Merge pull request #183 from jon4hz/helm

Helm updates
2026-01-08 07:04:02 -05:00 · 2023-01-17 22:57:25 -08:00
parent e47530dc71 15698c5036
commit 2235069e78
7 changed files with 233 additions and 38 deletions
--- a/helm-charts/infisical/Chart.yaml
+++ b/helm-charts/infisical/Chart.yaml
@@ -7,7 +7,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.6
+version: 0.1.7

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/helm-charts/infisical/templates/_helpers.tpl
+++ b/helm-charts/infisical/templates/_helpers.tpl
@@ -0,0 +1,131 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "infisical.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "infisical.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create unified labels for infisical components
+*/}}
+{{- define "infisical.common.matchLabels" -}}
+app: {{ template "infisical.name" . }}
+release: {{ .Release.Name }}
+{{- end -}}
+
+{{- define "infisical.common.metaLabels" -}}
+chart: {{ template "infisical.chart" . }}
+heritage: {{ .Release.Service }}
+{{- end -}}
+
+{{- define "infisical.common.labels" -}}
+{{ include "infisical.common.matchLabels" . }}
+{{ include "infisical.common.metaLabels" . }}
+{{- end -}}
+
+
+{{- define "infisical.backend.labels" -}}
+{{ include "infisical.backend.matchLabels" . }}
+{{ include "infisical.common.metaLabels" . }}
+{{- end -}}
+
+{{- define "infisical.backend.matchLabels" -}}
+component: {{ .Values.backend.name | quote }}
+{{ include "infisical.common.matchLabels" . }}
+{{- end -}}
+
+{{- define "infisical.frontend.labels" -}}
+{{ include "infisical.frontend.matchLabels" . }}
+{{ include "infisical.common.metaLabels" . }}
+{{- end -}}
+
+{{- define "infisical.frontend.matchLabels" -}}
+component: {{ .Values.frontend.name | quote }}
+{{ include "infisical.common.matchLabels" . }}
+{{- end -}}
+
+{{- define "infisical.mongodb.labels" -}}
+{{ include "infisical.mongodb.matchLabels" . }}
+{{ include "infisical.common.metaLabels" . }}
+{{- end -}}
+
+{{- define "infisical.mongodb.matchLabels" -}}
+component: {{ .Values.mongodb.name | quote }}
+{{ include "infisical.common.matchLabels" . }}
+{{- end -}}
+
+{{/*
+Create a fully qualified backend name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "infisical.backend.fullname" -}}
+{{- if .Values.backend.fullnameOverride -}}
+{{- .Values.backend.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- printf "%s-%s" .Release.Name .Values.backend.name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s-%s" .Release.Name $name .Values.backend.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create a fully qualified frontend name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "infisical.frontend.fullname" -}}
+{{- if .Values.frontend.fullnameOverride -}}
+{{- .Values.frontend.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- printf "%s-%s" .Release.Name .Values.frontend.name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s-%s" .Release.Name $name .Values.frontend.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create a fully qualified mongodb name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "infisical.mongodb.fullname" -}}
+{{- if .Values.mongodb.fullnameOverride -}}
+{{- .Values.mongodb.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- printf "%s-%s" .Release.Name .Values.mongodb.name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s-%s" .Release.Name $name .Values.mongodb.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the mongodb connection string.
+*/}}
+{{- define "infisical.mongodb.connectionString" -}}
+{{- $host := include "infisical.mongodb.fullname" . -}}
+{{- $port := 27017 -}}
+{{- $user := "root" -}}
+{{- $pass := "root" -}}
+{{- $connectionString := printf "mongodb://%s:%s@%s:%d/" $user $pass $host $port -}}
+{{- if .Values.mongodbConnection.standardConnectionStringFormat -}}
+{{- $connectionString = .Values.mongodbConnection.standardConnectionStringFormat -}}
+{{- end -}}
+{{- if .Values.mongodbConnection.dnsSeedListConnectionFormat -}}
+{{- $connectionString = .Values.mongodbConnection.dnsSeedListConnectionFormat -}}
+{{- end -}}
+{{- printf "%s" $connectionString -}}
+{{- end -}}
--- a/helm-charts/infisical/templates/backend-deployment.yaml
+++ b/helm-charts/infisical/templates/backend-deployment.yaml
@@ -1,22 +1,26 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ .Release.Name }}-backend-deployment
+  name: {{ include "infisical.backend.fullname" . }}
  labels:
-    app: backend
+    {{- include "infisical.backend.labels" . | nindent 4 }}
 spec:
  replicas: {{ .Values.backend.replicaCount }}
  selector:
    matchLabels:
-      app: backend 
+      {{- include "infisical.backend.matchLabels" . | nindent 6 }}
  template:
    metadata: 
      labels:
-        app: backend 
+        {{- include "infisical.backend.matchLabels" . | nindent 8 }}
+      {{- with .Values.backend.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
    spec:
      containers:
-      - name: backend 
-        image: infisical/backend
+      - name: {{ template "infisical.name" . }}-{{ .Values.backend.name }}
+        image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
        imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
        ports: 
        - containerPort: 4000
@@ -26,6 +30,8 @@ spec:
            name: {{ .Values.backend.kubeSecretRef }}
        {{- end }}
        env:
+        - name: MONGO_URL
+          value: {{ include "infisical.mongodb.connectionString" . | quote }}
        {{- range $key, $value := .Values.backendEnvironmentVariables }}
        {{- if $value | quote | eq "MUST_REPLACE" }}
          {{ fail "Environment variables are not set. Please set all environment variables to continue." }}
@@ -38,10 +44,16 @@ spec:
 apiVersion: v1
 kind: Service 
 metadata:
-  name: infisical-backend-service 
+  name: {{ include "infisical.backend.fullname" . }}
+  labels:
+    {{- include "infisical.backend.labels" . | nindent 4 }}
+  {{- with .Values.backend.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
  selector:
-    app: backend 
+    {{- include "infisical.backend.matchLabels" . | nindent 8 }}
  ports:
    - protocol: TCP
      port: 4000
--- a/helm-charts/infisical/templates/frontend-deployment.yaml
+++ b/helm-charts/infisical/templates/frontend-deployment.yaml
@@ -1,22 +1,26 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ .Release.Name }}-frontend-deployment
+  name: {{ include "infisical.frontend.fullname" . }}
  labels:
-    app: frontend
+    {{- include "infisical.frontend.labels" . | nindent 4 }}
 spec:
  replicas: {{ .Values.frontend.replicaCount }}
  selector:
    matchLabels:
-      app: frontend 
+      {{- include "infisical.frontend.matchLabels" . | nindent 6 }}
  template:
    metadata: 
      labels:
-        app: frontend 
+        {{- include "infisical.frontend.matchLabels" . | nindent 8 }}
+      {{- with .Values.frontend.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
    spec:
      containers:
-      - name: frontend 
-        image: infisical/frontend
+      - name: {{ template "infisical.name" . }}-{{ .Values.frontend.name }}
+        image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag | default .Chart.AppVersion }}"
        imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
        {{- if .Values.frontend.kubeSecretRef }}
        envFrom:
@@ -39,11 +43,21 @@ spec:
 apiVersion: v1
 kind: Service 
 metadata:
-  name: infisical-frontend-service 
+  name: {{ include "infisical.frontend.fullname" . }}
+  labels:
+    {{- include "infisical.frontend.labels" . | nindent 4 }}
+  {{- with .Values.frontend.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
+  type: {{ .Values.frontend.service.type }}
  selector:
-    app: frontend 
+    {{- include "infisical.frontend.matchLabels" . | nindent 8 }}
  ports:
    - protocol: TCP
      port: 3000 # service
      targetPort: 3000 # container port 
+      {{- if eq .Values.frontend.service.type "NodePort" }}
+      nodePort: {{ .Values.frontend.service.nodePort }}
+      {{- end }}
--- a/helm-charts/infisical/templates/ingress.yaml
+++ b/helm-charts/infisical/templates/ingress.yaml
@@ -26,14 +26,14 @@ spec:
        pathType: {{ .Values.ingress.frontend.pathType }}
        backend:
          service:
-            name: infisical-frontend-service 
+            name: {{ include "infisical.frontend.fullname" . }}
            port:
              number: 3000
      - path: {{ .Values.ingress.backend.path }}
        pathType: {{ .Values.ingress.backend.pathType }}
        backend:
          service:
-            name: infisical-backend-service 
+            name: {{ include "infisical.backend.fullname" . }}
            port:
              number: 4000
 {{ end }}
--- a/helm-charts/infisical/templates/mongodb-deployment.yaml
+++ b/helm-charts/infisical/templates/mongodb-deployment.yaml
@@ -1,22 +1,27 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: mongodb-deployment 
+  name: {{ include "infisical.mongodb.fullname" . }}
  labels:
-    app: mongodb
+    {{- include "infisical.mongodb.labels" . | nindent 4 }}
 spec:
  replicas: 1 # Cannot be scaled. To scale, you must set up Stateful Set
  selector:
    matchLabels:
-      app: mongodb 
+      {{- include "infisical.mongodb.matchLabels" . | nindent 6 }}
  template:
    metadata: 
      labels:
-        app: mongodb 
+        {{- include "infisical.mongodb.matchLabels" . | nindent 8 }}
+      {{- with .Values.mongodb.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
    spec:
      containers:
-      - name: mongodb 
-        image: mongo
+      - name: {{ template "infisical.name" . }}-{{ .Values.mongodb.name }}  
+        image: "{{ .Values.mongodb.image.repository }}:{{ .Values.mongodb.image.tag | default .Chart.AppVersion }}"
+        imagePullPolicy: {{ .Values.mongodb.image.pullPolicy }}
        ports: 
        - containerPort: 27017
        env:
@@ -28,10 +33,16 @@ spec:
 apiVersion: v1
 kind: Service 
 metadata:
-  name: mongodb-service
+  name: {{ include "infisical.mongodb.fullname" . }}
+  labels:
+    {{- include "infisical.mongodb.labels" . | nindent 4 }}
+  {{- with .Values.mongodb.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
  selector:
-    app: mongodb 
+    {{- include "infisical.mongodb.matchLabels" . | nindent 8 }}
  ports:
    - protocol: TCP
      port: 27017
--- a/helm-charts/infisical/values.yaml
+++ b/helm-charts/infisical/values.yaml
@@ -1,30 +1,60 @@
 #####
-# INFISICAL K8 DEFAULT VALUES FIL
+# INFISICAL K8 DEFAULT VALUES FILE
 # PLEASE REPLACE VALUES/EDIT AS REQUIRED 
 #####

+nameOverride: ""
+
 frontend:
+  name: frontend
+  podAnnotations: {}
  replicaCount: 1
  image:
-    repository: 
+    repository: infisical/frontend
    pullPolicy: IfNotPresent
    tag: "latest"
    # kubeSecretRef: some-kube-secret-name
-
+  service:
+    # type of the frontend service
+    type: ClusterIP
+    # define the nodePort if service type is NodePort
+    # nodePort: 
+    annotations: {}

 backend:
+  name: backend
+  podAnnotations: {}
  replicaCount: 1
  image:
-    repository: 
+    repository: infisical/backend
    pullPolicy: IfNotPresent
    tag: "latest"
    # kubeSecretRef: some-kube-secret-name
+  service:
+    annotations: {}
+
+mongodb:
+  name: mongodb
+  podAnnotations: {}
+  image:
+    repository: mongo
+    pullPolicy: IfNotPresent
+    tag: "latest"
+  service:
+    annotations: {}
+
+# By default the backend will be connected to a Mongo instance in the cluster.
+# However, it is recommended to add a Mongo Cloud connection string as the DB instance in the cluster does not have persistence yet.
+# Learn about connection string type here https://www.mongodb.com/docs/manual/reference/connection-string/
+mongodbConnection: {}
+# standardConnectionStringFormat: <>
+# dnsSeedListConnectionFormat: <>

 ingress:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: "nginx"
-  hostName: example.com
+  hostName: example.com # replace with your domain 
  frontend: 
    path: /
    pathType: Prefix
@@ -33,6 +63,7 @@ ingress:
    pathType: Prefix
  tls: []

+
 ## Complete Ingress example 
 # ingress:
 #   enabled: true
@@ -66,13 +97,9 @@ backendEnvironmentVariables:

  # Mail/SMTP
  # Required to send emails
-  SMTP_HOST: MUST_REPLACE 
+  SMTP_HOST: MUST_REPLACE
  SMTP_NAME: MUST_REPLACE
  SMTP_USERNAME: MUST_REPLACE
  SMTP_PASSWORD: MUST_REPLACE

-  # Recommended to replace with Mongo Cloud URI as the DB instance in the cluster does not have persistence yet
-  MONGO_URL: mongodb://root:root@mongodb-service:27017/
-
-# frontendEnvironmentVariables:
-    
+frontendEnvironmentVariables: {}