pub/charts
1
0
Fork 0
Code Issues Pull requests Releases Packages 19 Activity Actions
Minimal and Opinionated Helm Charts powered by a Norwegian 🐻
929 commits 1 branch 0 tags 3.7 MiB
Smarty 92.4%
Python 4.5%
Dockerfile 3.1%
Find a file
Tommy e68832c369
Update storage and database requirements in README
2023-12-25 19:22:59 +01:00
.github/workflows Update build-and-publish.yml 2023-12-23 11:55:37 +01:00
charts Merge pull request #6 from tommy-skaug/renovate/foundationdb-foundationdb-kubernetes-sidecar-7.x 2023-12-25 19:20:18 +01:00
docs feat(docs) improve documentation with examples of manual and automated deployment. Complete overview. 2023-12-23 09:54:31 +01:00
.gitignore Restructure 2023-10-20 13:29:42 +02:00
LICENSE Add back files 2023-10-20 14:09:45 +02:00
README.org Update storage and database requirements in README 2023-12-25 19:22:59 +01:00
renovate.json Update renovate.json 2023-12-24 07:36:52 +01:00
Taskfile.yaml Fix silent flag in Taskfile.yaml 2023-12-25 19:19:15 +01:00

README.org

<p> <div align="center"> <img src="https://helm.sh/img/helm.svg" align="center" width="144px" height="144px"/> <h3>Minimal and Opinionated Helm Charts</h3> <p><i>… powered by a Norwegian bear 🐻</i></p> </div>

<p>&nbsp;</p>

<div align="center"> <a href="https://github.com/tommy-skaug/charts/actions/workflows/build-and-publish.yml" class="badge"> <img src="https://github.com/tommy-skaug/charts/actions/workflows/build-and-publish.yml/badge.svg" alt="Relases building" /></a>

&nbsp;&nbsp;

<a href="https://github.com/tommy-skaug/charts/actions/workflows/pages/pages-build-deployment" class="badge"> <img src="https://github.com/tommy-skaug/charts/actions/workflows/pages/pages-build-deployment/badge.svg" alt="Index Updates" /> </a> </div> </p> <p>&nbsp;</p>

Backend-focused and UX optimized minmal charts built for use with deployments based on Flux. Generally contains Helm charts for infrastructure and some related to security operations.

This is a Helm Chart repository that provides packages for Helm, the Kubernetes package manager. The builds are made available on GitHub Releases and on GitHub Pages.

Some charts only have Docker images available somewhere else or built by me, and others have badly implemented Charts which I've chosen to simplify: opinionated and minimal. Opinionated means that they're adapted to FluxCD and uses best practices such as external-secrets.

As with everything Kubernetes it is a learning journey, so feel free to open an issue.

Below you'll find an overview of the charts and an intro to get you started.

📖 Overview

  • Conduit: An efficient and self-contained Matrix server using an embedded RocksDB database.
  • Attic: Nix Binary Cache server that reduces the time to compile and distribute builds (intro post)
  • Dispatch: A incident management and coordination system developed by Netflix.
  • FoundationDB (fdb-operator): Distributed database with ACID transactions developed by Apple. This buils and deploys, but I don't actively use it at the moment.
  • Hasura: Connects to databases and services to provide a realtime GraphQL API.
  • Netbox: Modeling and docs for IP address management (IPAM) and datacenter infrastructure management (DCIM).
  • Penpot: Design and prototyping tool. For visual collaboration on visuals, prototypes, UX and more.

Requirements

You may need the following:

  • S3 compatible storage
  • PostgreSQL

All tests are run on the latest version of Kubernetes and Helm and no consideration is taken to vendor-specific implementations.

Principles

So what makes this repo different from others? It is KISS and Safe of course.

  • All secrets and ingresses are defined in a secret external from the chart
  • We expect that an ingress terminates external connection and TLS
  • Always use object storage over block storage when possible
  • Never rely on vendor-specific components
  • We prefer open source
  • We never leave room for plaintext secrets, a sane default
  • We always leave for initContainers
  • We use as few values as possible in values.yaml
  • Always use external databases and transports
  • We always configure for OIDC when possible
  • A values file should be possible to read up on in minutes
  • We only support the current major version of Kubernetes and the application
  • Always enable service accounts
  • Use semver for versioning

If you see a chart that does not comply with these principles, please open an issue.

🧑‍💻 Usage

Exploration

You can explore this repo by using the following commands if you have the Kubernetes package manager installed:

# add the package source
helm repo add 252 https://charts.252.no
# or update the repo
helm repo update 252

# search for a specific chart
helm search repo dispatch
# or list all available charts
helm search repo 252 -l 

# show configuration options
helm show values 252/dispatch

# install a chart
helm install dispatch helm-charts/charts/dispatch --namespace=toolbox
As Code with FluxCD

First take care to setup the chart:

apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
  name: 252-charts
  namespace: flux-system
spec:
  interval: 15m
  url: https://charts.252.no

You can reference e.g. the Dispatch chart like this:

---
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
  name: &app dispatch
spec:
  interval: 30m
  chart:
    spec:
      chart: dispatch
      version: 0.3.2
      sourceRef:
        kind: HelmRepository
        name: 252-charts
        namespace: flux-system
  maxHistory: 2
  install:
    remediation:
      retries: 3
  upgrade:
    cleanupOnFail: true
    remediation:
      retries: 3
  uninstall:
    keepHistory: false
  values:
    envFromSecret: &secret dispatch-secret
[...]

Check out the ingress configuration in ingress.org

🤩 Licenses and Gratitude

Repo was inspired by ananace (some parts imported and rewritten).

The general license of this repo is DWTFYWTPB, but respect Apache v2 in some of the repos which were built on other's work. See the individual chart directory for details and these applies.