Merge branch 'Infisical:main' into I-36-use-pre-built-frontend-image

2025-03-25 14:05:03 +00:00 · 2022-12-05 23:40:14 +01:00
parent bb47f7a92f c5a422fe64
commit 1454911085
13 changed files with 113 additions and 69 deletions
--- a/.github/workflows/helm-chart-release.yaml
+++ b/.github/workflows/helm-chart-release.yaml
@ -1,33 +0,0 @@
-name: Release Charts
-
-on: [workflow_dispatch]
-
-jobs:
-  release:
-    # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions
-    # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token
-    permissions:
-      contents: write
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-
-      - name: Configure Git
-        run: |
-          git config user.name "$GITHUB_ACTOR"
-          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
-
-      - name: Install Helm
-        uses: azure/setup-helm@v3
-        with:
-          version: v3.10.0
-
-      - name: Run chart-releaser
-        uses: helm/chart-releaser-action@v1.4.1
-        with:
-          charts_dir: helm-charts
-        env:
-          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
--- a/.github/workflows/helm_chart_release.yml
+++ b/.github/workflows/helm_chart_release.yml
@ -0,0 +1,22 @@
+name: Release Helm Charts
+
+on: [workflow_dispatch]
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Install Helm
+        uses: azure/setup-helm@v3
+        with:
+          version: v3.10.0
+      - name: Install python
+        uses: actions/setup-python@v4
+      - name: Install Cloudsmith CLI
+        run: pip install --upgrade cloudsmith-cli
+      - name: Build and push helm package to Cloudsmith
+        run: cd helm-charts && sh upload-to-cloudsmith.sh
+        env:
+          CLOUDSMITH_API_KEY: ${{ secrets.CLOUDSMITH_API_KEY }}
--- a/.github/workflows/release_build.yml
+++ b/.github/workflows/release_build.yml
@ -1,4 +1,4 @@
-name: goreleaser
+name: Go releaser

 on:
  push:
--- a/docs/mint.json
+++ b/docs/mint.json
@ -102,8 +102,11 @@
      "pages": [
        "self-hosting/overview",
        {
-          "group": "Deployments",
-          "pages": ["self-hosting/deployments/linux"]
+          "group": "Deployments options",
+          "pages": [
+            "self-hosting/deployments/linux",
+            "self-hosting/deployments/kubernetes"
+          ]
        },
        {
          "group": "Configuration",
--- a/docs/self-hosting/deployments/kubernetes.mdx
+++ b/docs/self-hosting/deployments/kubernetes.mdx
@ -0,0 +1,54 @@
+---
+title: "Kubernetes"
+description: "Deploy with Kubernetes"
+---
+
+<Info>
+Self-host vs. Infisical Cloud
+
+Self-hosting Infisical means managing the service yourself, taking care of upgrades, scaling, security, etc.
+
+If you're less technical and looking for a hands-free experience with minimal overhead then we recommend Infisical Cloud.
+
+</Info>
+
+**Prerequisites**
+- You have understanding of [Kubernetes](https://kubernetes.io/)
+- You have understanding of [Helm package manager](https://helm.sh/) 
+- You have [kubectl](https://kubernetes.io/docs/reference/kubectl/kubectl/) installed and connected to your kubernetes cluster
+
+
+#### 1. Fill our environment variables
+
+Before you can deploy the Helm chart, you must fill out the required environment variables. To do so, please either download or copy the
+contents of [this file](https://raw.githubusercontent.com/Infisical/infisical/main/helm-charts/infisical/values.yaml) to a `.yaml` file. 
+_Refer to the available [environment variables](../../self-hosting/configuration/envars)_
+
+Once you have a local copy of the values file, fill our the required environment variables and save the file.
+
+
+#### 2. Install Infisical Helm repository 
+
+```bash
+helm repo add infisical-helm-charts 'https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts/' 
+  
+helm repo update
+```
+
+#### 3. Install the Helm chart 
+
+By default, the helm chart will be installed on your default namespace. If you wish to install the Chart on a different namespace, you may specify
+that by adding the `--namespace <namespace-to-install-to>` to your `helm install` command.
+
+```bash
+## Installs to default namespace
+helm install infisical-helm-charts/infisical --values <path to the values.yaml you downloaded/created in step 2>
+```
+
+<Note>
+If you have not filled out all of the required environment variables, you will see an error message prompting you to 
+do so. 
+</Note>
+
+4. Your Infisical installation is complete and should be running on the host name you specified in Ingress in `values.yaml`.
+Note: Please allow an additional time (2 minutes) for the frontend pods to be fully ready.
--- a/docs/self-hosting/overview.mdx
+++ b/docs/self-hosting/overview.mdx
@ -9,17 +9,22 @@ Self-hosting Infisical means managing the service yourself, taking care of upgra

 If you're less technical and looking for a hands-free experience with minimal overhead then we recommend Infisical Cloud.

-Infisical Cloud also comes with some extra features unavailabe in the self-hosted edition. You can find more information about Infisical Cloud's offering on the pricing page.
+Infisical Cloud also comes with some extra features unavailable in the self-hosted edition. You can find more information about Infisical Cloud's offering on the pricing page.

 </Info>

 ## Deployment options

-Infisical can be deployed on a Linux VM with docker-compose. We're rolling out more specific deployment options for DigitalOcean, AWS, GCP, and Azure soon.
+Infisical can be deployed on a Linux VM with docker-compose and Kubernetes. We're rolling out more specific deployment options for DigitalOcean, AWS, GCP, and Azure soon.

-Options:
-
- [Linux VM](/self-hosting/deployments/linux)
+<CardGroup cols={2}>
+  <Card title="Any Linux" icon="square-1" color="#ea5a0c" href="/self-hosting/deployments/linux">
+    Deploy to any Linux with Docker
+  </Card>
+  <Card title="Kubernetes" icon="square-2" color="#0285c7" href="/self-hosting/deployments/kubernetes">
+    Deploy to your Kubernetes cluster
+  </Card>
+</CardGroup>

 ## Telemetry

--- a/helm-charts/README.md
+++ b/helm-charts/README.md
@ -1,22 +1,16 @@
-## Usage
-
-[Helm](https://helm.sh) must be installed to use the charts.  Please refer to
-Helm's [documentation](https://helm.sh/docs) to get started.
-
-Once Helm has been set up correctly, add the repo as follows:
+### helm repository Setup
+Assuming you have helm already installed, it is straight-forward to add a Cloudsmith-based chart repository:

 ```
-  helm repo add <alias> https://infisical.github.io/helm-charts
+helm repo add infisical-helm-charts 'https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts/' 
+  
+helm repo update
 ```

-If you had already added this repo earlier, run `helm repo update` to retrieve
-the latest versions of the packages.  You can then run `helm search repo
-<alias>` to see the charts.
+### Installing a Helm Chart
+```
+helm install infisical-helm-charts/<name-of-helm-chart>
+```

-To install the <chart-name> chart:
-
-    helm install my-<chart-name> <alias>/<chart-name>
-
-To uninstall the chart:
-
-    helm delete my-<chart-name>
+#### Available chart names
+- infisical
--- a/helm-charts/infisical/templates/backend-deployment.yaml
+++ b/helm-charts/infisical/templates/backend-deployment.yaml
@ -4,7 +4,6 @@ metadata:
  name: {{ .Release.Name }}-backend-deployment
  labels:
    app: backend
-  namespace: {{ .Values.namespace }}
 spec:
  replicas: {{ .Values.backend.replicaCount }}
  selector:
@ -35,7 +34,6 @@ apiVersion: v1
 kind: Service 
 metadata:
  name: infisical-backend-service 
-  namespace: {{ .Values.namespace }}
 spec:
  selector:
    app: backend 
--- a/helm-charts/infisical/templates/frontend-deployment.yaml
+++ b/helm-charts/infisical/templates/frontend-deployment.yaml
@ -4,7 +4,6 @@ metadata:
  name: {{ .Release.Name }}-frontend-deployment
  labels:
    app: frontend
-  namespace: {{ .Values.namespace }}
 spec:
  replicas: {{ .Values.frontend.replicaCount }}
  selector:
@ -26,7 +25,6 @@ apiVersion: v1
 kind: Service 
 metadata:
  name: infisical-frontend-service 
-  namespace: {{ .Values.namespace }}
 spec:
  selector:
    app: frontend 
--- a/helm-charts/infisical/templates/ingress.yaml
+++ b/helm-charts/infisical/templates/ingress.yaml
@ -3,7 +3,6 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: infisical-ingress
-  namespace: {{ .Values.namespace }}
  {{- with .Values.ingress.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
--- a/helm-charts/infisical/templates/mongodb-deployment.yaml
+++ b/helm-charts/infisical/templates/mongodb-deployment.yaml
@ -2,7 +2,6 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: mongodb-deployment 
-  namespace: {{ .Values.namespace }}
  labels:
    app: mongodb
 spec:
@ -30,7 +29,6 @@ apiVersion: v1
 kind: Service 
 metadata:
  name: mongodb-service
-  namespace: {{ .Values.namespace }} 
 spec:
  selector:
    app: mongodb 
--- a/helm-charts/infisical/templates/namespace.yaml
+++ b/helm-charts/infisical/templates/namespace.yaml
@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: infisical
--- a/helm-charts/upload-to-cloudsmith.sh
+++ b/helm-charts/upload-to-cloudsmith.sh
@ -0,0 +1,10 @@
+## Loop through each helm chart directoy and build each into helm package
+for d in */ ; do
+    helm package $d
+done
+
+## Upload each packaged helm chart 
+for i in *.tgz; do
+    [ -f "$i" ] || break
+    cloudsmith push helm --republish infisical/helm-charts $i
+done