feat: charts file structure

charts/awsmp-datree-admission-webhook/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v2
-name: datree-admission-webhook
+name: awsmp-datree-admission-webhook
 description: A Helm chart for Datree admission webhook for Kubernetes clusters
 icon: https://github.com/datreeio/admission-webhook-datree/blob/main/internal/images/diagram.png
 type: application

charts/awsmp-datree-free-admission-webhook/Chart.yaml

@@ -0,0 +1,31 @@
+apiVersion: v2
+name: awsmp-datree-free-admission-webhook
+description: A Helm chart for Datree admission webhook for Kubernetes clusters
+icon: https://github.com/datreeio/admission-webhook-datree/blob/main/internal/images/diagram.png
+type: application
+keywords:
+  - datree-admission-webhook
+  - policy agent
+  - validating webhook
+  - admissions controller
+home: datree.io
+sources:
+  - https://github.com/datreeio/admission-webhook-datree
+
+kubeVersion: ">=1.16.0-0"
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.1.21"
+
+dependencies:
+  - name: datree-lib
+    version: 0.1.0
+    repository: file://../datree-lib

charts/awsmp-datree-free-admission-webhook/values.schema.json

@@ -0,0 +1,239 @@
+{
+  "$schema": "http://json-schema.org/draft-04/schema#",
+  "type": "object",
+  "properties": {
+    "namespace": {
+      "type": "string",
+      "description": "The name of the namespace all resources will be created in, if not specified in the release."
+    },
+    "replicaCount": {
+      "type": "integer",
+      "description": "The number of Datree webhook-server replicas to deploy for the webhook.",
+      "minimum": 2
+    },
+    "customLabels": {
+      "type": "object",
+      "description": "Additional labels to add to all resources."
+    },
+    "customAnnotations": {
+      "type": "object",
+      "description": "Additional annotations to add to all resources."
+    },
+    "debug": {
+      "type": "boolean",
+      "description": "Run the webhook-server in debug mode, this will log debug information to the console."
+    },
+    "rbac": {
+      "type": "object",
+      "description": "Required ClusterRoles, ClusterRoleBindings, and ServiceAccount for datree-webhook-server, If not created they should be provided.",
+      "properties": {
+        "serviceAccount": {
+          "type": "object",
+          "properties": {
+            "create": {
+              "type": "boolean",
+              "description": "Create or not the ServiceAccount for the webhook-server. If not created it should be provided."
+            },
+            "name": {
+              "type": "string",
+              "description": "The ServiceAccount name"
+            }
+          },
+          "required": ["create", "name"]
+        },
+        "clusterRole": {
+          "type": "object",
+          "properties": {
+            "create": {
+              "type": "boolean",
+              "description": "Create or not the ClusterRole for the webhook-server. If not created it should be provided."
+            },
+            "name": {
+              "type": "string",
+              "description": "The ClusterRole name"
+            }
+          },
+          "required": ["create", "name"]
+        }
+      },
+      "required": ["serviceAccount", "clusterRole"]
+    },
+    "datree": {
+      "type": "object",
+      "description": "Datree webhook configuration. (Checkout more details at htttps://hub.datree.com)",
+      "properties": {
+        "token": {
+          "type": "string",
+          "description": "The token used to link the CLI to your dashboard."
+        },
+        "policy": {
+          "type": "string",
+          "description": "The name of the policy to check, e.g: staging."
+        },
+        "verbose": {
+          "type": "string",
+          "description": "Display 'How to Fix' link for failed rules in output."
+        },
+        "output": {
+          "type": "string",
+          "description": "The format output of the policy check results: yaml, json, xml, simple, JUnit."
+        },
+        "noRecord": {
+          "type": "string",
+          "description": "Don't record the results of the policy check."
+        }
+      },
+      "required": ["token", "policy", "verbose", "output", "noRecord"]
+    },
+    "image": {
+      "type": "object",
+      "description": "The Datree webhook-server image to use.",
+      "properties": {
+        "repository": {
+          "type": "string",
+          "description": "Image repository"
+        },
+        "tag": {
+          "type": "string",
+          "description": "Image tag",
+          "pattern": "^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
+        },
+        "pullPolicy": {
+          "type": "string",
+          "description": "Image pull policy",
+          "pattern": "^(Always|Never|IfNotPresent)$"
+        }
+      },
+      "required": ["repository", "tag", "pullPolicy"]
+    },
+    "securityContext": {
+      "type": "object",
+      "description": "Security context for the webhook-server containers",
+      "properties": {
+        "allowPrivilegeEscalation": {
+          "type": "boolean"
+        },
+        "readOnlyRootFilesystem": {
+          "type": "boolean"
+        },
+        "runAsNonRoot": {
+          "type": "boolean"
+        },
+        "runAsUser": {
+          "type": "integer"
+        }
+      },
+      "required": [
+        "allowPrivilegeEscalation",
+        "readOnlyRootFilesystem",
+        "runAsNonRoot",
+        "runAsUser"
+      ]
+    },
+    "resources": {
+      "type": "object",
+      "properties": {
+        "limits": {
+          "type": "object",
+          "properties": {
+            "memory": {
+              "type": "string"
+            }
+          },
+          "required": ["memory"]
+        },
+        "requests": {
+          "type": "object",
+          "properties": {
+            "cpu": {
+              "type": ["string", "integer"]
+            },
+            "memory": {
+              "type": ["string", "integer"]
+            }
+          },
+          "required": ["cpu", "memory"]
+        }
+      },
+      "required": ["limits", "requests"]
+    },
+    "hooks": {
+      "type": "object",
+      "description": "Helm Hooks: pre-install and pre-delete that the chart run during install",
+      "properties": {
+        "timeoutTime": {
+          "type": ["integer", "null"],
+          "description": "The timeout time the hook will wait for the webhook-server is ready."
+        },
+        "image": {
+          "type": "object",
+          "description": "The image for running kubectl commands",
+          "properties": {
+            "repository": {
+              "type": "string"
+            },
+            "sha": {
+              "type": "string",
+              "pattern": "^sha256\\W[a-f0-9]{64}$"
+            },
+            "pullPolicy": {
+              "type": "string",
+              "pattern": "^(Always|Never|IfNotPresent)$"
+            }
+          },
+          "required": ["repository", "sha", "pullPolicy"]
+        }
+      },
+      "required": ["image"]
+    },
+    "aws": {
+      "type": "object",
+      "description": "AWS Marketplace configuration",
+      "properties": {
+        "licenseConfigSecretName": {
+          "type": "string",
+          "description": "The name of the secret that contains the license configuration."
+        },
+        "region": {
+          "type": "string",
+          "description": "The AWS Region",
+          "pattern": "(af|ap|ca|eu|me|sa|us)-(central|north|(north(?:east|west))|south|south(?:east|west)|east|west)-\\d+"
+        },
+        "enableCheckEntitlement": {
+          "type": "boolean",
+          "description": "Enable or not AWS Marketplace license checkout, this is relevant for paid products only."
+        },
+        "productId": {
+          "type": "string",
+          "description": "The application's Product SKU (Product ID)"
+        },
+        "issuerKey": {
+          "type": "string",
+          "description": "The trusted issuer of the license (AWS Marketplace)",
+          "enum": ["aws:294406891311:AWS/Marketplace:issuer-fingerprint"]
+        }
+      },
+      "required": [
+        "licenseConfigSecretName",
+        "region",
+        "enableCheckEntitlement",
+        "productId",
+        "issuerKey"
+      ]
+    }
+  },
+  "required": [
+    "namespace",
+    "replicaCount",
+    "customLabels",
+    "customAnnotations",
+    "debug",
+    "rbac",
+    "datree",
+    "image",
+    "securityContext",
+    "resources",
+    "hooks",
+    "aws"
+  ]
+}

charts/datree-admission-webhook/templates/service.yaml

@@ -1 +1,5 @@
 {{- include "datree-lib.service" .}}
+---
+{{- include "datree-lib.serviceaccounts" .}}
+---
+