fix(penpot) cleanup and fix syntax errors. Add a little more to the docs.

README.org

@@ -86,7 +86,8 @@ So what makes this repo different from others? It is KISS and Safe of course.
 - We only support the current major version of Kubernetes and the application
 - Always enable service accounts
 - Use semver for versioning
-
+- A chart should install on a small scale with default values
+- All charts are validated for structure and syntax before compilation
 If you see a chart that does not comply with these principles, please open an issue.
 
 *** 🧑‍💻 Usage

charts/penpot/templates/deployment-backend.yaml

@@ -9,25 +9,21 @@ spec:
   replicas: {{ .Values.backend.replicaCount }}
   selector:
     matchLabels:
-      {{- include "penpot.backendSelectorLabels" . | nindent 6 }}
+      app: {{ include "penpot.fullname" . }}-backend
   template:
     metadata:
       labels:
-        {{- include "penpot.backendSelectorLabels" . | nindent 8 }}
+        app: {{ include "penpot.fullname" . }}-backend
     spec:
       serviceAccountName: {{ include "penpot.serviceAccountName" . }}
       securityContext:
-        podSecurityContext:
-          enabled: true
         fsGroup: 1001
 
       containers:
         - name: {{ .Chart.Name }}-backend
-          image:
+          image: "penpotapp/backend:{{ .Values.penpotVersion }}"
-            repository: "penpotapp/backend:{{ .Values.penpotVersion.tag }}"
           imagePullPolicy: IfNotPresent
-          containerSecurityContext:
+          securityContext:
-            enabled: true
             runAsUser: 1001
             allowPrivilegeEscalation: false
             capabilities:
@@ -41,11 +37,11 @@ spec:
               readOnly: false
           env:
             - name: PENPOT_PUBLIC_URI
-              value: {{ .Values.config.publicURI | quote }}
+              value: {{ .Values.publicURL | quote }}
             - name: PENPOT_FLAGS
-              value: "$PENPOT_FLAGS {{ .Values.config.flags }}"
+              value: "$PENPOT_FLAGS {{ .Values.flags }}"
             - name: PENPOT_TELEMETRY_ENABLED
-              value: false
+              value: "false"
             - name: PENPOT_REGISTRATION_DOMAIN_WHITELIST
               value: {{ .Values.registrationDomainWhitelist | quote }}
           envFrom:

charts/penpot/templates/deployment-exporter.yaml

@@ -7,35 +7,37 @@ metadata:
     {{- include "penpot.labels" . | nindent 4 }}
 spec:
   replicas: {{ .Values.exporter.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ include "penpot.fullname" . }}-exporter
   template:
+    metadata:
+      labels:
+        app: {{ include "penpot.fullname" . }}-exporter
     spec:
       serviceAccountName: {{ include "penpot.serviceAccountName" . }}
       securityContext:
-        podSecurityContext:
-          enabled: true
         fsGroup: 1001
 
-    readOnlyRootFilesystem: false
-    runAsNonRoot: true
       containers:
         - name: {{ .Chart.Name }}-exporter
-          image:
+          image: "penpotapp/exporter:{{ .Values.penpotVersion }}"
-            repository: "penpotapp/exporter:{{ .Values.penpotVersion.tag }}"
           imagePullPolicy: IfNotPresent
-          containerSecurityContext:
+          securityContext:
-            enabled: true
             runAsUser: 1001
             allowPrivilegeEscalation: false
             capabilities:
               drop:
               - all
+            readOnlyRootFilesystem: false
+            runAsNonRoot: true
           env:
             - name: PENPOT_PUBLIC_URI
-              value: {{ .Values.config.publicURI | quote }}
+              value: {{ .Values.publicURL | quote }}
             - name: PENPOT_FLAGS
-              value: "$PENPOT_FLAGS {{ .Values.config.flags }}"
+              value: "$PENPOT_FLAGS {{ .Values.flags }}"
             - name: PENPOT_TELEMETRY_ENABLED
-              value: false
+              value: "false"
             - name: PENPOT_REGISTRATION_DOMAIN_WHITELIST
               value: {{ .Values.registrationDomainWhitelist | quote }}
           envFrom:

charts/penpot/templates/deployment-frontend.yaml

@@ -7,19 +7,22 @@ metadata:
     {{- include "penpot.labels" . | nindent 4 }}
 spec:
   replicas: {{ .Values.frontend.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ include "penpot.fullname" . }}-frontend
   template:
+    metadata:
+      labels:
+        app: {{ include "penpot.fullname" . }}-frontend
     spec:
       serviceAccountName: {{ include "penpot.serviceAccountName" . }}
       securityContext:
-        podSecurityContext:
-          enabled: true
         fsGroup: 1001
       containers:
         - name: {{ .Chart.Name }}-frontend
-          image: "penpotapp/frontend:{{ .Values.penpotVersion.tag }}"
+          image: "penpotapp/frontend:{{ .Values.penpotVersion }}"
           imagePullPolicy: IfNotPresent
-          containerSecurityContext:
+          securityContext:
-            enabled: true
             runAsUser: 1001
             allowPrivilegeEscalation: false
             capabilities:
@@ -29,11 +32,11 @@ spec:
             runAsNonRoot: true
           env:
             - name: PENPOT_PUBLIC_URI
-              value: {{ .Values.config.publicURI | quote }}
+              value: {{ .Values.publicURL | quote }}
             - name: PENPOT_FLAGS
-              value: "$PENPOT_FLAGS {{ .Values.config.flags }}"
+              value: "$PENPOT_FLAGS {{ .Values.flags }}"
             - name: PENPOT_TELEMETRY_ENABLED
-              value: false
+              value: "false"
             - name: PENPOT_REGISTRATION_DOMAIN_WHITELIST
               value: {{ .Values.registrationDomainWhitelist | quote }}
           envFrom:

charts/penpot/values.yaml

@@ -1,7 +1,7 @@
 envFromSecret: penpot-secret
 penpotVersion: 1.19.3
 
-publicURI: "http://localhost:8080"
+publicURL: "http://localhost:8080"
 registrationDomainWhitelist: "localhost"
 flags: "enable-registration enable-login disable-demo-users disable-demo-warning disable-secure-session-cookies"