diff --git a/charts/incubator/reactive-resume/Chart.yaml b/charts/incubator/reactive-resume/Chart.yaml index e1c064ed0a2..2d5e0d85921 100644 --- a/charts/incubator/reactive-resume/Chart.yaml +++ b/charts/incubator/reactive-resume/Chart.yaml @@ -1,13 +1,9 @@ -annotations: - truecharts.org/SCALE-support: "true" - truecharts.org/catagories: | - - Productivity apiVersion: v2 -appVersion: "1" +appVersion: "latest" dependencies: - name: common repository: https://library-charts.truecharts.org - version: 11.1.2 + version: 14.0.3 deprecated: false description: A one-of-a-kind resume builder that keeps your privacy in mind. home: https://truecharts.org/charts/incubator/reactive-resume @@ -23,6 +19,10 @@ maintainers: name: reactive-resume sources: - https://github.com/truecharts/charts/tree/master/charts/incubator/reactive-resume - - https://rxresu.me/ + - https://github.com/reactive-resume/reactive-resume type: application -version: 2.0.10 +version: 3.0.0 +annotations: + truecharts.org/catagories: | + - Productivity + truecharts.org/SCALE-support: "true" diff --git a/charts/incubator/reactive-resume/questions.yaml b/charts/incubator/reactive-resume/questions.yaml index 028c47acbeb..edd733b3776 100644 --- a/charts/incubator/reactive-resume/questions.yaml +++ b/charts/incubator/reactive-resume/questions.yaml @@ -1,5 +1,7 @@ # Include{groups} -portals: {} +portals: + open: +# Include{portalLink} questions: # Include{global} # Include{workload} @@ -8,13 +10,171 @@ questions: # Include{replicas1} # Include{podSpec} # Include{containerMain} + # Include{containerBasic} # Include{containerAdvanced} + - variable: reactiveresume + group: App Configuration + label: Reactive Resume + schema: + additional_attrs: true + type: dict + attrs: + - variable: app + label: App Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: public_url + label: Public Url + schema: + type: string + required: true + default: "" + - variable: google + label: Google Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: client_id + label: Client ID + schema: + type: string + private: true + default: "" + - variable: client_secret + label: Client Secret + schema: + type: string + private: true + default: "" + - variable: api_key + label: API Key + schema: + type: string + private: true + default: "" + - variable: mail + label: mail Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: from_name + label: From Name + schema: + type: string + default: "" + - variable: from_email + label: From Email + schema: + type: string + default: "" + - variable: host + label: Host + schema: + type: string + default: "" + - variable: port + label: Port + schema: + type: int + default: 587 + - variable: user + label: User + schema: + type: string + default: "" + - variable: password + label: Password + schema: + type: string + private: true + default: "" + - variable: storage + label: Storage Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: bucket + label: Bucket + schema: + type: string + default: "" + - variable: region + label: Region + schema: + type: string + default: "" + - variable: endpoint + label: Endpoint + schema: + type: string + default: "" + - variable: url_prefix + label: URL Prefix + schema: + type: string + default: "" + - variable: access_key + label: Access Key + schema: + type: string + private: true + default: "" + - variable: secret_key + label: Secret Key + schema: + type: string + private: true + default: "" + - variable: pdf_deletion_time + label: PDF Deletion Time (milliseconds) + schema: + type: int + required: true + default: 345600000 + min: 1 + +# Include{containerConfig} +# Include{podOptions} +# Include{serviceRoot} +# Include{serviceMain} +# Include{serviceSelectorLoadBalancer} +# Include{serviceSelectorExtras} + - variable: main + label: "Main Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 3000 + required: true # Include{serviceExpertRoot} # Include{serviceExpert} # Include{serviceList} # Include{persistenceList} +# Include{ingressRoot} + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: +# Include{ingressDefault} +# Include{ingressTLS} +# Include{ingressTraefik} +# Include{ingressAdvanced} +# Include{ingressList} # Include{securityContextRoot} - variable: runAsUser diff --git a/charts/incubator/reactive-resume/templates/NOTES.txt b/charts/incubator/reactive-resume/templates/NOTES.txt new file mode 100644 index 00000000000..efcb74cb772 --- /dev/null +++ b/charts/incubator/reactive-resume/templates/NOTES.txt @@ -0,0 +1 @@ +{{- include "tc.v1.common.lib.chart.notes" $ -}} diff --git a/charts/incubator/reactive-resume/templates/_secrets.tpl b/charts/incubator/reactive-resume/templates/_secrets.tpl new file mode 100644 index 00000000000..bc51e66624b --- /dev/null +++ b/charts/incubator/reactive-resume/templates/_secrets.tpl @@ -0,0 +1,16 @@ +{{/* Define the secrets */}} +{{- define "reactiveresume.secrets" -}} +{{- $secretName := (printf "%s-reactiveresume-secrets" (include "tc.v1.common.lib.chart.names.fullname" $)) }} + +{{- $secretKey := randAlphaNum 64 -}} +{{- $jwtKey := randAlphaNum 64 -}} + + {{- with lookup "v1" "Secret" .Release.Namespace $secretName -}} + {{- $secretKey = index .data "SECRET_KEY" | b64dec -}} + {{- $jwtKey = index .data "JWT_SECRET" | b64dec -}} + {{- end }} +enabled: true +data: + SECRET_KEY: {{ $secretKey }} + JWT_SECRET: {{ $jwtKey }} +{{- end -}} diff --git a/charts/incubator/reactive-resume/templates/common.yaml b/charts/incubator/reactive-resume/templates/common.yaml index cbf66c20818..cb2377970bf 100644 --- a/charts/incubator/reactive-resume/templates/common.yaml +++ b/charts/incubator/reactive-resume/templates/common.yaml @@ -1,2 +1,11 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.v1.common.loader.init" . -}} + +{{/* Render secrets for reactiveresume */}} +{{- $secrets := include "reactiveresume.secrets" . | fromYaml -}} +{{- if $secrets -}} + {{- $_ := set .Values.secret "reactiveresume-secrets" $secrets -}} +{{- end -}} + {{/* Render the templates */}} -{{ include "tc.common.loader.all" . }} +{{- include "tc.v1.common.loader.apply" . -}} diff --git a/charts/incubator/reactive-resume/values.yaml b/charts/incubator/reactive-resume/values.yaml index 3582632a659..425ac687d31 100644 --- a/charts/incubator/reactive-resume/values.yaml +++ b/charts/incubator/reactive-resume/values.yaml @@ -1,28 +1,161 @@ -env: {} image: + repository: tccr.io/truecharts/reactive-resume-client pullPolicy: IfNotPresent - repository: tccr.io/truecharts/reactive-resume - tag: v1@sha256:2b910510072a3f21718831945a0a7ec810573318905b134c5b7b1df6195ac969 -persistence: {} -podSecurityContext: - runAsGroup: 0 - runAsUser: 0 -probes: - liveness: - enabled: false - readiness: - enabled: false - startup: - enabled: false + tag: latest@sha256:f9d11934cb0a01f72b4aed13efdf454296e477172e14d2793d42aab9b5d46e20 +serverImage: + repository: tccr.io/truecharts/reactive-resume-server + pullPolicy: IfNotPresent + tag: latest@sha256:1d1b4862f77ea7cebf2df843fc61a47a0dcaf5acbd10bb65187a75d4db504774 + securityContext: - readOnlyRootFilesystem: false - runAsNonRoot: false + container: + runAsNonRoot: false + readOnlyRootFilesystem: false + runAsUser: 0 + runAsGroup: 0 + service: main: - enabled: false ports: main: - enabled: false + targetPort: 3000 + port: 3000 + server: + enabled: true + type: ClusterIP + targetSelector: server + ports: + server: + enabled: true + port: 3100 + targetSelector: server + +reactiveresume: + app: + public_url: "http://localhost:{{ .Values.service.main.ports.main.targetPort }}" + google: + client_id: "" + client_secret: "" + api_key: "" + mail: + from_name: "Reactive Resume" + from_email: "noreply@rxresu.me" + host: "" + port: 587 + user: "" + password: "" + storage: + bucket: "" + region: "" + endpoint: "" + url_prefix: "" + access_key: "" + secret_key: "" + # time in MS + pdf_deletion_time: 345600000 + +workload: + main: + podSpec: + containers: + main: + imageSelector: image + probes: + liveness: + enabled: true + type: http + path: / + port: "{{ .Values.service.main.ports.main.targetPort }}" + readiness: + enabled: true + type: http + path: / + port: "{{ .Values.service.main.ports.main.targetPort }}" + startup: + enabled: true + type: tcp + port: "{{ .Values.service.main.ports.main.targetPort }}" + env: + PUBLIC_URL: "{{ .Values.reactiveresume.app.public_url }}" + PUBLIC_SERVER_URL: '{{ printf "http://%v-server:%v" (include "tc.v1.common.lib.chart.names.fullname" $) .Values.service.server.ports.server.port }}' + PUBLIC_GOOGLE_CLIENT_ID: "{{ .Values.reactiveresume.google.client_id }}" + server: + enabled: true + type: Deployment + podSpec: + containers: + server: + primary: true + enabled: true + imageSelector: serverImage + probes: + liveness: + enabled: true + type: http + path: /health + port: "{{ .Values.service.server.ports.server.port }}" + readiness: + enabled: true + type: http + path: /health + port: "{{ .Values.service.server.ports.server.port }}" + startup: + enabled: true + type: http + path: /health + port: "{{ .Values.service.server.ports.server.port }}" + env: + PORT: "{{ .Values.service.server.ports.server.port }}" + PUBLIC_URL: "{{ .Values.reactiveresume.app.public_url }}" + PUBLIC_SERVER_URL: '{{ printf "http://%v-server:%v" (include "tc.v1.common.lib.chart.names.fullname" $) .Values.service.server.ports.server.port }}' + # Google + PUBLIC_GOOGLE_CLIENT_ID: "{{ .Values.reactiveresume.google.client_id }}" + GOOGLE_CLIENT_SECRET: "{{ .Values.reactiveresume.google.client_secret }}" + GOOGLE_API_KEY: "{{ .Values.reactiveresume.google.api_key }}" + # Email + MAIL_FROM_NAME: "{{ .Values.reactiveresume.mail.from_name }}" + MAIL_FROM_EMAIL: "{{ .Values.reactiveresume.mail.from_email }}" + MAIL_HOST: "{{ .Values.reactiveresume.mail.host }}" + MAIL_PORT: "{{ .Values.reactiveresume.mail.port }}" + MAIL_USERNAME: "{{ .Values.reactiveresume.mail.user }}" + MAIL_PASSWORD: "{{ .Values.reactiveresume.mail.password }}" + # Storage + STORAGE_BUCKET: "{{ .Values.reactiveresume.storage.bucket }}" + STORAGE_REGION: "{{ .Values.reactiveresume.storage.region }}" + STORAGE_ENDPOINT: "{{ .Values.reactiveresume.storage.endpoint }}" + STORAGE_URL_PREFIX: "{{ .Values.reactiveresume.storage.url_prefix }}" + STORAGE_ACCESS_KEY: "{{ .Values.reactiveresume.storage.access_key }}" + STORAGE_SECRET_KEY: "{{ .Values.reactiveresume.storage.secret_key }}" + PDF_DELETION_TIME: "{{ .Values.reactiveresume.storage.pdf_deletion_time }}" + # DB + POSTGRES_DB: "{{ .Values.cnpg.main.database }}" + POSTGRES_USER: "{{ .Values.cnpg.main.user }}" + POSTGRES_PASSWORD: + secretKeyRef: + name: cnpg-main-user + key: password + POSTGRES_HOST: + secretKeyRef: + name: cnpg-main-urls + key: host + POSTGRES_PORT: 5432 + # POSTGRES_SSL_CERT: "" + JWT_EXPIRY_TIME: 604800 + JWT_SECRET: + secretKeyRef: + name: reactiveresume-secrets + key: JWT_SECRET + SECRET_KEY: + secretKeyRef: + name: reactiveresume-secrets + key: SECRET_KEY + +cnpg: + main: + enabled: true + database: reactiveresume + user: reactiveresume portal: - enabled: false + open: + enabled: true