fix(penpot) cleanup and fix syntax errors. Add a little more to the docs.
This commit is contained in:
Tommy
parent
4685f5d908
commit
d0740f06f5
5 changed files with 39 additions and 37 deletions
|
|
@ -86,7 +86,8 @@ So what makes this repo different from others? It is KISS and Safe of course.
|
|||
- We only support the current major version of Kubernetes and the application
|
||||
- Always enable service accounts
|
||||
- Use semver for versioning
|
||||
|
||||
- A chart should install on a small scale with default values
|
||||
- All charts are validated for structure and syntax before compilation
|
||||
If you see a chart that does not comply with these principles, please open an issue.
|
||||
|
||||
*** 🧑💻 Usage
|
||||
|
|
|
|||
|
|
@ -9,25 +9,21 @@ spec:
|
|||
replicas: {{ .Values.backend.replicaCount }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "penpot.backendSelectorLabels" . | nindent 6 }}
|
||||
app: {{ include "penpot.fullname" . }}-backend
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "penpot.backendSelectorLabels" . | nindent 8 }}
|
||||
app: {{ include "penpot.fullname" . }}-backend
|
||||
spec:
|
||||
serviceAccountName: {{ include "penpot.serviceAccountName" . }}
|
||||
securityContext:
|
||||
podSecurityContext:
|
||||
enabled: true
|
||||
fsGroup: 1001
|
||||
fsGroup: 1001
|
||||
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}-backend
|
||||
image:
|
||||
repository: "penpotapp/backend:{{ .Values.penpotVersion.tag }}"
|
||||
imagePullPolicy: IfNotPresent
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
image: "penpotapp/backend:{{ .Values.penpotVersion }}"
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsUser: 1001
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
|
|
@ -41,11 +37,11 @@ spec:
|
|||
readOnly: false
|
||||
env:
|
||||
- name: PENPOT_PUBLIC_URI
|
||||
value: {{ .Values.config.publicURI | quote }}
|
||||
value: {{ .Values.publicURL | quote }}
|
||||
- name: PENPOT_FLAGS
|
||||
value: "$PENPOT_FLAGS {{ .Values.config.flags }}"
|
||||
value: "$PENPOT_FLAGS {{ .Values.flags }}"
|
||||
- name: PENPOT_TELEMETRY_ENABLED
|
||||
value: false
|
||||
value: "false"
|
||||
- name: PENPOT_REGISTRATION_DOMAIN_WHITELIST
|
||||
value: {{ .Values.registrationDomainWhitelist | quote }}
|
||||
envFrom:
|
||||
|
|
|
|||
|
|
@ -7,35 +7,37 @@ metadata:
|
|||
{{- include "penpot.labels" . | nindent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.exporter.replicaCount }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ include "penpot.fullname" . }}-exporter
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ include "penpot.fullname" . }}-exporter
|
||||
spec:
|
||||
serviceAccountName: {{ include "penpot.serviceAccountName" . }}
|
||||
securityContext:
|
||||
podSecurityContext:
|
||||
enabled: true
|
||||
fsGroup: 1001
|
||||
fsGroup: 1001
|
||||
|
||||
readOnlyRootFilesystem: false
|
||||
runAsNonRoot: true
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}-exporter
|
||||
image:
|
||||
repository: "penpotapp/exporter:{{ .Values.penpotVersion.tag }}"
|
||||
imagePullPolicy: IfNotPresent
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
image: "penpotapp/exporter:{{ .Values.penpotVersion }}"
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsUser: 1001
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- all
|
||||
readOnlyRootFilesystem: false
|
||||
runAsNonRoot: true
|
||||
env:
|
||||
- name: PENPOT_PUBLIC_URI
|
||||
value: {{ .Values.config.publicURI | quote }}
|
||||
value: {{ .Values.publicURL | quote }}
|
||||
- name: PENPOT_FLAGS
|
||||
value: "$PENPOT_FLAGS {{ .Values.config.flags }}"
|
||||
value: "$PENPOT_FLAGS {{ .Values.flags }}"
|
||||
- name: PENPOT_TELEMETRY_ENABLED
|
||||
value: false
|
||||
value: "false"
|
||||
- name: PENPOT_REGISTRATION_DOMAIN_WHITELIST
|
||||
value: {{ .Values.registrationDomainWhitelist | quote }}
|
||||
envFrom:
|
||||
|
|
|
|||
|
|
@ -7,19 +7,22 @@ metadata:
|
|||
{{- include "penpot.labels" . | nindent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.frontend.replicaCount }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ include "penpot.fullname" . }}-frontend
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ include "penpot.fullname" . }}-frontend
|
||||
spec:
|
||||
serviceAccountName: {{ include "penpot.serviceAccountName" . }}
|
||||
securityContext:
|
||||
podSecurityContext:
|
||||
enabled: true
|
||||
fsGroup: 1001
|
||||
fsGroup: 1001
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}-frontend
|
||||
image: "penpotapp/frontend:{{ .Values.penpotVersion.tag }}"
|
||||
image: "penpotapp/frontend:{{ .Values.penpotVersion }}"
|
||||
imagePullPolicy: IfNotPresent
|
||||
containerSecurityContext:
|
||||
enabled: true
|
||||
securityContext:
|
||||
runAsUser: 1001
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
|
|
@ -29,11 +32,11 @@ spec:
|
|||
runAsNonRoot: true
|
||||
env:
|
||||
- name: PENPOT_PUBLIC_URI
|
||||
value: {{ .Values.config.publicURI | quote }}
|
||||
value: {{ .Values.publicURL | quote }}
|
||||
- name: PENPOT_FLAGS
|
||||
value: "$PENPOT_FLAGS {{ .Values.config.flags }}"
|
||||
value: "$PENPOT_FLAGS {{ .Values.flags }}"
|
||||
- name: PENPOT_TELEMETRY_ENABLED
|
||||
value: false
|
||||
value: "false"
|
||||
- name: PENPOT_REGISTRATION_DOMAIN_WHITELIST
|
||||
value: {{ .Values.registrationDomainWhitelist | quote }}
|
||||
envFrom:
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
envFromSecret: penpot-secret
|
||||
penpotVersion: 1.19.3
|
||||
|
||||
publicURI: "http://localhost:8080"
|
||||
publicURL: "http://localhost:8080"
|
||||
registrationDomainWhitelist: "localhost"
|
||||
flags: "enable-registration enable-login disable-demo-users disable-demo-warning disable-secure-session-cookies"
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue