github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-08 23:18:05 -05:00
Code Issues Packages Projects Releases Wiki Activity

add postgres helm chart

Browse Source
This commit is contained in:
Maidul Islam
2024-01-27 00:13:46 -05:00
committed by Akhil Mohan
parent fb271726fe
commit 07679d9318
9 changed files with 376 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
helm-charts/infisical-standalone-postgres/.gitignore vendored Normal file
View File

@@ -0,0 +1,4 @@
charts/
node_modules/
package*.json
*.bak

23
helm-charts/infisical-standalone-postgres/.helmignore Normal file
View File

@@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

6
helm-charts/infisical-standalone-postgres/Chart.lock Normal file
View File

@@ -0,0 +1,6 @@
dependencies:
- name: ingress-nginx
repository: https://kubernetes.github.io/ingress-nginx
version: 4.0.13
digest: sha256:5d15260ba09f284ec40b254d79cd16bb80abd641fe14809a2de19d24c7920221
generated: "2024-01-26T20:15:50.215645-05:00"

22
helm-charts/infisical-standalone-postgres/Chart.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: v2
name: infisical-standalone
description: A helm chart for a full Infisical application
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.0.1
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "0.0.1"
dependencies:
- name: ingress-nginx
version: 4.0.13
repository: https://kubernetes.github.io/ingress-nginx
condition: ingress.nginx.enabled

42
helm-charts/infisical-standalone-postgres/templates/NOTES.txt Normal file
View File

@@ -0,0 +1,42 @@
##
-- Infisical Helm Chart --
██╗███╗ ██╗███████╗██╗███████╗██╗ ██████╗ █████╗ ██╗
██║████╗ ██║██╔════╝██║██╔════╝██║██╔════╝██╔══██╗██║
██║██╔██╗ ██║█████╗ ██║███████╗██║██║ ███████║██║
██║██║╚██╗██║██╔══╝ ██║╚════██║██║██║ ██╔══██║██║
██║██║ ╚████║██║ ██║███████║██║╚██████╗██║ ██║███████╗
╚═╝╚═╝ ╚═══╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═════╝╚═╝ ╚═╝╚══════╝
{{ .Chart.Name }} ({{ .Chart.Version }})
╭―― Thank you for installing Infisical! 👋 ―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――┤
│ Infisical / All-in-one open-source SecretOps solution to manage your secrets across your infra! 🔒🔑
│ Visit < https://infisical.com/docs/self-hosting/overview > for further documentation about self-hosting!
│ Current installation (infisical) :
│ • infisical : {{ .Values.infisical.enabled }}
| • nginx : {{ .Values.ingress.nginx.enabled }}
╰―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――┤
――― Here's a list of helpful commands to get you started 📝 ―――――――――――――――――――――――――――――――――――――――――┤
→ Get all the Infisical resources (excluding secrets/pvcs)
$ kubectl get all -n {{ .Release.Namespace }}
→ Get your release status
$ helm status -n {{ .Release.Namespace }} {{ .Release.Name }}
→ Get your release resources
$ helm get all -n {{ .Release.Namespace }} {{ .Release.Name }}
→ Uninstall your release
$ helm uninstall -n {{ .Release.Namespace }} {{ .Release.Name }}
――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――┤
##

59
helm-charts/infisical-standalone-postgres/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,59 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "infisical.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "infisical.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create unified labels for infisical components
*/}}
{{- define "infisical.common.matchLabels" -}}
app: {{ template "infisical.name" . }}
release: {{ .Release.Name }}
{{- end -}}
{{- define "infisical.common.metaLabels" -}}
chart: {{ template "infisical.chart" . }}
heritage: {{ .Release.Service }}
{{- end -}}
{{- define "infisical.common.labels" -}}
{{ include "infisical.common.matchLabels" . }}
{{ include "infisical.common.metaLabels" . }}
{{- end -}}
{{- define "infisical.labels" -}}
{{ include "infisical.matchLabels" . }}
{{ include "infisical.common.metaLabels" . }}
{{- end -}}
{{- define "infisical.matchLabels" -}}
component: {{ .Values.infisical.name | quote }}
{{ include "infisical.common.matchLabels" . }}
{{- end -}}
{{/*
Create a fully qualified backend name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "infisical.fullname" -}}
{{- if .Values.infisical.fullnameOverride -}}
{{- .Values.infisical.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- printf "%s-%s" .Release.Name .Values.infisical.name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s-%s" .Release.Name $name .Values.infisical.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}

72
helm-charts/infisical-standalone-postgres/templates/infisical-deployment.yaml Normal file
View File

@@ -0,0 +1,72 @@
{{- $infisicalValues := .Values.infisical }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "infisical.fullname" . }}
annotations:
updatedAt: {{ now | date "2006-01-01 MST 15:04:05" | quote }}
{{- with $infisicalValues.deploymentAnnotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
labels:
{{- include "infisical.labels" . | nindent 4 }}
spec:
replicas: {{ $infisicalValues.replicaCount }}
selector:
matchLabels:
{{- include "infisical.matchLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "infisical.matchLabels" . | nindent 8 }}
annotations:
updatedAt: {{ now | date "2006-01-01 MST 15:04:05" | quote }}
{{- with $infisicalValues.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with $infisicalValues.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ template "infisical.name" . }}-{{ $infisicalValues.name }}
image: "{{ $infisicalValues.image.repository }}:{{ $infisicalValues.image.tag | default "latest" }}"
imagePullPolicy: {{ $infisicalValues.image.pullPolicy }}
readinessProbe:
httpGet:
path: /api/status
port: 8080
initialDelaySeconds: 10
periodSeconds: 5
ports:
- containerPort: 8080
envFrom:
- secretRef:
name: {{ $infisicalValues.kubeSecretRef | default (include "infisical.fullname" .) }}
{{- if $infisicalValues.resources }}
resources: {{- toYaml $infisicalValues.resources | nindent 12 }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "infisical.fullname" . }}
labels:
{{- include "infisical.labels" . | nindent 4 }}
{{- with $infisicalValues.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ $infisicalValues.service.type }}
selector:
{{- include "infisical.matchLabels" . | nindent 8 }}
ports:
- protocol: TCP
port: 8080
targetPort: 8080 # container port
{{- if eq $infisicalValues.service.type "NodePort" }}
nodePort: {{ $infisicalValues.service.nodePort }}
{{- end }}

50
helm-charts/infisical-standalone-postgres/templates/ingress.yaml Normal file
View File

@@ -0,0 +1,50 @@
{{ if .Values.ingress.enabled }}
{{- $ingress := .Values.ingress }}
{{- if and $ingress.ingressClassName (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey $ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set $ingress.annotations "kubernetes.io/ingress.class" $ingress.ingressClassName}}
{{- end }}
{{- end }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: infisical-ingress
{{- with $ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and $ingress.ingressClassName (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ $ingress.ingressClassName | default "nginx" }}
{{- end }}
{{- if $ingress.tls }}
tls:
{{- range $ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: {{ include "infisical.fullname" . }}
port:
number: 8080
- path: /ss-webhook
pathType: Exact
backend:
service:
name: {{ include "infisical.fullname" . }}
port:
number: 8080
{{- if $ingress.hostName }}
host: {{ $ingress.hostName }}
{{- end }}
{{ end }}

98
helm-charts/infisical-standalone-postgres/values.yaml Normal file
View File

@@ -0,0 +1,98 @@
## @section Common parameters
##
## @param nameOverride Override release name
##
nameOverride: ""
## @param fullnameOverride Override release fullname
##
fullnameOverride: ""
## @section Infisical backend parameters
## Documentation : https://infisical.com/docs/self-hosting/deployments/kubernetes
##
infisical:
## @param backend.enabled Enable backend
##
enabled: true
## @param backend.name Backend name
##
name: infisical
## @param backend.fullnameOverride Backend fullnameOverride
##
fullnameOverride: ""
## @param backend.podAnnotations Backend pod annotations
##
podAnnotations: {}
## @param backend.deploymentAnnotations Backend deployment annotations
##
deploymentAnnotations: {}
## @param backend.replicaCount Backend replica count
##
replicaCount: 2
## Backend image parameters
##
image:
## @param backend.image.repository Backend image repository
##
repository: akhilmhdh/destruction
## @param backend.image.tag Backend image tag
##
tag: "v0.0.23-postgres"
## @param backend.image.pullPolicy Backend image pullPolicy
##
pullPolicy: IfNotPresent
## @param backend.affinity Backend pod affinity
##
affinity: {}
## @param backend.kubeSecretRef Backend secret resource reference name (containing required [backend configuration variables](https://infisical.com/docs/self-hosting/configuration/envars))
##
kubeSecretRef: "infisical-secrets"
## Backend service
##
service:
## @param backend.service.annotations Backend service annotations
##
annotations:
service.beta.kubernetes.io/do-loadbalancer-protocol: "https"
service.beta.kubernetes.io/do-loadbalancer-certificate-id: "6339ce9e-83c6-401b-b560-a1888e00953c"
## @param backend.service.type Backend service type
##
type: ClusterIP
## @param backend.service.nodePort Backend service nodePort (used if above type is `NodePort`)
##
nodePort: ""
## @section Ingress parameters
##
ingress:
## @param ingress.enabled Enable ingress
##
enabled: true
## @param ingress.ingressClassName Ingress class name
##
ingressClassName: nginx
## @param ingress.nginx.enabled Ingress controller
##
nginx:
enabled: true
## @param ingress.annotations Ingress annotations
##
annotations:
{}
# kubernetes.io/ingress.class: "nginx"
# cert-manager.io/issuer: letsencrypt-nginx
## @param ingress.hostName Ingress hostname (your custom domain name, e.g. `infisical.example.org`)
## Replace with your own domain
##
hostName: ""
## @param ingress.tls Ingress TLS hosts (matching above hostName)
## Replace with your own domain
##
tls:
[]
# - secretName: letsencrypt-prod
# hosts:
# - some.domain.com