76339b6debec17d6e4a4c8d7b7288a4de11d86f3042d1b85d0 + +backendImage: + repository: tccr.io/truecharts/kitchenowl-backend + pullPolicy: IfNotPresent + tag: beta@sha256:dd34ca9627b295dbd39bc25bc91cd4afa134ca66d094de1a51cb7b2bbdf4a861 + +securityContext: + readOnlyRootFilesystem: false + runAsNonRoot: false + +podSecurityContext: + runAsUser: 0 + runAsGroup: 0 + +env: + FRONT_URL: "http://localhost:10246" + # Backend listens on 5000 websockets. + BACK_URL: "localhost:5000" + +service: + main: + ports: + main: + protocol: HTTP + targetPort: 80 + port: 10246 + +additionalContainers: + backend: + name: backend + image: "{{ .Values.backendImage.repository }}:{{ .Values.backendImage.tag }}" + env: + - name: FRONT_URL + value: "{{ .Values.env.FRONT_URL }}" + # Backend also listens on 80, but afaik there is no use as of now + # Changed port to 81 to avoid conflict with frontend + - name: HTTP_PORT + value: "81" + - name: JWT_SECRET_KEY + valueFrom: + secretKeyRef: + name: kitchenowl-secrets + key: JWT_SECRET_KEY + volumeMounts: + - name: data + mountPath: "/data" + +persistence: + data: + enabled: true + mountPath: "/data"