init commit

a60814billy · a60814billy · commit 4ba7cf46a2bd · 2020-03-31T05:07:09.000+08:00
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,3 @@
+.idea/
+.vscode/
+charts/**/charts/*.tgz
diff --git a/charts/codimd/.helmignore b/charts/codimd/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/codimd/Chart.yaml b/charts/codimd/Chart.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+name: codimd
+description: A CodiMD Helm chart for Kubernetes
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application.
+appVersion: 2.0.0
+
+dependencies:
+  - name: postgresql
+    version: 8.6.10
+    condition: postgresql.enabled, global.postgresql.enabled
+    repository: https://charts.bitnami.com/bitnami
diff --git a/charts/codimd/requirements.lock b/charts/codimd/requirements.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: postgresql
+  repository: https://charts.bitnami.com/bitnami
+  version: 8.6.10
+digest: sha256:bcf451cb7316ebf38ba4769d636299bf4f5f639922a39355d78e7fad58901d83
+generated: "2020-03-31T05:06:22.8997+08:00"
diff --git a/charts/codimd/requirements.yml b/charts/codimd/requirements.yml
@@ -0,0 +1,5 @@
+dependencies:
+  - name: postgresql
+    version: 8.6.10
+    condition: postgresql.enabled, global.postgresql.enabled
+    repository: https://charts.bitnami.com/bitnami
diff --git a/charts/codimd/templates/_helpers.tpl b/charts/codimd/templates/_helpers.tpl
@@ -0,0 +1,76 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "codimd.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "codimd.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "codimd.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "codimd.labels" -}}
+app.kubernetes.io/name: {{ include "codimd.name" . }}
+helm.sh/chart: {{ include "codimd.chart" . }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/version: {{ default .Chart.AppVersion .Values.image.tag }}
+{{- end -}}
+
+
+{{/*
+Return the docker image
+*/}}
+{{- define "codimd.image" -}}
+{{- $registryName := default "nabo.codimd.dev" .Values.image.registry -}}
+{{- $repositoryName := default "hackmdio/hackmd" .Values.image.repository -}}
+{{- $tag := default .Chart.AppVersion .Values.image.tag -}}
+{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
+{{- end -}}
+
+{{/*
+Return the CodiMD domain
+*/}}
+{{- define "codimd.domain" -}}
+{{- $domain := default .Values.codimd.connection.domain .Values.ingress.hostname -}}
+{{- printf "%s" $domain -}}
+{{- end -}}
+
+{{/*
+Embedded PostgreSQL service name
+*/}}
+{{- define "codimd.postgresql-svc" -}}
+{{- if .Values.postgresql.fullnameOverride -}}
+  {{- .Values.postgresql.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+  {{- $name := default "postgresql" .Values.postgresql.nameOverride -}}
+  {{- if contains $name .Release.Name -}}
+    {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+  {{- else -}}
+    {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+  {{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/codimd/templates/auth-secret.yaml b/charts/codimd/templates/auth-secret.yaml
@@ -0,0 +1,128 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "codimd.fullname" . }}-auth-env
+stringData:
+  CMD_EMAIL: {{ .Values.codimd.authentication.local.enabled | toString | quote }}
+  CMD_ALLOW_EMAIL_REGISTER: {{ .Values.codimd.authentication.local.allowRegister | toString | quote }}
+
+  {{/* Authentication - Bitbucket */}}
+  {{ if .Values.codimd.authentication.bitbucket.enabled }}
+  CMD_BITBUCKET_CLIENTID: {{ .Values.codimd.authentication.bitbucket.key | toString | quote }}
+  CMD_BITBUCKET_CLIENTSECRET: {{ .Values.codimd.authentication.bitbucket.secret | toString | quote }}
+  {{ end }}
+
+  {{/* Authentication - Dropbox */}}
+  {{ if .Values.codimd.authentication.dropbox.enabled }}
+  CMD_DROPBOX_CLIENTID: {{ .Values.codimd.authentication.dropbox.appKey | toString | quote }}
+  CMD_DROPBOX_CLIENTSECRET: {{ .Values.codimd.authentication.dropbox.appSecret | toString | quote }}
+  {{ end }}
+
+  {{/* Authentication - Facebook */}}
+  {{ if .Values.codimd.authentication.facebook.enabled }}
+  CMD_FACEBOOK_CLIENTID: {{ .Values.codimd.authentication.facebook.clientId | toString | quote }}
+  CMD_FACEBOOK_CLIENTSECRET: {{ .Values.codimd.authentication.facebook.secret | toString | quote }}
+  {{ end }}
+
+  {{/* Authentication - GitHub */}}
+  {{ if .Values.codimd.authentication.github.enabled }}
+  {{ if .Values.codimd.authentication.github.enterpriseUrl }}
+  CMD_GITHUB_ENTERPRISE_URL: {{ .Values.codimd.authentication.github.enterpriseUrl | trim | toString | quote }}
+  {{ end }}
+  CMD_GITHUB_CLIENTID: {{ .Values.codimd.authentication.github.clientId | toString | quote }}
+  CMD_GITHUB_CLIENTSECRET: {{ .Values.codimd.authentication.github.secret | toString | quote }}
+  {{ end }}
+
+  {{/* Authentication - GitLab */}}
+  {{ if .Values.codimd.authentication.gitlab.enabled }}
+  {{ if .Values.codimd.authentication.gitlab.domain}}
+  CMD_GITLAB_BASEURL: {{ .Values.codimd.authentication.gitlab.domain  | toString | quote }}
+  {{ end }}
+  {{ if .Values.codimd.authentication.gitlab.scope }}
+  CMD_GITLAB_SCOPE: {{ .Values.codimd.authentication.gitlab.scope | toString | quote }}
+  {{ end }}
+  CMD_GITLAB_CLIENTID: {{ .Values.codimd.authentication.gitlab.applicationId  | toString | quote }}
+  CMD_GITLAB_CLIENTSECRET: {{ .Values.codimd.authentication.gitlab.secret | toString | quote  }}
+  {{ end }}
+
+  {{/* Authentication - Google */}}
+  {{ if .Values.codimd.authentication.google.enabled }}
+  CMD_GOOGLE_CLIENTID: {{ .Values.codimd.authentication.google.clientId  | toString | quote }}
+  CMD_GOOGLE_CLIENTSECRET: {{ .Values.codimd.authentication.google.secret | toString | quote  }}
+  {{ if .Values.codimd.authentication.google.hostedDomain }}
+  CMD_GOOGLE_HOSTEDDOMAIN: {{ .Values.codimd.authentication.google.hostedDomain | toString | quote  }}
+  {{ end }}
+  {{ end }}
+
+  {{/* Authentication - LDAP */}}
+  {{ if .Values.codimd.authentication.ldap.enabled }}
+  CMD_LDAP_PROVIDERNAME: {{ .Values.codimd.authentication.ldap.providerName | toString | quote  }}
+  CMD_LDAP_URL: {{ .Values.codimd.authentication.ldap.url | toString | quote  }}
+  {{ if .Values.codimd.authentication.ldap.tlsCA }}
+  CMD_LDAP_TLS_CA: {{ .Values.codimd.authentication.ldap.providerName | toString | quote  }}
+  {{ end }}
+  CMD_LDAP_BINDDN: {{ .Values.codimd.authentication.ldap.bindDN  | toString | quote }}
+  {{ if .Values.codimd.authentication.ldap.bindCredentials }}
+  CMD_LDAP_BINDCREDENTIALS: {{ .Values.codimd.authentication.ldap.bindCredentials | toString | quote  }}
+  {{ end }}
+  {{ if .Values.codimd.authentication.ldap.searchBase }}
+  CMD_LDAP_SEARCHBASE: {{ .Values.codimd.authentication.ldap.searchBase  | toString | quote }}
+  {{ end }}
+  {{ if .Values.codimd.authentication.ldap.searchFilter }}
+  CMD_LDAP_SEARCHFILTER: {{ .Values.codimd.authentication.ldap.searchFilter | toString | quote  }}
+  {{ end }}
+  {{ if .Values.codimd.authentication.ldap.searchAttributes }}
+  CMD_LDAP_SEARCHATTRIBUTES: {{ .Values.codimd.authentication.ldap.searchAttributes  | toString | quote }}
+  {{ end }}
+  {{ if .Values.codimd.authentication.ldap.attributes.id}}
+  CMD_LDAP_USERIDFIELD: {{ .Values.codimd.authentication.ldap.attributes.id | toString | quote  }}
+  {{ end }}
+  {{ if .Values.codimd.authentication.ldap.attributes.username }}
+  CMD_LDAP_USERNAMEFIELD: {{ .Values.codimd.authentication.ldap.attributes.username | toString | quote  }}
+  {{ end }}
+  {{ end }}
+
+  {{/* Authentication - Mattermost */}}
+  {{ if .Values.codimd.authentication.mattermost.enabled }}
+  CMD_MATTERMOST_BASEURL: {{ .Values.codimd.authentication.mattermost.domain  | toString | quote }}
+  CMD_MATTERMOST_CLIENTID: {{ .Values.codimd.authentication.mattermost.clientId | toString | quote }}
+  CMD_MATTERMOST_CLIENTSECRET: {{ .Values.codimd.authentication.mattermost.secret | toString | quote  }}
+  {{ end }}
+
+  {{/* Authentication - OAuth2 */}}
+  {{ if .Values.codimd.authentication.oauth2.enabled }}
+  CMD_OAUTH2_PROVIDERNAME: {{ .Values.codimd.authentication.oauth2.providerName  | toString | quote }}
+  CMD_OAUTH2_BASEURL: {{ .Values.codimd.authentication.oauth2.domain | toString | quote  }}
+  CMD_OAUTH2_CLIENT_ID: {{ .Values.codimd.authentication.oauth2.clientId  | toString | quote }}
+  CMD_OAUTH2_CLIENT_SECRET: {{ .Values.codimd.authentication.oauth2.secret | toString | quote  }}
+  CMD_OAUTH2_AUTHORIZATION_URL: {{ .Values.codimd.authentication.oauth2.authorizationUrl | toString | quote  }}
+  CMD_OAUTH2_TOKEN_URL: {{ .Values.codimd.authentication.oauth2.tokenUrl | toString | quote  }}
+  CMD_OAUTH2_USER_PROFILE_URL: {{ .Values.codimd.authentication.oauth2.userProfileUrl | toString | quote  }}
+  CMD_OAUTH2_SCOPE: {{ .Values.codimd.authentication.oauth2.scope  | toString | quote }}
+  CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR: {{ .Values.codimd.authentication.oauth2.attributes.username | toString | quote  }}
+  CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR: {{ .Values.codimd.authentication.oauth2.attributes.displayName  | toString | quote }}
+  CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR: {{ .Values.codimd.authentication.oauth2.attributes.email | toString | quote  }}
+  {{ end }}
+
+  {{/* Authentication - OAuth2 */}}
+  {{ if .Values.codimd.authentication.saml.enabled }}
+  CMD_SAML_IDPSSOURL: {{ .Values.codimd.authentication.saml.idpSSOUrl  | toString | quote }}
+  {{ if .Values.codimd.authentication.saml.idpCert }}
+  CMD_SAML_IDPCERT: {{ .Values.codimd.authentication.saml.idpCert | toString | quote  }}
+  {{ end }}
+  CMD_SAML_ISSUER: {{ .Values.codimd.authentication.saml.issuer  | toString | quote }}
+  CMD_SAML_IDENTIFIERFORMAT: {{ .Values.codimd.authentication.saml.identifierFormat  | toString | quote }}
+  CMD_SAML_DISABLEREQUESTEDAUTHNCONTEXT: {{ .Values.codimd.authentication.saml.disableRequestedAuthnContext | toString | quote  }}
+  CMD_SAML_GROUPATTRIBUTE: {{ .Values.codimd.authentication.saml.groupAttribute  | toString | quote }}
+  CMD_SAML_EXTERNALGROUPS: {{ .Values.codimd.authentication.saml.externalGroups  | toString | quote }}
+  CMD_SAML_REQUIREDGROUPS: {{ .Values.codimd.authentication.saml.requiredGroups  | toString | quote }}
+  CMD_SAML_ATTRIBUTE_ID: {{ .Values.codimd.authentication.saml.attributes.id  | toString | quote }}
+  CMD_SAML_ATTRIBUTE_USERNAME: {{ .Values.codimd.authentication.saml.attributes.username  | toString | quote }}
+  CMD_SAML_ATTRIBUTE_EMAIL: {{ .Values.codimd.authentication.saml.attributes.email | toString | quote  }}
+  {{ end }}
+
+  {{/* Authentication - Twitter */}}
+  {{ if .Values.codimd.authentication.twitter.enabled }}
+  CMD_TWITTER_CONSUMERKEY: {{ .Values.codimd.authentication.twitter.consumerKey | toString | quote  }}
+  CMD_TWITTER_CONSUMERSECRET: {{ .Values.codimd.authentication.twitter.comsumerSecret  | toString | quote }}
+  {{ end }}
diff --git a/charts/codimd/templates/db-secret.yaml b/charts/codimd/templates/db-secret.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "codimd.fullname" . }}-database-secret
+stringData:
+  {{ if .Values.postgresql.enabled }}
+  connection: "postgres://{{ .Values.postgresql.postgresqlUsername }}:{{ .Values.postgresql.postgresqlPassword }}@{{ template "codimd.postgresql-svc" . }}/{{ .Values.postgresql.postgresqlDatabase }}"
+  {{ else }}
+  connection: "{{ .Values.codimd.database.type }}://{{ .Values.codimd.database.username }}:{{ .Values.codimd.database.password }}@{{ .Values.codimd.database.host }}:{{ .Values.codimd.database.port }}/{{ .Values.codimd.database.databaseName }}"
+  {{ end }}
diff --git a/charts/codimd/templates/deployment.yaml b/charts/codimd/templates/deployment.yaml
@@ -0,0 +1,43 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "codimd.fullname" . }}
+  labels:
+    app.kubernetes.io/component: server
+  {{- include "codimd.labels" . | nindent 4 }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: server
+  {{- include "codimd.labels" . | nindent 6 }}
+  template:
+    metadata:
+      name: {{ template "codimd.fullname" . }}
+      labels:
+        app.kubernetes.io/component: server
+    {{- include "codimd.labels" . | nindent 8 }}
+    spec:
+      {{ if .Values.image.pullSecrets }}
+      imagePullSecrets:
+      {{ .Values.image.pullSecrets | nindent 8 }}
+      {{end }}
+      containers:
+        - name: codimd
+          image: {{ template "codimd.image" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          env:
+            - name: CMD_USE_CDN
+              value: {{ .Values.codimd.security.useCDN | quote }}
+            - name: CMD_DB_URL
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "codimd.fullname" . }}-database-secret
+                  key: connection
+          envFrom:
+            - secretRef:
+                name: {{ template "codimd.fullname" . }}-auth-env
+          ports:
+            - name: http
+              containerPort: 3000
+      restartPolicy: Always
diff --git a/charts/codimd/templates/ingress.yaml b/charts/codimd/templates/ingress.yaml
@@ -0,0 +1,23 @@
+{{ if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: {{ template "codimd.fullname" . }}
+  {{ if .Values.ingress.annotation}}
+  annotations:
+  {{ .Values.ingress.annotation | nindent 4 }}
+  {{ end }}
+spec:
+  rules:
+    - host: {{ .Values.ingress.hostname }}
+      http:
+        paths:
+          - backend:
+              serviceName: {{ template "codimd.fullname" . }}-svc
+              servicePort: 80
+  {{ if .Values.ingress.tlsSecret }}
+  tls:
+    - hosts: {{ .Values.ingress.hostname }}
+      secretName: {{ .Values.ingress.tlsSecret }}
+  {{ end }}
+  {{ end }}
diff --git a/charts/codimd/templates/service.yaml b/charts/codimd/templates/service.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "codimd.fullname" . }}-svc
+spec:
+  type: {{ .Values.service.type }}
+  selector:
+    app.kubernetes.io/component: server
+    {{- include "codimd.labels" . | nindent 4 }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: 3000
diff --git a/charts/codimd/values.yaml b/charts/codimd/values.yaml

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+.idea/`
	`2`	`+.vscode/`
	`3`	`+charts/*/charts/.tgz`