diff --git a/deploy/kubernetes/helm/charts/hauler/.helmignore b/deploy/kubernetes/helm/charts/hauler/.helmignore new file mode 100644 index 00000000..5df8cd43 --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/.helmignore @@ -0,0 +1,21 @@ +# HELM IGNORE OPTIONS: +# Patterns to ignore when building Helm packages. +# Supports shell glob matching, relative path matching, and negation (prefixed with !) + +.DS_Store +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +*.swp +*.bak +*.tmp +*.orig +*~ +.project +.idea/ +*.tmproj +.vscode/ diff --git a/deploy/kubernetes/helm/charts/hauler/Chart.yaml b/deploy/kubernetes/helm/charts/hauler/Chart.yaml new file mode 100644 index 00000000..53307031 --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/Chart.yaml @@ -0,0 +1,7 @@ +apiVersion: v2 +name: hauler +description: Hauler Helm Chart - Airgap Swiss Army Knife +icon: https://raw.githubusercontent.com/rancherfederal/hauler/main/static/rgs-hauler-logo-icon.svg +type: application +version: 0.1.0 +appVersion: 1.0.2 diff --git a/deploy/kubernetes/helm/charts/hauler/README.md b/deploy/kubernetes/helm/charts/hauler/README.md new file mode 100644 index 00000000..4c42357d --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/README.md @@ -0,0 +1,33 @@ +# Hauler Helm Chart + +### Airgap Swiss Army Knife + +`Rancher Government Hauler` simplifies the airgap experience without requiring operators to adopt a specific workflow. **Hauler** simplifies the airgapping process, by representing assets (images, charts, files, etc...) as content and collections to allow operators to easily fetch, store, package, and distribute these assets with declarative manifests or through the command line. + +`Hauler` does this by storing contents and collections as OCI Artifacts and allows operators to serve contents and collections with an embedded registry and fileserver. Additionally, `Hauler` has the ability to store and inspect various non-image OCI Artifacts. + +**GitHub Repostiory:** https://github.com/rancherfederal/hauler + +**Documentation:** http://hauler.dev + +--- + +| Type | Chart Version | App Version | +| ----------- | ------------- | ----------- | +| application | `0.1.0` | `1.0.2` | + +## Installing the Chart + +```bash +helm install hauler hauler/hauler -n hauler-system -f values.yaml +``` + +```bash +helm status hauler -n hauler-system +``` + +## Uninstalling the Chart + +```bash +helm uninstall hauler -n hauler-system +``` diff --git a/deploy/kubernetes/helm/charts/hauler/app-readme.md b/deploy/kubernetes/helm/charts/hauler/app-readme.md new file mode 100644 index 00000000..4c42357d --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/app-readme.md @@ -0,0 +1,33 @@ +# Hauler Helm Chart + +### Airgap Swiss Army Knife + +`Rancher Government Hauler` simplifies the airgap experience without requiring operators to adopt a specific workflow. **Hauler** simplifies the airgapping process, by representing assets (images, charts, files, etc...) as content and collections to allow operators to easily fetch, store, package, and distribute these assets with declarative manifests or through the command line. + +`Hauler` does this by storing contents and collections as OCI Artifacts and allows operators to serve contents and collections with an embedded registry and fileserver. Additionally, `Hauler` has the ability to store and inspect various non-image OCI Artifacts. + +**GitHub Repostiory:** https://github.com/rancherfederal/hauler + +**Documentation:** http://hauler.dev + +--- + +| Type | Chart Version | App Version | +| ----------- | ------------- | ----------- | +| application | `0.1.0` | `1.0.2` | + +## Installing the Chart + +```bash +helm install hauler hauler/hauler -n hauler-system -f values.yaml +``` + +```bash +helm status hauler -n hauler-system +``` + +## Uninstalling the Chart + +```bash +helm uninstall hauler -n hauler-system +``` diff --git a/deploy/kubernetes/helm/charts/hauler/templates/_helpers.tpl b/deploy/kubernetes/helm/charts/hauler/templates/_helpers.tpl new file mode 100644 index 00000000..00ffbfd2 --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "hauler.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "hauler.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "hauler.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "hauler.labels" -}} +helm.sh/chart: {{ include "hauler.chart" . }} +{{ include "hauler.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "hauler.selectorLabels" -}} +app.kubernetes.io/name: {{ include "hauler.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "hauler.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "hauler.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/deploy/kubernetes/helm/charts/hauler/templates/hauler-fileserver/hauler-fileserver-deployment.yaml b/deploy/kubernetes/helm/charts/hauler/templates/hauler-fileserver/hauler-fileserver-deployment.yaml new file mode 100644 index 00000000..849cb840 --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/templates/hauler-fileserver/hauler-fileserver-deployment.yaml @@ -0,0 +1,76 @@ +{{- if .Values.haulerFileserver.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: hauler-fileserver + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.haulerFileserver.replicas }} + selector: + matchLabels: + app: hauler-fileserver + {{- include "hauler.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + app: hauler-fileserver + {{- include "hauler.selectorLabels" . | nindent 8 }} + spec: + {{- if or .Values.haulerJobs.hauls.enabled .Values.haulerJobs.manifests.enabled }} + initContainers: + {{- if .Values.haulerJobs.hauls.enabled }} + - name: wait-for-hauler-hauls-job + image: {{ .Values.hauler.initContainers.image.repository }}:{{ .Values.hauler.initContainers.image.tag }} + imagePullPolicy: {{ .Values.hauler.initContainers.imagePullPolicy }} + args: ["wait", "--for=condition=complete", "job", "hauler-hauls-job", "--namespace", "{{ .Release.Namespace }}", "--timeout={{ .Values.hauler.initContainers.timeout }}"] + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + {{- end }} + {{- if .Values.haulerJobs.manifests.enabled }} + - name: wait-for-hauler-manifests-job + image: {{ .Values.hauler.initContainers.image.repository }}:{{ .Values.hauler.initContainers.image.tag }} + imagePullPolicy: {{ .Values.hauler.initContainers.imagePullPolicy }} + args: ["wait", "--for=condition=complete", "job", "hauler-manifests-job", "--namespace", "{{ .Release.Namespace }}", "--timeout={{ .Values.hauler.initContainers.timeout }}"] + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + {{- end }} + {{- end }} + containers: + - name: hauler-fileserver + image: {{ .Values.hauler.image.repository }}:{{ .Values.hauler.image.tag }} + imagePullPolicy: {{ .Values.hauler.imagePullPolicy }} + args: ["store", "serve", "fileserver", "--port", "{{ .Values.haulerFileserver.port }}"] + ports: + - containerPort: {{ .Values.haulerFileserver.port }} + volumeMounts: + - name: hauler-data + mountPath: /store + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + restartPolicy: Always + serviceAccountName: hauler-service-account + volumes: + - name: hauler-data + persistentVolumeClaim: + claimName: hauler-data +{{- end }} diff --git a/deploy/kubernetes/helm/charts/hauler/templates/hauler-fileserver/hauler-fileserver-ingress.yaml b/deploy/kubernetes/helm/charts/hauler/templates/hauler-fileserver/hauler-fileserver-ingress.yaml new file mode 100644 index 00000000..5807e934 --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/templates/hauler-fileserver/hauler-fileserver-ingress.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.haulerFileserver.enabled .Values.haulerFileserver.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: hauler-fileserver + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +spec: + rules: + - host: {{ .Values.haulerFileserver.ingress.hostname }} + http: + paths: + - backend: + service: + name: hauler-fileserver + port: + number: {{ .Values.haulerFileserver.service.ports.targetPort }} + path: / + pathType: Prefix + {{- if .Values.haulerFileserver.ingress.tls.enabled }} + tls: + - hosts: + - {{ .Values.haulerFileserver.ingress.hostname }} + secretName: {{ .Values.haulerFileserver.ingress.tls.secretName }} + {{- end }} +{{- end }} diff --git a/deploy/kubernetes/helm/charts/hauler/templates/hauler-fileserver/hauler-fileserver-service.yaml b/deploy/kubernetes/helm/charts/hauler/templates/hauler-fileserver/hauler-fileserver-service.yaml new file mode 100644 index 00000000..71f71360 --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/templates/hauler-fileserver/hauler-fileserver-service.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.haulerFileserver.enabled .Values.haulerFileserver.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: hauler-fileserver + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +spec: + selector: + app: hauler-fileserver + ports: + - name: hauler-fileserver + protocol: {{ .Values.haulerFileserver.service.ports.protocol }} + port: {{ .Values.haulerFileserver.service.ports.port }} + targetPort: {{ .Values.haulerFileserver.service.ports.targetPort }} + type: {{ .Values.haulerFileserver.service.type }} +{{- end }} diff --git a/deploy/kubernetes/helm/charts/hauler/templates/hauler-registry/hauler-registry-deployment.yaml b/deploy/kubernetes/helm/charts/hauler/templates/hauler-registry/hauler-registry-deployment.yaml new file mode 100644 index 00000000..9a3d2b24 --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/templates/hauler-registry/hauler-registry-deployment.yaml @@ -0,0 +1,76 @@ +{{- if .Values.haulerRegistry.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: hauler-registry + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.haulerRegistry.replicas }} + selector: + matchLabels: + app: hauler-registry + {{- include "hauler.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + app: hauler-registry + {{- include "hauler.selectorLabels" . | nindent 8 }} + spec: + {{- if or .Values.haulerJobs.hauls.enabled .Values.haulerJobs.manifests.enabled }} + initContainers: + {{- if .Values.haulerJobs.hauls.enabled }} + - name: wait-for-hauler-hauls-job + image: {{ .Values.hauler.initContainers.image.repository }}:{{ .Values.hauler.initContainers.image.tag }} + imagePullPolicy: {{ .Values.hauler.initContainers.imagePullPolicy }} + args: ["wait", "--for=condition=complete", "job", "hauler-hauls-job", "--namespace", "{{ .Release.Namespace }}", "--timeout={{ .Values.hauler.initContainers.timeout }}"] + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + {{- end }} + {{- if .Values.haulerJobs.manifests.enabled }} + - name: wait-for-hauler-manifests-job + image: {{ .Values.hauler.initContainers.image.repository }}:{{ .Values.hauler.initContainers.image.tag }} + imagePullPolicy: {{ .Values.hauler.initContainers.imagePullPolicy }} + args: ["wait", "--for=condition=complete", "job", "hauler-manifests-job", "--namespace", "{{ .Release.Namespace }}", "--timeout={{ .Values.hauler.initContainers.timeout }}"] + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + {{- end }} + {{- end }} + containers: + - name: hauler-registry + image: {{ .Values.hauler.image.repository }}:{{ .Values.hauler.image.tag }} + imagePullPolicy: {{ .Values.hauler.imagePullPolicy }} + args: ["store", "serve", "registry", "--port", "{{ .Values.haulerRegistry.port }}"] + ports: + - containerPort: {{ .Values.haulerRegistry.port }} + volumeMounts: + - name: hauler-data + mountPath: /store + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + restartPolicy: Always + serviceAccountName: hauler-service-account + volumes: + - name: hauler-data + persistentVolumeClaim: + claimName: hauler-data +{{- end }} diff --git a/deploy/kubernetes/helm/charts/hauler/templates/hauler-registry/hauler-registry-ingress.yaml b/deploy/kubernetes/helm/charts/hauler/templates/hauler-registry/hauler-registry-ingress.yaml new file mode 100644 index 00000000..0afdfc51 --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/templates/hauler-registry/hauler-registry-ingress.yaml @@ -0,0 +1,28 @@ +{{- if and .Values.haulerRegistry.enabled .Values.haulerRegistry.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: hauler-registry + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +spec: + rules: + - host: {{ .Values.haulerRegistry.ingress.hostname }} + http: + paths: + - backend: + service: + name: hauler-registry + port: + number: {{ .Values.haulerRegistry.service.ports.targetPort }} + path: / + pathType: Prefix + {{- if .Values.haulerRegistry.ingress.tls.enabled }} + tls: + - hosts: + - {{ .Values.haulerRegistry.ingress.hostname }} + secretName: {{ .Values.haulerRegistry.ingress.tls.secretName }} + {{- end }} +{{- end }} + diff --git a/deploy/kubernetes/helm/charts/hauler/templates/hauler-registry/hauler-registry-service.yaml b/deploy/kubernetes/helm/charts/hauler/templates/hauler-registry/hauler-registry-service.yaml new file mode 100644 index 00000000..adf76462 --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/templates/hauler-registry/hauler-registry-service.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.haulerRegistry.enabled .Values.haulerRegistry.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: hauler-registry + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +spec: + selector: + app: hauler-registry + ports: + - name: hauler-registry + protocol: {{ .Values.haulerRegistry.service.ports.protocol }} + port: {{ .Values.haulerRegistry.service.ports.port }} + targetPort: {{ .Values.haulerRegistry.service.ports.targetPort }} + type: {{ .Values.haulerRegistry.service.type }} +{{- end }} diff --git a/deploy/kubernetes/helm/charts/hauler/templates/hauler/hauler-jobs.yaml b/deploy/kubernetes/helm/charts/hauler/templates/hauler/hauler-jobs.yaml new file mode 100644 index 00000000..d46a99dc --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/templates/hauler/hauler-jobs.yaml @@ -0,0 +1,126 @@ +{{- if .Values.haulerJobs.hauls.enabled }} +apiVersion: batch/v1 +kind: Job +metadata: + name: hauler-hauls-job + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +spec: + template: + spec: + initContainers: + - name: hauler-fetch-hauls + image: {{ .Values.haulerJobs.image.repository }}:{{ .Values.haulerJobs.image.tag }} + imagePullPolicy: {{ .Values.haulerJobs.imagePullPolicy }} + command: ["/bin/sh", "-c"] + args: + - | + {{- range .Values.haulerJobs.hauls.artifacts }} + curl -o /hauls/{{ .name }} {{ .path }} && + {{- end }} + echo hauler fetch completed + volumeMounts: + - name: hauler-data + mountPath: /hauls + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + containers: + - name: hauler-load-hauls + image: {{ .Values.hauler.image.repository }}:{{ .Values.hauler.image.tag }} + imagePullPolicy: {{ .Values.hauler.imagePullPolicy }} + args: + - "store" + - "load" + {{- range .Values.haulerJobs.hauls.artifacts }} + - "/hauls/{{ .name }}" + {{- end }} + volumeMounts: + - name: hauler-data + mountPath: /hauls + - name: hauler-data + mountPath: /store + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + restartPolicy: OnFailure + volumes: + - name: hauler-data + persistentVolumeClaim: + claimName: hauler-data +{{- end }} +--- +{{- if .Values.haulerJobs.manifests.enabled }} +apiVersion: batch/v1 +kind: Job +metadata: + name: hauler-manifests-job + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +spec: + template: + spec: + initContainers: + - name: hauler-fetch-manifests + image: {{ .Values.haulerJobs.image.repository }}:{{ .Values.haulerJobs.image.tag }} + imagePullPolicy: {{ .Values.haulerJobs.imagePullPolicy }} + command: ["/bin/sh", "-c"] + args: + - | + {{- range .Values.haulerJobs.manifests.artifacts }} + curl -o /manifests/{{ .name }} {{ .path }} && + {{- end }} + echo hauler fetch completed + volumeMounts: + - name: hauler-data + mountPath: /manifests + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + containers: + - name: hauler-load-manifests + image: {{ .Values.hauler.image.repository }}:{{ .Values.hauler.image.tag }} + imagePullPolicy: {{ .Values.hauler.imagePullPolicy }} + args: + {{- range .Values.haulerJobs.manifests.artifacts }} + - "store" + - "sync" + - "--files" + - "/manifests/{{ .name }}" + {{- end }} + volumeMounts: + - name: hauler-data + mountPath: /manifests + - name: hauler-data + mountPath: /store + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + restartPolicy: OnFailure + volumes: + - name: hauler-data + persistentVolumeClaim: + claimName: hauler-data +{{- end }} diff --git a/deploy/kubernetes/helm/charts/hauler/templates/hauler/hauler-pvc.yaml b/deploy/kubernetes/helm/charts/hauler/templates/hauler/hauler-pvc.yaml new file mode 100644 index 00000000..5fd57ead --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/templates/hauler/hauler-pvc.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: hauler-data + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +spec: + accessModes: + - {{ .Values.hauler.data.pvc.accessModes }} + resources: + requests: + storage: {{ .Values.hauler.data.pvc.storageRequest }} + {{- if .Values.hauler.data.pvc.storageClass }} + storageClassName: {{ .Values.hauler.data.pvc.storageClass }} + {{- end }} diff --git a/deploy/kubernetes/helm/charts/hauler/templates/hauler/hauler-rbac.yaml b/deploy/kubernetes/helm/charts/hauler/templates/hauler/hauler-rbac.yaml new file mode 100644 index 00000000..36523c03 --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/templates/hauler/hauler-rbac.yaml @@ -0,0 +1,35 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: hauler-service-account + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: hauler-role + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +rules: +- apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["get", "list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: hauler-role-binding + namespace: {{ .Release.Namespace }} + labels: + {{- include "hauler.labels" . | nindent 4 }} +roleRef: + kind: Role + name: hauler-role + apiGroup: rbac.authorization.k8s.io +subjects: + - kind: ServiceAccount + name: hauler-service-account + namespace: {{ .Release.Namespace }} diff --git a/deploy/kubernetes/helm/charts/hauler/values.yaml b/deploy/kubernetes/helm/charts/hauler/values.yaml new file mode 100644 index 00000000..7dac320e --- /dev/null +++ b/deploy/kubernetes/helm/charts/hauler/values.yaml @@ -0,0 +1,94 @@ +# Helm Chart Values for Hauler +# Docs: https://hauler.dev + +hauler: + image: + repository: ghcr.io/rancherfederal/hauler + tag: v1.0.2 + imagePullPolicy: Always + + initContainers: + image: + repository: rancher/kubectl + tag: v1.27.0 # update to your kubernetes version + imagePullPolicy: Always + timeout: 1h + + data: + pvc: + accessModes: ReadWriteMany + storageClass: longhorn # optional... will use default storage class + storageRequest: 48Gi # recommended size of 3x the artifact(s) + +# Helm Chart Values for the Hauler Jobs +# Docs: https://rancherfederal.github.io/hauler-docs/docs/introduction/quickstart + +haulerJobs: + image: + repository: rancher/shell + tag: v0.1.22 + imagePullPolicy: Always + + hauls: + enabled: true + artifacts: + - path: https://raw.githubusercontent.com/rancherfederal/hauler/main/testdata/haul.tar.zst + name: haul.tar.zst + # - path: /path/to/additional-hauls.tar.zst + # name: additional-hauls.tar.zst + + manifests: + enabled: true + artifacts: + - path: https://raw.githubusercontent.com/rancherfederal/hauler/main/testdata/hauler-manifest.yaml + name: hauler-manifest.yaml + # - path: /path/to/additional-manifests.yaml + # name: additional-manifests.yaml + +# Helm Chart Values for the Hauler Fileserver +# Docs: https://rancherfederal.github.io/hauler-docs/docs/guides-references/command-line/hauler-store#hauler-store-serve-fileserver + +haulerFileserver: + enabled: true + port: 8080 # default port for the fileserver + replicas: 1 + + ingress: + enabled: true + hostname: fileserver.ranchers.io + tls: + enabled: true + source: secret # only supported source + secretName: tls-certs # must be created outside of this chart + + service: + enabled: true + type: ClusterIP + ports: + protocol: TCP + port: 8080 # default port for the fileserver + targetPort: 8080 # default port for the fileserver + +# Helm Chart Values for the Hauler Registry +# Docs: https://rancherfederal.github.io/hauler-docs/docs/guides-references/command-line/hauler-store#hauler-store-serve-registry + +haulerRegistry: + enabled: true + port: 5000 # default port for the registry + replicas: 1 + + ingress: + enabled: true + hostname: registry.ranchers.io + tls: + enabled: true + source: secret # only supported source + secretName: tls-certs # must be created outside of this chart + + service: + enabled: true + type: ClusterIP + ports: + protocol: TCP + port: 5000 # default port for the registry + targetPort: 5000 # default port for the registry