helm-chart/README.md

Vikunja Helm Chart
===

Customizable deployment of frontend and api.
Deploys bitnami's PostgreSQL and Redis as subcharts if you want.

## Requirements

- Kubernetes >= 1.19  
- Helm >= 3

## Quickstart

Define ingress settings according to your controller (for both API and Frontend) to access the application.
You can set all Vikunja API options as yaml under `api.config`: https://vikunja.io/docs/config-options

See [values.yaml](./values.yaml#L140) for examples.

## Advanced features

### Replicas

Both Frontend and API can be configured to have replicas including autoscaling.
When replicating the API, make sure to set up the redis cache as well
by setting `api.config.keyvalue.type` to `redis`,
configuring the redis subchart (see [values.yaml](./values.yaml#L280))
and the connection to Vikunja:
https://vikunja.io/docs/config-options/#redis

### Raw resources

Sometimes you have to deploy some cloud-specific resources that are not a part of the application chart itself.
You have to either create an extra chart for that, or manage them with other tools (kustomize, plain manifests etc.).
That is painful. We have a solution. If you want to create anything that is not present in the chart, *just add it in raw*!

Let's say, you are hosted in [GKE](https://cloud.google.com/kubernetes-engine) 
and want to use Google-managed TLS certificates.
In order to do that, you have to create a ManagedCertificate resource:

```yaml
frontend:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: gce
    networking.gke.io/managed-certificates: gmc-example-com
  hosts:
  - host: example.com
    paths:
    - path: /
      pathType: Prefix

raw:
- apiVersion: networking.gke.io/v1
  kind: ManagedCertificate
  metadata:
    name: gmc-example-com
  spec:
    domains:
    - example.com
```

Or, let's say, you have decided to use Google SQL database instead of self-hosted, and placed credentials in Google Secret Manager.
You plan to use [ExternalSecrets](https://external-secrets.io/v0.7.2/) to store the credentials. 
These can be easily integrated as well.

```yaml
# Disable embedded database
postgresqlEnabled: false

api:
  config:
    database:
      # Use PostgreSQL database anyway
      type: postgres
  envFrom:
  # Bind env variables from the secret
  - name: VIKUNJA_DATABASE_USER
    valueFrom:
      secretKeyRef:
        name: postgresql-credentials
        key: username
  - name: VIKUNJA_DATABASE_PASSWORD
    valueFrom:
      secretKeyRef:
        name: postgresql-credentials
        key: password
  - name: VIKUNJA_DATABASE_HOST
    valueFrom:
      secretKeyRef:
        name: postgresql-credentials
        key: hostname
  - name: VIKUNJA_DATABASE_DATABASE
    valueFrom:
      secretKeyRef:
        name: postgresql-credentials
        key: database

raw:
- apiVersion: external-secrets.io/v1beta1
  kind: SecretStore
  metadata:
    name: gcpsm
  spec:
    refreshInterval: 300
    provider:
      gcpsm:
        projectID: my-google-project-id

- apiVersion: external-secrets.io/v1beta1
  kind: ExternalSecret
  metadata:
    name: postgresql-credentials
  spec:
    secretStoreRef:
      kind: SecretStore
      name: gcpsm
    target:
      deletionPolicy: Delete
    refreshInterval: 5m
    dataFrom:
    - extract:
        key: cloud-sql-credentials
```

Enjoy!

### Use an existing file volume claim

In the `values.yaml` file, you can configure whether to create the Persistent Volume Claim or use an existing one:

```yaml
    # Specifies whether a PVC should be created
    create: true
    # The name of the PVC to use.
    # If not set and create is true, a name is generated using the fullname template
    name: "" 
```

This is helpful when migrating from a different k8s chart and to re-use the existing volume 
or if you need more control over how the volume is created.

## Publishing

The following steps are automatically performed when a git tag for a new version is pushed to the repository.
They are only listed here for reference.

1. Pull all dependencies before packaging.

  ```shell
  helm dependency update
  ```

2. In order to publish the chart, you have to either use curl or helm cm-push.

  ```shell
  helm package .
  curl --user '<username>:<password>' -X POST --upload-file './<archive>.tgz' https://kolaente.dev/api/packages/vikunja/helm/api/charts
  ```

  ```shell
  helm package .
  helm repo add --username '<username>' --password '<password>' vikunja https://kolaente.dev/api/packages/vikunja/helm
  helm cm-push './<archive>.tgz' vikunja
  ```

  As you can see, you do not have to specify the name of the repository, just the name of the organization.
Added first version of the chart 2023-01-31 07:43:51 +00:00			`Vikunja Helm Chart`
			`===`

chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			`Customizable deployment of frontend and api.`
			`Deploys bitnami's PostgreSQL and Redis as subcharts if you want.`
Added first version of the chart 2023-01-31 07:43:51 +00:00
			`## Requirements`

chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			`- Kubernetes >= 1.19`
			`- Helm >= 3`
Added first version of the chart 2023-01-31 07:43:51 +00:00
v0.1.2 2023-02-21 13:44:51 +00:00			`## Quickstart`

chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			`Define ingress settings according to your controller (for both API and Frontend) to access the application.`
			You can set all Vikunja API options as yaml under `api.config`: https://vikunja.io/docs/config-options
v0.1.2 2023-02-21 13:44:51 +00:00
chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			`See [values.yaml](./values.yaml#L140) for examples.`
v0.1.2 2023-02-21 13:44:51 +00:00
Added first version of the chart 2023-01-31 07:43:51 +00:00			`## Advanced features`

chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			`### Replicas`

			`Both Frontend and API can be configured to have replicas including autoscaling.`
			`When replicating the API, make sure to set up the redis cache as well`
			by setting `api.config.keyvalue.type` to `redis`,
			`configuring the redis subchart (see [values.yaml](./values.yaml#L280))`
			`and the connection to Vikunja:`
			`https://vikunja.io/docs/config-options/#redis`

Added first version of the chart 2023-01-31 07:43:51 +00:00			`### Raw resources`

chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			`Sometimes you have to deploy some cloud-specific resources that are not a part of the application chart itself.`
			`You have to either create an extra chart for that, or manage them with other tools (kustomize, plain manifests etc.).`
			`That is painful. We have a solution. If you want to create anything that is not present in the chart, just add it in raw!`
Added first version of the chart 2023-01-31 07:43:51 +00:00
chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			`Let's say, you are hosted in [GKE](https://cloud.google.com/kubernetes-engine)`
			`and want to use Google-managed TLS certificates.`
			`In order to do that, you have to create a ManagedCertificate resource:`
Added first version of the chart 2023-01-31 07:43:51 +00:00
			```yaml
			`frontend:`
			`enabled: true`
			`annotations:`
			`kubernetes.io/ingress.class: gce`
			`networking.gke.io/managed-certificates: gmc-example-com`
			`hosts:`
			`- host: example.com`
			`paths:`
			`- path: /`
			`pathType: Prefix`

			`raw:`
			`- apiVersion: networking.gke.io/v1`
			`kind: ManagedCertificate`
			`metadata:`
			`name: gmc-example-com`
			`spec:`
			`domains:`
			`- example.com`
			```

chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			`Or, let's say, you have decided to use Google SQL database instead of self-hosted, and placed credentials in Google Secret Manager.`
			`You plan to use [ExternalSecrets](https://external-secrets.io/v0.7.2/) to store the credentials.`
			`These can be easily integrated as well.`
Added first version of the chart 2023-01-31 07:43:51 +00:00
			```yaml
			`# Disable embedded database`
			`postgresqlEnabled: false`

			`api:`
			`config:`
			`database:`
			`# Use PostgreSQL database anyway`
Update security context to allow frontend pod to start (#6) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/6 Reviewed-by: Yurii Vlasov <yuriy@vlasov.pro> Co-authored-by: r1cebank <siyuangao@pm.me> Co-committed-by: r1cebank <siyuangao@pm.me> 2023-05-04 21:39:43 +00:00			`type: postgres`
Added first version of the chart 2023-01-31 07:43:51 +00:00			`envFrom:`
			`# Bind env variables from the secret`
			`- name: VIKUNJA_DATABASE_USER`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgresql-credentials`
			`key: username`
			`- name: VIKUNJA_DATABASE_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgresql-credentials`
			`key: password`
			`- name: VIKUNJA_DATABASE_HOST`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgresql-credentials`
			`key: hostname`
			`- name: VIKUNJA_DATABASE_DATABASE`
			`valueFrom:`
			`secretKeyRef:`
			`name: postgresql-credentials`
			`key: database`

			`raw:`
			`- apiVersion: external-secrets.io/v1beta1`
			`kind: SecretStore`
			`metadata:`
			`name: gcpsm`
			`spec:`
			`refreshInterval: 300`
			`provider:`
			`gcpsm:`
			`projectID: my-google-project-id`

			`- apiVersion: external-secrets.io/v1beta1`
			`kind: ExternalSecret`
			`metadata:`
			`name: postgresql-credentials`
			`spec:`
			`secretStoreRef:`
			`kind: SecretStore`
			`name: gcpsm`
			`target:`
			`deletionPolicy: Delete`
			`refreshInterval: 5m`
			`dataFrom:`
			`- extract:`
			`key: cloud-sql-credentials`
			```

			`Enjoy!`
Added contributing, updated to 0.1.1 2023-01-31 17:32:38 +00:00
chore: update docs 2023-09-15 13:25:01 +00:00			`### Use an existing file volume claim`

chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			In the `values.yaml` file, you can configure whether to create the Persistent Volume Claim or use an existing one:
chore: update docs 2023-09-15 13:25:01 +00:00
			```yaml
			`# Specifies whether a PVC should be created`
			`create: true`
			`# The name of the PVC to use.`
			`# If not set and create is true, a name is generated using the fullname template`
			`name: ""`
			```

chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			`This is helpful when migrating from a different k8s chart and to re-use the existing volume`
			`or if you need more control over how the volume is created.`
chore: update docs 2023-09-15 13:25:01 +00:00
			`## Publishing`
Added contributing, updated to 0.1.1 2023-01-31 17:32:38 +00:00
chore: simplify defaults and link more external documentation (#12) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/12 Co-authored-by: xeruf <git@jfischer.org> Co-committed-by: xeruf <git@jfischer.org> 2023-09-29 17:17:07 +00:00			`The following steps are automatically performed when a git tag for a new version is pushed to the repository.`
			`They are only listed here for reference.`

Updated README.md 2023-03-10 21:22:59 +00:00			`1. Pull all dependencies before packaging.`
Added contributing, updated to 0.1.1 2023-01-31 17:32:38 +00:00
Updated README.md 2023-03-10 21:22:59 +00:00			```shell
			`helm dependency update`
			```
Added contributing, updated to 0.1.1 2023-01-31 17:32:38 +00:00
Updated README.md 2023-03-10 21:22:59 +00:00			`2. In order to publish the chart, you have to either use curl or helm cm-push.`

			```shell
			`helm package .`
			`curl --user '<username>:<password>' -X POST --upload-file './<archive>.tgz' https://kolaente.dev/api/packages/vikunja/helm/api/charts`
			```

			```shell
			`helm package .`
			`helm repo add --username '<username>' --password '<password>' vikunja https://kolaente.dev/api/packages/vikunja/helm`
			`helm cm-push './<archive>.tgz' vikunja`
			```
Added contributing, updated to 0.1.1 2023-01-31 17:32:38 +00:00
Updated README.md 2023-03-10 21:22:59 +00:00			`As you can see, you do not have to specify the name of the repository, just the name of the organization.`