Feature/Update doc website, improve docs and lint charts

.github/workflows/ci.yml

@@ -1,7 +1,7 @@
 # title: Continuous Integration
 # uses:
 #   - https://github.com/helm/chart-testing-action
-#   - https://github.com/helm/kind-action
+#   - https://github.com/stackrox/kube-linter-action
 
 name: CI
 
@@ -46,6 +46,12 @@ jobs:
         with:
           python-version: '3.x'
           check-latest: true
+      - name: Use KubeLinter
+        id: kube-lint-scan
+        uses: stackrox/kube-linter-action@v1
+        with:
+          directory: charts
+          config: .kube-linter.yaml
       - name: Set up chart-testing
         uses: helm/chart-testing-action@v2.7.0
       - name: Add dependency chart repositories

.kube-linter.yaml

@@ -1,7 +1,24 @@
 checks:
   addAllBuiltIn: true
+  # ref. https://docs.kubelinter.io/#/generated/checks
   exclude:
-    - "no-read-only-root-fs"
-    - "unset-cpu-requirements"
-    - "unset-memory-requirements"
-  ignorePaths: []
+    - access-to-secrets
+    - default-service-account
+    - dnsconfig-options
+    - minimum-three-replicas
+    - no-anti-affinity
+    - no-node-affinity
+    - no-read-only-root-fs
+    - non-isolated-pod
+    - required-annotation-email
+    - required-label-owner
+    - unset-cpu-requirements
+    - unset-memory-requirements
+    - use-namespace
+    # disable for now (need to add users in image Dockerfile)
+    - run-as-non-root
+    - privileged-ports
+  ignorePaths:
+    - charts/**/charts/**
+    # disable for now (too many issues for something to rework from the container image)
+    - charts/nfs-ganesha/**

CONTRIBUTING.md

@@ -4,48 +4,101 @@
 
 ## Repository Structure
 
-`/charts` contains custom Helm charts.
+`/charts` contains the source of custom Helm charts.
 
 > [!NOTE]
 > [Helm Chart Releaser](https://github.com/helm/chart-releaser) doesn't support multiple chart directories ou multiple levels so all charts must be in `charts` repository.
 
-`/docs` provides instructions for:
+`/docs` provides the source of the website, with in particular instructions for:
 
 - Installing popular applications (`/docs/application-guides`)
 - Using custom charts (`/docs/custom-charts`)
 
-## Code validation
+## Custom Helm charts
+
+### Check manifest during creation
+
+Lint the chart:
+
+```bash
+helm lint
+```
+
+Generate the Kubernetes manifest yaml:
+
+```bash
+helm template myapp . -f values.yaml --namespace myns > temp.yaml
+```
+
+### Deploy from sources
+
+Install the application:
+
+```bash
+helm upgrade --install myapp . -f values.yaml --namespace myns --create-namespace --debug > output.yaml
+```
+
+### Run locally CI checks
 
 Lint charts with [helm/chart-testing](https://github.com/helm/chart-testing) (with workaround described at [issue #464](https://github.com/helm/chart-testing/issues/464)):
 
 ```bash
-docker run --rm -it --workdir=/data --volume $(pwd):/data quay.io/helmpack/chart-testing:v3.7.1 \
+docker run --rm -it --workdir=/data --volume $(pwd):/data quay.io/helmpack/chart-testing:v3.13.0 \
   /bin/sh -c "git config --global --add safe.directory /data ; ./scripts/add_helm_repo.sh ; ct lint --target-branch main"
 ```
 
-(not yet available because of [Issue #575](https://github.com/stackrox/kube-linter/issues/575)) Lint charts with [stackrox/kube-linter](https://github.com/stackrox/kube-linter) ([docs](https://docs.kubelinter.io/)):
+> [!TIP]
+> Beware if you're on Windows, as some files may be with the EOL CRLF and could be seen as a difference needing a version bump.
+> You can find them with `find charts/ -type f -exec file {} \; | grep CLRF`, update the EOL (change save from VS Code), and also check on the repo with `git show main:charts/nfs-ganesha/.helmignore | od -c`.
+
+Lint charts with [KubeLinter](https://docs.kubelinter.io/):
 
 ```bash
-docker run --rm -v $(pwd)/charts:/charts -v $(pwd)/.kube-linter.yaml:/etc/config.yaml \
-  stackrox/kube-linter lint /charts --config /etc/config.yaml
+docker run --rm -v $(pwd)/charts:/charts -v $(pwd)/.kube-linter.yaml:/etc/config.yaml stackrox/kube-linter \
+  lint /charts --config /etc/config.yaml
 ```
 
-## Chart repository references
+### View Chart repository references
 
 - [aws/eks-charts](https://github.com/aws/eks-charts)
 - [rancher/helm3-charts](https://github.com/rancher/helm3-charts)
 
 ## Documentation website
 
-The documentation is built with [VitePress](https://vitepress.dev/) ([code](https://github.com/vuejs/vitepress)):
+### Static Site Generator
+
+The website is built with [VitePress](https://vitepress.dev/) and:
+
+- plugins: [VitePress Sidebar](https://vitepress-sidebar.cdget.com/)
+- theme: [Catppuccin for VitePress](https://vitepress.catppuccin.com/)
 
-- plugins: [VitePress Sidebar](https://github.com/jooy2/vitepress-sidebar)
-- theme: [Catppuccin for VitePress](https://github.com/catppuccin/vitepress)
+The project was generated using `npx vitepress init`.
 
-It was generated using `npx vitepress init`.
+### Local review
 
-Run locally the website with:
+Run the website with:
 
 ```bash
 npm run docs:dev
 ```
+
+### Markdown tips
+
+- Use Alerts when it makes sense:
+
+```md
+> [!NOTE]
+> Highlights information that users should take into account, even when skimming.
+
+> [!TIP]
+> Optional information to help a user be more successful.
+
+> [!IMPORTANT]
+> Crucial information necessary for users to succeed.
+
+> [!WARNING]
+> Critical content demanding immediate user attention due to potential risks.
+
+> [!CAUTION]
+> Negative potential consequences of an action.
+```

README.md

@@ -1,16 +1,16 @@
-# Kube toolkit
+# Kube Workload Toolkit
 
 [![CI](https://github.com/devpro/helm-charts/actions/workflows/ci.yml/badge.svg)](https://github.com/devpro/helm-charts/actions/workflows/ci.yml)
 [![PKG](https://github.com/devpro/helm-charts/actions/workflows/pkg.yml/badge.svg)](https://github.com/devpro/helm-charts/actions/workflows/pkg.yml)
 
 Welcome! This project provides:
 
-- **Curated Guides**: Step-by-step instructions for installing popular applications using their official Helm charts in a Kubernetes cluster.
-- **Custom Helm Charts**: A collection of Helm charts that were created for deploying unique workloads on Kubernetes.
+- **Curated guides**: Step-by-step instructions for installing popular applications using their official Helm charts in a Kubernetes cluster.
+- **Custom Helm charts**: A collection of charts that were created for deploying unique workloads on Kubernetes.
 
 Whether you're deploying custom solutions or setting up well-known applications like NGINX or Prometheus, this repository aims to simplify your Kubernetes journey with tested configurations and clear documentation.
 
-Get started with the [documentation](https://devpro.github.io/helm-charts/docs/).
+🚀 Get started with the [Kube Workload Toolkit](https://kwt.devpro.fr/)
 
 Feel free to [contribute](CONTRIBUTING.md)!
 
@@ -77,20 +77,6 @@ helm:
   * Go to "Apps" > "Repositories", click on "Create" and enter `https://devpro.github.io/helm-charts` as "Index URL", then click on "Create"
   * Go to "Apps" > "Charts", look at the available applications (charts) and install the one(s) you want
 
-## Cluster setup logic
-
-* Create a Kubernetes Cluster and get CLI access (download `kubectl` configuration)
-* Install & configure kube add-ons
-  * Install certificate issuer ([cert-manager](./charts/cert-manager/README.md))
-  * Create storage class
-  * Create Ingress Controller ([NGINX](./charts/ingress-nginx/README.md) or HAProxy)
-  * Create load balancer
-  * Install secret management ([Sealed Secrets](./charts/sealed-secrets/README.md))
-  * Deploy GitOps tool ([ArgoCD](./charts/argocd/README.md) or Fleet)
-* Setup Security ([NeuVector](./charts/neuvector/README.md))
-* Install Observability ([OpenTelemetry, Prometheus, Grafana](./charts/otel-prometheus-grafana/README.md))
-* Setup Continuous Deployment
-  * Configure GitOps repositories and deploy backing services and applications
 
 ## Samples
 

charts/capi-templates/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: capi-templates
 description: Helm chart for Cluster API (CAPI) Templates
 type: application
-version: 0.1.0
+version: 0.1.1
 appVersion: "1.0.0"
 home: https://github.com/devpro/helm-charts/tree/main/charts/capi-templates
 maintainers:

charts/capi-templates/README.md

@@ -1,11 +1,13 @@
 # Kubernetes CAPI Templates Helm Chart
 
-This chart will simplify the use of CAPI (Cluster API) to manage your Kubernetes clusters.
-
-Contributions are welcome! See how with this [short guide](CONTRIBUTING.md).
+This chart will simplify the use of [Cluster API (CAPI))](https://cluster-api.sigs.k8s.io/) to manage your Kubernetes clusters.
 
 ## Getting started
 
+Start with the [documentation](https://kwt.devpro.fr/custom-charts/capi-templates.html).
+
+## Usage
+
 ### Setup
 
 Add the Helm repository:
@@ -33,6 +35,22 @@ googlecloud:
 EOF
 ```
 
+Generate the manifest file for review:
+
+```bash
+helm template capi-gke-demo devpro/capi-templates -f values_gke.yaml > temp.yaml
+```
+
+Can be compared with the one generated with clusterctl:
+
+```bash
+export GCP_PROJECT=$GCLOUD_PROJECT_ID
+export GCP_REGION=$GCLOUD_REGION
+export GCP_NETWORK_NAME=$GCLOUD_VPC
+export WORKER_MACHINE_COUNT=1
+clusterctl generate cluster gke-capi-bthomas-demo --flavor gke -i gcp  > capi-gke-quickstart.yaml
+```
+
 Create the cluster:
 
 ```bash

charts/cow-demo/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: cow-demo
 description: Helm chart for Cow Demo Application
 type: application
-version: 0.2.0
+version: 0.2.1
 appVersion: "2.0.0"
 maintainers:
   - name: devpro

charts/cow-demo/templates/deployment.yaml

@@ -9,6 +9,8 @@ metadata:
     app.kubernetes.io/name: {{ $name }}
 spec:
   replicas: {{ $.Values.replicaCount }}
+  strategy:
+    type: RollingUpdate
   selector:
     matchLabels:
       app: {{ $name }}
@@ -32,5 +34,14 @@ spec:
             - name: http
               containerPort: 8080
               protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
+      restartPolicy: Always

charts/devpro-salesportal/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: devpro-salesportal
 description: Helm chart for Devpro Sales Portal
 type: application
-version: 0.2.5
+version: 0.2.6
 appVersion: "1.1.0"
 dependencies:
   - name: mongodb

charts/devpro-salesportal/templates/deployment.yaml

@@ -12,6 +12,8 @@ metadata:
     app.kubernetes.io/name: {{ .name }}
 spec:
   replicas: {{ .replicaCount }}
+  strategy:
+    type: RollingUpdate
   selector:
     matchLabels:
       app: {{ .name }}
@@ -97,5 +99,6 @@ spec:
             - name: MongoDb__DatabaseName
               value: {{ .db.databaseName }}
             {{- end }}
+      restartPolicy: Always
 {{- end }}
 {{ end }}

charts/ecorp-demo/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: ecorp-demo
 description: Helm chart for E Corp demo
 type: application
-version: 0.2.0
+version: 0.2.1
 appVersion: "1.1.0"
 maintainers:
   - name: devpro

charts/ecorp-demo/templates/deployment.yaml

@@ -12,6 +12,8 @@ metadata:
     app.kubernetes.io/name: {{ .name }}
 spec:
   replicas: {{ .replicaCount }}
+  strategy:
+    type: RollingUpdate
   selector:
     matchLabels:
       app: {{ .name }}
@@ -84,5 +86,6 @@ spec:
               value: "{{ $.Values.otelCollector.endpoint }}"
             {{- toYaml . | nindent 12 }}
           {{- end }}
+      restartPolicy: Always
 {{- end }}
 {{ end }}

charts/game-2048/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: game-2048
 description: Helm chart for Game 2048
 type: application
-version: 0.1.1
+version: 0.1.2
 appVersion: "1.0.0"
 maintainers:
   - name: devpro

charts/game-2048/templates/deployment.yaml

@@ -9,6 +9,8 @@ metadata:
     app.kubernetes.io/name: {{ $name }}
 spec:
   replicas: {{ $.Values.replicaCount }}
+  strategy:
+    type: RollingUpdate
   selector:
     matchLabels:
       app: {{ $name }}
@@ -25,7 +27,16 @@ spec:
           imagePullPolicy: Always
           ports:
             - name: http
-              containerPort: 80
+              containerPort: {{ $.Values.containerPort }}
               protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
+      restartPolicy: Always

charts/game-2048/templates/service.yaml

@@ -16,4 +16,4 @@ spec:
     - name: http
       port: {{ $.Values.port }}
       protocol: TCP
-      targetPort: 80
+      targetPort: {{ $.Values.containerPort }}

charts/game-2048/values.yaml

@@ -3,6 +3,7 @@ image: devprofr/game-2048
 tag: "1.0.8328752292"
 replicaCount: 1
 port: 80
+containerPort: 80
 ingress:
   enabled: false
   className: "nginx"