github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-10 16:08:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

complete helm chart without DB

Browse Source
This commit is contained in:
Maidul Islam
2022-12-04 17:57:28 -05:00
parent 57762ab73c
commit 89c625750a
9 changed files with 61 additions and 221 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
helm-charts/infisical/templates/_helpers.tpl
View File

@@ -1,62 +0,0 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "infisical.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "infisical.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "infisical.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "infisical.labels" -}}
helm.sh/chart: {{ include "infisical.chart" . }}
{{ include "infisical.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "infisical.selectorLabels" -}}
app.kubernetes.io/name: {{ include "infisical.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "infisical.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "infisical.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

9
helm-charts/infisical/templates/backend-deployment → helm-charts/infisical/templates/backend-deployment.yaml
View File

@@ -1,9 +1,10 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: infisical-backend
name: {{ .Release.Name }}-backend-deployment
labels:
app: backend
namespace: {{ .Values.namespace }}
spec:
replicas: {{ .Values.backend.replicaCount }}
selector:
@@ -17,15 +18,21 @@ spec:
containers:
- name: backend
image: infisical/backend
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- containerPort: 4000
env:
{{- range $key, $value := .Values.secrets }}
- name: {{ $key }}
value: {{ $value }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: infisical-backend-service
namespace: {{ .Values.namespace }}
spec:
selector:
app: backend

61
helm-charts/infisical/templates/deployment.yaml
View File

@@ -1,61 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "infisical.fullname" . }}
labels:
{{- include "infisical.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "infisical.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "infisical.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "infisical.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.service.port }}
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

5
helm-charts/infisical/templates/frontend-deployment.yml → helm-charts/infisical/templates/frontend-deployment.yaml
View File

@@ -1,9 +1,10 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: infisical-frontend
name: {{ .Release.Name }}-frontend-deployment
labels:
app: frontend
namespace: {{ .Values.namespace }}
spec:
replicas: {{ .Values.frontend.replicaCount }}
selector:
@@ -17,6 +18,7 @@ spec:
containers:
- name: frontend
image: infisical/frontend
imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
ports:
- containerPort: 4000
---
@@ -24,6 +26,7 @@ apiVersion: v1
kind: Service
metadata:
name: infisical-frontend-service
namespace: {{ .Values.namespace }}
spec:
selector:
app: frontend

71
helm-charts/infisical/templates/ingress.yaml
View File

@@ -1,61 +1,38 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "infisical.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
{{- end }}
{{- end }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "infisical.labels" . | nindent 4 }}
name: infisical-ingress
namespace: {{ .Values.namespace }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
pathType: {{ .pathType }}
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- else }}
serviceName: {{ $fullName }}
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
rules:
- host: {{ .Values.ingress.hostName}}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: infisical-frontend-service
port:
number: 3000
- path: /api
pathType: Prefix
backend:
service:
name: infisical-backend-service
port:
number: 4000

4
helm-charts/infisical/templates/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: infisical

10
helm-charts/infisical/templates/secrets.yml
View File

@@ -1,10 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.secrets.name | default infisicalSecrets }}
type: {{ .Values.secrets.type }}
data:
{{- range $key, $val := .Values.secrets.all }}
{{"SECRET_"}}{{ $key }}: {{ $val | b64enc | quote }}
{{- end}}

15
helm-charts/infisical/templates/tests/test-connection.yaml
View File

@@ -1,15 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: "{{ include "infisical.fullname" . }}-test-connection"
labels:
{{- include "infisical.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": test
spec:
containers:
- name: wget
image: busybox
command: ['wget']
args: ['{{ include "infisical.fullname" . }}:{{ .Values.service.port }}']
restartPolicy: Never

45
helm-charts/infisical/values.yaml
View File

@@ -1,39 +1,36 @@
# Default values for Infisical
namespace: infisical
frontend:
replicaCount: 1
image:
repository:
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
tag: "latest"
backend:
replicaCount: 1
image:
repository:
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
tag: "latest"
ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
annotations: []
hostName: example.com
tls: {}
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
secrets:
PRIVATE_KEY: REQUIRED
PUBLIC_KEY: REQUIRED
ENCRYPTION_KEY: REQUIRED
JWT_SIGNUP_SECRET: REQUIRED
JWT_REFRESH_SECRET: REQUIRED
JWT_AUTH_SECRET: REQUIRED
NODE_ENV: development
SMTP_HOST: REQUIRED
SMTP_NAME: REQUIRED
SMTP_USERNAME: REQUIRED
SMTP_PASSWORD: REQUIRED
MONGO_URL: REQUIRED