stakater / application Goto Github PK
View Code? Open in Web Editor NEWGeneric helm chart for all kind of applications
Home Page: http://stakater.com
License: MIT License
Generic helm chart for all kind of applications
Home Page: http://stakater.com
License: MIT License
Hello
it would be more beneficial if you would add the changelog together with the release, as it is quite difficult to understand what was the latest changes in a single view.
Thanks
Enforce requests & limits in the deployments
livenessProbe:
initialDelaySeconds: 15
timeoutSeconds: 5
periodSeconds: 30
successThreshold: 1
failureThreshold: 5
readinessProbe:
initialDelaySeconds: 15
timeoutSeconds: 5
periodSeconds: 30
successThreshold: 1
failureThreshold: 5
Add support to override env variables
e.g.
This will enforce/ensure that our Reloader is used by default
{{if .Values.reloadOnChange}}
annotations:
configmap.reloader.stakater.com/reload: {{ template "stakater-app.appname" . }}
secret.reloader.stakater.com/reload: {{ template "stakater-app.appname" . }}
{{end}}
Add HPA resource and document as well
Pods can be slow when creating, updating, or deleting because old objects are still tracked in the cluster. You can reduce the revisionHistoryLimit
of deployments to cleanup older ReplicaSets which will lower to total amount of objects tracked by the Kubernetes Controller Manager. The default history limit for Deployments in 10.
Our recommended value should be 2 and not more
According to https://docs.renovatebot.com/modules/manager/helm-values/#additional-information the values.yaml need to be structured like this for it to pick up the values:
image:
repository: 'some-docker/dependency'
tag: v1.0.0
registry: registry.example.com # optional key, will default to "docker.io"
Hello
It would be easier for 3rd party people, if you would separate the README and the CHANGELOG into their own files.
Thanks
Hi
In the .yaml for this configuration it is written in plural, but in the README.md you wrote it as singular.
Please update to avoid misunderstanding.
Thanks.
With docker image tags like...
deployment:
image:
tag: latest@sha256:f2a9d619483d11cd8b2f12be2bc4fb1cc9b7a4e01295b8ba52d4aea54f528556
the chart renders invalid appVersion labels:
metadata.labels: Invalid value: \"latest@sha256:f2a9d619483d11cd8b2f12be2bc4fb1cc9b7a4e01295b8ba5\":
a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue', or 'my_value', or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')
Would it be possible to trim everything after "@" or maybe support an optional applicationVersion
parameter?
I can create a pull request if necessary. Thanks for the great helm chart btw!
https://docs.bitnami.com/tutorials/production-ready-charts/#use-non-root-containers
In order to make your Helm chart work with non-root containers, add the securityContext section to your yaml files.
e.g.
spec:
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
{{- end }}
Add these common recommended common labels
app.kubernetes.io/name: mysql
app.kubernetes.io/instance: mysql-abcxzy
app.kubernetes.io/version: "5.7.21"
app.kubernetes.io/component: database
app.kubernetes.io/part-of: wordpress
app.kubernetes.io/managed-by: helm
https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/
The pipeline is broken and needs to be fixed
[Pipeline] sh
+ chmod 600 /root/.ssh-git/ssh-key
chmod: changing permissions of '/root/.ssh-git/ssh-key': Read-only file system
Add config in service to set ClusterIP to None for headless service setup.
We should add .Capabilities.APIVersions.Has
to non k8s core resources
https://github.com/stakater/application/blob/master/application/values.yaml#L213-L220
and set same limits
Scenarios to test endpointmonitor creation:
Add support for grafana dashboard
There should be possibility to override namespace like this
{{/*
Allow the release namespace to be overridden
*/}}
{{- define "rabbitmq-operator.namespace" -}}
{{- default .Release.Namespace .Values.namespaceOverride -}}
{{- end -}}
Change from apiVersion: apps/v1beta1
to apiVersion: apps/v1
Rename the file from routes.yaml
to route.yaml
We use the flag name enabled
for all resources except rbac in which we have called it create
; so, for harmony perspective we should rename it to enabled as well
Jenkinsfile is broken and new changes aren't released anymore
Please add a license file and clearify which software license the code is under (e.g. MIT).
As these applications are namespace'd scope; we should remove the cluster level resources like ClusterRole and ClusterRoleBinding
This chart should only support creation of resources which are only namespace scoped
There are some tools out there to automatically generate helm chart documentation from the values and comments. It would ensure we don't miss any entries and enforce comments in the value file.
Add VPA manifest; and I would like it to be always running in recommendation mode and document it as well
In this example, you create a VerticalPodAutoscaler that has an updateMode of "Off". Then you create a Deployment that has two Pods, each of which has one container. When the Pods are created, the VerticalPodAutoscaler analyzes the CPU and memory needs of the containers and records those recommendations in its status field. The VerticalPodAutoscaler does not take any action to update the resource requests for the running containers.
Here is a manifest for the VerticalPodAutoscaler:
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
metadata:
name: my-rec-vpa
spec:
targetRef:
apiVersion: "apps/v1"
kind: Deployment
name: my-rec-deployment
updatePolicy:
updateMode: "Off"
Here is a manifest for the Deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-rec-deployment
spec:
replicas: 2
selector:
matchLabels:
app: my-rec-deployment
template:
metadata:
labels:
app: my-rec-deployment
spec:
containers:
- name: my-rec-container
image: nginx
In the manifest, you can see that there are no CPU or memory requests. You can also see that the Pods in the Deployment belong to the VerticalPodAutoscaler, because it points to the target of kind: Deployment and name: my-rec-deployment.
The output shows recommendations for CPU and memory requests:
...
recommendation:
containerRecommendations:
- containerName: my-rec-container
lowerBound:
cpu: 25m
memory: 262144k
target:
cpu: 25m
memory: 262144k
upperBound:
cpu: 7931m
memory: 8291500k
...
remove namespace from chart
Add support for external secrets
need to enforce setting of:
if not specified then default values should be applied
Add a thorough ReadMe which explains all components of charts and their fields
Look this one for example: https://github.com/rht-labs/helm-charts/tree/master/charts/sonarqube#sonarqube
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.
.github/workflows/pull_request.yaml
actions/checkout v4
azure/setup-helm v4
azure/setup-kubectl v3
redhat-actions/openshift-tools-installer v1
docker/login-action v3
mshick/add-pr-comment v2
8398a7/action-slack v3
actions/checkout v4
d3adb5/helm-unittest-action v2
.github/workflows/push.yaml
actions/checkout v4
azure/setup-helm v4
azure/setup-kubectl v3
redhat-actions/openshift-tools-installer v1
docker/login-action v3
8398a7/action-slack v3
actions/checkout v4
anothrNick/github-tag-action 1.69.0
azure/setup-helm v4
anothrNick/github-tag-action 1.69.0
8398a7/action-slack v3
.github/workflows/release.yaml
actions/checkout v4
actions/create-release v1
8398a7/action-slack v3
application/values.yaml
I'd like to see automatic release and changelog updates in such a simple repository.
You can see an example implementation using semantic-release in this repository https://github.com/aslafy-z/helm-git. semantic-release also knowns how to maintain a CHANGELOG.md like you do in this repository.
There is also pre-packaged GitHub Actions to run, such as: https://github.com/marketplace/actions/action-for-semantic-release.
What do you think?
Thoroughly document in readme how to do local development and validation
Currently the path is hardcoded to / but there should be possibility to provide different path
Add three mandatory labels to every manifest
optional forecastle manifest
We should review these labels; as some of them are static and don't make sense
labels:
app: review
app.kubernetes.io/instance: gabbar-dev-stakater-nordmart-review
release: gabbar-dev-stakater-nordmart-review
provider: stakater
appVersion: 1.0.43
team: stakater
chart: application-1.1.14
heritage: Helm
appCategory: backend
group: com.stakater.platform
We can remove these:
And have different names for others
Setting space value to true by mistake can result in destructive action; so, we should remove space from the application chart
As space controls namespace; so, deleting a space deletes namespace; and learned hard way that it's very dangerous to have space in application chart
Space/namespace should be handled via separate chart or some other mechanism
Need to ensure we bump minor version
Change email to [email protected]
Add service monitor and document as well
e.g.
{{- if .Values.servicemonitor.enabled -}}
{{- $port := .Values.service.port -}}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
app: {{ template "stakater-app.appname" . }}
team: {{ required "A valid .Values.team entry required!" .Values.team }}
app-version: {{ template "stakater-app.appversion" . }}
chart: {{ template "stakater-app.chart" . }}
heritage: {{ .Release.Service }}
k8s-app: {{ template "stakater-app.appname" . }}
name: {{ template "stakater-app.appname" . }}
namespace: {{ .Values.servicemonitor.namespace }}
spec:
endpoints:
- interval: 10s
path: /admin/prometheus
port: {{ $port }}-tcp
scheme: {{ .Values.service.scheme }}
tlsConfig:
insecureSkipVerify: true
jobLabel: k8s-app
namespaceSelector:
matchNames:
- {{ .Release.Namespace }}
selector:
matchLabels:
app: {{ template "stakater-app.appname" . }}
{{- end }}
Currently, the checkout action in the unittests
job of our GitHub Actions workflow is not actually running tests from the pull request head, instead running the ones on their base branch, master
.
This leads to PRs that break unit tests passing the status check.
Enhance the structure and readability of values.yaml file
Update and merge this PR
https://github.com/stakater-charts/application/pull/11/files
Default Application doesn't run until Service Account is created.
applicationName: "tiny"
deployment:
image:
repository: travix/tinyproxy
tag: latest
The above config kept on failing at replica set level.
Issues making it difficult to use in start.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.