charts/hashr/Chart.yaml

@@ -7,7 +7,7 @@ description: |
 # renovate: image=us-docker.pkg.dev/osdfir-registry/hashr/release/hashr
 appVersion: "20240508"
 type: application
-version: 0.2.2
+version: 0.2.1
 maintainers:
 - name: Tommy Skaug
   email: tommy@skaug.me

charts/hashr/ci/pluto-values.yaml

@@ -1,73 +0,0 @@
-# Recommended start size of pvc is 20GB
-existingPVC: ""
-existingSecretName: hashr-secret
-
-initContainers:
-  dbInit:
-    image:
-      repository: ghcr.io/onedr0p/postgres-init
-      tag: "16"
-    existingSecretName: hashr-postgres-init-secret
-
-postgres:
-  hostname: "postgres-rw.databases.svc.cluster.local"
-  database_name: "hashr"
-  port: "5432"
-  secretName: hashr-secret
-
-image:
-  repository: us-docker.pkg.dev/osdfir-registry/hashr/release/hashr
-  pullPolicy: IfNotPresent
-  tag: latest
-  # imagePullSecrets:
-  # - myRegistryKeySecretName
-  imagePullSecrets: []
-
-hashr:
-  importers:
-    zip:
-      enabled: false
-      schedule: "0 3 * * 6"
-      resources:
-        limits:
-          cpu: 500m
-          memory: 1Gi
-        requests:
-          cpu: 50m
-          memory: 128Mi
-    aws:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 9 * * 1"
-    gcp:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 3 * * 1"
-      gcp_projects: ""
-      hashr_gcp_project: ""
-      hashr_gcs_bucket: ""
-    targz:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 3 * * 2"
-    windows:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 3 * * 3"
-    wsus:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 3 * * 4"
-    rpm:
-      enabled: false
-      schedule: "0 3 * * 5"
-    gcr:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 3 * * 7"
-    iso9660:
-      enabled: false
-      schedule: "0 15 * * 1"
-    deb:
-      enabled: false
-      schedule: "0 15 * * 2"

charts/hashr/templates/_helpers.tpl

@@ -42,11 +42,4 @@ Create the upload path.
 */}}
 {{- define "hashr.uploadPath" -}}
 {{- printf "/data/upload" }}
-{{- end }}
-
-{{/*
-Create the data path.
-*/}}
-{{- define "hashr.dataPath" -}}
-{{- printf "/data/processing" }}
 {{- end }}

charts/hashr/templates/cronjob-zip.yaml

@@ -1,79 +0,0 @@
-{{- if .Values.hashr.importers.zip.enabled -}}
-apiVersion: batch/v1
-kind: CronJob
-metadata:
-  name: {{ .Release.Name }}-hashr-zip
-spec:
-  schedule: {{ .Values.hashr.importers.zip.schedule | quote }}
-  concurrencyPolicy: Forbid
-  successfulJobsHistoryLimit: 2
-  failedJobsHistoryLimit: 1
-  jobTemplate:
-    spec:
-      template:
-        metadata:
-          labels:
-            app.kubernetes.io/instance: {{ .Release.Name }}
-        spec:
-          priorityClassName: {{ .Values.priorityClassName | default "default" }}
-          containers:
-          - name: hashr-zip
-            image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-            imagePullPolicy: IfNotPresent
-            args:
-              - --logtostderr=1
-              - -storage
-              - postgres
-              - -exporters
-              - postgres
-              - -postgres_host
-              - "$(POSTGRES_HOST)"
-              - -postgres_port
-              - "$(POSTGRES_PORT)"
-              - -postgres_user
-              - "$(POSTGRES_USERNAME)"
-              - -postgres_password
-              - "$(POSTGRES_PASSWORD)"
-              - -postgres_db
-              - "$(POSTGRES_DATABASE)"
-              - -importers
-              - zip
-              - -zip_repo_path
-              - {{ (include "hashr.dataPath" .) }}/zip/
-            env:
-            - name: POSTGRES_USERNAME
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.postgres.secretName }}
-                  key: POSTGRES_USERNAME
-            - name: POSTGRES_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.postgres.secretName }}
-                  key: POSTGRES_PASSWORD
-            - name: POSTGRES_HOST
-              value: {{ .Values.postgres.host }}
-            - name: POSTGRES_PORT
-              value: {{ .Values.postgres.port }}
-            - name: POSTGRES_DATABASE
-              value: {{ .Values.postgres.database }}
-            volumeMounts:
-            - name: hashrvolume
-              mountPath: {{ (include "hashr.dataPath" .) | quote }}
-            resources:
-              {{- toYaml .Values.hashr.importers.zip.resources | nindent 14 }}
-            securityContext:
-              allowPrivilegeEscalation: false
-              readOnlyRootFilesystem: true
-              runAsNonRoot: true
-              capabilities:
-                drop: ["ALL"]
-              seccompProfile:
-                type: RuntimeDefault
-          restartPolicy: Never
-          volumes:
-          - name: hashrvolume
-            persistentVolumeClaim:
-              claimName: {{ .Values.existingPVC }}
-              readOnly: false
-{{- end }}

charts/hashr/templates/db-init.yaml

@@ -1,42 +0,0 @@
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: {{ include "hashr.fullname" . }}-db-init
-  labels:
-    {{- include "hashr.labels" . | nindent 4 }}
-spec:
-  template:
-    spec:
-      restartPolicy: Never
-      automountServiceAccountToken: false
-      priorityClassName: "high-priority"
-      securityContext:
-        runAsUser: 1000
-        runAsGroup: 3000
-        fsGroup: 2000
-        runAsNonRoot: true
-        seccompProfile:
-          type: RuntimeDefault
-      containers:
-        - name: general-db-init
-          image: "{{ .Values.initContainers.dbInit.image.repository }}:{{ .Values.initContainers.dbInit.image.tag }}"
-          imagePullPolicy: IfNotPresent
-          env:
-            - name: INIT_POSTGRES_HOST
-              value: {{ .Values.postgres.host }}
-          envFrom:
-            - secretRef:
-                name: {{ .Values.initContainers.dbInit.existingSecretName }}
-          securityContext:
-            runAsUser: 1000
-            allowPrivilegeEscalation: false
-            capabilities:
-              drop: ["ALL"]
-          resources:
-            requests:
-              memory: "512Mi"
-              cpu: "250m"
-            limits:
-              memory: "1Gi"
-              cpu: "500m"
-  backoffLimit: 3

charts/hashr/templates/pod-data-manager.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: {{ .Release.Name }}-hashr-data-manager
+spec:
+  containers:
+  - name: hashr-data-manager
+    image: busybox:latest
+    imagePullPolicy: IfNotPresent
+    command: ["sh", "-c", "while true; do sleep 1800; done;"]
+    volumeMounts:
+    - name: hashrvolume
+      mountPath: {{ (include "hashr.dataPath" .) | quote }}
+  restartPolicy: Always
+  volumes:
+  - name: hashrvolume
+    persistentVolumeClaim:
+      claimName: {{ include "hashr.pvc.name"  . }}
+      readOnly: false

charts/hashr/templates/pod.yaml

@@ -1,48 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: {{ .Release.Name }}-hashr-data-manager
-  labels:
-    app.kubernetes.io/instance: {{ .Release.Name }}
-spec:
-  serviceAccountName: {{ include "hashr.fullname" . }}
-  automountServiceAccountToken: false
-  priorityClassName: {{ .Values.priorityClassName | default "default" }}
-  topologySpreadConstraints:
-    - maxSkew: 1
-      topologyKey: kubernetes.io/hostname
-      whenUnsatisfiable: DoNotSchedule
-      labelSelector:
-        matchLabels:
-          app.kubernetes.io/instance: {{ .Release.Name }}
-  containers:
-  - name: hashr-data-manager
-    image: busybox:stable
-    imagePullPolicy: IfNotPresent
-    command: ["sh", "-c", "while true; do sleep 1800; done;"]
-    volumeMounts:
-    - name: hashrvolume
-      mountPath: {{ (include "hashr.dataPath" .) | quote }}
-    resources:
-      limits:
-        cpu: "500m"
-        memory: "512Mi"
-      requests:
-        cpu: "250m"
-        memory: "256Mi"
-    securityContext: 
-      allowPrivilegeEscalation: false
-      readOnlyRootFilesystem: true
-      runAsNonRoot: true
-      capabilities:
-        drop: ["ALL"]
-      seccompProfile:
-        type: RuntimeDefault
-      initialDelaySeconds: 5
-      periodSeconds: 10
-  restartPolicy: Always
-  volumes:
-  - name: hashrvolume
-    persistentVolumeClaim:
-      claimName: {{ .Values.existingPVC }}
-      readOnly: false

charts/hashr/values.yaml

@@ -1,73 +0,0 @@
-# Recommended start size of pvc is 20GB
-existingPVC: ""
-existingSecretName: hashr-secret
-
-initContainers:
-  dbInit:
-    image:
-      repository: ghcr.io/onedr0p/postgres-init
-      tag: "16"
-    existingSecretName: hashr-postgres-init-secret
-
-postgres:
-  hostname: "postgres-rw.databases.svc.cluster.local"
-  database_name: "hashr"
-  port: "5432"
-  secretName: hashr-secret
-
-image:
-  repository: us-docker.pkg.dev/osdfir-registry/hashr/release/hashr
-  pullPolicy: IfNotPresent
-  tag: latest
-  # imagePullSecrets:
-  # - myRegistryKeySecretName
-  imagePullSecrets: []
-
-hashr:
-  importers:
-    zip:
-      enabled: false
-      schedule: "0 3 * * 6"
-      resources:
-        limits:
-          cpu: 500m
-          memory: 1Gi
-        requests:
-          cpu: 50m
-          memory: 128Mi
-    aws:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 9 * * 1"
-    gcp:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 3 * * 1"
-      gcp_projects: ""
-      hashr_gcp_project: ""
-      hashr_gcs_bucket: ""
-    targz:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 3 * * 2"
-    windows:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 3 * * 3"
-    wsus:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 3 * * 4"
-    rpm:
-      enabled: false
-      schedule: "0 3 * * 5"
-    gcr:
-      # TODO: Add cronjob file!
-      enabled: false
-      schedule: "0 3 * * 7"
-    iso9660:
-      enabled: false
-      schedule: "0 15 * * 1"
-    deb:
-      enabled: false
-      schedule: "0 15 * * 2"