dan
/
improwised-charts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Chart testing (#13) 

* init

* add release logic

* fix: pr workflow repo

* fix: typo in tasks

* fix: release task

* fix: linting

* add: more log

* fix: stopping at linting

* fix: charts

* check linting

* lint target branch master

* cat git ref

* check branch

* checkout this branch

* linting against master

* test: remove checkout

* test: ct since based linting

* test: add git log and use origin with branch name

* test: git fetch all

* test: shorten log

* test: add origin

* test: remove exit 0

* test: unshallowing

* test: add fetch all

* test: remove clutter

* test: remove more clutter

* test: chart testing

* test: add git config

* fix: charts

* fix: test and release

* fix: add cleanup

* fix: brackets

* fix: remove helm extra args

* exit on testing fail

* fix: handle exit codes and remove errexit

* add: error exit

* add: erroexit in linting

* fix: table format changed by ide vscode plugin

* feat: ct config

* fix: get sc, silent curl, fix kind img condition

* fix: output path in release task

* fix: storage class

* fix: livenesspob initial seconds

* chnages in erpnext

* fix: by pre-commit hook

* fix: chart testing

* feat: mega linter

* fix: n8n charts-yaml

* fix: filename

* fix: erpnext ct test remove affinity

* test

* fix: minio upload source

* error handling

* remove n8n helm chart

* remove images from task

* fix: chart release

* feat: more pre-commit hooks

* feat: env based helm and ct downloading

* feat: conventional commit linting using precommit

* feat(precommit): yaml linting with fixed

* ci: github release for charts

- add github release for individual charts
- add custom tarr bash function

* ci: conventional commit linting insted of angula

* ci: add chart bumping and changelog with gitchglog

* ci: fix github release script

* docs: add init ci step for charts [ci skip]

* ci: bump, package and release seprate tasks

* ci: skip all error based on SKIP_ERR env

* ci: move skip error portion to only chart testing

* ci: fix pipeline

* ci: remove bumping from linting task

* ci: redirect err to /dev/null and fix SKIP_ERR

* fix: ci fix healthchecks test

* fix:  increase initial dealy in probs healthchecks

* bump: erpnext:- 3.1.8 → 3.2.0 [ci skip]

* bump: freeipa:- 0.1.1 → 0.2.0 [ci skip]

* bump: healthchecks:- 1.0.4 → 1.0.5 [ci skip]

* chore(status): modify status pointer [ci skip]

* chore(status): move status pointer [ci skip]

* ci: move .yamllint to .ci

* fix: merge upstream chart with our changes

- Add mariadb as dependent chart which helps in chart testing pipeline
- Separate backup pre upgrade job
- Remove test (it was default test that comes with chart template)
- MUST NOT provide storage class, it will pickup from default sc in k8s
- Add affinity where necessary

* fix: capabilities to all

* ci: better ct lsc condition

* ci: handle ct exit code

* ci: fix ct lsc

* ci: fix entry condition

* chore(status): move status pointer [ci skip]

* ci: fix fetching  when linting to stop exit 128

* ci: remove SKIP_ERR

* ci: diffrent task fro pr workflow

* ci: move back status pointer, ignore freeipa chart

- move back status pointer to check testing

* ci: remove trap

* ci: docker system prine on exit, forking on docker load

* bump: erpnext:- 3.2.4 → 3.2.5 [ci skip]

* chore(status): modify status pointer [ci skip]

* chore(status): move status pointer [ci skip]

Co-authored-by: concourse <concourse@github-noreply.com>
main
Pratik 2021-11-10 12:55:23 +05:30 committed by GitHub
parent 91d3b66431
commit 459f692e33
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
78 changed files with 1690 additions and 923 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
.ci/.yamllint Normal file
View File

@ -0,0 +1,42 @@
---
yaml-files:
- '*.yaml'
- '*.yml'
- '.yamllint'
rules:
braces:
ignore: |
**.ci**
brackets: enable
colons: enable
commas: enable
comments:
level: warning
comments-indentation:
level: warning
document-end: disable
document-start:
level: warning
ignore: |
**values.yaml**
**override-values.yaml**
empty-lines: enable
empty-values: disable
hyphens: enable
indentation: enable
key-duplicates: enable
key-ordering: disable
line-length:
max: 100
level: warning
new-line-at-end-of-file: enable
new-lines: enable
octal-values: disable
quoted-strings: disable
trailing-spaces: enable
truthy:
level: warning
ignore: |
**templates**

38
.ci/CHANGELOG.tpl.md Executable file
View File

@ -0,0 +1,38 @@
{{ range .Versions }}
<a name="{{ .Tag.Name }}"></a>
## {{ if .Tag.Previous }}[{{ .Tag.Name }}]({{ $.Info.RepositoryURL }}/compare/{{ .Tag.Previous.Name }}...{{ .Tag.Name }}){{ else }}{{ .Tag.Name }}{{ end }} ({{ datetime "2006-01-02" .Tag.Date }})
{{ range .CommitGroups -}}
### {{ .Title }}
{{ range .Commits -}}
* {{ if .Scope }}**{{ .Scope }}:** {{ end }}{{ .Subject }}
{{ end }}
{{ end -}}
{{- if .RevertCommits -}}
### Reverts
{{ range .RevertCommits -}}
* {{ .Revert.Header }}
{{ end }}
{{ end -}}
{{- if .MergeCommits -}}
### Pull Requests
{{ range .MergeCommits -}}
* {{ .Header }}
{{ end }}
{{ end -}}
{{- if .NoteGroups -}}
{{ range .NoteGroups -}}
### {{ .Title }}
{{ range .Notes }}
{{ .Body }}
{{ end }}
{{ end -}}
{{ end -}}
{{ end -}}

37
.ci/chart_schema.yaml Normal file
View File

@ -0,0 +1,37 @@
name: str()
home: str(required=False)
version: str()
apiVersion: str()
appVersion: any(str(), num(), required=False)
description: str()
keywords: list(str(), required=False)
sources: list(str(), required=False)
maintainers: list(include('maintainer'), required=False)
dependencies: list(include('dependency'), required=False)
icon: str(required=False)
engine: str(required=False)
condition: str(required=False)
tags: str(required=False)
deprecated: bool(required=False)
kubeVersion: str(required=False)
annotations: map(str(), str(), required=False)
type: str(required=False)
---
maintainer:
name: str()
email: str(required=False)
url: str(required=False)
---
dependency:
name: str()
version: str()
repository: str()
condition: str(required=False)
tags: list(str(), required=False)
enabled: bool(required=False)
import-values: any(list(str()), list(include('import-value')), required=False)
alias: str(required=False)
---
import-value:
child: str()
parent: str()

34
.ci/git-chglog-config.yml Normal file
View File

@ -0,0 +1,34 @@
style: github
template: CHANGELOG.tpl.md
info:
title: CHANGELOG
repository_url: n
options:
commits:
filters:
Type:
- feat
- fix
- perf
- refactor
- ci
commit_groups:
title_maps:
feat: Features
fix: Bug Fixes
perf: Performance Improvements
refactor: Code Refactoring
ci: CI
header:
pattern: "^(\\w*)(?:\\(([\\w\\$\\.\\-\\*\\s]*)\\))?\\:\\s(.*)$"
pattern_maps:
- Type
- Scope
- Subject
merges:
pattern: "^Merge branch '(\\w+)'$"
pattern_maps:
- Source
notes:
keywords:
- BREAKING CHANGE

42
.ci/lintconf.yaml Normal file
View File

@ -0,0 +1,42 @@
---
rules:
braces:
min-spaces-inside: 0
max-spaces-inside: 0
min-spaces-inside-empty: -1
max-spaces-inside-empty: -1
brackets:
min-spaces-inside: 0
max-spaces-inside: 0
min-spaces-inside-empty: -1
max-spaces-inside-empty: -1
colons:
max-spaces-before: 0
max-spaces-after: 1
commas:
max-spaces-before: 0
min-spaces-after: 1
max-spaces-after: 1
comments:
require-starting-space: false
min-spaces-from-content: 1
document-end: disable
document-start: disable # No --- to start a file
empty-lines:
max: 2
max-start: 0
max-end: 0
hyphens:
max-spaces-after: 1
indentation:
spaces: consistent
indent-sequences: whatever # - list indentation will handle both indentation and without
check-multi-line-strings: false
key-duplicates: enable
line-length: disable # Lines can be any length
new-line-at-end-of-file: enable
new-lines:
type: unix
trailing-spaces: enable
truthy:
level: warning

96
.ci/scripts/bump.sh Executable file
View File

@ -0,0 +1,96 @@
set -ex
TASK_ROOT=$(pwd)
cd repo
[[ $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null) == "" ]] && echo "#### no changes found ####" && exit 0
# function git_fetch() {
# if [[ $(git config --get remote.origin.url) == *"git@github.com"* ]]; then
# mkdir -p ~/.ssh
# touch ~/.ssh/id_rsa ~/.ssh/known_hosts
# echo $KEY | base64 -d >~/.ssh/id_rsa
# chmod 600 ~/.ssh/id_rsa
# ssh-keyscan github.com >>~/.ssh/known_hosts
# git config remote.origin.fetch refs/heads/*:refs/remotes/origin/*
# git fetch --all
# git fetch $(git config --get remote.origin.url) 'refs/tags/*:refs/tags/*'
# else
# git config remote.origin.fetch refs/heads/*:refs/remotes/origin/*
# git fetch --all
# fi
# }
# git_fetch
## Set git user email and name for commit
git config --global user.email concourse@github-noreply.com
git config --global user.name concourse
## Insatll YQ
source <(curl -s https://raw.githubusercontent.com/pratikbalar/bash-functions/main/functions.sh)
tarr https://github.com/mikefarah/yq/releases/download/v4.9.3/yq_linux_386.tar.gz yq_linux_386 /usr/bin/yq
# locked version at v3.2.0
wget -nv -O /usr/bin/semvertool https://raw.githubusercontent.com/fsaintjacques/semver-tool/20028cb53f340a300b460b423e43f0eac13bcd9a/src/semver
chmod +x /usr/bin/semvertool
BUMP_PATTERN='^(BREAKING[\-\ ]CHANGE|feat|fix|refactor|perf)(\(.+\))?(!)?'
MAJOR='(^.+!|.*BREAKING[\-\ ]CHANGE)'
MINOR='(^feat)'
PATCH='(^fix|^perf|^refactor)'
bumpp() {
semvertool bump $1 $2
}
## Chart version bumping loop
for chart in $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null); do
CHART_NAME=$(yq e '.name' $chart/Chart.yaml)
CHARTS=()
CHARTS+=(${chart})
echo "Checking version bump for ${CHART_NAME}"
COMMIT_MESSAGE=$(git log --format=%B -n 1 $chart/)
printf "last commit message: \"${COMMIT_MESSAGE}\" \n"
if [[ ${COMMIT_MESSAGE} =~ ${BUMP_PATTERN} ]]; then
OLD_VERSION=$(yq e '.version' $chart/Chart.yaml)
CHARTS+=(${OLD_VERSION})
if [[ ${COMMIT_MESSAGE} =~ ${MAJOR} ]]; then
BUMP="major"
echo "Bumping ${BUMP}"
elif [[ ${COMMIT_MESSAGE} =~ ${MINOR} ]]; then
BUMP="minor"
echo "Bumping ${BUMP}"
elif [[ ${COMMIT_MESSAGE} =~ ${PATCH} ]]; then
BUMP="patch"
echo "Bumping ${BUMP}"
else
echo "${CHART_NAME}: skipping"
continue
fi
## mv bump chart and local commit
## note: exported NEW_VERSION var so yq can use it with `env` operator
export NEW_VERSION=$(bumpp ${BUMP} ${OLD_VERSION})
yq eval '.version = env(NEW_VERSION)' $chart/Chart.yaml >$chart/_Chart.yaml
mv $chart/_Chart.yaml $chart/Chart.yaml
## Commit new chart version
COMMIT_MSG="bump: ${CHART_NAME}:- ${OLD_VERSION}${NEW_VERSION} [ci skip]"
CHARTS+=(${NEW_VERSION})
echo ${COMMIT_MSG}
git add $chart/Chart.yaml
git commit -m "${COMMIT_MSG}"
## add new SHA to array
COMMIT_SHA=$(git log --oneline -n 1 --format=%H)
CHARTS+=(${COMMIT_SHA})
echo ${CHARTS[*]} >>status
unset CHARTS
else
echo "Not bumpable commits found, skipping"
continue
fi
done
## Add and commit modified status
git add status
git commit -m "chore(status): modify status pointer [ci skip]"

8
.ci/scripts/lint.sh Executable file
View File

@ -0,0 +1,8 @@
set -ex
TASK_ROOT=$(pwd)
cd repo
[[ $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null) == "" ]] && echo "#### no changes found ####" && exit 0
## ct linting
export HELM_CONFIG_HOME=./
ct lint --config ct.yaml --since $(head -n1 status) --debug

24
.ci/scripts/package.sh Executable file
View File

@ -0,0 +1,24 @@
set -ex
TASK_ROOT=$(pwd)
cd repo
[[ $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null) == "" ]] && echo "#### no changes found ####" && exit 0
## Set git user email and name for commiting
git config --global user.email concourse@github-noreply.com
git config --global user.name concourse
export HELM_CONFIG_HOME=$(pwd)/
tail -n+2 status >${TASK_ROOT}/bumping
## Package and index charts, taking input from bumping file
while read -r line; do
CHART=($line)
echo "########### Packaging ${CHART[0]} ###########"
helm package -u -d ${TASK_ROOT}/charts/charts ${CHART[0]}
cd ${TASK_ROOT}/charts
helm repo index --url https://improwised.github.io/charts .
git add .
git commit -m "bump: ${CHART[0]/charts\//}:- ${CHART[1]}${CHART[2]}"
cd ${TASK_ROOT}/repo
done <${TASK_ROOT}/bumping

6
.ci/scripts/pr-lint.sh Executable file
View File

@ -0,0 +1,6 @@
set -ex
TASK_ROOT=$(pwd)
cd repo
## ct linting
export HELM_CONFIG_HOME=./
ct lint --target-branch master --remote origin --config ct.yaml --debug

72
.ci/scripts/release.sh Executable file
View File

@ -0,0 +1,72 @@
set -ex
TASK_ROOT=$(pwd)
cd repo
[[ $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null) == "" ]] && echo "#### no changes found ####" && exit 0
## Functioon for git feching in concoures for ssh or https based repos
# function git_fetch() {
# if [[ $(git config --get remote.origin.url) == *"git@github.com"* ]]; then
# mkdir -p ~/.ssh
# [[ -z $KEY ]] && echo "#### env var \$KEY not found" && exit 1
# touch ~/.ssh/id_rsa ~/.ssh/known_hosts
# echo $KEY | base64 -d >~/.ssh/id_rsa
# chmod 700 ~/.ssh/id_rsa
# ssh-keyscan github.com >>~/.ssh/known_hosts
# git config remote.origin.fetch refs/heads/*:refs/remotes/origin/*
# git fetch --all
# git fetch $(git config --get remote.origin.url) 'refs/tags/*:refs/tags/*'
# else
# git config remote.origin.fetch refs/heads/*:refs/remotes/origin/*
# git fetch --all
# fi
# }
# git_fetch
## Set git user email and name for commit
git config --global user.email concourse@github-noreply.com
git config --global user.name concourse
## install necessary tools and setup minio
source <(curl -s https://raw.githubusercontent.com/pratikbalar/bash-functions/main/functions.sh)
tarr https://github.com/tcnksm/ghr/releases/download/v0.13.0/ghr_v0.13.0_linux_amd64.tar.gz ghr_v0.13.0_linux_amd64/ghr /usr/bin/ghr
tarr https://github.com/git-chglog/git-chglog/releases/download/v0.14.2/git-chglog_0.14.2_linux_amd64.tar.gz git-chglog /usr/local/bin/git-chglog
PROJECT_USERNAME=$(git config --get remote.origin.url | sed 's/git\@github\.com\:\|\.git\|https\:\/\/github\.com\///g' | awk -F\/ '{printf $1}')
PROJECT_REPONAME=$(git config --get remote.origin.url | sed 's/git\@github\.com\:\|\.git\|https\:\/\/github\.com\///g' | awk -F\/ '{printf $2}')
tail -n+2 status >${TASK_ROOT}/bumping
while read -r line; do
## Extract info from array
CHART=($line)
CHART_NAME=${CHART[0]/charts\//}
OLD_VERSION=${CHART[1]}
NEW_VERSION=${CHART[2]}
COMMIT_SHA=${CHART[3]}
## Create temporary tag for generating generating proper changelog
git tag ${CHART_NAME}-${NEW_VERSION} ${COMMIT_SHA}
git-chglog -o /tmp/${CHART_NAME}-${NEW_VERSION}.md \
--config .ci/git-chglog-config.yml \
--path ${CHART} \
${CHART_NAME}-${NEW_VERSION}
git tag -d ${CHART_NAME}-${NEW_VERSION}
## Github release chart
echo "########### Releasing ${CHART_NAME} chart ###########"
ghr -token "${GITHUB_TOKEN}" \
-name "${CHART_NAME}-${NEW_VERSION}" \
-body "$(cat /tmp/${CHART_NAME}-${NEW_VERSION}.md)" \
-owner "${PROJECT_USERNAME}" \
-repository "${PROJECT_REPONAME}" \
-commitish "${COMMIT_SHA}" \
-replace \
${CHART_NAME}-${NEW_VERSION} \
${TASK_ROOT}/charts/charts/${CHART_NAME}-${NEW_VERSION}.tgz
done <${TASK_ROOT}/bumping
## Move status pointer
git log --oneline -n 1 --format=%H >status
git add status
git commit -m "chore(status): move status pointer [ci skip]"

67
.ci/scripts/test.sh Executable file
View File

@ -0,0 +1,67 @@
set -ex
TASK_ROOT=$(pwd)
apk add --no-progress --no-cache git
## Install helm and ct same version
source <(curl -s https://raw.githubusercontent.com/pratikbalar/bash-functions/main/functions.sh)
tarr https://get.helm.sh/helm-${CT_VERSION}-linux-amd64.tar.gz linux-amd64/helm /usr/bin/helm
tarr https://github.com/helm/chart-testing/releases/download/${CT_VERSION}/chart-testing_${CT_VERSION/v/}_linux_amd64.tar.gz ct /usr/bin/ct
## Check if there any changes
cd repo
[[ $(ct list-changed --config ct.yaml --since $(head -n1 status) 2>/dev/null) == "" ]] && echo "#### no changes found ####" && exit 0
## Start Docker
cd ..
source /docker-lib.sh
start_docker
# Cleanup.
# Not sure if this is required.
# It's quite possible that Concourse is smart enough to clean up the Docker mess itself.
function cleanup() {
docker system prune --all --force --volumes
}
trap cleanup EXIT
# Strictly speaking, preloading of Docker images is not required.
# However, you might want to do this for a couple of reasons:
# - If the image comes from a private repository, it is much easier to let Concourse pull it,
# and then pass it through to the task.
# - When the image is passed to th e task, Concourse can often get the image from its cache.
KIND_VERSION="${KIND_NODE_VERSION:-$(cat kind-img/tag)}"
docker_load() {
if [[ ! -f kind-img/tag ]]; then
docker pull kindest/node:${KIND_VERSION}
else
docker load -i kind-img/image
docker tag "$(cat kind-img/image-id)" "$(cat kind-img/repository):$(cat kind-img/tag)"
fi
}
docker_load &
wait_docker_load=$!
## installing kubectl
apk add --no-cache --no-progress -X http://dl-cdn.alpinelinux.org/alpine/edge/testing kubectl
curl -Lso /usr/bin/kind https://kind.sigs.k8s.io/dl/v0.10.0/kind-linux-amd64
chmod a+x /usr/bin/kind
## create cluster with verbose
wait ${wait_docker_load}
kind create cluster --image kindest/node:"${KIND_VERSION}" --name "${KIND_VERSION}" -v 5
## Wait for cluster to come up
kind get clusters
echo "Waiting for cluster to come up"
sleep 20
while [[ $(kubectl get pods -A -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}') == *"False"* ]]; do
echo "#### Pods are not ready, waiting... ####"
kubectl get pods -A
sleep 5
done
echo "#### Cluster is ready ####"
kubectl get all,sc,cs -A
cd repo
export HELM_CONFIG_HOME=./
ct install --config ct.yaml --since $(head -n1 status) --debug

13
.ci/task-bump.yaml Normal file
View File

@ -0,0 +1,13 @@
---
platform: linux
inputs:
- name: repo
outputs:
- name: repo
path: repo
run:
path: bash
args: [repo/.ci/scripts/bump.sh]

9
.ci/task-lint.yaml Normal file
View File

@ -0,0 +1,9 @@
---
platform: linux
inputs:
- name: repo
run:
path: bash
args: [repo/.ci/scripts/pr-lint.sh]

13
.ci/task-package.yaml Normal file
View File

@ -0,0 +1,13 @@
---
platform: linux
inputs:
- name: repo
- name: charts
outputs:
- name: charts
path: charts
run:
path: bash
args: [repo/.ci/scripts/package.sh]

9
.ci/task-pr-lint.yaml Normal file
View File

@ -0,0 +1,9 @@
---
platform: linux
inputs:
- name: repo
run:
path: bash
args: [repo/.ci/scripts/lint.sh]

15
.ci/task-release.yaml Normal file
View File

@ -0,0 +1,15 @@
---
platform: linux
# image_resource: { type: docker-image, source: { repository: alpine } }
inputs:
- name: repo
- name: charts
outputs:
- name: repo
path: repo
run:
path: bash
args: [repo/.ci/scripts/release.sh]

12
.ci/task-test.yaml Normal file
View File

@ -0,0 +1,12 @@
---
platform: linux
image_resource: { type: docker-image, source: { repository: amidos/dcind } }
inputs:
- name: kind-img
optional: true
- name: repo
run:
path: bash
args: [repo/.ci/scripts/test.sh]

3
.gitignore vendored
View File

@ -7,9 +7,10 @@
# Test binary, built with `go test -c`
*.test
*.tgz
# Output of the go coverage tool, specifically when used with LiteIDE
*.out
# Dependency directories (remove the comment below to include it)
# vendor/
tmp-*

27
.pre-commit-config.yaml Normal file
View File

@ -0,0 +1,27 @@
# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.2.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-added-large-files
- id: check-merge-conflict
- id: check-symlinks
- id: detect-private-key
- repo: https://github.com/Yelp/detect-secrets
rev: v1.1.0
hooks:
- id: detect-secrets
- repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook
rev: v2.2.0
hooks:
- id: commitlint
stages: [commit-msg]
additional_dependencies: ["@commitlint/config-conventional"]
- repo: https://github.com/adrienverge/yamllint
rev: 85ccd62
hooks:
- id: yamllint
args: [-c, ".ci/.yamllint"]

6
README.md
View File

@ -25,3 +25,9 @@ helm repo add improwised https://improwised.github.io/charts/
```
4. Add appropriate commit message and push it
## Adding CI first time
tag each chart with it's last chart version e.g. `<chart-name>-<chart-version>` to it's `sha`
e.g. `git tag erpnext-1.0.0 asdasdasdasdasda` here assume that `sha` is pointing to that perticular erpnext chart version `1.0.0`

1
charts/erpnext/.helmignore
View File

@ -20,3 +20,4 @@
.idea/
*.tmproj
.vscode/
ci

6
charts/erpnext/Chart.lock Normal file
View File

@ -0,0 +1,6 @@
dependencies:
- name: mariadb
repository: https://charts.bitnami.com/bitnami
version: 9.3.14
digest: sha256:0815327ab67fe07509fc687ee448701acf9f7aab1927d737512ecc55b9dfb0ef
generated: "2021-06-11T13:53:12.782657536+05:30"

11
charts/erpnext/Chart.yaml
View File

@ -1,7 +1,14 @@
apiVersion: v2
appVersion: v13.0.1
appVersion: v13.4.1
description: Kubernetes Helm Chart for the lastest stable ERPNext branch
icon: https://raw.githubusercontent.com/frappe/design/master/logos/logo-2018/erpnext-logo-blue.svg
name: erpnext
type: application
version: 3.0.3
version: 3.2.5
maintainers:
- name: improwised
dependencies:
- name: mariadb
version: 9.3.14
repository: https://charts.bitnami.com/bitnami
condition: mariadb.enabled

84
charts/erpnext/README.md
View File

@ -56,40 +56,56 @@ The command removes all the Kubernetes components associated with the chart and
The following table lists the configurable parameters of the ERPNext chart and their default values.
| Parameter | Description | Default |
|----------------------------------|--------------------------------------------------------------|---------------------------------|
| `replicaCount` | Replica Count for App Deployments | `1` |
| `nginxImage.repository` | Frappe/ERPNext Nginx Docker image registry | `frappe/erpnext-nginx` |
| `nginxImage.tag` | Frappe/ERPNext Nginx Docker image tag | Latest Stable Release |
| `nginxImage.pullPolicy` | Frappe/ERPNext Nginx Docker image pullPolicy | `IfNotPresent` |
| `pythonImage.repository` | Frappe/ERPNext Python Docker image registry | `frappe/erpnext-worker` |
| `pythonImage.tag` | Frappe/ERPNext Python Docker image tag | Latest Stable Release |
| `pythonImage.pullPolicy` | Frappe/ERPNext Python Docker image pullPolicy | `IfNotPresent` |
| `socketIOImage.repository` | Frappe/ERPNext SocketIO Docker image registry | `frappe/frappe-socketio` |
| `socketIOImage.tag` | Frappe/ERPNext SocketIO Docker image tag | Latest Stable Release |
| `socketIOImage.pullPolicy` | Frappe/ERPNext SocketIO Docker image pullPolicy | `IfNotPresent` |
| `redis.image.repository` | Redis Docker image registry | `bitnami/redis` |
| `redis.image.tag` | Redis Docker image tag | Latest Stable Release |
| `redis.image.pullPolicy` | Redis Docker image pullPolicy | `IfNotPresent` |
| `redis.extraEnv` | Redis Extra Environment Variables | `ALLOW_EMPTY_PASSWORD=true` |
| `frappePyPort` | Frappe/ERPNext Python Gunicorn Worker Port | `8000` |
| `socketIOPort` | Frappe/ERPNext SocketIO Port | `9000` |
| `upstreamRealIPAddress` | Trusted address (or ip range) of upstream proxy servers | `127.0.0.1` |
| `upstreamRealIPRecursive` | Recursive look for upstream proxy server for real IP if `on` | `off` |
| `upstreamRealIPHeader` | Header name sent by your upstream proxy server | `X-Forwarded-For` |
| `mariadbHost` | MariaDB Host to connect (Required) | `nil` |
| `redisQueueHost` | Queue Redis Host to connect (Optional) | `nil` |
| `redisCacheHost` | Cache Redis Host to connect (Optional) | `nil` |
| `redisSocketIOHost` | Socket IO Redis Host to connect (Optional) | `nil` |
| `migrateJob.enable` | Run migrate sites Job after helm install / upgrade | `false` |
| `migrateJob.backup` | Backup before migrate sites Job | `true` |
| `persistence.worker.enable` | Creates PVC with helm release name | `true` |
| `persistence.worker.size` | Creates PVC with size | `8Gi` |
| `persistence.worker.storageClass`| StorageClass with RWX, Required if PVC is created | `nil` |
| `persistence.logs.enable` | Creates PVC for logs volume with helm release name | `true` |
| `persistence.logs.size` | Creates PVC for logs volume with size | `8Gi` |
| `persistence.logs.storageClass` | StorageClass with RWX, Required if PVC is created | `nil` |
| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false`
| Parameter | Description | Default |
|---------------------------------------|--------------------------------------------------------------|---------------------------------|
| `replicaCount` | Replica Count for App Deployments | `1` |
| `nginxImage.repository` | Frappe/ERPNext Nginx Docker image registry | `frappe/erpnext-nginx` |
| `nginxImage.tag` | Frappe/ERPNext Nginx Docker image tag | Latest Stable Release |
| `nginxImage.pullPolicy` | Frappe/ERPNext Nginx Docker image pullPolicy | `IfNotPresent` |
| `nginxImage.nginxConfig` | Frappe/ERPNext Nginx Docker image custom default.conf | `nil` |
| `pythonImage.repository` | Frappe/ERPNext Python Docker image registry | `frappe/erpnext-worker` |
| `pythonImage.tag` | Frappe/ERPNext Python Docker image tag | Latest Stable Release |
| `pythonImage.pullPolicy` | Frappe/ERPNext Python Docker image pullPolicy | `IfNotPresent` |
| `socketIOImage.repository` | Frappe/ERPNext SocketIO Docker image registry | `frappe/frappe-socketio` |
| `socketIOImage.tag` | Frappe/ERPNext SocketIO Docker image tag | Latest Stable Release |
| `socketIOImage.pullPolicy` | Frappe/ERPNext SocketIO Docker image pullPolicy | `IfNotPresent` |
| `redis.image.repository` | Redis Docker image registry | `bitnami/redis` |
| `redis.image.tag` | Redis Docker image tag | Latest Stable Release |
| `redis.image.pullPolicy` | Redis Docker image pullPolicy | `IfNotPresent` |
| `redis.extraEnv` | Redis Extra Environment Variables | `ALLOW_EMPTY_PASSWORD=true` |
| `frappePyPort` | Frappe/ERPNext Python Gunicorn Worker Port | `8000` |
| `socketIOPort` | Frappe/ERPNext SocketIO Port | `9000` |
| `upstreamRealIPAddress` | Trusted address (or ip range) of upstream proxy servers | `127.0.0.1` |
| `upstreamRealIPRecursive` | Recursive look for upstream proxy server for real IP if `on` | `off` |
| `upstreamRealIPHeader` | Header name sent by your upstream proxy server | `X-Forwarded-For` |
| `mariadbHost` | MariaDB Host to connect (Required) | `nil` |
| `redisQueueHost` | Queue Redis Host to connect (Optional) | `nil` |
| `redisCacheHost` | Cache Redis Host to connect (Optional) | `nil` |
| `redisSocketIOHost` | Socket IO Redis Host to connect (Optional) | `nil` |
| `postgresHost` | Postgres Host (Optional) | `nil` |
| `postgresPort` | Postgres Port (Optional) | `nil` |
| `dbRootPassword` | MariaDB Root Password to create first site (Optional) | `nil` |
| `createSite.enabled` | Create First site | `false` |
| `createSite.siteName` | Site name to create the site | `erp.cluster.local` |
| `createSite.dbRootUser` | DB root user to create first site | `root` |
| `createSite.adminPassword` | DB root password to create first site | `admin` |
| `createSite.installApps` | Apps to be installed on site separated by comma (`,`) | `erpnext` |
| `createSite.dropSiteOnUninstall` | Drop created site on uninstall of helm release | `false` |
| `ingress.enabled` | Enable ingress for first site | `false` |
| `ingress.annotations` | Annotation object to be used with ingress | `{}` |
| `ingress.hosts[0].host` | Hostname for the site | `erp.cluster.local` |
| `ingress.hosts[0].paths[0].path` | Ingress Path | `/` |
| `ingress.hosts[0].paths[0].pathType` | Ingress Path Type | `ImplementationSpecific` |
| `ingress.tls` | Ingress TLS array | `[]` |
| `migrateJob.enable` | Run migrate sites Job after helm install / upgrade | `false` |
| `migrateJob.backup` | Backup before migrate sites Job | `true` |
| `persistence.worker.enable` | Creates PVC with helm release name | `true` |
| `persistence.worker.size` | Creates PVC with size | `8Gi` |
| `persistence.worker.storageClass` | StorageClass with RWX, Required if PVC is created | `nil` |
| `persistence.logs.enable` | Creates PVC for logs volume with helm release name | `true` |
| `persistence.logs.size` | Creates PVC for logs volume with size | `8Gi` |
| `persistence.logs.storageClass` | StorageClass with RWX, Required if PVC is created | `nil` |
| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` |
The above parameters map to the env variables defined in [frappe_docker](http://github.com/frappe/frappe_docker). For more information please refer to the [frappe_docker](http://github.com/frappe/frappe_docker) images documentation.

194
charts/erpnext/ci/override-values.yaml Normal file
View File

@ -0,0 +1,194 @@
# Default values for erpnext.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
nginxImage:
repository: docker.io/improwised/erpnext-nginx
tag: v13.4.1
pullPolicy: IfNotPresent
# nginxConfig: |
# # custom /etc/nginx/conf.d/default.conf
pythonImage:
repository: docker.io/improwised/erpnext-worker
tag: v13.4.1
pullPolicy: IfNotPresent
socketIOImage:
repository: frappe/frappe-socketio
tag: v13.4.1
pullPolicy: IfNotPresent
redis:
image:
repository: bitnami/redis
tag: 5.0.10-debian-10-r105
pullPolicy: IfNotPresent
extraEnv:
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
# Asset Image Env Variables
frappePyPort: "8000"
socketIOPort: "9000"
# upstreamRealIPAddress: "127.0.0.1"
# upstreamRealIPRecursive: "off"
# upstreamRealIPHeader: "X-Forwarded-For"
mariadb:
enabled: true
auth:
rootPassword: mariadb # pragma: allowlist secret
primary:
persistence:
enabled: false
## Below, there are some override configs for supporting barracuda engine for Erpnext
configuration: |-
[mysql] # override configuration
default-character-set=utf8mb4 # override configuration
[mysqld]
innodb-file-format=barracuda # override configuration
innodb-file-per-table=1 # override configuration
innodb-large-prefix=1 # override configuration
character-set-client-handshake=FALSE # override configuration
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mariadb
plugin_dir=/opt/bitnami/mariadb/plugin
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
tmpdir=/opt/bitnami/mariadb/tmp
max_allowed_packet=16M
bind-address=0.0.0.0
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
log-error=/opt/bitnami/mariadb/logs/mysqld.log
character-set-server=utf8mb4 # override from UTF8
collation-server=utf8mb4_unicode_ci # override utf8_general_ci UTF8
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
default-character-set=UTF8
plugin_dir=/opt/bitnami/mariadb/plugin
[manager]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
# Python Image Env Variables
# mariadbHost: "mariadb.mariadb.svc.cluster.local"
redisQueueHost: ""
redisCacheHost: ""
redisSocketIOHost: ""
# PostgreSQL related variables
postgresHost: ""
postgresPort: ""
# Create secrets
# dbRootPassword: mariadb
# Create first site
createSite:
enabled: false
siteName: "erp.cluster.local"
dbRootUser: "root"
adminPassword: "admin" # pragma: allowlist secret
installApps: "erpnext"
dropSiteOnUninstall: false
# Ingress
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: erp.cluster.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: auth-server-tls
# hosts:
# - auth-server.local
migrateJob:
# Set this to true to run migrate as part of helm install/upgrade
enable: true
backup: true
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
podSecurityContext:
supplementalGroups: [1000]
securityContext:
capabilities:
add:
- all
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
port: 80
# Additional Services
socketIOService:
type: ClusterIP
port: 9000
redisSocketIOService:
type: ClusterIP
port: 11000
redisQueueService:
type: ClusterIP
port: 12000
redisCacheService:
type: ClusterIP
port: 13000
persistence:
worker:
enabled: true
# existingClaim: ""
size: 5Gi
# storageClass: "local-path"
logs:
enabled: true
# existingClaim: ""
size: 5Gi
# storageClass: "local-path"
volumePermissions:
enabled: true
resources: {}
# If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
affinity: {}

2
charts/erpnext/templates/_helpers.tpl
View File

@ -95,4 +95,4 @@ Gets the redis cache host name
*/}}
{{- define "erpnext.redisCacheHost" -}}
{{ .Values.redisCacheHost }}
{{- end -}}
{{- end -}}

10
charts/erpnext/templates/configmap-nginx-config.yaml Normal file
View File

@ -0,0 +1,10 @@
{{- if .Values.nginxImage.nginxConfig }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "erpnext.fullname" . }}-nginx-config
labels:
{{- include "erpnext.labels" . | nindent 4 }}
data:
default.conf: {{ .Values.nginxImage.nginxConfig | quote }}
{{- end }}

25
charts/erpnext/templates/deployment-erpnext.yaml
View File

@ -23,7 +23,7 @@ spec:
serviceAccountName: {{ include "erpnext.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
{{- if .Values.volumePermissions.enabled }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.worker.enabled }}
initContainers:
- name: frappe-bench-ownership
image: quay.io/libpod/alpine:3.2
@ -52,6 +52,10 @@ spec:
mountPath: /assets
- name: sites-dir
mountPath: /var/www/html/sites
{{- if .Values.nginxImage.nginxConfig }}
- name: nginx-config
mountPath: /etc/nginx/conf.d
{{- end }}
imagePullPolicy: {{ .Values.nginxImage.pullPolicy }}
env:
- name: "FRAPPE_PY"
@ -74,6 +78,10 @@ spec:
- name: "UPSTREAM_REAL_IP_HEADER"
value: {{ .Values.upstreamRealIPHeader }}
{{- end }}
{{- if .Values.nginxImage.nginxConfig }}
- name: "SKIP_NGINX_TEMPLATE_GENERATION"
value: "1"
{{- end }}
ports:
- name: http
containerPort: 80
@ -94,7 +102,11 @@ spec:
imagePullPolicy: {{ .Values.pythonImage.pullPolicy }}
env:
- name: "MARIADB_HOST"
{{- if .Values.mariadb.enabled }}
value: {{ .Release.Name }}-mariadb.{{ .Release.Namespace }}.svc
{{- else }}
value: {{ required "A valid .Values.mariadbHost entry required!" (include "erpnext.mariadbHost" .) }}
{{- end }}
- name: "REDIS_QUEUE"
{{- if eq (include "erpnext.redisQueueHost" .) "" }}
value: {{ include "erpnext.fullname" . }}-redis-queue:{{ .Values.redisQueueService.port }}
@ -115,16 +127,18 @@ spec:
{{- end }}
- name: "SOCKETIO_PORT"
value: {{ .Values.socketIOPort | quote }}
{{- if .Values.enableProbs }}
livenessProbe:
tcpSocket:
port: {{ .Values.frappePyPort }}
initialDelaySeconds: 5
initialDelaySeconds: 100
periodSeconds: 10
readinessProbe:
tcpSocket:
port: {{ .Values.frappePyPort }}
initialDelaySeconds: 5
initialDelaySeconds: 20
periodSeconds: 10
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:
@ -154,6 +168,11 @@ spec:
{{- else }}
emptyDir: {}
{{- end }}
{{- if .Values.nginxImage.nginxConfig }}
- name: nginx-config
configMap:
name: {{ include "erpnext.fullname" . }}-nginx-config
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

2
charts/erpnext/templates/deployment-redis-cache.yaml
View File

@ -48,4 +48,4 @@ spec:
port: 6379
initialDelaySeconds: 5
periodSeconds: 10
{{- end }}
{{- end }}

2
charts/erpnext/templates/deployment-redis-queue.yaml
View File

@ -43,4 +43,4 @@ spec:
port: 6379
initialDelaySeconds: 5
periodSeconds: 10
{{- end }}
{{- end }}

2
charts/erpnext/templates/deployment-redis-socketio.yaml
View File

@ -43,4 +43,4 @@ spec:
port: 6379
initialDelaySeconds: 5
periodSeconds: 10
{{- end }}
{{- end }}

6
charts/erpnext/templates/deployment-worker-default.yaml
View File

@ -38,6 +38,7 @@ spec:
env:
- name: "WORKER_TYPE"
value: "default"
{{- if .Values.enableProbs }}
livenessProbe:
exec:
command:
@ -46,7 +47,7 @@ spec:
- "-p"
- "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}"
{{- end }}
initialDelaySeconds: 15
initialDelaySeconds: 100
periodSeconds: 5
readinessProbe:
exec:
@ -56,8 +57,9 @@ spec:
- "-p"
- "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}"
{{- end }}
initialDelaySeconds: 15
initialDelaySeconds: 20
periodSeconds: 5
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:

6
charts/erpnext/templates/deployment-worker-long.yaml
View File

@ -38,6 +38,7 @@ spec:
env:
- name: "WORKER_TYPE"
value: "long"
{{- if .Values.enableProbs }}
livenessProbe:
exec:
command:
@ -46,7 +47,7 @@ spec:
- "-p"
- "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}"
{{- end }}
initialDelaySeconds: 15
initialDelaySeconds: 100
periodSeconds: 5
readinessProbe:
exec:
@ -56,8 +57,9 @@ spec:
- "-p"
- "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}"
{{- end }}
initialDelaySeconds: 15
initialDelaySeconds: 20
periodSeconds: 5
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:

6
charts/erpnext/templates/deployment-worker-short.yaml
View File

@ -38,6 +38,7 @@ spec:
env:
- name: "WORKER_TYPE"
value: "short"
{{- if .Values.enableProbs }}
livenessProbe:
exec:
command:
@ -46,7 +47,7 @@ spec:
- "-p"
- "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}"
{{- end }}
initialDelaySeconds: 15
initialDelaySeconds: 100
periodSeconds: 5
readinessProbe:
exec:
@ -56,8 +57,9 @@ spec:
- "-p"
- "{{ .Values.postgresHost }}:{{ .Values.postgresPort }}"
{{- end }}
initialDelaySeconds: 15
initialDelaySeconds: 20
periodSeconds: 5
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:

83
charts/erpnext/templates/drop-site-job.yaml Normal file
View File

@ -0,0 +1,83 @@
{{- if and (.Values.createSite.dropSiteOnUninstall) (.Values.dbRootPassword) }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ include "erpnext.fullname" . }}-drop-site
labels:
{{- include "erpnext.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": hook-succeeded
spec:
backoffLimit: 1
template:
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "erpnext.serviceAccountName" $ }}
securityContext:
{{- toYaml $.Values.podSecurityContext | nindent 8 }}
containers:
- name: drop-site
image: "{{ .Values.pythonImage.repository }}:{{ .Values.pythonImage.tag }}"
args: ["drop"]
env:
- name: "SITE_NAME"
value: "{{ .Values.createSite.siteName }}"
- name: "DB_ROOT_USER"
value: "{{ .Values.createSite.dbRootUser }}"
- name: "MYSQL_ROOT_PASSWORD"
valueFrom:
secretKeyRef:
key: dbRootPassword
name: {{ .Release.Name }}-secrets
securityContext:
{{- toYaml $.Values.securityContext | nindent 12 }}
imagePullPolicy: {{ .Values.pythonImage.pullPolicy }}
volumeMounts:
- name: sites-dir
mountPath: /home/frappe/frappe-bench/sites
- name: logs
mountPath: /home/frappe/frappe-bench/logs
restartPolicy: Never
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: sites-dir
{{- if .Values.persistence.worker.enabled }}
persistentVolumeClaim:
{{- if .Values.persistence.worker.existingClaim }}
claimName: {{ .Values.persistence.worker.existingClaim }}
{{- else }}
claimName: {{ template "erpnext.fullname" . }}
{{- end }}
readOnly: false
{{- else }}
emptyDir: {}
{{- end }}
- name: logs
{{- if .Values.persistence.logs.enabled }}
persistentVolumeClaim:
{{- if .Values.persistence.logs.existingClaim }}
claimName: {{ .Values.persistence.logs.existingClaim }}
{{- else }}
claimName: {{ template "erpnext.fullname" . }}-logs
{{- end }}
readOnly: false
{{- else }}
emptyDir: {}
{{- end }}
{{- end }}

40
charts/erpnext/templates/ingress.yaml Normal file
View File

@ -0,0 +1,40 @@
{{- if and (.Values.ingress.enabled) (semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion) (.Values.createSite.enabled) -}}
{{- $fullName := include "erpnext.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $fullName }}-ingress
labels:
{{- include "erpnext.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}

62
charts/erpnext/templates/job-backup-sites.yaml Normal file
View File

@ -0,0 +1,62 @@
{{- if .Values.migrateJob.backup }}
apiVersion: batch/v1
kind: Job
metadata:
name: backup-sites-{{ template "erpnext.fullname" . }}-{{ date "20060102150405" .Release.Now }}
labels:
{{- include "erpnext.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": pre-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": hook-succeeded
spec:
backoffLimit: 1
template:
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "erpnext.serviceAccountName" $ }}
securityContext:
{{- toYaml $.Values.podSecurityContext | nindent 8 }}
containers:
- name: backup
image: "{{ .Values.pythonImage.repository }}:{{ .Values.pythonImage.tag }}"
args: ["backup"]
imagePullPolicy: {{ .Values.pythonImage.pullPolicy }}
env:
- name: "WITH_FILES"
value: "1"
securityContext:
{{- toYaml $.Values.securityContext | nindent 12 }}
volumeMounts:
- name: sites-dir
mountPath: /home/frappe/frappe-bench/sites
restartPolicy: Never
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: sites-dir
{{- if .Values.persistence.worker.enabled }}
persistentVolumeClaim:
{{- if .Values.persistence.worker.existingClaim }}
claimName: {{ .Values.persistence.worker.existingClaim }}
{{- else }}
claimName: {{ template "erpnext.fullname" . }}
{{- end }}
readOnly: false
{{- else }}
emptyDir: {}
{{- end }}
{{- end }}

96
charts/erpnext/templates/job-create-site.yaml Normal file
View File

@ -0,0 +1,96 @@
{{- if and (.Values.createSite.enabled) (.Values.dbRootPassword) }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ template "erpnext.fullname" . }}-create-site
labels:
{{- include "erpnext.labels" . | nindent 4 }}
spec:
backoffLimit: 1
template:
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "erpnext.serviceAccountName" $ }}
securityContext:
{{- toYaml $.Values.podSecurityContext | nindent 8 }}
initContainers:
- name: populate-assets
image: "{{ .Values.nginxImage.repository }}:{{ .Values.nginxImage.tag }}"
command: ["/bin/bash", "-c"]
args:
- "rsync -a --delete /var/www/html/assets/frappe /assets"
volumeMounts:
- name: assets-cache
mountPath: /assets
containers:
- name: create-site
image: "{{ .Values.pythonImage.repository }}:{{ .Values.pythonImage.tag }}"
args: ["new"]
env:
- name: "SITE_NAME"
value: "{{ .Values.createSite.siteName }}"
- name: "DB_ROOT_USER"
value: "{{ .Values.createSite.dbRootUser }}"
- name: "MYSQL_ROOT_PASSWORD"
valueFrom:
secretKeyRef:
key: dbRootPassword
name: {{ .Release.Name }}-secrets
- name: "ADMIN_PASSWORD"
value: "{{ .Values.createSite.adminPassword }}"
- name: "INSTALL_APPS"
value: "{{ .Values.createSite.installApps }}"
securityContext:
{{- toYaml $.Values.securityContext | nindent 12 }}
imagePullPolicy: {{ .Values.pythonImage.pullPolicy }}
volumeMounts:
- name: sites-dir
mountPath: /home/frappe/frappe-bench/sites
- name: assets-cache
mountPath: /home/frappe/frappe-bench/sites/assets
- name: logs
mountPath: /home/frappe/frappe-bench/logs
restartPolicy: Never
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: assets-cache
emptyDir: {}
- name: sites-dir
{{- if .Values.persistence.worker.enabled }}
persistentVolumeClaim:
{{- if .Values.persistence.worker.existingClaim }}
claimName: {{ .Values.persistence.worker.existingClaim }}
{{- else }}
claimName: {{ template "erpnext.fullname" . }}
{{- end }}
readOnly: false
{{- else }}
emptyDir: {}
{{- end }}
- name: logs
{{- if .Values.persistence.logs.enabled }}
persistentVolumeClaim:
{{- if .Values.persistence.logs.existingClaim }}
claimName: {{ .Values.persistence.logs.existingClaim }}
{{- else }}
claimName: {{ template "erpnext.fullname" . }}-logs
{{- end }}
readOnly: false
{{- else }}
emptyDir: {}
{{- end }}
{{- end }}

33
charts/erpnext/templates/job-migrate-sites.yaml
View File

@ -3,10 +3,20 @@ apiVersion: batch/v1
kind: Job
metadata:
name: migrate-sites-{{ template "erpnext.fullname" . }}-{{ date "20060102150405" .Release.Now }}
labels:
{{- include "erpnext.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": hook-succeeded
spec:
backoffLimit: 1
template:
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ template "erpnext.serviceAccountName" $ }}
securityContext:
{{- toYaml $.Values.podSecurityContext | nindent 8 }}
@ -32,17 +42,6 @@ spec:
volumeMounts:
- name: assets-cache
mountPath: /assets
{{- if .Values.migrateJob.backup }}
- name: backup
image: "{{ .Values.pythonImage.repository }}:{{ .Values.pythonImage.tag }}"
args: ["backup"]
imagePullPolicy: {{ .Values.pythonImage.pullPolicy }}
securityContext:
{{- toYaml $.Values.securityContext | nindent 12 }}
volumeMounts:
- name: sites-dir
mountPath: /home/frappe/frappe-bench/sites
{{- end }}
containers:
- name: migrate
image: "{{ .Values.pythonImage.repository }}:{{ .Values.pythonImage.tag }}"
@ -61,6 +60,18 @@ spec:
- name: logs
mountPath: /home/frappe/frappe-bench/logs
restartPolicy: Never
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: assets-cache
emptyDir: {}

4
charts/erpnext/templates/pvc.yaml
View File

@ -14,5 +14,7 @@ spec:
resources:
requests:
storage: {{ .Values.persistence.worker.size | quote }}
storageClassName: {{ required "A valid .Values.persistence.worker.storageClass entry required!" .Values.persistence.worker.storageClass }}
{{- if .Values.persistence.worker.storageClass }}
storageClassName: {{ .Values.persistence.worker.storageClass }}
{{- end }}
{{- end }}

4
charts/erpnext/templates/pvc_logs.yaml
View File

@ -14,5 +14,7 @@ spec:
resources:
requests:
storage: {{ .Values.persistence.logs.size | quote }}
storageClassName: {{ required "A valid .Values.persistence.logs.storageClass entry required!" .Values.persistence.logs.storageClass }}
{{- if .Values.persistence.logs.storageClass }}
storageClassName: {{ .Values.persistence.logs.storageClass }}
{{- end }}
{{- end }}

2
charts/erpnext/templates/redis-queue-service.yaml
View File

@ -13,4 +13,4 @@ spec:
selector:
app.kubernetes.io/name: {{ include "erpnext.name" . }}-redis-queue
app.kubernetes.io/instance: {{ .Release.Name }}-redis-queue
{{- end }}
{{- end }}

9
charts/erpnext/templates/secret.yaml Normal file
View File

@ -0,0 +1,9 @@
{{- if .Values.dbRootPassword }}
apiVersion: v1
data:
dbRootPassword: {{ .Values.dbRootPassword | b64enc | quote }}
kind: Secret
metadata:
name: {{ .Release.Name }}-secrets
type: Opaque
{{- end }}

15
charts/erpnext/templates/tests/test-connection.yaml
View File

@ -1,15 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: "{{ include "erpnext.fullname" . }}-test-connection"
labels:
{{ include "erpnext.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": test-success
spec:
containers:
- name: wget
image: busybox
command: ['wget']
args: ['{{ include "erpnext.fullname" . }}:{{ .Values.service.port }}']
restartPolicy: Never

102
charts/erpnext/values.yaml
View File

@ -5,18 +5,20 @@
replicaCount: 1
nginxImage:
repository: frappe/erpnext-nginx
tag: v13.0.1
repository: docker.io/improwised/erpnext-nginx
tag: v13.4.1
pullPolicy: IfNotPresent
# nginxConfig: |
# # custom /etc/nginx/conf.d/default.conf
pythonImage:
repository: frappe/erpnext-worker
tag: v13.0.1
repository: docker.io/improwised/erpnext-worker
tag: v13.4.1
pullPolicy: IfNotPresent
socketIOImage:
repository: frappe/frappe-socketio
tag: v13.0.2
tag: v13.4.1
pullPolicy: IfNotPresent
redis:
@ -25,8 +27,8 @@ redis:
tag: 5.0.10-debian-10-r105
pullPolicy: IfNotPresent
extraEnv:
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
# Asset Image Env Variables
frappePyPort: "8000"
@ -36,6 +38,46 @@ socketIOPort: "9000"
# upstreamRealIPRecursive: "off"
# upstreamRealIPHeader: "X-Forwarded-For"
mariadb:
enabled: false
auth:
rootPassword: mariadb # pragma: allowlist secret
primary:
## Below, there are some override configs for supporting barracuda engine for Erpnext
configuration: |-
[mysql] # override configuration
default-character-set=utf8mb4 # override configuration
[mysqld]
innodb-file-format=barracuda # override configuration
innodb-file-per-table=1 # override configuration
innodb-large-prefix=1 # override configuration
character-set-client-handshake=FALSE # override configuration
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mariadb
plugin_dir=/opt/bitnami/mariadb/plugin
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
tmpdir=/opt/bitnami/mariadb/tmp
max_allowed_packet=16M
bind-address=0.0.0.0
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
log-error=/opt/bitnami/mariadb/logs/mysqld.log
character-set-server=utf8mb4 # override from UTF8
collation-server=utf8mb4_unicode_ci # override utf8_general_ci UTF8
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
default-character-set=UTF8
plugin_dir=/opt/bitnami/mariadb/plugin
[manager]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
# Python Image Env Variables
# mariadbHost: "mariadb.mariadb.svc.cluster.local"
@ -47,6 +89,36 @@ redisSocketIOHost: ""
postgresHost: ""
postgresPort: ""
# Create secrets
# dbRootPassword: admin
# Create first site
createSite:
enabled: false
siteName: "erp.cluster.local"
dbRootUser: "root"
adminPassword: "admin" # pragma: allowlist secret
installApps: "erpnext"
dropSiteOnUninstall: false
# Ingress
ingress:
enabled: false
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: erp.cluster.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: auth-server-tls
# hosts:
# - auth-server.local
migrateJob:
# Set this to true to run migrate as part of helm install/upgrade
enable: false
@ -63,10 +135,10 @@ serviceAccount:
podSecurityContext:
supplementalGroups: [1000]
securityContext: {}
# capabilities:
# drop:
# - ALL
securityContext:
capabilities:
add:
- CAP_CHOWN
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
@ -97,15 +169,17 @@ persistence:
enabled: true
# existingClaim: ""
size: 8Gi
# storageClass: "nfs"
# storageClass: "local-path"
logs:
enabled: true
# existingClaim: ""
size: 8Gi
# storageClass: "nfs"
# storageClass: "local-path"
volumePermissions:
enabled: false
enabled: true
enableProbs: true
resources: {}
# If you do want to specify resources, uncomment the following

1
charts/freeipa/.helmignore
View File

@ -21,3 +21,4 @@
.idea/
*.tmproj
.vscode/
ci

7
charts/freeipa/Chart.yaml
View File

@ -1,7 +1,8 @@
apiVersion: v2
name: freeipa
description: A Helm chart for Kubernetes
maintainers:
- name: improwised
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
@ -11,12 +12,10 @@ description: A Helm chart for Kubernetes
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
version: 0.2.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.

96
charts/freeipa/ci/override-values.yaml Normal file
View File

@ -0,0 +1,96 @@
# Default values for freeipa.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
hostname: freeipa.example.testy
image:
repository: freeipa/freeipa-server
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: "centos-8"
# args:
# realm: EXAMPLE.TESTY
# domain: example.testy
# dspassword: ASDF1poiu2QWER3mnbv4
# adminpassword: ASDF1poiu2QWER3mnbv4
# nohostdns: true
# nontp: true
# setupdns: false
# autoforwarders: true # if setup dns is true thiw will be applicable
# allowzoneoverlap: true # if setup dns is true thiw will be applicable
# sshtrustdns: false
volumestorage: 1Gi
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
#clusterIP: 10.43.201.201
port: 80
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths: []
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}

10
charts/freeipa/templates/deployment.yaml
View File

@ -42,10 +42,10 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
args:
- -U
- --realm={{ .Values.args.realm }}
- --domain={{ .Values.args.domain }}
- --ds-password={{ .Values.args.dspassword }}
- --admin-password={{ .Values.args.adminpassword }}
- --realm={{ default "localhost.com" .Values.args.realm }}
- --domain={{ default "localhost" .Values.args.domain }}
- --ds-password={{ default "freeipa" .Values.args.dspassword }}
- --admin-password={{ default "freeipa" .Values.args.adminpassword }}
- --unattended
{{- if .Values.args.nohostdns }}
- --no-host-dns
@ -92,7 +92,7 @@ spec:
readOnly: true
env:
- name: IPA_SERVER_HOSTNAME
value: {{ .Values.hostname }}
value: {{ default "localhost" .Values.hostname }}
readinessProbe:
exec:
command: [ "/usr/bin/systemctl", "status", "ipa" ]

4
charts/freeipa/values.yaml
View File

@ -15,8 +15,8 @@ image:
args:
realm: EXAMPLE.TESTY
domain: example.testy
dspassword: ASDF1poiu2QWER3mnbv4
adminpassword: ASDF1poiu2QWER3mnbv4
dspassword: ASDF1poiu2QWER3mnbv4 #pragma: allowlist secret
adminpassword: ASDF1poiu2QWER3mnbv4 #pragma: allowlist secret
nohostdns: true
nontp: true
setupdns: false

3
charts/healthchecks/.helmignore
View File

@ -23,4 +23,5 @@
.vscode/
*values-override*
*healthchecks-secret*
*fleet*
*fleet*
ci

6
charts/healthchecks/Chart.lock Normal file
View File

@ -0,0 +1,6 @@
dependencies:
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 9.1.1
digest: sha256:4949a7dab1ae4d5ba4f6ecf12667c6b720d385d66d97f14af018e864da292cd7
generated: "2021-05-14T10:33:25.768505088+05:30"

11
charts/healthchecks/Chart.yaml
View File

@ -1,11 +1,10 @@
version: 1.0.3
version: 1.0.5
apiVersion: v2
name: healthchecks
description: A Helm chart for Kubernetes
maintainers:
- email: pratik@improeised.com
name: praitk
- email: pratik@improeised.com
name: praitk
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
@ -15,7 +14,6 @@ maintainers:
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
@ -24,9 +22,8 @@ type: application
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 1.16.0
sources:
- https://github.com/healthchecks/healthchecks
- https://github.com/healthchecks/healthchecks
dependencies:
- name: postgresql
version: 9.1.1

111
charts/healthchecks/ci/override-values.yaml Normal file
View File

@ -0,0 +1,111 @@
# Default values for healthchecks.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: linuxserver/healthchecks
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: "amd64-version-v1.16.0"
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
# override site root url (SITE_ROOT env) see below for more details
# https://github.com/healthchecks/healthchecks
siterootOverride: ""
# override site name (SITE_NAME env) see below for more details
sitenameOverride: ""
# for postgres password, email host password, superuser email, superuser password
existingSecret: false
#configure SMTP host
# email:
# host:
# port: 1025
# user: test
# pass more environment variables, more details below
#https://github.com/healthchecks/healthchecks#configuration
# extraenvs:
# EMAIL_USE_TLS: "False"
probs:
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 50
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 50
service:
type: ClusterIP
port: 8000
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths: []
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
postgresql:
enabled: false
persistence:
enabled: true
postgresqlDatabase: healthchecks
postgresqlUsername: healthchecks
postgresqlPassword: healthchecks #pragma: allowlist secret
# existingSecret: healthchecks-secret
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
nodeSelector: {}
tolerations: []
affinity: {}

1
charts/healthchecks/templates/_helpers.tpl
View File

@ -50,4 +50,3 @@ Selector labels
app.kubernetes.io/name: {{ include "healthchecks.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

4
charts/healthchecks/templates/configmap.yaml
View File

@ -14,9 +14,11 @@ data:
DB_NAME: {{ default "healthckecks" .Values.postgresql.postgresqlDatabase | quote }}
DB_USER: {{ default "healthckecks" .Values.postgresql.postgresqlUsername | quote }}
{{- end }}
{{- if .Values.email.host }}
EMAIL_HOST: {{ .Values.email.host | quote }}
EMAIL_PORT: {{ .Values.email.port | quote }}
EMAIL_HOST_USER: {{ .Values.email.user | quote }}
{{- end }}
{{- if .Values.siterootOverride }}
SITE_ROOT: {{ .Values.siterootOverride | quote }}
{{- else if .Values.ingress.enabled }}
@ -32,7 +34,7 @@ data:
SITE_NAME: {{ .Values.sitenameOverride | quote }}
{{- else }}
SITE_NAME: "localhost"
{{- end}}
{{- end }}
{{- range $key, $val := .Values.extraenvs }}
{{ $key }}: {{ $val | quote }}
{{- end }}

3
charts/healthchecks/templates/deployment.yaml
View File

@ -35,8 +35,9 @@ spec:
envFrom:
- configMapRef:
name: {{ include "healthchecks.fullname" . }}
optional: true
env:
{{- if or .Values.existingSecret }}
{{- if .Values.existingSecret }}
- name: DB_PASSWORD
valueFrom:
secretKeyRef:

10
charts/healthchecks/values.yaml
View File

@ -21,11 +21,11 @@ siterootOverride: ""
sitenameOverride: ""
# for postgres password, email host password, superuser email, superuser password
existingSecret: healthchecks-secret
existingSecret: healthchecks-secret #pragma: allowlist secret
#configure SMTP host
email:
host:
host:
port: 1025
user: test
@ -39,10 +39,12 @@ probs:
httpGet:
path: /
port: http
initialDelaySeconds: 50
readinessProbe:
httpGet:
path: /
port: http
port: http
initialDelaySeconds: 50
service:
type: ClusterIP
@ -67,7 +69,7 @@ postgresql:
enabled: true
postgresqlDatabase: healthchecks
postgresqlUsername: healthchecks
postgresqlPassword: healthchecks
postgresqlPassword: healthchecks #pragma: allowlist secret
# existingSecret: healthchecks-secret
resources: {}

24
charts/n8n-helm/.helmignore
View File

@ -1,24 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
./

32
charts/n8n-helm/Chart.yaml
View File

@ -1,32 +0,0 @@
apiVersion: v2
name: n8n-helm
description: A Helm chart for n8n on Kubernetes
type: application
metadata:
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.3
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 0.18.0
icon: https://n8n.io/n8n-logo.png
keywords:
- n8n
- automation
- nodemation
- workflow-automatio
maintainers:
- email: pratik@improwised.com
name: pratik-{{ .Release.Name }}
sources:
- https://github.com/n8n-io/n8n
- https://hub.docker.com/_/postgres
dependencies:
- condition: postgres.enabled
name: postgresql
repository: "@bitnami"
version: 9.1.1

111
charts/n8n-helm/README.md
View File

@ -1,111 +0,0 @@
# n8n-helm chart:chart_with_upwards_trend:
----
![n8n.io - Workflow Automation](https://raw.githubusercontent.com/n8n-io/n8n/master/assets/n8n-logo.png)
[n8n](https://n8n.io/) is an extendable workflow automation tool. With a fair-code distribution model, n8n will always have visible source code, be available to self-host, and allow you to add your own custom functions, logic and apps. n8n's node-based approach makes it highly versatile, enabling you to connect anything to everything. this is unofficial helm chart of n8n
----
## Prerequisites
- Kubernetes 1.12+
- Helm 3.0+
- PV provisioner support in the underlying infrastructure
- ----
## Installing the Chart
To install the chart with the release name `myn8n`:
```sh
$ git clone https://github.com/n8n-helm/n8n-helm.git
$ helm install myn8n ./n8n-helm
# to test chart
$ helm test myn8n
```
These commands deploy n8n on the Kubernetes cluster in the default configuration.
> **Tip**: List all releases using `helm list`
----
## Uninstalling the Chart
To uninstall/delete the `myn8n` deployment:
```bash
$ helm delete myn8n
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
> **note**: Deleting the release will delete attached PVC containing n8n encryption key. Please be cautious before doing it.
----
## Parameters
The following tables lists the configurable parameters of the NGINX Open Source chart and their default values.
| Parameter| Description| Default|
|--------------------------------------------|----------------------------------------------------------------------------------------------|-----------------------------------------------------------|
| `global.imageRegistry` | Global Docker image registry | haha |
| `image.repository` | n8n Image | `n8nio/n8n` |
| `image.restartPolicy` | n8n Image restart policy | `Always` |
| `image.pullPolicy` | n8n Image pull policy | `IfNotPresent` |
| `image.tag` | tag of Image | `latest` |
| `nameOverride` | String to partially override n8n.fullname template with a string (will prepend the release name) | `nil` |
| `fullnameOverride` | String to fully override postgresql.fullname template with a string | `nil` |
| `commonannotations` | Annotations that will added to all the Kubernetes objects | `{}`(evaluated as a template) |
| `atuh.enabled` | Enbale basic authentication | `false` |
| `atuh.n8nAuthUsername`| Basuc Auth username | `nil` |
| `atuh.n8nAuthPass`| Basuc Auth password | `nil` |
| `existingSecret`| Name of an existing secrets | `nil` |
| `networkPolicy.enabled`| creation of NetworkPolicy | `false` |
| `networkPolicy.explicitNamespacesSelector`| Explicitly Namespaces for Network policy | `{}`(evaluated as a template) |
| `service.type` | Kubernetes Service type | `ClusterIP` |
| `service.port` | n8n port | `5678` |
| `service.annotations` | Annotations for n8n service | `{}`(evaluated as a template) |
| `testFramework.enabled` | enable n8n connection test | `true` |
| `persistence.enabled` | Enable persistence using PVC | `true` |
| `persistence.mountPath` | Path to mount the volume at | `/mnt/n8n/.n8n` |
| `persistence.accessModes` | PVC Access Mode for n8n volume | `[ReadWriteOnce]` |
| `persistence.size` | PVC Storage Request for n8n volume | `2Gi` |
| `ingress.enabled` | Switch to create ingress for n8n deployment | `true` |
| `ingress.hostname` | hostname for ingress | `nil` |
| `ingress.tls` | TLS for ingress | `[]`(evaluated as a template) |
| `ingress.tls.hosts[]` | Array of TLS hosts for ingress record | `[]` |
| `ingress.tls.secretName` | TLS secret name | `n8n.local-tls` |
| `ingress.annotations` | Ingress annotations | `{}`(evaluated as a template) |
| `ingress.certManager` | Annotations for cert-manager | `true` |
| `ingress.secrets[]` | Provide own certificates | `nil` |
| `ingress.secrets[].name` | TLS Secret Name | `nil` |
| `ingress.secrets[].key` | TLS Secret Key | `nil` |
| `ingress.secrets[].certificate` | TLS Secret Name Certificate | `nil` |
| `resources` | 'CPU/Memory resource requests/limits' | Memory: `500Mi`, CPU: `500Mi`(evaluated as a template) |
| `schedulerName` | Name of the k8s scheduler (other than default) | `nil` |
| `nodeSelector` | Node labels for pod assignment for n8n deployment | `{}`(evaluated as a template) |
| `affinity` | Affinity labels for pod assignment for n8n deployment | `{}`(evaluated as a template) |
| `tolerations` | Toleration labels for pod assignment for n8n deployment | `[]` (evaluated as a template) |
| `livenessProbe` | livenessProbe for n8n deployment | `{}`(evaluated as a template) |
| `readinessProbe` | readinessProbe for n8n deployment | `{}`(evaluated as a template) |
| `postgresql.testFramework.enabled` | enable postgres connection test | `true` |
| `postgresql.enabled` | (override) enable or disable postgress | `true` |
| `postgresql.postgresqlUsername` | (override) Postgresql default username | `nodemation` |
| `postgresql.postgresqlDatabase` | (override) Postgresql default database | `nodemation` |
| `postgresql.postgresqlPassword` | (override) Postgresql default password for username | `nodemation` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install myn8n \
--set imagePullPolicy=Always \
./n8n-helm
```
The above command sets the `imagePullPolicy` to `Always`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install myn8n -f values.yaml ./n8n-helm
```
> **Tip**: You can use the default [values.yaml](values.yaml) or override your own values.yaml
----

4
charts/n8n-helm/templates/NOTES.txt
View File

@ -1,4 +0,0 @@
1. Wait for 5 second in order to n8n discover and connect to postgress
2. n8n dashboard URL is http://localhost:5678

115
charts/n8n-helm/templates/_helpers.tpl
View File

@ -1,115 +0,0 @@
{{- define "n8n-helm.common.labels.standard" -}}
app.kubernetes.io/name: {{ default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
{{- end -}}
{{/*
Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
*/}}
{{- define "n8n-helm.common.labels.matchLabels" -}}
app.kubernetes.io/name: {{ default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{/*
Expand the name of the chart.
*/}}
{{- define "n8n-helm.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "n8n-helm.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "n8n-helm.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Namespace
*/}}
{{- define "n8n-helm.namespace" -}}
{{- default "default" .Values.namespace }}
{{- end }}
{{/*
DB Hostname
*/}}
{{- define "n8n-helm.dbhost" -}}
{{ .Release.Name }}-postgresql.{{ .Release.Namespace }}.svc.cluster.local
{{- end }}
{{/*
Return the proper Storage Class
*/}}
{{- define "n8n-helm.storageClass" -}}
{{- if .Values.persistence.storageClass -}}
{{- if (eq "-" .Values.persistence.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.persistence.storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Get the password secret.
*/}}
{{- define "n8n-helm.secretName" -}}
{{- if .Values.existingSecret }}
{{- printf "%s" (tpl .Values.existingSecret $) -}}
{{- else -}}
{{- printf "%s-secrets" (include "n8n-helm.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Renders a value that contains template.
Usage:
{{ include "n8n-hem.tplValue" (dict "value" .Values.path.to.the.Value "context" $) }}
*/}}
{{- define "n8n-hem.tplValue" -}}
{{- if typeIs "string" .value }}
{{- tpl .value .context }}
{{- else }}
{{- tpl (.value | toYaml) .context }}
{{- end }}
{{- end -}}
{{/*
Return the appropriate apiVersion for networkpolicy.
*/}}
{{- define "n8n-helm.networkPolicy.apiVersion" -}}
{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion -}}
"extensions/v1beta1"
{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.GitVersion -}}
"networking.k8s.io/v1"
{{- end -}}
{{- end -}}

17
charts/n8n-helm/templates/configs.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "n8n-helm.fullname" . }}-config
labels:
{{- include "n8n-helm.common.labels.standard" . | nindent 4 }}
app: {{ template "n8n-helm.fullname" . }}
data:
DB_TYPE: postgresdb
DB_POSTGRESDB_DATABASE: {{ default "postgres" .Values.postgresql.postgresqlDatabase | quote }}
DB_POSTGRESDB_HOST: {{ template "n8n-helm.dbhost" . }}
DB_POSTGRESDB_PORT: {{ .Values.postgresql.service.port | quote }}
DB_POSTGRESDB_USER: {{ default "postgres" .Values.postgresql.postgresqlUsername | quote }}
{{- if .Values.auth.enable }}
N8N_BASIC_AUTH_ACTIVE: "true"
N8N_BASIC_AUTH_USER: {{ default "nodemation" .Values.auth.n8nAuthUsername | quote }}
{{- end }}

87
charts/n8n-helm/templates/deployment.yaml
View File

@ -1,87 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "n8n-helm.fullname" . }}-deployment
labels:
{{- include "n8n-helm.common.labels.standard" . | nindent 4 }}
app: {{ template "n8n-helm.fullname" . }}
spec:
replicas: {{ default "1" .Values.replicaCount }}
selector:
matchLabels: {{- include "n8n-helm.common.labels.matchLabels" . | nindent 6 }}
app: {{ template "n8n-helm.fullname" . }}
template:
metadata:
labels:
{{- include "n8n-helm.common.labels.standard" . | nindent 8 }}
app: {{ template "n8n-helm.fullname" . }}
annotations:
{{- if .Values.commonannotations }}
{{- range $key, $value := .Values.commonannotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }}
{{- end }}
{{- if .Values.affinity }}
affinity: {{- toYaml .Values.affinity | nindent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations: {{- toYaml .Values.tolerations | nindent 8 }}
{{- end }}
restartPolicy: {{ .Values.image.restartPolicy }}
containers:
- name: {{ template "n8n-helm.fullname" . }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.resources }}
resources: {{- toYaml .Values.resources | nindent 12 }}
{{- end }}
{{- if or .Values.livenessProbe .Values.readinessProbe }}
ports:
- name: http
containerPort: 5678
{{- end }}
{{- if .Values.livenessProbe }}
livenessProbe: {{- toYaml .Values.livenessProbe | nindent 12 }}
{{- end }}
{{- if .Values.readinessProbe }}
readinessProbe: {{- toYaml .Values.readinessProbe | nindent 12 }}
{{- end }}
command: ["/bin/sh"]
args: ["-c", "sleep 20; n8n start"]
env:
{{- if .Values.auth.enable }}
- name: N8N_BASIC_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "n8n-helm.secretName" . }}
key: n8nAuthPass
{{- end }}
{{- if .Values.postgresql.enabled }}
- name: DB_POSTGRESDB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "n8n-helm.secretName" . }}
key: postgresqlDbPass
{{- end }}
envFrom:
- configMapRef:
name: {{ template "n8n-helm.fullname" . }}-config
ports:
- name: {{ template "n8n-helm.fullname" . }}
containerPort: {{ .Values.service.port }}
{{- if .Values.persistence.enabled }}
volumeMounts:
- name: {{ include "n8n-helm.fullname" . }}-data
mountPath: /root/.n8n
volumes:
- name: {{ include "n8n-helm.fullname" . }}-data
persistentVolumeClaim:
claimName: {{ include "n8n-helm.fullname" . }}-data
{{- end }}

54
charts/n8n-helm/templates/ingress.yaml
View File

@ -1,54 +0,0 @@
{{- if .Values.ingress.enabled }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ template "n8n-helm.fullname" . }}-ingress
labels:
{{- include "n8n-helm.common.labels.standard" . | nindent 4 }}
annotations:
{{- if .Values.ingress.tls }}
ingress.kubernetes.io/secure-backends: "true"
{{- if .Values.ingress.certManager }}
kubernetes.io/tls-acme: "true"
{{- end }}
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- if .Values.commonannotations }}
{{- range $key, $value := .Values.commonannotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
rules:
{{- if .Values.ingress.hostname }}
- host: {{ .Values.ingress.hostname }}
http:
paths:
- path: /
backend:
serviceName: "{{ template "n8n-helm.fullname" . }}-service"
servicePort: {{ .Values.service.port }}
{{- else }}
- http:
paths:
- path: /
backend:
serviceName: "{{ template "n8n-helm.fullname" . }}-service"
servicePort: {{ .Values.service.port }}
{{- end }}
{{- range .Values.ingress.hosts }}
- host: {{ .name }}
http:
paths:
- path: {{ default "/" .path }}
backend:
serviceName: "{{ template "n8n-helm.fullname" . }}-service"
servicePort: {{ $.Values.service.port }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{ toYaml .Values.ingress.tls | indent 4 }}
{{- end }}
{{- end }}

44
charts/n8n-helm/templates/networkpolicy.yaml
View File

@ -1,44 +0,0 @@
{{- if .Values.networkPolicy.enabled }}
kind: NetworkPolicy
apiVersion: {{ template "n8n-helm.networkPolicy.apiVersion" . }}
metadata:
name: {{ template "n8n-helm.fullname" . }}
labels:
{{- include "n8n-helm.common.labels.standard" . | nindent 4 }}
annotations:
{{- if .Values.commonannotations }}
{{- range $key, $value := .Values.commonannotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
podSelector:
matchLabels:
{{- include "n8n-helm.common.labels.matchLabels" . | nindent 6 }}
ingress:
- ports:
- port: 5678
{{- if not .Values.networkPolicy.allowExternal }}
from:
- podSelector:
matchLabels:
{{- include "n8n-helm.common.labels.matchLabels" . | nindent 12 }}
{{- if .Values.networkPolicy.explicitNamespacesSelector }}
namespaceSelector:
{{ toYaml .Values.networkPolicy.explicitNamespacesSelector | indent 12 }}
{{- end }}
{{- end }}
egress:
- ports:
- port: 5678
{{- if not .Values.networkPolicy.allowExternal }}
to:
- podSelector:
matchLabels:
{{- include "n8n-helm.common.labels.matchLabels" . | nindent 12 }}
{{- if .Values.networkPolicy.explicitNamespacesSelector }}
namespaceSelector:
{{ toYaml .Values.networkPolicy.explicitNamespacesSelector | indent 12 }}
{{- end }}
{{- end }}
{{- end }}

17
charts/n8n-helm/templates/pvc.yaml
View File

@ -1,17 +0,0 @@
{{- if .Values.persistence.enabled }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "n8n-helm.fullname" . }}-data
labels:
{{- include "n8n-helm.common.labels.standard" . | nindent 4 }}
spec:
{{ include "n8n-helm.storageClass" . }}
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- end }}

18
charts/n8n-helm/templates/secrets.yaml
View File

@ -1,18 +0,0 @@
{{- if not .Values.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "n8n-helm.fullname" . }}-secrets
labels:
{{- include "n8n-helm.common.labels.standard" . | nindent 4 }}
app: {{ template "n8n-helm.fullname" . }}
type: Opaque
data:
#DB_POSTGRESDB_PASSWORD
postgresqlDbPass: {{ .Values.postgresql.postgresqlPassword | b64enc | quote }}
{{- if .Values.auth.enabled }}
#N8N_BASIC_AUTH_PASSWORD
n8nAuthPass: {{ default "nodemation" .Values.auth.n8nAuthPass | b64enc | quote }}
{{- end -}}
{{- end }}

23
charts/n8n-helm/templates/service.yaml
View File

@ -1,23 +0,0 @@
kind: Service
apiVersion: v1
metadata:
name: {{ template "n8n-helm.fullname" . }}-service
labels:
{{- include "n8n-helm.common.labels.standard" . | nindent 4 }}
app: {{ template "n8n-helm.fullname" . }}
annotations:
{{- if .Values.service.annotations }}
{{- include "n8n-hem.tplValue" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonannotations }}
{{- range $key, $value := .Values.commonannotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
selector: {{- include "n8n-helm.common.labels.matchLabels" . | nindent 4 }}
app: {{ template "n8n-helm.fullname" . }}
ports:
- name: {{ template "n8n-helm.fullname" . }}
port: {{ default "5678" .Values.service.port }}
targetPort: {{ default "5678" .Values.service.port }}

21
charts/n8n-helm/templates/tests/test-n8n.yaml
View File

@ -1,21 +0,0 @@
{{- if .Values.testFramework.enabled }}
apiVersion: v1
kind: Pod
metadata:
name: n8n-working-test
annotations:
"helm.sh/hook": test-success
spec:
containers:
- name: n8n-working-test
image: "alpine"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: N8N_HOST
value: {{ template "n8n-helm.fullname" . }}-service.default.svc.cluster.local:{{ .Values.service.port }}
command:
- /bin/sh
- -ec
- sleep 10; apk update; apk add curl; curl -m 10 -s -o /dev/null -I -w "%{http_code}" $N8N_HOST
restartPolicy: Never
{{- end }}

29
charts/n8n-helm/templates/tests/test-postgres-connection.yaml
View File

@ -1,29 +0,0 @@
{{- if .Values.postgresql.testFramework.enabled }}
apiVersion: v1
kind: Pod
metadata:
name: {{ template "postgresql.fullname" . }}-connection-test
annotations:
"helm.sh/hook": test-success
spec:
containers:
- name: {{ template "postgresql.fullname" . }}-connection-test
image: "{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}"
imagePullPolicy: {{ .Values.postgresql.image.pullPolicy }}
env:
- name: POSTGRES_DB
value: {{ .Values.postgresql.postgresqlDatabase | quote }}
- name: POSTGRES_USER
value: {{ .Values.postgresql.postgresqlUsername | quote }}
- name: POSTGRES_PASS
value: {{ .Values.postgresql.postgresqlPassword | quote }}
- name: POSTGRES_PORT
value: {{ .Values.postgresql.service.port | quote }}
- name: POSTGRES_HOST
value: {{ template "n8n-helm.dbhost" . }}
command:
- /bin/bash
- -ec
- PGPASSWORD=$POSTGRES_PASS psql -h $POSTGRES_HOST -p $POSTGRES_PORT -U $POSTGRES_USER -d $POSTGRES_DB
restartPolicy: Never
{{- end }}

15
charts/n8n-helm/templates/tls-secrets.yaml
View File

@ -1,15 +0,0 @@
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .name }}
labels:
{{- include "n8n-helm.common.labels.standard" . | nindent 4 }}
type: kubernetes.io/tls
data:
tls.crt: {{ .certificate | b64enc }}
tls.key: {{ .key | b64enc }}
---
{{- end }}
{{- end }}

193
charts/n8n-helm/values.yaml
View File

@ -1,193 +0,0 @@
# Default values for n8n-helm.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
## String to partially override n8n-helm.fullname template (will maintain the release name)
##
nameOverride: ""
## common annotations
commonannotations: {}
## String to fully override n8n-helm.fullname template
##
fullnameOverride: ""
image:
repository: n8nio/n8n
restartPolicy: Always
tag: "latest"
## Specify a imagePullPolicy
## Defaults set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
auth:
# enable the n8n basic auth
enabled: false
## Basic Auth username
## Defaults to 'nodemation' if not set
#n8nAuthUsername: nodemation
## Basic Auth password
## Defaults to 'nodemation' if not set
#n8nAuthPass: nodemation
## n8n password using existing secret. which includes n8nAuthPass and
## postgresqlDbPass as key for the respective value
#existingSecret: myn8n-secrets
networkPolicy:
## Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now.
##
enabled: false
## if explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace
## and that match other criteria, the ones that have the good label, can reach the DB.
## But sometimes, we want the DB to be accessible to clients from other namespaces, in this case, we can use this
## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added.
##
## Example:
## explicitNamespacesSelector:
## matchLabels:
## role: frontend
## matchExpressions:
## - {key: role, operator: In, values: [frontend]}
explicitNamespacesSelector: {}
service:
## Kubernetes service type
type: ClusterIP
## n8n port
port: 5678
## add extra annotation for service
annotations: {}
testFramework:
## Set to true to enable testing of n8n
enabled: true
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
## The path the volume will be mounted at, useful when using different
##
mountPath: /mnt/n8n/.n8n
##Storage class as per your provider
#storageClass: "-"
accessModes:
- ReadWriteOnce
size: 2Gi
ingress:
## Set to true to enable ingress
enabled: true
## When the ingress is enabled, a host pointing to this will be created if hostname is set. Default it will point to localhost:80
#hostname: n8n.local.com
# If tls is set, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
## The tls configuration for the ingress
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
## Uncomment below to enable tls / https for let's encrypt / cert-manager
## Set this to true in order to enable TLS on the ingress record
## A side effect of this will be that the backend n8n service will be connected at port 443
#tls:
#- hosts:
# - n8n.local
# secretName: n8n.local-tls
## Ingress annotations done as key:value pairs
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
annotations: {}
## Set this to true in order to add the corresponding annotations for cert-manager. validate that tls is set
#certManager: true
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: n8n.local-tls
# key:
# certificate:
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
requests:
memory: "500Mi"
cpu: "500m"
limits:
memory: "500Mi"
cpu: "500m"
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
##
## n8n parameters
##
## Node, affinity, tolerations, and priorityclass settings for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption
nodeSelector: {}
affinity: {}
tolerations: []
## Configure extra options for liveness and readiness probes
## This is http get liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
#livenessProbe:
# httpGet:
# path: /
# port: 5678
# initialDelaySeconds: 20
# timeoutSeconds: 10
# periodSeconds: 5
# failureThreshold: 2
#
#readinessProbe:
# httpGet:
# path: /
# port: 5678
# initialDelaySeconds: 20
# timeoutSeconds: 10
# periodSeconds: 5
# failureThreshold: 2
postgresql:
## enable for testing postgresql connection
testFramework:
enabled: true
## by default postgress is enable, Whether to deploy a postgress server to use database to store workflows set enables as per your requirements.
enabled: true
#Below are overriden values for postgres db
## PostgreSQL admin password (used when `postgresqlUsername` is not `postgres`)
#postgresqlPostgresPassword: nodemation
#n8n will connect to postgres using below username if not set then default 'postgres'
postgresqlUsername: postgres
#n8n will connect to below postgres databse if not set then default 'postgres'
postgresqlDatabase: nodemation
#n8n will connect to postgres using below password if not set then default 'postgres'
postgresqlPassword: nodemation

129
commitlint.config.js Normal file
View File

@ -0,0 +1,129 @@
// https://github.com/conventional-changelog/commitlint/tree/master/@commitlint/config-conventional
module.exports = {
parserPreset: 'conventional-changelog-conventionalcommits',
rules: {
'body-leading-blank': [1, 'always'],
'body-max-line-length': [2, 'always', 100],
'footer-leading-blank': [1, 'always'],
'footer-max-line-length': [2, 'always', 100],
'header-max-length': [2, 'always', 100],
'subject-case': [
2,
'never',
['sentence-case', 'start-case', 'pascal-case', 'upper-case'],
],
'subject-empty': [2, 'never'],
'subject-full-stop': [2, 'never', '.'],
'type-case': [2, 'always', 'lower-case'],
'type-empty': [2, 'never'],
'type-enum': [
2,
'always',
[
'chore',
'ci',
'docs',
'feat',
'fix',
'perf',
'refactor',
'revert',
'style',
'test',
],
],
},
prompt: {
questions: {
type: {
description: "Select the type of change that you're committing:",
enum: {
feat: {
description: 'A new feature',
title: 'Features',
emoji: '✨',
},
fix: {
description: 'A bug fix',
title: 'Bug Fixes',
emoji: '🐛',
},
docs: {
description: 'Documentation only changes',
title: 'Documentation',
emoji: '📚',
},
style: {
description:
'Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)',
title: 'Styles',
emoji: '💎',
},
refactor: {
description:
'A code change that neither fixes a bug nor adds a feature',
title: 'Code Refactoring',
emoji: '📦',
},
perf: {
description: 'A code change that improves performance',
title: 'Performance Improvements',
emoji: '🚀',
},
test: {
description: 'Adding missing tests or correcting existing tests',
title: 'Tests',
emoji: '🚨',
},
ci: {
description:
'Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)',
title: 'Continuous Integrations',
emoji: '⚙️',
},
chore: {
description: "Other changes that don't modify src or test files",
title: 'Chores',
emoji: '♻️',
},
revert: {
description: 'Reverts a previous commit',
title: 'Reverts',
emoji: '🗑',
},
},
},
scope: {
description:
'What is the scope of this change (e.g. component or file name)',
},
subject: {
description:
'Write a short, imperative tense description of the change',
},
body: {
description: 'Provide a longer description of the change',
},
isBreaking: {
description: 'Are there any breaking changes?',
},
breakingBody: {
description:
'A BREAKING CHANGE commit requires a body. Please enter a longer description of the commit itself',
},
breaking: {
description: 'Describe the breaking changes',
},
isIssueAffected: {
description: 'Does this change affect any open issues?',
},
issuesBody: {
description:
'If issues are closed, the commit requires a body. Please enter a longer description of the commit itself',
},
issues: {
description: 'Add issue references (e.g. "fix #123", "re #123".)',
},
},
},
};

13
ct.yaml Normal file
View File

@ -0,0 +1,13 @@
remote: origin
target-branch: introduce-chart-testing
lint-conf: .ci/lintconf.yaml
chart-yaml-schema: .ci/chart_schema.yaml
check-version-increment: false
chart-dirs:
- charts
chart-repos:
- bitnami=https://charts.bitnami.com/bitnami
- stable=https://charts.helm.sh/stable
helm-extra-args: --timeout 500s
excluded-charts:
- freeipa

19
repositories.yaml Normal file
View File

@ -0,0 +1,19 @@
apiVersion: ""
generated: "0001-01-01T00:00:00Z"
repositories:
- caFile: ""
certFile: ""
insecure_skip_tls_verify: false
keyFile: ""
name: bitnami
password: ""
url: https://charts.bitnami.com/bitnami
username: ""
- caFile: ""
certFile: ""
insecure_skip_tls_verify: false
keyFile: ""
name: stable
password: ""
url: https://charts.helm.sh/stable
username: ""

1
status Normal file
View File

@ -0,0 +1 @@
b6a1fa5d23969f1d25927bbcbfa87c61abcbd92c