diff --git a/.gitignore b/.gitignore index 27148cd..3b53792 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -# local downloaded chart compressed files +# local downloaded chart compressed files /**/charts/*.tgz # local temporary files @@ -8,6 +8,10 @@ temp.sh values_*.y*ml values.mine.y*ml +# secret files +kubeconfig +firebase-service-account.json + # NPM packages node_modules/ diff --git a/charts/cow-demo/Chart.yaml b/charts/cow-demo/Chart.yaml index 60c7535..279290a 100644 --- a/charts/cow-demo/Chart.yaml +++ b/charts/cow-demo/Chart.yaml @@ -1,8 +1,8 @@ -apiVersion: v2 +apiVersion: v2 name: cow-demo description: Helm chart for Cow Demo Application type: application -version: 0.2.2 +version: 0.2.3 appVersion: "2.0.0" maintainers: - name: devpro diff --git a/charts/cow-demo/values.yaml b/charts/cow-demo/values.yaml index 6267a01..8875120 100644 --- a/charts/cow-demo/values.yaml +++ b/charts/cow-demo/values.yaml @@ -1,6 +1,7 @@ -name: cow-demo +name: cow-demo image: devprofr/cow-demo -tag: 1.0.8830193847 +# images are hosted on DockerHub: https://hub.docker.com/r/devprofr/cow-demo/tags +tag: 1.0.23271988100 replicaCount: 2 port: 80 ingress: diff --git a/charts/keeptrack/.helmignore b/charts/keeptrack/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/keeptrack/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/keeptrack/CONTRIBUTING.md b/charts/keeptrack/CONTRIBUTING.md new file mode 100644 index 0000000..fd49d1d --- /dev/null +++ b/charts/keeptrack/CONTRIBUTING.md @@ -0,0 +1,115 @@ +# Contribution guide + +## Update chart dependencies + +1. Add Bitnami chart repository: + + ```bash + helm repo add bitnami https://charts.bitnami.com/bitnami + helm repo update + ``` + +2. Search for the latest version: + + ```bash + helm search repo -l bitnami/mongodb --versions + ``` + +3. Edit manually `Chart.yaml` with the new version + +4. Update `Chart.lock`: + + ```bash + helm dependency update + ``` + +## Validate on a test cluster + +Create the namespace and secrets: + +```bash +kubectl create ns demo +kubectl create secret generic keeptrack-mongodb \ + --from-literal=mongodb-root-password='admin' \ + --namespace demo +kubectl create secret generic keeptrack-app \ + --from-literal=connectionstring='mongodb://root:admin@keeptrack-mongodb:27017/keeptrack?authSource=admin' \ + --from-literal=firebaseapikey='***' \ + --from-literal=firebaseauthdomain='***' \ + --from-literal=firebaseprojectid='***' \ + --from-literal=firebaseauthority='***' \ + --from-file=firebaseserviceaccount=./firebase-service-account.json \ + --namespace demo +``` + +Create a `values.mine.yaml` file: + +```yaml +blazorapp: + host: keeptrack.console.$SANDBOX_ID.instruqt.io + +webapi: + db: + connectionStringSecretKeyRef: + name: keeptrack-app + key: connectionstring + +firebase: + auth: + authoritySecretKeyRef: + name: keeptrack-app + key: firebaseauthority + webApp: + apiKeySecretKeyRef: + name: keeptrack-app + key: firebaseapikey + authDomainSecretKeyRef: + name: keeptrack-app + key: firebaseauthdomain + projectIdSecretKeyRef: + name: keeptrack-app + key: firebaseprojectid + serviceAccountSecretKeyRef: + name: keeptrack-app + key: firebaseserviceaccount + +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + +mongodb: + enabled: true + auth: + existingSecret: keeptrack-mongodb +``` + +Review the manifest: + +```bash +helm template keeptrack . -f values.yaml -f values.mine.yaml --namespace demo --debug > temp.yaml +``` + +Install or update the application: + +```bash +helm upgrade --install keeptrack . -f values.yaml -f values.mine.yaml --namespace demo --create-namespace +``` + +Check everything is ok: + +```bash +kubectl get all -n demo +``` + +Add `keeptrack.console.$SANDBOX_ID.instruqt.io` in the authorized domains in Firebase > (myproject) > Authentication > Settings. + +Open the web application in a browser. + +At the end, clean everything: + +```bash +helm delete keeptrack -n demo +kubectl delete ns demo +``` diff --git a/charts/keeptrack/Chart.lock b/charts/keeptrack/Chart.lock new file mode 100644 index 0000000..d366ca7 --- /dev/null +++ b/charts/keeptrack/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: mongodb + repository: https://charts.bitnami.com/bitnami + version: 18.6.16 +digest: sha256:889cbf07e49e630d28dc8a1c72fdd0465f3f0f0c1601b3be559940108bb50ab2 +generated: "2026-03-19T17:02:27.786367209+01:00" diff --git a/charts/keeptrack/Chart.yaml b/charts/keeptrack/Chart.yaml new file mode 100644 index 0000000..edb7827 --- /dev/null +++ b/charts/keeptrack/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 +name: keeptrack +description: Helm chart for Keeptrack +type: application +version: 0.1.0 +appVersion: "1.1.18203306613" +dependencies: + - name: mongodb + version: 18.6.16 # MongoDB 8.2.6 + repository: https://charts.bitnami.com/bitnami + alias: mongodb + condition: mongodb.enabled +maintainers: + - name: devpro + email: bertrand@devpro.fr diff --git a/charts/keeptrack/README.md b/charts/keeptrack/README.md new file mode 100644 index 0000000..cf12ad1 --- /dev/null +++ b/charts/keeptrack/README.md @@ -0,0 +1,35 @@ +# Helm chart for Devpro Keeptrack + +This is the official Helm chart to install [Keeptrack](https://github.com/devpro/keeptrack) on a Kubernetes cluster. + +## Getting started + +Start with the [documentation](https://kwt.devpro.fr/custom-charts/keeptrack.html). + +## Usage + +Add [Helm](https://helm.sh) repository: + +```bash +helm repo add devpro https://devpro.github.io/helm-charts +helm repo update +``` + +Create the `values.yaml` file to override [default values](values.yaml). + +Install the application: + +```bash +helm upgrade --install keeptrack devpro/keeptrack -f values.yaml --create-namespace --namespace keeptrack +``` + +Uninstall the chart and clean-up the cluster: + +```bash +helm delete keeptrack +kubectl delete ns keeptrack +``` + +## Development + +Look at the [Contributing guide](CONTRIBUTING.md). diff --git a/charts/keeptrack/templates/NOTES.txt b/charts/keeptrack/templates/NOTES.txt new file mode 100644 index 0000000..e69de29 diff --git a/charts/keeptrack/templates/_helpers.tpl b/charts/keeptrack/templates/_helpers.tpl new file mode 100644 index 0000000..e69de29 diff --git a/charts/keeptrack/templates/deployment.yaml b/charts/keeptrack/templates/deployment.yaml new file mode 100644 index 0000000..3bc8e3c --- /dev/null +++ b/charts/keeptrack/templates/deployment.yaml @@ -0,0 +1,175 @@ +{{- $applications := list .Values.blazorapp .Values.webapi -}} +{{ range $applications }} +{{- if .enabled -}} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .name }} + labels: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} +spec: + replicas: {{ .replicaCount }} + strategy: + type: RollingUpdate + selector: + matchLabels: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} + template: + metadata: + labels: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} + {{- if .additionalPodLabels }} + {{- toYaml .additionalPodLabels | nindent 8 }} + {{- end }} + spec: + {{- if $.Values.security.serviceAccount.create }} + serviceAccountName: {{ .name }} + {{- else }} + serviceAccountName: default + {{- end }} + containers: + - name: {{ .name }} + image: {{ .image }}:{{ .tag }} + imagePullPolicy: Always + ports: + - name: http + containerPort: {{ .containerPort }} + protocol: TCP + livenessProbe: + httpGet: + path: {{ .healthEndpoint }} + port: http + readinessProbe: + httpGet: + path: {{ .healthEndpoint }} + port: http + resources: + {{- toYaml .resources | nindent 12 }} + securityContext: + runAsNonRoot: true + runAsUser: 1654 # "app" user + runAsGroup: 1654 # "app" group + allowPrivilegeEscalation: false + env: + {{- if .extraEnv }} + {{- toYaml .extraEnv | nindent 12 }} + {{- end }} + - name: HOST_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: ASPNETCORE_ENVIRONMENT + value: "{{ $.Values.dotnet.environment }}" + - name: Logging__LogLevel__Default + value: {{ $.Values.dotnet.logLevels.default }} + - name: Logging__LogLevel__Microsoft.AspNetCore + value: {{ $.Values.dotnet.logLevels.framework }} + - name: Logging__LogLevel__Devpro + value: {{ $.Values.dotnet.logLevels.application }} + {{- if $.Values.dotnet.httpsRedirectionEnabled }} + - name: Features__IsHttpsRedirectionEnabled + value: "true" + {{- end }} + {{- if $.Values.dotnet.scalarEnabled }} + - name: Features__IsScalarEnabled + value: "true" + {{- end }} + {{- if eq .role "frontend" }} + - name: WebApi__BaseUrl + value: "http://{{ $.Values.webapi.name }}" + {{- if $.Values.firebase.webApp.apiKeySecretKeyRef }} + - name: Firebase__WebAppConfiguration__ApiKey + valueFrom: + secretKeyRef: + name: {{ $.Values.firebase.webApp.apiKeySecretKeyRef.name }} + key: {{ $.Values.firebase.webApp.apiKeySecretKeyRef.key }} + {{- else }} + - name: Firebase__WebAppConfiguration__ApiKey + value: "{{ $.Values.firebase.webApp.apiKey }}" + {{- end }} + {{- if $.Values.firebase.webApp.authDomainSecretKeyRef }} + - name: Firebase__WebAppConfiguration__AuthDomain + valueFrom: + secretKeyRef: + name: {{ $.Values.firebase.webApp.authDomainSecretKeyRef.name }} + key: {{ $.Values.firebase.webApp.authDomainSecretKeyRef.key }} + {{- else }} + - name: Firebase__WebAppConfiguration__AuthDomain + value: "{{ $.Values.firebase.webApp.authDomain }}" + {{- end }} + {{- if $.Values.firebase.webApp.projectIdSecretKeyRef }} + - name: Firebase__WebAppConfiguration__ProjectId + valueFrom: + secretKeyRef: + name: {{ $.Values.firebase.webApp.projectIdSecretKeyRef.name }} + key: {{ $.Values.firebase.webApp.projectIdSecretKeyRef.key }} + {{- else }} + - name: Firebase__WebAppConfiguration__ProjectId + value: "{{ $.Values.firebase.webApp.projectId }}" + {{- end }} + {{- if $.Values.firebase.serviceAccountSecretKeyRef }} + - name: Firebase__ServiceAccount + valueFrom: + secretKeyRef: + name: {{ $.Values.firebase.serviceAccountSecretKeyRef.name }} + key: {{ $.Values.firebase.serviceAccountSecretKeyRef.key }} + {{- else }} + - name: Firebase__ServiceAccount + value: {{ $.Values.firebase.serviceAccount | toJson | quote }} + {{- end }} + {{- else if eq .role "backend" }} + - name: AllowedOrigins__0 + value: "https://{{ $.Values.blazorapp.host }}" + - name: AllowedOrigins__1 + value: "http://{{ $.Values.blazorapp.name }}" + {{- if $.Values.firebase.auth.authoritySecretKeyRef }} + - name: Authentication__JwtBearer__Authority + valueFrom: + secretKeyRef: + name: {{ $.Values.firebase.auth.authoritySecretKeyRef.name }} + key: {{ $.Values.firebase.auth.authoritySecretKeyRef.key }} + {{- else }} + - name: Authentication__JwtBearer__Authority + value: "https://securetoken.google.com/{{ $.Values.firebase.webApp.projectId }}" + {{- end }} + {{- if $.Values.firebase.webApp.projectIdSecretKeyRef }} + - name: Authentication__JwtBearer__TokenValidation__Audience + valueFrom: + secretKeyRef: + name: {{ $.Values.firebase.webApp.projectIdSecretKeyRef.name }} + key: {{ $.Values.firebase.webApp.projectIdSecretKeyRef.key }} + {{- else }} + - name: Authentication__JwtBearer__TokenValidation__Audience + value: "{{ $.Values.firebase.webApp.projectId }}" + {{- end }} + {{- if $.Values.firebase.auth.authoritySecretKeyRef }} + - name: Authentication__JwtBearer__TokenValidation__Issuer + valueFrom: + secretKeyRef: + name: {{ $.Values.firebase.auth.authoritySecretKeyRef.name }} + key: {{ $.Values.firebase.auth.authoritySecretKeyRef.key }} + {{- else }} + - name: Authentication__JwtBearer__TokenValidation__Issuer + value: "https://securetoken.google.com/{{ $.Values.firebase.webApp.projectId }}" + {{- end }} + {{- if .db.connectionStringSecretKeyRef }} + - name: Infrastructure__MongoDB__ConnectionString + valueFrom: + secretKeyRef: + name: {{ .db.connectionStringSecretKeyRef.name }} + key: {{ .db.connectionStringSecretKeyRef.key }} + {{- else }} + - name: Infrastructure__MongoDB__ConnectionString + value: {{ .db.connectionString }} + {{- end }} + - name: Infrastructure__MongoDB__DatabaseName + value: {{ .db.databaseName }} + {{- end }} + restartPolicy: Always +{{- end }} +{{ end }} diff --git a/charts/keeptrack/templates/ingress.yaml b/charts/keeptrack/templates/ingress.yaml new file mode 100644 index 0000000..a4ecc3c --- /dev/null +++ b/charts/keeptrack/templates/ingress.yaml @@ -0,0 +1,49 @@ +{{- $applications := list .Values.blazorapp .Values.webapi -}} +{{ range $applications }} +{{- if and $.Values.ingress.enabled .enabled .host -}} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .name }} + {{- with $.Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if $.Values.ingress.className }} + ingressClassName: {{ $.Values.ingress.className }} + {{- end }} + rules: + - host: {{ .host }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ .name }} + port: + number: {{ .port }} + {{- range .ingressExtraHosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ .name }} + port: + number: {{ .port }} + {{- end }} + {{- end }} + {{- if .tls }} + tls: + - hosts: + - {{ .host | quote }} + secretName: {{ .tls.secretName }} + {{- end }} +{{- end }} +{{ end }} diff --git a/charts/keeptrack/templates/service.yaml b/charts/keeptrack/templates/service.yaml new file mode 100644 index 0000000..857e334 --- /dev/null +++ b/charts/keeptrack/templates/service.yaml @@ -0,0 +1,23 @@ +{{- $applications := list .Values.blazorapp .Values.webapi -}} +{{ range $applications }} +{{- if .enabled -}} +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} + name: {{ .name }} +spec: + type: ClusterIP + ports: + - port: {{ .port }} + targetPort: {{ .containerPort }} + protocol: TCP + name: http + selector: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} +{{- end }} +{{ end }} diff --git a/charts/keeptrack/templates/serviceaccount.yaml b/charts/keeptrack/templates/serviceaccount.yaml new file mode 100644 index 0000000..3ad9d52 --- /dev/null +++ b/charts/keeptrack/templates/serviceaccount.yaml @@ -0,0 +1,11 @@ +{{- if .Values.security.serviceAccount.create }} +{{- $applications := list .Values.blazorapp .Values.webapi -}} +{{ range $applications }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .name }} + labels: + app: {{ .name }} +{{ end }} +{{- end }} diff --git a/charts/keeptrack/values.yaml b/charts/keeptrack/values.yaml new file mode 100644 index 0000000..0903dd7 --- /dev/null +++ b/charts/keeptrack/values.yaml @@ -0,0 +1,125 @@ +blazorapp: + enabled: true + role: frontend + name: keeptrack-blazorapp + image: docker.io/devprofr/keeptrack-blazorapp + port: 80 + containerPort: 8080 + healthEndpoint: /health + tls: + secretName: keeptrack-blazorapp-tls + # optional + tag: 1.1.23099092819 # ref. https://hub.docker.com/r/devprofr/keeptrack-blazorapp/tags + replicaCount: 1 + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + extraEnv: [] + # - name: xxx + # value: "yyyy" + additionalPodLabels: {} + # mandatory + host: "" + +webapi: + enabled: true + role: backend + name: keeptrack-webapi + image: docker.io/devprofr/keeptrack-webapi + port: 80 + containerPort: 8080 + healthEndpoint: /health + tls: + secretName: keeptrack-webapi-tls + # optional + host: "" + replicaCount: 1 + tag: 1.1.23099092819 # ref. https://hub.docker.com/r/devprofr/keeptrack-webapi/tags + resources: {} + extraEnv: [] + additionalPodLabels: {} + # mandatory + db: + # important: connectionString or connectionStringSecretKeyRef must be provided + # connectionStringSecretKeyRef: + # name: "" + # key: "" + # connectionString: "someconnstring" + databaseName: "keeptrack" + +dotnet: + environment: Production + logLevels: + default: Information + framework: Information + application: Information + scalarEnabled: false + httpsRedirectionEnabled: false + +security: + serviceAccount: + create: false + +# mandatory +firebase: + auth: {} + # authoritySecretKeyRef: + # name: "" + # key: "" + # apiKey: "" + webApp: {} + # apiKeySecretKeyRef: + # name: "" + # key: "" + # apiKey: "" + # authDomainSecretKeyRef: + # name: "" + # key: "" + # authDomain: "" + # projectIdSecretKeyRef: + # name: "" + # key: "" + # projectId: "" + # serviceAccountSecretKeyRef: + # name: "" + # key: "" + # serviceAccount: + # type: "service_account" + # project_id: "" + # private_key_id: "" + # private_key: "" + # client_email: "" + # client_id: "" + # auth_uri: "" + # token_uri: "" + # auth_provider_x509_cert_url: "" + # client_x509_cert_url: "" + # universe_domain: "" + +ingress: + enabled: false + className: "" + annotations: {} + # cert-manager.io/cluster-issuer: letsencrypt-prod + +# embedded chart configuration: https://github.com/bitnami/charts/blob/main/bitnami/mongodb/values.yaml +mongodb: + enabled: false + global: + # imageRegistry: "" + # imagePullSecrets: [] + # defaultStorageClass: "" + # storageClass: "" + security: + allowInsecureImages: true + image: + registry: docker.io + repository: bitnami/mongodb # other options: chainguard/mongodb + tag: latest # IMPORTANT: latest should never be used in Production + auth: {} + # rootPassword: "" + # existingSecret: "" diff --git a/charts/todoblazor/CONTRIBUTING.md b/charts/todoblazor/CONTRIBUTING.md index 8337cf9..13f79e5 100644 --- a/charts/todoblazor/CONTRIBUTING.md +++ b/charts/todoblazor/CONTRIBUTING.md @@ -26,7 +26,7 @@ helm dependency update ## Review the generated manifest ```bash -helm template todoblazor . -f values.yaml -f values.mine.yaml --namespace demo > temp.yaml +helm template todoblazor . -f values.yaml -f values.mine.yaml --namespace demo --debug > temp.yaml ``` ## Validate on a test cluster @@ -35,8 +35,11 @@ Create the secret with the connection string: ```bash kubectl create ns demo -kubectl create secret generic todoblazor-database \ - --from-literal=connectionstring='mongodb://root:admin@todoblazor-mongodb:27017/todolist?authSource=admin' \ +kubectl create secret generic todoblazor-mongodb \ + --from-literal=mongodb-root-password='admin' \ + --namespace demo +kubectl create secret generic todoblazor-webapp \ + --from-literal=connectionstring='mongodb://root:admin@todoblazor-mongodb:27017/todoblazor?authSource=admin' \ --namespace demo ``` @@ -44,19 +47,11 @@ Create a `values.mine.yaml` file: ```yaml webapp: - tag: 1.0.21398515939 + host: todoblazor.console.$SANDBOX_ID.instruqt.io db: connectionStringSecretKeyRef: - name: todoblazor-database + name: todoblazor-webapp key: connectionstring - databaseName: todolist -dotnet: - environment: Development -security: - serviceAccount: - create: true - rbac: - giveClusterAdmin: true ingress: enabled: true className: traefik @@ -65,16 +60,13 @@ ingress: mongodb: enabled: true auth: - rootPassword: admin + existingSecret: todoblazor-mongodb ``` Install or update the application: ```bash -helm upgrade --install todoblazor . \ - -f values.yaml -f values.mine.yaml \ - --set webapp.host=todoblazor.console.$SANDBOX_ID.instruqt.io \ - --namespace demo +helm upgrade --install todoblazor . -f values.yaml -f values.mine.yaml --namespace demo ``` Check everything is ok in the namespace: diff --git a/charts/todoblazor/Chart.lock b/charts/todoblazor/Chart.lock index 6e4252c..17a98d7 100644 --- a/charts/todoblazor/Chart.lock +++ b/charts/todoblazor/Chart.lock @@ -1,6 +1,6 @@ -dependencies: +dependencies: - name: mongodb repository: https://charts.bitnami.com/bitnami - version: 18.1.10 -digest: sha256:1d8e259cedd55f3e4cf9e11249e3eb3af2279bace5424e570a5149834d63a480 -generated: "2026-01-25T02:06:22.936299536+01:00" + version: 18.6.16 +digest: sha256:889cbf07e49e630d28dc8a1c72fdd0465f3f0f0c1601b3be559940108bb50ab2 +generated: "2026-03-19T17:49:59.027658861+01:00" diff --git a/charts/todoblazor/Chart.yaml b/charts/todoblazor/Chart.yaml index e2ae930..286a625 100644 --- a/charts/todoblazor/Chart.yaml +++ b/charts/todoblazor/Chart.yaml @@ -2,11 +2,11 @@ name: todoblazor description: Helm chart for Todo Blazor web application type: application -version: 0.1.2 +version: 0.1.3 appVersion: "1.0.0" dependencies: - name: mongodb - version: 18.1.10 # MongoDB 8.2.2 + version: 18.6.16 # MongoDB 8.2.6 repository: https://charts.bitnami.com/bitnami alias: mongodb condition: mongodb.enabled diff --git a/charts/todoblazor/templates/deployment.yaml b/charts/todoblazor/templates/deployment.yaml index 734d7dd..46e152b 100644 --- a/charts/todoblazor/templates/deployment.yaml +++ b/charts/todoblazor/templates/deployment.yaml @@ -26,14 +26,6 @@ spec: {{- toYaml .additionalPodLabels | nindent 8 }} {{- end }} spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: "kubernetes.io/arch" - operator: In - values: ["amd64"] {{- if $.Values.security.serviceAccount.create }} serviceAccountName: {{ .name }} {{- else }} @@ -79,17 +71,10 @@ spec: value: {{ $.Values.dotnet.logLevels.framework }} - name: Logging__LogLevel__Devpro value: {{ $.Values.dotnet.logLevels.application }} - {{- if $.Values.dotnet.enableOpenTelemetry }} - - name: Application__IsOpenTelemetryEnabled - value: "true" - - name: OpenTelemetry__CollectorEndpoint - value: "http://$(HOST_IP):4317" - {{- end }} - {{- if $.Values.dotnet.enableHttpRedirect }} + {{- if $.Values.dotnet.httpsRedirectionEnabled }} - name: Features__IsHttpsRedirectionEnabled value: "true" {{- end }} - {{- if .db }} {{- if .db.connectionStringSecretKeyRef }} - name: DatabaseSettings__ConnectionString valueFrom: @@ -102,7 +87,6 @@ spec: {{- end }} - name: DatabaseSettings__DatabaseName value: {{ .db.databaseName }} - {{- end }} restartPolicy: Always {{- end }} {{ end }} diff --git a/charts/todoblazor/templates/ingress.yaml b/charts/todoblazor/templates/ingress.yaml index 61619ca..532e36b 100644 --- a/charts/todoblazor/templates/ingress.yaml +++ b/charts/todoblazor/templates/ingress.yaml @@ -1,6 +1,6 @@ {{- $applications := list .Values.webapp -}} {{ range $applications }} -{{- if and $.Values.ingress.enabled .enabled -}} +{{- if and $.Values.ingress.enabled .enabled .host -}} --- apiVersion: networking.k8s.io/v1 kind: Ingress diff --git a/charts/todoblazor/values.yaml b/charts/todoblazor/values.yaml index 9b56179..8087a61 100644 --- a/charts/todoblazor/values.yaml +++ b/charts/todoblazor/values.yaml @@ -1,27 +1,15 @@ webapp: enabled: true - host: todoblazor.random name: todoblazor image: docker.io/devprofr/todoblazor - # images are hosted on DockerHub: https://hub.docker.com/r/devprofr/todoblazor/tags - tag: latest # IMPORTANT: latest should never be used in Production - replicaCount: 1 port: 80 containerPort: 8080 healthEndpoint: /health - db: - # important: connectionString or connectionStringSecretKeyRef must be provided - # connectionString: "someconnstring" - # connectionStringSecretKeyRef: - # name: todoblazor-secret - # key: db-connectionstring - databaseName: "somedb" - extraEnv: [] - # - name: xxx - # value: "yyyy" - additionalPodLabels: {} tls: secretName: todoblazor-tls + # optional + tag: 1.1.22760735534 # ref. https://hub.docker.com/r/devprofr/todoblazor/tags + replicaCount: 1 resources: {} # limits: # cpu: 200m @@ -29,6 +17,19 @@ # requests: # cpu: 100m # memory: 64Mi + extraEnv: [] + # - name: xxx + # value: "yyyy" + additionalPodLabels: {} + # mandatory + host: "" + db: + # important: connectionString or connectionStringSecretKeyRef must be provided + # connectionString: "someconnstring" + # connectionStringSecretKeyRef: + # name: todoblazor-secret + # key: db-connectionstring + databaseName: "todoblazor" dotnet: environment: Production @@ -36,8 +37,7 @@ dotnet: default: Information framework: Information application: Information - enableOpenTelemetry: false - enableHttpRedirect: true + httpsRedirectionEnabled: false security: serviceAccount: @@ -67,3 +67,4 @@ mongodb: tag: latest # IMPORTANT: latest should never be used in Production auth: {} # rootPassword: "" + # existingSecret: