This is the new home of Helm Charts for Pharma Ledger.
Add the repo as follow
helm repo add pharmaledger-imi https://pharmaledger-imi.github.io/helm-charts
Then you can run helm search repo pharmaledger-imi
to see the chart(s). On installation use the --version
flag to specify a chart version.
- We use GitHub Flow.
- Create a branch derived from branch
master
. - Make your changes and test them.
- Create a Pull Request.
- Verify that all checks pass. If not, fix the issues on your branch and push them again.
- Wait for your Pull Request to be reviewed.
- After successful Review, your Pull Request will be merged.
- Create a branch derived from branch
- Several checks run on a Pull Request. They all need to pass, otherwise your changes will not be accepted.
- In case you are doing changes on a helm chart
- Bump the version in
Chart.yaml
, - Run
pre-commit run -a
to update the documentation. Please use Helm-Docs 1.8.1.
- Bump the version in
- After your Pull Request has been accepted and has been merged to
master
branch, an automated process will create a new Release of the modified helm charts.
- https://helm.sh/docs/chart_best_practices/conventions/
- https://banzaicloud.com/blog/creating-helm-charts/
- https://banzaicloud.com/blog/creating-helm-charts-part-2/
Some helm charts for inspiration:
- https://github.com/grafana/helm-charts/tree/main/charts/grafana
- https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus
-
Detect-Secrets checks are failing? Check if all "detected secrets" are false positives.
You can mark false positives, see here
E.g.
# 1. Secret and comment in same line (note: not always working): SomeSecretString # pragma: allowlist secret # 2. Comment one line above Secret: # pragma: allowlist nextline secret SomeSecretString # 3. For helm template comments: {{- /* # pragma: allowlist nextline secret */}}SomeSecretString # 4. For helm values.yaml (which will be used to generate docs via helm-docs) # Note: a) Add <!-- # pragma: allowlist secret --> one line before the value as it becomes part of the generate doc file. # b) Add # pragma: allowlist secret at the end of the line which contains the value. # -- Description for 'sha'. # Additional line of description. # IMPORTANT: There must be two space characters between end of the value and the '#' character that starts the comment. # <!-- # pragma: allowlist secret --> sha: "f9814e1d2f1be7f7f09addd1d877090fe457d5b66ca2dcf9a311cf1e67168590" # pragma: allowlist secret
-
Checkov checks are failing? See here and scroll down to Kubernetes Examples
apiVersion: v1 kind: Pod metadata: name: mypod annotations: checkov.io/skip1: CKV_K8S_20=I don't care about Privilege Escalation :-O checkov.io/skip2: CKV_K8S_14 checkov.io/skip3: CKV_K8S_11=I have not set CPU limits as I want BestEffort QoS spec: containers: ...