From 587f873ffad63e640516d82959cf3c904927be3a Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Sun, 25 Jan 2026 12:30:17 +0100 Subject: [PATCH 1/3] Add todoblazor chart --- README.md | 21 +++-- charts/todoblazor/.helmignore | 23 ++++++ charts/todoblazor/CONTRIBUTING.md | 89 ++++++++++++++++++++ charts/todoblazor/Chart.lock | 6 ++ charts/todoblazor/Chart.yaml | 15 ++++ charts/todoblazor/README.md | 24 ++++++ charts/todoblazor/templates/NOTES.txt | 0 charts/todoblazor/templates/_helpers.tpl | 0 charts/todoblazor/templates/deployment.yaml | 92 +++++++++++++++++++++ charts/todoblazor/templates/ingress.yaml | 50 +++++++++++ charts/todoblazor/templates/service.yaml | 23 ++++++ charts/todoblazor/values.yaml | 58 +++++++++++++ 12 files changed, 390 insertions(+), 11 deletions(-) create mode 100644 charts/todoblazor/.helmignore create mode 100644 charts/todoblazor/CONTRIBUTING.md create mode 100644 charts/todoblazor/Chart.lock create mode 100644 charts/todoblazor/Chart.yaml create mode 100644 charts/todoblazor/README.md create mode 100644 charts/todoblazor/templates/NOTES.txt create mode 100644 charts/todoblazor/templates/_helpers.tpl create mode 100644 charts/todoblazor/templates/deployment.yaml create mode 100644 charts/todoblazor/templates/ingress.yaml create mode 100644 charts/todoblazor/templates/service.yaml create mode 100644 charts/todoblazor/values.yaml diff --git a/README.md b/README.md index ccf3b23..d1b76fe 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Kube Workload Toolkit +# Kube Workload Toolkit [![GitLab Pipeline Status](https://gitlab.com/devpro-labs/automation/helm-charts/badges/main/pipeline.svg)](https://gitlab.com/devpro-labs/automation/helm-charts/-/pipelines) [![CI](https://github.com/devpro/helm-charts/actions/workflows/ci.yml/badge.svg)](https://github.com/devpro/helm-charts/actions/workflows/ci.yml) @@ -38,7 +38,7 @@ helm install ### From ArgoCD -* Create a git repository to store Kubernetes definition files (GitOps approach) +- Create a git repository to store Kubernetes definition files (GitOps approach) ```yaml # wordpress/Chart.yaml @@ -54,11 +54,11 @@ dependencies: repository: https://devpro.github.io/helm-charts ``` -* Create a new application in ArgoCD to reference the git repository with the path to the folder +- Create a new application in ArgoCD to reference the git repository with the path to the folder ### From Fleet -* Create a git repository to store Kubernetes definition files (GitOps approach) +- Create a git repository to store Kubernetes definition files (GitOps approach) ```yaml # wordpress/fleet.yaml @@ -70,16 +70,15 @@ helm: releaseName: wordpress ``` -* Create a GitRepo to reference the git repository with the path to the folder +- Create a GitRepo to reference the git repository with the path to the folder ### From Rancher -* In your cluster - * Go to "Apps" > "Repositories", click on "Create" and enter `https://devpro.github.io/helm-charts` as "Index URL", then click on "Create" - * Go to "Apps" > "Charts", look at the available applications (charts) and install the one(s) you want - +- In your cluster + - Go to "Apps" > "Repositories", click on "Create" and enter `https://devpro.github.io/helm-charts` as "Index URL", then click on "Create" + - Go to "Apps" > "Charts", look at the available applications (charts) and install the one(s) you want ## Samples -* [DevOpsDays Geneva 2023](samples/devopsdays-geneva-2023/README.md) -* [SUSE Exchange Paris 2023](samples/suse-exchange-paris-2023/README.md) +- [DevOpsDays Geneva 2023](samples/devopsdays-geneva-2023/README.md) +- [SUSE Exchange Paris 2023](samples/suse-exchange-paris-2023/README.md) diff --git a/charts/todoblazor/.helmignore b/charts/todoblazor/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/todoblazor/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/todoblazor/CONTRIBUTING.md b/charts/todoblazor/CONTRIBUTING.md new file mode 100644 index 0000000..63cebc0 --- /dev/null +++ b/charts/todoblazor/CONTRIBUTING.md @@ -0,0 +1,89 @@ +# Contribution guide + +## Update chart dependencies + +Add Bitnami Helm repository: + +```bash +helm repo add bitnami https://charts.bitnami.com/bitnami +helm repo update +``` + +Look for existing versions: + +```bash +helm search repo -l mongodb --versions +``` + +Manually edit `Chart.yaml` with the version. + +Update `Chart.lock`: + +```bash +helm dependency update +``` + +## Validate on a test cluster + +Create a `values.mine.yaml` file: + +```yaml +dotnet: + environment: Development + enableOpenTelemetry: false +webapp: + db: + connectionString: mongodb://root:admin@todoblazor-mongodb:27017/todolist?authSource=admin + databaseName: todolist +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod +mongodb: + enabled: true + auth: + rootPassword: admin +``` + +Install or update the application: + +```bash +helm upgrade --install todoblazor . \ + -f values.yaml -f values.mine.yaml \ + --set webapp.host=todoblazor.console.$SANDBOX_ID.instruqt.io \ + --namespace demo --create-namespace +``` + +Check everything is ok in the namespace: + +```bash +kubectl get pod,svc,deploy,rs,ingress,secret,pvc -n demo +``` + +Open the web application in a browser: + +```bash +echo https://todoblazor.console.$SANDBOX_ID.instruqt.io/swagger +``` + +If needed, debug with: + +- Forward MongoDB port to view the database from Compass (with connection string "mongodb://root:admin@localhost:27017/todolist?authSource=admin") + + ```bash + kubectl port-forward svc/todoblazor-mongodb -n demo 27017:27017 + ``` + +- Have a shell in a MongoDB container + + ```bash + kubectl exec -it deploy/todoblazor-mongodb -n demo -- bash + ``` + +At the end, clean everything: + +```bash +helm delete todoblazor -n demo +kubectl delete ns demo +``` diff --git a/charts/todoblazor/Chart.lock b/charts/todoblazor/Chart.lock new file mode 100644 index 0000000..9fd9e78 --- /dev/null +++ b/charts/todoblazor/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: mongodb + repository: https://charts.bitnami.com/bitnami + version: 18.1.10 +digest: sha256:1d8e259cedd55f3e4cf9e11249e3eb3af2279bace5424e570a5149834d63a480 +generated: "2026-01-25T02:06:22.936299536+01:00" diff --git a/charts/todoblazor/Chart.yaml b/charts/todoblazor/Chart.yaml new file mode 100644 index 0000000..8cd9092 --- /dev/null +++ b/charts/todoblazor/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v2 +name: todoblazor +description: Helm chart for Todo Blazor web application +type: application +version: 0.1.0 +appVersion: "1.0.0" +dependencies: + - name: mongodb + version: 18.1.10 # MongoDB 8.2.2 + repository: https://charts.bitnami.com/bitnami + alias: mongodb + condition: mongodb.enabled +maintainers: + - name: devpro + email: bertrand@devpro.fr diff --git a/charts/todoblazor/README.md b/charts/todoblazor/README.md new file mode 100644 index 0000000..565b4b0 --- /dev/null +++ b/charts/todoblazor/README.md @@ -0,0 +1,24 @@ +# Helm chart for Todo Blazor + +This Helm chart will deploy [Todo Blazor](https://github.com/devpro/todo-blazor) on a Kubernetes cluster. + +## Usage + +Add the chart repository: + +```bash +helm repo add devpro https://devpro.github.io/helm-charts +helm repo update +``` + +Create the `values.yaml` file to override [default values](values.yaml). + +Install the application: + +```bash +helm upgrade --install todoblazor devpro/todoblazor -f values.yaml --namespace demo --create-namespace +``` + +## Going further + +Check the [contribution guide](CONTRIBUTING.md). diff --git a/charts/todoblazor/templates/NOTES.txt b/charts/todoblazor/templates/NOTES.txt new file mode 100644 index 0000000..e69de29 diff --git a/charts/todoblazor/templates/_helpers.tpl b/charts/todoblazor/templates/_helpers.tpl new file mode 100644 index 0000000..e69de29 diff --git a/charts/todoblazor/templates/deployment.yaml b/charts/todoblazor/templates/deployment.yaml new file mode 100644 index 0000000..11b34ee --- /dev/null +++ b/charts/todoblazor/templates/deployment.yaml @@ -0,0 +1,92 @@ +{{- $applications := list .Values.webapp -}} +{{ range $applications }} +{{- $name := .name -}} +{{- if .enabled -}} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .name }} + labels: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} +spec: + replicas: {{ .replicaCount }} + strategy: + type: RollingUpdate + selector: + matchLabels: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} + template: + metadata: + labels: + app: {{ $name }} + app.kubernetes.io/name: {{ $name }} + {{- if .additionalPodLabels }} + {{- toYaml .additionalPodLabels | nindent 8 }} + {{- end }} + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: "kubernetes.io/arch" + operator: In + values: ["amd64"] + containers: + - name: {{ .name }} + image: {{ .image }}:{{ .tag }} + imagePullPolicy: Always + ports: + - name: http + containerPort: {{ .containerPort }} + protocol: TCP + livenessProbe: + httpGet: + path: {{ .healthEndpoint }} + port: http + readinessProbe: + httpGet: + path: {{ .healthEndpoint }} + port: http + resources: + {{- toYaml .resources | nindent 12 }} + securityContext: + runAsNonRoot: true + runAsUser: 1654 # "app" user + runAsGroup: 1654 # "app" group + allowPrivilegeEscalation: false + env: + {{- if .extraEnv }} + {{- toYaml .extraEnv | nindent 12 }} + {{- end }} + - name: HOST_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: ASPNETCORE_ENVIRONMENT + value: "{{ $.Values.dotnet.environment }}" + - name: Logging__LogLevel__Default + value: {{ $.Values.dotnet.logLevels.default }} + - name: Logging__LogLevel__Microsoft.AspNetCore + value: {{ $.Values.dotnet.logLevels.framework }} + - name: Logging__LogLevel__Devpro + value: {{ $.Values.dotnet.logLevels.application }} + {{- if $.Values.dotnet.enableOpenTelemetry }} + - name: Application__IsOpenTelemetryEnabled + value: "true" + - name: OpenTelemetry__CollectorEndpoint + value: "http://$(HOST_IP):4317" + {{- end }} + {{- if .db }} + - name: DatabaseSettings__ConnectionString + value: {{ .db.connectionString }} + - name: DatabaseSettings__DatabaseName + value: {{ .db.databaseName }} + {{- end }} + restartPolicy: Always +{{- end }} +{{ end }} diff --git a/charts/todoblazor/templates/ingress.yaml b/charts/todoblazor/templates/ingress.yaml new file mode 100644 index 0000000..896f5fb --- /dev/null +++ b/charts/todoblazor/templates/ingress.yaml @@ -0,0 +1,50 @@ +{{- $applications := list .Values.webapp -}} +{{ range $applications }} +{{- $name := .name -}} +{{- if and $.Values.ingress.enabled .enabled -}} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $name }} + {{- with $.Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if $.Values.ingress.className }} + ingressClassName: {{ $.Values.ingress.className }} + {{- end }} + rules: + - host: {{ .host }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ $name }} + port: + number: {{ .port }} + {{- range .ingressExtraHosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $name }} + port: + number: {{ .port }} + {{- end }} + {{- end }} + {{- if .tls }} + tls: + - hosts: + - {{ .host | quote }} + secretName: {{ .tls.secretName }} + {{- end }} +{{- end }} +{{ end }} diff --git a/charts/todoblazor/templates/service.yaml b/charts/todoblazor/templates/service.yaml new file mode 100644 index 0000000..d5ac563 --- /dev/null +++ b/charts/todoblazor/templates/service.yaml @@ -0,0 +1,23 @@ +{{- $applications := list .Values.webapp -}} +{{ range $applications }} +{{- if .enabled -}} +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} + name: {{ .name }} +spec: + type: ClusterIP + ports: + - port: {{ .port }} + targetPort: {{ .containerPort }} + protocol: TCP + name: http + selector: + app: {{ .name }} + app.kubernetes.io/name: {{ .name }} +{{- end }} +{{ end }} diff --git a/charts/todoblazor/values.yaml b/charts/todoblazor/values.yaml new file mode 100644 index 0000000..676b5a6 --- /dev/null +++ b/charts/todoblazor/values.yaml @@ -0,0 +1,58 @@ +webapp: + enabled: true + host: todoblazor.random + name: todoblazor + image: docker.io/devprofr/todoblazor + # images are hosted on DockerHub: https://hub.docker.com/r/devprofr/todoblazor/tags + tag: latest # IMPORTANT: latest should never be used in Production + replicaCount: 1 + port: 80 + containerPort: 8080 + healthEndpoint: /health + db: + connectionString: "someconnstring" + databaseName: "somedb" + extraEnv: [] + # - name: xxx + # value: "yyyy" + additionalPodLabels: {} + tls: + secretName: todoblazor-tls + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + +dotnet: + environment: Production + logLevels: + default: Information + framework: Information + application: Information + enableOpenTelemetry: false + +ingress: + enabled: false + className: "" + annotations: {} + # cert-manager.io/cluster-issuer: letsencrypt-prod + +# embedded chart configuration: https://github.com/bitnami/charts/blob/main/bitnami/mongodb/values.yaml +mongodb: + enabled: false + global: + # imageRegistry: "" + # imagePullSecrets: [] + # defaultStorageClass: "" + # storageClass: "" + security: + allowInsecureImages: true + image: + registry: docker.io + repository: bitnami/mongodb # other options: chainguard/mongodb + tag: latest # IMPORTANT: latest should never be used in Production + auth: {} + # rootPassword: "" From 0116def07901b67c7a4224c7e898ad125cb34773 Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Sun, 25 Jan 2026 12:35:11 +0100 Subject: [PATCH 2/3] Manual save --- charts/todoblazor/.helmignore | 2 +- charts/todoblazor/CONTRIBUTING.md | 2 +- charts/todoblazor/Chart.lock | 2 +- charts/todoblazor/Chart.yaml | 2 +- charts/todoblazor/README.md | 2 +- charts/todoblazor/templates/NOTES.txt | 1 + charts/todoblazor/templates/_helpers.tpl | 1 + charts/todoblazor/templates/ingress.yaml | 2 +- charts/todoblazor/templates/service.yaml | 2 +- charts/todoblazor/values.yaml | 2 +- 10 files changed, 10 insertions(+), 8 deletions(-) diff --git a/charts/todoblazor/.helmignore b/charts/todoblazor/.helmignore index 0e8a0eb..59a8c7d 100644 --- a/charts/todoblazor/.helmignore +++ b/charts/todoblazor/.helmignore @@ -1,4 +1,4 @@ -# Patterns to ignore when building packages. +# Patterns to ignore when building packages. # This supports shell glob matching, relative path matching, and # negation (prefixed with !). Only one pattern per line. .DS_Store diff --git a/charts/todoblazor/CONTRIBUTING.md b/charts/todoblazor/CONTRIBUTING.md index 63cebc0..056e443 100644 --- a/charts/todoblazor/CONTRIBUTING.md +++ b/charts/todoblazor/CONTRIBUTING.md @@ -1,4 +1,4 @@ -# Contribution guide +# Contribution guide ## Update chart dependencies diff --git a/charts/todoblazor/Chart.lock b/charts/todoblazor/Chart.lock index 9fd9e78..6e4252c 100644 --- a/charts/todoblazor/Chart.lock +++ b/charts/todoblazor/Chart.lock @@ -1,4 +1,4 @@ -dependencies: +dependencies: - name: mongodb repository: https://charts.bitnami.com/bitnami version: 18.1.10 diff --git a/charts/todoblazor/Chart.yaml b/charts/todoblazor/Chart.yaml index 8cd9092..e902119 100644 --- a/charts/todoblazor/Chart.yaml +++ b/charts/todoblazor/Chart.yaml @@ -1,4 +1,4 @@ -apiVersion: v2 +apiVersion: v2 name: todoblazor description: Helm chart for Todo Blazor web application type: application diff --git a/charts/todoblazor/README.md b/charts/todoblazor/README.md index 565b4b0..33866d6 100644 --- a/charts/todoblazor/README.md +++ b/charts/todoblazor/README.md @@ -1,4 +1,4 @@ -# Helm chart for Todo Blazor +# Helm chart for Todo Blazor This Helm chart will deploy [Todo Blazor](https://github.com/devpro/todo-blazor) on a Kubernetes cluster. diff --git a/charts/todoblazor/templates/NOTES.txt b/charts/todoblazor/templates/NOTES.txt index e69de29..5f28270 100644 --- a/charts/todoblazor/templates/NOTES.txt +++ b/charts/todoblazor/templates/NOTES.txt @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/charts/todoblazor/templates/_helpers.tpl b/charts/todoblazor/templates/_helpers.tpl index e69de29..5f28270 100644 --- a/charts/todoblazor/templates/_helpers.tpl +++ b/charts/todoblazor/templates/_helpers.tpl @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/charts/todoblazor/templates/ingress.yaml b/charts/todoblazor/templates/ingress.yaml index 896f5fb..8a4e313 100644 --- a/charts/todoblazor/templates/ingress.yaml +++ b/charts/todoblazor/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- $applications := list .Values.webapp -}} +{{- $applications := list .Values.webapp -}} {{ range $applications }} {{- $name := .name -}} {{- if and $.Values.ingress.enabled .enabled -}} diff --git a/charts/todoblazor/templates/service.yaml b/charts/todoblazor/templates/service.yaml index d5ac563..55ae081 100644 --- a/charts/todoblazor/templates/service.yaml +++ b/charts/todoblazor/templates/service.yaml @@ -1,4 +1,4 @@ -{{- $applications := list .Values.webapp -}} +{{- $applications := list .Values.webapp -}} {{ range $applications }} {{- if .enabled -}} --- diff --git a/charts/todoblazor/values.yaml b/charts/todoblazor/values.yaml index 676b5a6..2cd76e1 100644 --- a/charts/todoblazor/values.yaml +++ b/charts/todoblazor/values.yaml @@ -1,4 +1,4 @@ -webapp: +webapp: enabled: true host: todoblazor.random name: todoblazor From 42c3fb99efce230db3723550211c71e0d4bc7092 Mon Sep 17 00:00:00 2001 From: Bertrand THOMAS Date: Sun, 25 Jan 2026 12:36:48 +0100 Subject: [PATCH 3/3] Disable sorted-keys check for now --- .kube-linter.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.kube-linter.yaml b/.kube-linter.yaml index 0695b65..f2f8b35 100644 --- a/.kube-linter.yaml +++ b/.kube-linter.yaml @@ -1,4 +1,4 @@ -checks: +checks: addAllBuiltIn: true # ref. https://docs.kubelinter.io/#/generated/checks exclude: @@ -18,6 +18,7 @@ checks: - latest-tag # disable for now (need to add users in image Dockerfile) - run-as-non-root + - sorted-keys - privileged-ports ignorePaths: - charts/**/charts/**