Skip to content

README.md

Latest commit

 

History

History
71 lines (49 loc) · 2.78 KB

README.md

File metadata and controls

71 lines (49 loc) · 2.78 KB

Charts

Artifact Hub OpenSSF Scorecard

A collection of Helm charts

helm repo add chgl https://chgl.github.io/charts
helm repo update

Note

Also available as OCI artifacts: https://github.com/chgl?tab=packages&repo_name=charts.

Compliance Reports

Each update to the charts is scanned using Kubescape against the AllControls security frameworks. The report is published online at: https://chgl.github.io/charts/kubescape-reports/allcontrols.html

Development

  1. (Optional) Install the pre-commit hooks

    pip install pre-commit
pre-commit install

  2. (Optional) Setup a KinD cluster with Nginx ingress

    # configures kind to listen on port 80 and 443 and make nodes ingress-ready
kind create cluster --config=hack/kind-config.yaml
# setup NGINX Ingress controller
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/kind/deploy.yaml
# (optional) install metrics-server to test VPA & HPA
helm repo add metrics-server -n kube-system https://kubernetes-sigs.github.io/metrics-server/
helm upgrade --install --set="args[0]=--kubelet-insecure-tls" metrics-server metrics-server/metrics-server

  3. Make changes to the charts

  4. Mount the folder in the kube-powertools container to easily run linters and checks

    docker run --rm -it -v $PWD:/root/workspace ghcr.io/chgl/kube-powertools:v2.5.39@sha256:ec09e0e051f12361d74a29f060a99c5384dfb8f97361583ffe308862713e4460

  5. Run chart-testing and the chart-powerlint.sh script to lint the chart

    chart-powerlint.sh

  6. (Optional) View the results of the polaris audit check in your browser

    $ docker run --rm -it -p 9090:8080 -v $PWD:/root/workspace ghcr.io/chgl/kube-powertools:v2.5.39@sha256:ec09e0e051f12361d74a29f060a99c5384dfb8f97361583ffe308862713e4460
bash-5.0: helm template charts/fhir-server/ | polaris dashboard --config=.polaris.yaml --audit-path=-

    You can now open your browser at http://localhost:9090 and see the results and recommendations.

  7. Bump the version in the changed Chart.yaml according to SemVer (The ct lint step above will complain if you forget to update the version.)

  8. Run generate-docs.sh to auto-generate an updated README

    generate-docs.sh