EntitAB/Helm-Charts
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update documentation and example values

Browse Source
This commit is contained in:
Gitea Actions
2025-12-22 21:38:53 +00:00
parent c17dd6c7b6
commit d7345e28e2
3 changed files with 91 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
README.md
View File

@@ -82,12 +82,64 @@ helm install flow entit/flow \
|-----------|-------------|---------| |-----------|-------------|---------|
| `global.namespace` | Namespace to install all Flow components (uses --namespace if not set) | `""` | | `global.namespace` | Namespace to install all Flow components (uses --namespace if not set) | `""` |
| `global.imageRegistry` | Container registry for all images | `cr.kn.entit.eu` | | `global.imageRegistry` | Container registry for all images | `cr.kn.entit.eu` |
| `global.imagePullSecrets` | Image pull secrets | `[]` | | `global.imagePullSecrets` | Image pull secrets (list of existing secret names) | `[]` |
| `global.imageCredentials.enabled` | Enable creation of image pull secret from credentials | `false` |
| `global.imageCredentials.username` | Registry username | `""` |
| `global.imageCredentials.password` | Registry password | `""` |
| `global.azureAd.enabled` | Enable Azure AD authentication | `true` | | `global.azureAd.enabled` | Enable Azure AD authentication | `true` |
| `global.azureAd.tenantId` | Azure AD tenant ID | `""` | | `global.azureAd.tenantId` | Azure AD tenant ID | `""` |
| `global.azureAd.clientId` | Azure AD application client ID | `""` | | `global.azureAd.clientId` | Azure AD application client ID | `""` |
| `global.database.provider` | Database provider (Postgres/SqlServer) | `Postgres` | | `global.database.provider` | Database provider (Postgres/SqlServer) | `Postgres` |
### Harbor Registry Authentication
The Flow images are hosted on Harbor at `cr.kn.entit.eu`. Harbor requires authentication to pull images even from public repositories.
#### Option 1: Auto-create Secret with Credentials (Recommended)
Pass Harbor credentials during installation to automatically create the registry secret:
```bash
helm install flow entit/flow \
--namespace flow \
--create-namespace \
--set global.imageCredentials.enabled=true \
--set global.imageCredentials.username=$HARBOR_USER \
--set global.imageCredentials.password=$HARBOR_PASSWORD
```
Or in your values file:
```yaml
global:
imageRegistry: "cr.kn.entit.eu"
imageCredentials:
enabled: true
username: "" # Set via --set flag
password: "" # Set via --set flag
```
#### Option 2: Use Existing Secret
If you prefer to manage the secret separately:
```bash
# Create the secret first
kubectl create secret docker-registry flow-registry-credentials \
--docker-server=cr.kn.entit.eu \
--docker-username=$HARBOR_USER \
--docker-password=$HARBOR_PASSWORD \
-n flow
```
Then reference it in values:
```yaml
global:
imageCredentials:
existingSecret: "flow-registry-credentials"
```
### Namespace Configuration ### Namespace Configuration
All Flow components are installed into a single namespace for easy management and cleanup: All Flow components are installed into a single namespace for easy management and cleanup:

20
examples/values-dev.yaml
View File

@@ -8,11 +8,27 @@
# helm install postgresql oci://registry-1.docker.io/bitnamicharts/postgresql -n flow # helm install postgresql oci://registry-1.docker.io/bitnamicharts/postgresql -n flow
# #
# Or use your own deployments/operators. # Or use your own deployments/operators.
#
# HARBOR CREDENTIALS:
# Pass Harbor credentials during install:
# helm install flow ./helm/flow -f values-dev.yaml \
# --set global.imageCredentials.enabled=true \
# --set global.imageCredentials.username=$HARBOR_USER \
# --set global.imageCredentials.password=$HARBOR_PASSWORD
global: global:
imageRegistry: "cr.kn.entit.eu" imageRegistry: "cr.kn.entit.eu"
imagePullSecrets:
- flow-registry-credentials # Harbor registry credentials - creates dockerconfigjson secret automatically
# Harbor requires authentication even for public repositories
# Enable and set credentials via --set flags during install:
# --set global.imageCredentials.enabled=true
# --set global.imageCredentials.username=$HARBOR_USER
# --set global.imageCredentials.password=$HARBOR_PASSWORD
imageCredentials:
enabled: false # Set to true and provide credentials during install
username: ""
password: ""
azureAd: azureAd:
enabled: false # Disable auth for local development enabled: false # Disable auth for local development

22
examples/values-prod.yaml
View File

@@ -1,5 +1,14 @@
# Production environment values # Production environment values
# Use with: helm install flow ./helm/flow -f ./helm/flow/values-prod.yaml --namespace flow --create-namespace # Use with: helm install flow ./helm/flow -f ./helm/flow/values-prod.yaml --namespace flow --create-namespace
#
# HARBOR CREDENTIALS:
# Pass Harbor credentials during install:
# helm install flow ./helm/flow -f values-prod.yaml \
# --set global.imageCredentials.enabled=true \
# --set global.imageCredentials.username=$HARBOR_USER \
# --set global.imageCredentials.password=$HARBOR_PASSWORD \
# --set global.azureAd.tenantId=YOUR_TENANT_ID \
# --set global.azureAd.clientId=YOUR_CLIENT_ID
global: global:
# -- Explicit namespace for all Flow components # -- Explicit namespace for all Flow components
@@ -8,8 +17,17 @@ global:
namespace: "flow" namespace: "flow"
imageRegistry: "cr.kn.entit.eu" imageRegistry: "cr.kn.entit.eu"
imagePullSecrets:
- flow-registry-credentials # Harbor registry credentials - creates dockerconfigjson secret automatically
# Harbor requires authentication even for public repositories
# Enable and set credentials via --set flags during install:
# --set global.imageCredentials.enabled=true
# --set global.imageCredentials.username=$HARBOR_USER
# --set global.imageCredentials.password=$HARBOR_PASSWORD
imageCredentials:
enabled: false # Set to true and provide credentials during install
username: ""
password: ""
azureAd: azureAd:
enabled: true enabled: true