diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..4672127
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,7 @@
+# CODEOWNERS info: https://help.github.com/en/articles/about-code-owners
+# Owners are automatically requested for review for PRs that changes code
+# that they own.
+
+* @shahargl
+* @DmarshalTU
+* @talboren
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
new file mode 100644
index 0000000..9ef36e9
--- /dev/null
+++ b/.github/workflows/lint.yml
@@ -0,0 +1,30 @@
+name: Lint Charts
+
+on:
+ pull_request:
+ branches:
+ - main
+
+jobs:
+ lint-chart:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+
+ - name: Set up Helm
+ uses: azure/setup-helm@v3
+ with:
+ version: v3.10.3
+
+ - uses: actions/setup-python@v4
+ with:
+ python-version: 3.9
+
+ - name: Set up chart-testing
+ uses: helm/chart-testing-action@v2.4.0
+
+ - name: Run chart-testing (lint)
+ run: ct lint --config ct.yaml
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..b3eb7c8
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,26 @@
+name: Release Charts
+
+on:
+ push:
+ branches:
+ - main
+
+jobs:
+ release:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+
+ - name: Configure Git
+ run: |
+ git config user.name "$GITHUB_ACTOR"
+ git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+ - name: Run chart-releaser
+ uses: helm/chart-releaser-action@v1.5.0
+ env:
+ CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+ CR_SKIP_EXISTING: true
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
new file mode 100644
index 0000000..415d425
--- /dev/null
+++ b/.github/workflows/test.yml
@@ -0,0 +1,45 @@
+name: Test Charts
+
+on:
+ pull_request:
+ branches:
+ - main
+
+jobs:
+ test-chart:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+
+ - name: Set up Helm
+ uses: azure/setup-helm@v3
+ with:
+ version: v3.10.3
+
+ - uses: actions/setup-python@v4
+ with:
+ python-version: 3.9
+
+ - name: Set up chart-testing
+ uses: helm/chart-testing-action@v2.4.0
+
+ - name: Run chart-testing (list-changed)
+ id: list-changed
+ run: |
+ changed=$(ct list-changed --config ct.yaml)
+ if [[ -n "$changed" ]]; then
+ echo "changed=true" >> $GITHUB_OUTPUT
+ fi
+
+ - name: Create kind cluster
+ uses: helm/kind-action@v1.4.0
+ with:
+ wait: 600s
+ if: steps.list-changed.outputs.changed == 'true'
+
+ - name: Run chart-testing (install)
+ run: ct install --config ct.yaml --namespace default
+ if: steps.list-changed.outputs.changed == 'true'
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a0ed987
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,11 @@
+# .DS_STORE
+.DS_Store
+**/.DS_Store
+
+# .idea
+.idea
+**/.idea
+
+# .vscode
+.vscode
+**/.vscode
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..e9f5353
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,18 @@
+repos:
+ - repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: v4.5.0
+ hooks:
+ - id: check-merge-conflict
+ - id: end-of-file-fixer
+ - repo: https://github.com/norwoodj/helm-docs
+ rev: v1.13.0
+ hooks:
+ - id: helm-docs
+ args:
+ - --chart-search-root=charts
+ - repo: https://github.com/compilerla/conventional-pre-commit
+ rev: v2.1.1
+ hooks:
+ - id: conventional-pre-commit
+ stages: [ commit-msg ]
+ args: [ ] # optional: list of Conventional Commits types to allow e.g. [feat, fix, ci, chore, test]
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..442fd8f
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Keep
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/README.md b/README.md
index 2ba8c0c..25ad18f 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,39 @@
-# helm-charts
+# Keep Helm Chart
+The Keep Helm Chart provides a convenient way to deploy and manage Keep on Kubernetes using Helm, a package manager for Kubernetes applications.
+
+# Installation
+The easiest way to install Keep with Helm is with the following command:
+
+```bash
+# add the Helm repository
+helm repo add keephq https://keephq.github.io/helm-charts
+# pull the latest version of the chart
+helm pull keephq/keep
+# install the chart
+helm install keep keephq/keep
+```
+
+# Uninstallation
+`helm uninstall keep`
+
+# Configuration
+Keep's Helm Chart supports the following `values.yaml`:
+- backend.image: the backend image (default: us-central1-docker.pkg.dev/keephq/keep/keep-api)
+- frontend.image: the frontend image (default: us-central1-docker.pkg.dev/keephq/keep/keep-ui)
+- frontend.publicApiUrl: the frontend will use this URL as a backend from your browser ("client components"). default: http://localhost:8080. for production environment this should be the backend DNS/external IP.
+- frontend.internalApiUrl: the frontend will use this URL as a backend from the container ("server components") default: http://keep-backend:8080
+ frontend.env: development
+
+# Openshift
+Keep's Helm Chart also supports installation on Openshift.
+Simply set up the keys under frontend(/backend).route:
+- route.host: your desired hostname
+
+# Local Kubernetes
+For local kubernetes without external IP (such as NodePort or LoadBalancer), you'll need to run port forwarding:
+
+## Port forward
+```bash
+kubectl port-forward svc/keep-frontend 3000:3000 & \
+kubectl port-forward svc/keep-websocket 6001:6001 &
+```
diff --git a/charts/keep/.helmignore b/charts/keep/.helmignore
new file mode 100644
index 0000000..8cade13
--- /dev/null
+++ b/charts/keep/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.vscode
+.project
+.idea/
+*.tmproj
+OWNERS
diff --git a/charts/keep/Chart.yaml b/charts/keep/Chart.yaml
new file mode 100644
index 0000000..a02ec61
--- /dev/null
+++ b/charts/keep/Chart.yaml
@@ -0,0 +1,27 @@
+apiVersion: v2
+name: keep
+version: 0.0.1
+description: Keep Helm Chart
+type: application
+icon: https://platform.keephq.dev/_next/image?url=%2Fkeep.png&w=48&q=75
+appVersion: 0.2.1
+deprecated: false
+annotations:
+ app: keep
+keywords:
+ - alerting
+ - monitoring
+ - monitoring-tool
+home: https://platform.keephq.dev/
+sources:
+ - https://github.com/keephq/keep
+maintainers:
+ - name: Denis Tu
+ email: dmarshaltu@gmail.com
+ url: https://github.com/DmarshalTU
+ - name: Shahar Glazner
+ email: shahar@keephq.dev
+ url: https://github.com/shahargl
+ - name: Tal Borenstein
+ email: tal@keephq.dev
+ url: https://github.com/talboren
diff --git a/charts/keep/README.md b/charts/keep/README.md
new file mode 100644
index 0000000..1a96c7e
--- /dev/null
+++ b/charts/keep/README.md
@@ -0,0 +1,203 @@
+# keep
+
+  
+
+Keep Helm Chart
+
+**Homepage:**
+
+## Maintainers
+
+| Name | Email | Url |
+| ---- | ------ | --- |
+| Denis Tu | | |
+| Shahar Glazner | | |
+| Tal Borenstein | | |
+
+## Source Code
+
+*
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| backend.affinity | object | `{}` | |
+| backend.autoscaling.enabled | bool | `false` | |
+| backend.autoscaling.maxReplicas | int | `3` | |
+| backend.autoscaling.minReplicas | int | `1` | |
+| backend.autoscaling.targetCPUUtilizationPercentage | int | `80` | |
+| backend.enabled | bool | `true` | |
+| backend.env[0].name | string | `"SECRET_MANAGER_TYPE"` | |
+| backend.env[0].value | string | `"k8s"` | |
+| backend.env[1].name | string | `"PORT"` | |
+| backend.env[1].value | string | `"8080"` | |
+| backend.env[2].name | string | `"SECRET_MANAGER_DIRECTORY"` | |
+| backend.env[2].value | string | `"/state"` | |
+| backend.env[3].name | string | `"DATABASE_CONNECTION_STRING"` | |
+| backend.env[3].value | string | `"mysql+pymysql://root@keep-database:3306/keep"` | |
+| backend.env[4].name | string | `"PUSHER_APP_ID"` | |
+| backend.env[4].value | int | `1` | |
+| backend.env[5].name | string | `"PUSHER_APP_KEY"` | |
+| backend.env[5].value | string | `"keepappkey"` | |
+| backend.env[6].name | string | `"PUSHER_APP_SECRET"` | |
+| backend.env[6].value | string | `"keepappsecret"` | |
+| backend.env[7].name | string | `"PUSHER_HOST"` | |
+| backend.env[7].value | string | `"keep-websocket"` | |
+| backend.env[8].name | string | `"PUSHER_PORT"` | |
+| backend.env[8].value | int | `6001` | |
+| backend.image.pullPolicy | string | `"Always"` | |
+| backend.image.repository | string | `"us-central1-docker.pkg.dev/keephq/keep/keep-api"` | |
+| backend.image.tag | string | `"latest"` | |
+| backend.imagePullSecrets | list | `[]` | |
+| backend.ingress.annotations | object | `{}` | |
+| backend.ingress.className | string | `""` | |
+| backend.ingress.enabled | bool | `true` | |
+| backend.ingress.hosts[0].host | string | `"chart-example-backend.local"` | |
+| backend.ingress.hosts[0].paths[0].path | string | `"/"` | |
+| backend.ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | |
+| backend.ingress.tls | list | `[]` | |
+| backend.nodeSelector | object | `{}` | |
+| backend.openAiApi.enabled | bool | `false` | |
+| backend.openAiApi.openAiApiKey | string | `""` | |
+| backend.podAnnotations | object | `{}` | |
+| backend.podSecurityContext | object | `{}` | |
+| backend.replicaCount | int | `1` | |
+| backend.resources | object | `{}` | |
+| backend.route.enabled | bool | `false` | |
+| backend.route.host | string | `"chart-example-backend.local"` | |
+| backend.route.path | string | `"/"` | |
+| backend.route.tls | list | `[]` | |
+| backend.route.wildcardPolicy | string | `"None"` | |
+| backend.securityContext | object | `{}` | |
+| backend.service.port | int | `8080` | |
+| backend.service.type | string | `"ClusterIP"` | |
+| backend.tolerations | list | `[]` | |
+| database.affinity | object | `{}` | |
+| database.autoscaling.enabled | bool | `false` | |
+| database.enabled | bool | `true` | |
+| database.env[0].name | string | `"MYSQL_ALLOW_EMPTY_PASSWORD"` | |
+| database.env[0].value | string | `"yes"` | |
+| database.env[1].name | string | `"MYSQL_DATABASE"` | |
+| database.env[1].value | string | `"keep"` | |
+| database.env[2].name | string | `"MYSQL_PASSWORD"` | |
+| database.env[2].value | string | `nil` | |
+| database.image.pullPolicy | string | `"IfNotPresent"` | |
+| database.image.repository | string | `"mysql"` | |
+| database.image.tag | string | `"latest"` | |
+| database.imagePullSecrets | list | `[]` | |
+| database.nodeSelector | object | `{}` | |
+| database.podAnnotations | object | `{}` | |
+| database.podSecurityContext | object | `{}` | |
+| database.replicaCount | int | `1` | |
+| database.resources | object | `{}` | |
+| database.securityContext | object | `{}` | |
+| database.service.port | int | `3306` | |
+| database.service.type | string | `"ClusterIP"` | |
+| database.size | string | `"5Gi"` | |
+| database.storageClasss | string | `""` | |
+| database.tolerations | list | `[]` | |
+| frontend.affinity | object | `{}` | |
+| frontend.autoscaling.enabled | bool | `false` | |
+| frontend.autoscaling.maxReplicas | int | `3` | |
+| frontend.autoscaling.minReplicas | int | `1` | |
+| frontend.autoscaling.targetCPUUtilizationPercentage | int | `80` | |
+| frontend.enabled | bool | `true` | |
+| frontend.env[0].name | string | `"NEXTAUTH_SECRET"` | |
+| frontend.env[0].value | string | `"secret"` | |
+| frontend.env[10].name | string | `"PUSHER_PORT"` | |
+| frontend.env[10].value | int | `6001` | |
+| frontend.env[11].name | string | `"PUSHER_APP_KEY"` | |
+| frontend.env[11].value | string | `"keepappkey"` | |
+| frontend.env[1].name | string | `"NEXTAUTH_URL"` | |
+| frontend.env[1].value | string | `"http://localhost:3000"` | |
+| frontend.env[2].name | string | `"API_URL"` | |
+| frontend.env[2].value | string | `"http://keep-backend:8080"` | |
+| frontend.env[3].name | string | `"NEXT_PUBLIC_API_URL"` | |
+| frontend.env[3].value | string | `""` | |
+| frontend.env[4].name | string | `"NEXT_PUBLIC_POSTHOG_KEY"` | |
+| frontend.env[4].value | string | `"phc_muk9qE3TfZsX3SZ9XxX52kCGJBclrjhkP9JxAQcm1PZ"` | |
+| frontend.env[5].name | string | `"NEXT_PUBLIC_POSTHOG_HOST"` | |
+| frontend.env[5].value | string | `"https://app.posthog.com"` | |
+| frontend.env[6].name | string | `"ENV"` | |
+| frontend.env[6].value | string | `"development"` | |
+| frontend.env[7].name | string | `"NODE_ENV"` | |
+| frontend.env[7].value | string | `"development"` | |
+| frontend.env[8].name | string | `"HOSTNAME"` | |
+| frontend.env[8].value | string | `"0.0.0.0"` | |
+| frontend.env[9].name | string | `"PUSHER_HOST"` | |
+| frontend.env[9].value | string | `"localhost"` | |
+| frontend.image.pullPolicy | string | `"Always"` | |
+| frontend.image.repository | string | `"us-central1-docker.pkg.dev/keephq/keep/keep-ui"` | |
+| frontend.image.tag | string | `"latest"` | |
+| frontend.imagePullSecrets | list | `[]` | |
+| frontend.ingress.annotations | object | `{}` | |
+| frontend.ingress.className | string | `""` | |
+| frontend.ingress.enabled | bool | `true` | |
+| frontend.ingress.hosts[0].host | string | `"chart-example.local"` | |
+| frontend.ingress.hosts[0].paths[0].path | string | `"/"` | |
+| frontend.ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | |
+| frontend.ingress.tls | list | `[]` | |
+| frontend.nodeSelector | object | `{}` | |
+| frontend.podAnnotations | object | `{}` | |
+| frontend.podSecurityContext | object | `{}` | |
+| frontend.replicaCount | int | `1` | |
+| frontend.resources | object | `{}` | |
+| frontend.route.enabled | bool | `false` | |
+| frontend.route.host | string | `"chart-example.local"` | |
+| frontend.route.path | string | `"/"` | |
+| frontend.route.tls | list | `[]` | |
+| frontend.route.wildcardPolicy | string | `"None"` | |
+| frontend.securityContext | object | `{}` | |
+| frontend.service.port | int | `3000` | |
+| frontend.service.type | string | `"ClusterIP"` | |
+| frontend.serviceAccount.annotations | object | `{}` | |
+| frontend.serviceAccount.create | bool | `true` | |
+| frontend.serviceAccount.name | string | `""` | |
+| frontend.tolerations | list | `[]` | |
+| fullnameOverride | string | `""` | |
+| nameOverride | string | `""` | |
+| namespace | string | `"default"` | |
+| serviceAccount.annotations | object | `{}` | |
+| serviceAccount.create | bool | `true` | |
+| serviceAccount.name | string | `""` | |
+| websocket.affinity | object | `{}` | |
+| websocket.autoscaling.enabled | bool | `false` | |
+| websocket.autoscaling.maxReplicas | int | `3` | |
+| websocket.autoscaling.minReplicas | int | `1` | |
+| websocket.autoscaling.targetCPUUtilizationPercentage | int | `80` | |
+| websocket.enabled | bool | `true` | |
+| websocket.env[0].name | string | `"SOKETI_USER_AUTHENTICATION_TIMEOUT"` | |
+| websocket.env[0].value | int | `3000` | |
+| websocket.env[1].name | string | `"SOKETI_DEFAULT_APP_ID"` | |
+| websocket.env[1].value | int | `1` | |
+| websocket.env[2].name | string | `"SOKETI_DEFAULT_APP_KEY"` | |
+| websocket.env[2].value | string | `"keepappkey"` | |
+| websocket.env[3].name | string | `"SOKETI_DEFAULT_APP_SECRET"` | |
+| websocket.env[3].value | string | `"keepappsecret"` | |
+| websocket.image.pullPolicy | string | `"Always"` | |
+| websocket.image.repository | string | `"quay.io/soketi/soketi:1.4-16-debian"` | |
+| websocket.image.tag | string | `"latest"` | |
+| websocket.imagePullSecrets | list | `[]` | |
+| websocket.ingress.annotations | object | `{}` | |
+| websocket.ingress.className | string | `""` | |
+| websocket.ingress.enabled | bool | `false` | |
+| websocket.ingress.hosts[0].host | string | `"chart-example.local"` | |
+| websocket.ingress.hosts[0].paths[0].path | string | `"/"` | |
+| websocket.ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | |
+| websocket.ingress.tls | list | `[]` | |
+| websocket.nodeSelector | object | `{}` | |
+| websocket.podAnnotations | object | `{}` | |
+| websocket.podSecurityContext | object | `{}` | |
+| websocket.replicaCount | int | `1` | |
+| websocket.resources | object | `{}` | |
+| websocket.securityContext | object | `{}` | |
+| websocket.service.port | int | `6001` | |
+| websocket.service.type | string | `"ClusterIP"` | |
+| websocket.serviceAccount.annotations | object | `{}` | |
+| websocket.serviceAccount.create | bool | `true` | |
+| websocket.serviceAccount.name | string | `""` | |
+| websocket.tolerations | list | `[]` | |
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.13.0](https://github.com/norwoodj/helm-docs/releases/v1.13.0)
diff --git a/charts/keep/templates/_helpers.tpl b/charts/keep/templates/_helpers.tpl
new file mode 100644
index 0000000..a454d76
--- /dev/null
+++ b/charts/keep/templates/_helpers.tpl
@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "keep.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "keep.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "keep.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "keep.labels" -}}
+helm.sh/chart: {{ include "keep.chart" . }}
+{{ include "keep.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "keep.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "keep.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "keep.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "keep.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/charts/keep/templates/backend-hpa.yaml b/charts/keep/templates/backend-hpa.yaml
new file mode 100644
index 0000000..d73cdb5
--- /dev/null
+++ b/charts/keep/templates/backend-hpa.yaml
@@ -0,0 +1,32 @@
+{{- if .Values.backend.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ include "keep.fullname" . }}-backend
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ include "keep.fullname" . }}
+ minReplicas: {{ .Values.backend.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.backend.autoscaling.maxReplicas }}
+ metrics:
+ {{- if .Values.backend.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ target:
+ type: Utilization
+ averageUtilization: {{ .Values.backend.autoscaling.targetCPUUtilizationPercentage }}
+ {{- end }}
+ {{- if .Values.backend.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ target:
+ type: Utilization
+ averageUtilization: {{ .Values.backend.autoscaling.targetMemoryUtilizationPercentage }}
+ {{- end }}
+{{- end }}
diff --git a/charts/keep/templates/backend-ingress.yaml b/charts/keep/templates/backend-ingress.yaml
new file mode 100644
index 0000000..45c17d7
--- /dev/null
+++ b/charts/keep/templates/backend-ingress.yaml
@@ -0,0 +1,61 @@
+{{- if .Values.backend.ingress.enabled -}}
+{{- $fullName := include "keep.fullname" . -}}
+{{- $svcPort := .Values.backend.service.port -}}
+{{- if and .Values.backend.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+ {{- if not (hasKey .Values.backend.ingress.annotations "kubernetes.io/ingress.class") }}
+ {{- $_ := set .Values.backend.ingress.annotations "kubernetes.io/ingress.class" .Values.backend.ingress.className}}
+ {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+ name: {{ $fullName }}-backend
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ {{- with .Values.backend.ingress.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ {{- if and .Values.backend.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+ ingressClassName: {{ .Values.backend.ingress.className }}
+ {{- end }}
+ {{- if .Values.backend.ingress.tls }}
+ tls:
+ {{- range .Values.backend.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+ {{- end }}
+ rules:
+ {{- range .Values.backend.ingress.hosts }}
+ - host: {{ .host | quote }}
+ http:
+ paths:
+ {{- range .paths }}
+ - path: {{ .path }}
+ {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+ pathType: {{ .pathType }}
+ {{- end }}
+ backend:
+ {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+ service:
+ name: {{ $fullName }}-backend
+ port:
+ number: {{ $svcPort }}
+ {{- else }}
+ serviceName: {{ $fullName }}-backend
+ servicePort: {{ $svcPort }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/keep/templates/backend-route.yaml b/charts/keep/templates/backend-route.yaml
new file mode 100644
index 0000000..96b4d42
--- /dev/null
+++ b/charts/keep/templates/backend-route.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.backend.route.enabled -}}
+{{- $fullName := include "keep.fullname" . -}}
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+ name: {{ $fullName }}
+ labels: {{- include "keep.labels" . | nindent 4 }}
+spec:
+ host: {{ .Values.backend.route.host }}
+ to:
+ kind: Service
+ name: {{ $fullName }}-backend
+ weight: 100
+ port:
+ targetPort: {{ .Values.backend.service.port }}
+ wildcardPolicy: {{ .Values.backend.route.wildcardPolicy }}
+ tls:
+ {{ toYaml .Values.backend.route.tls | indent 4 }}
+{{- end}}
diff --git a/charts/keep/templates/cluster-role-binding-secret-manager.yaml b/charts/keep/templates/cluster-role-binding-secret-manager.yaml
new file mode 100644
index 0000000..0ce58e0
--- /dev/null
+++ b/charts/keep/templates/cluster-role-binding-secret-manager.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: secret-manager-rolebinding
+ namespace: {{ .Values.namespace }}
+subjects:
+ - kind: ServiceAccount
+ name: {{ include "keep.serviceAccountName" . }}
+ namespace: {{ .Values.namespace }}
+roleRef:
+ kind: Role
+ name: secret-manager-role
+ apiGroup: rbac.authorization.k8s.io
diff --git a/charts/keep/templates/cluster-role-secret-manager.yaml b/charts/keep/templates/cluster-role-secret-manager.yaml
new file mode 100644
index 0000000..b2ee728
--- /dev/null
+++ b/charts/keep/templates/cluster-role-secret-manager.yaml
@@ -0,0 +1,9 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: secret-manager-role
+ namespace: {{ .Values.namespace }}
+rules:
+ - apiGroups: [""]
+ resources: ["secrets"]
+ verbs: ["create", "delete", "get", "list"]
diff --git a/charts/keep/templates/delete-secret-job.yaml b/charts/keep/templates/delete-secret-job.yaml
new file mode 100644
index 0000000..e1fd325
--- /dev/null
+++ b/charts/keep/templates/delete-secret-job.yaml
@@ -0,0 +1,25 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: delete-keep-secrets
+ annotations:
+ "helm.sh/hook": pre-delete
+ "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
+spec:
+ template:
+ spec:
+ serviceAccountName: {{ include "keep.serviceAccountName" . }}
+ containers:
+ - name: delete-secrets-container
+ image: bitnami/kubectl
+ command:
+ - /bin/sh
+ - -c
+ - >
+ secrets=$(kubectl get secrets -n {{ .Values.Namespace }} -o name | grep '^secret/keep-');
+ if [ -n "$secrets" ]; then
+ echo "$secrets" | xargs kubectl delete -n {{ .Values.Namespace }};
+ else
+ echo "No matching secrets found to delete.";
+ fi
+ restartPolicy: Never
diff --git a/charts/keep/templates/frontend-hpa.yaml b/charts/keep/templates/frontend-hpa.yaml
new file mode 100644
index 0000000..16bc5aa
--- /dev/null
+++ b/charts/keep/templates/frontend-hpa.yaml
@@ -0,0 +1,32 @@
+{{- if .Values.frontend.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ include "keep.fullname" . }}-frontend
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ include "keep.fullname" . }}
+ minReplicas: {{ .Values.frontend.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.frontend.autoscaling.maxReplicas }}
+ metrics:
+ {{- if .Values.frontend.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ target:
+ type: Utilization
+ averageUtilization: {{ .Values.frontend.autoscaling.targetCPUUtilizationPercentage }}
+ {{- end }}
+ {{- if .Values.frontend.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ target:
+ type: Utilization
+ averageUtilization: {{ .Values.frontend.autoscaling.targetMemoryUtilizationPercentage }}
+ {{- end }}
+{{- end }}
diff --git a/charts/keep/templates/frontend-ingress.yaml b/charts/keep/templates/frontend-ingress.yaml
new file mode 100644
index 0000000..7054cba
--- /dev/null
+++ b/charts/keep/templates/frontend-ingress.yaml
@@ -0,0 +1,61 @@
+{{- if .Values.frontend.ingress.enabled -}}
+{{- $fullName := include "keep.fullname" . -}}
+{{- $svcPort := .Values.frontend.service.port -}}
+{{- if and .Values.frontend.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+ {{- if not (hasKey .Values.frontend.ingress.annotations "kubernetes.io/ingress.class") }}
+ {{- $_ := set .Values.frontend.ingress.annotations "kubernetes.io/ingress.class" .Values.frontend.ingress.className}}
+ {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+ name: {{ $fullName }}-frontend
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ {{- with .Values.frontend.ingress.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ {{- if and .Values.frontend.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+ ingressClassName: {{ .Values.frontend.ingress.className }}
+ {{- end }}
+ {{- if .Values.frontend.ingress.tls }}
+ tls:
+ {{- range .Values.frontend.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+ {{- end }}
+ rules:
+ {{- range .Values.frontend.ingress.hosts }}
+ - host: {{ .host | quote }}
+ http:
+ paths:
+ {{- range .paths }}
+ - path: {{ .path }}
+ {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+ pathType: {{ .pathType }}
+ {{- end }}
+ backend:
+ {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+ service:
+ name: {{ $fullName }}-frontend
+ port:
+ number: {{ $svcPort }}
+ {{- else }}
+ serviceName: {{ $fullName }}-frontend
+ servicePort: {{ $svcPort }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/keep/templates/frontend-route.yaml b/charts/keep/templates/frontend-route.yaml
new file mode 100644
index 0000000..75e6b0e
--- /dev/null
+++ b/charts/keep/templates/frontend-route.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.frontend.route.enabled -}}
+{{- $fullName := include "keep.fullname" . -}}
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+ name: {{ $fullName }}
+ labels: {{- include "keep.labels" . | nindent 4 }}
+spec:
+ host: {{ .Values.frontend.route.host }}
+ to:
+ kind: Service
+ name: {{ $fullName }}-frontend
+ weight: 100
+ port:
+ targetPort: {{ .Values.frontend.service.port }}
+ wildcardPolicy: {{ .Values.frontend.route.wildcardPolicy }}
+ tls:
+ {{ toYaml .Values.frontend.route.tls | indent 4 }}
+{{- end}}
diff --git a/charts/keep/templates/keep-backend-service.yaml b/charts/keep/templates/keep-backend-service.yaml
new file mode 100644
index 0000000..fd20451
--- /dev/null
+++ b/charts/keep/templates/keep-backend-service.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "keep.fullname" . }}-backend
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ keep-component: backend-service
+spec:
+ type: {{ .Values.backend.service.type }}
+ ports:
+ - port: {{ .Values.backend.service.port }}
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ {{- include "keep.selectorLabels" . | nindent 4 }}
+ keep-component: backend
diff --git a/charts/keep/templates/keep-backend.yaml b/charts/keep/templates/keep-backend.yaml
new file mode 100644
index 0000000..1c8f636
--- /dev/null
+++ b/charts/keep/templates/keep-backend.yaml
@@ -0,0 +1,87 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "keep.fullname" . }}-backend
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ keep-component: backend
+spec:
+ {{- if not .Values.backend.autoscaling.enabled }}
+ replicas: {{ .Values.backend.replicaCount }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "keep.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.backend.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "keep.selectorLabels" . | nindent 8 }}
+ keep-component: backend
+ spec:
+ {{- with .Values.backend.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "keep.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.backend.podSecurityContext | nindent 8 }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext:
+ {{- toYaml .Values.backend.securityContext | nindent 12 }}
+ image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
+ imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
+ ports:
+ - name: http
+ containerPort: {{ .Values.backend.service.port }}
+ protocol: TCP
+ env:
+ {{- range .Values.backend.env }}
+ - name: {{ .name }}
+ value: {{ .value | quote }}
+ {{- end }}
+ {{- if .Values.backend.openAiApi.enabled }}
+ - name: OPENAI_API_KEY
+ value: {{ .Values.backend.openAiApi.openAiApiKey | default "" | quote }}
+ {{- end }}
+ - name: K8S_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ volumeMounts:
+ - name: state-volume
+ mountPath: /state
+ readOnly: false
+ # livenessProbe:
+ # httpGet:
+ # path: /
+ # port: http
+ # readinessProbe:
+ # httpGet:
+ # path: /
+ # port: http
+ resources:
+ {{- toYaml .Values.backend.resources | nindent 12 }}
+ initContainers:
+ - name: wait-for-database
+ image: busybox
+ command: ['sh', '-c', 'until nc -z keep-database 3306; do sleep 1; done;']
+ {{- with .Values.backend.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.backend.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.backend.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: state-volume
+ emptyDir: {}
diff --git a/charts/keep/templates/keep-db-pv.yaml b/charts/keep/templates/keep-db-pv.yaml
new file mode 100644
index 0000000..49e8536
--- /dev/null
+++ b/charts/keep/templates/keep-db-pv.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+ name: {{ include "keep.fullname" . }}-pv
+spec:
+ capacity:
+ storage: {{ .Values.database.size }}
+ accessModes:
+ - ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
+ storageClassName: {{ .Values.database.storageClasss }}
+ hostPath:
+ path: "/var/lib/mysql"
diff --git a/charts/keep/templates/keep-db-pvc.yaml b/charts/keep/templates/keep-db-pvc.yaml
new file mode 100644
index 0000000..d941fc2
--- /dev/null
+++ b/charts/keep/templates/keep-db-pvc.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: {{ include "keep.fullname" . }}-pvc
+spec:
+ accessModes:
+ - ReadWriteOnce
+ storageClassName: {{ .Values.database.storageClasss }}
+ resources:
+ requests:
+ storage: 5Gi
diff --git a/charts/keep/templates/keep-db-service.yaml b/charts/keep/templates/keep-db-service.yaml
new file mode 100644
index 0000000..7e1d0e5
--- /dev/null
+++ b/charts/keep/templates/keep-db-service.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "keep.fullname" . }}-database
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ keep-component: database-service
+spec:
+ type: {{ .Values.database.service.type }}
+ ports:
+ - port: {{ .Values.database.service.port }}
+ targetPort: 3306
+ protocol: TCP
+ name: mysql
+ selector:
+ {{- include "keep.selectorLabels" . | nindent 4 }}
+ keep-component: database
diff --git a/charts/keep/templates/keep-db.yaml b/charts/keep/templates/keep-db.yaml
new file mode 100644
index 0000000..547540d
--- /dev/null
+++ b/charts/keep/templates/keep-db.yaml
@@ -0,0 +1,68 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "keep.fullname" . }}-database
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ keep-component: database
+spec:
+ {{- if not .Values.database.autoscaling.enabled }}
+ replicas: {{ .Values.database.replicaCount }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "keep.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.database.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "keep.selectorLabels" . | nindent 8 }}
+ keep-component: database
+ spec:
+ {{- with .Values.database.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "keep.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.database.podSecurityContext | nindent 8 }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext:
+ {{- toYaml .Values.database.securityContext | nindent 12 }}
+ image: "{{ .Values.database.image.repository }}:{{ .Values.database.image.tag | default .Chart.AppVersion }}"
+ imagePullPolicy: {{ .Values.database.image.pullPolicy }}
+ ports:
+ - name: mysql
+ containerPort: {{ .Values.database.service.port }}
+ protocol: TCP
+ env:
+ {{- range .Values.database.env }}
+ - name: {{ .name }}
+ value: {{ .value | quote }}
+ {{- end }}
+ volumeMounts:
+ - mountPath: /var/lib/mysql
+ name: {{ include "keep.fullname" . }}-pv
+ readOnly: false
+ resources:
+ {{- toYaml .Values.database.resources | nindent 12 }}
+ {{- with .Values.database.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.database.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.database.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: {{ include "keep.fullname" . }}-pv
+ persistentVolumeClaim:
+ claimName: {{ include "keep.fullname" . }}-pvc
diff --git a/charts/keep/templates/keep-frontend-service.yaml b/charts/keep/templates/keep-frontend-service.yaml
new file mode 100644
index 0000000..774de3e
--- /dev/null
+++ b/charts/keep/templates/keep-frontend-service.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "keep.fullname" . }}-frontend
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ keep-component: frontend-service
+spec:
+ type: {{ .Values.frontend.service.type }}
+ ports:
+ - port: {{ .Values.frontend.service.port }}
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ {{- include "keep.selectorLabels" . | nindent 4 }}
+ keep-component: frontend
diff --git a/charts/keep/templates/keep-frontend.yaml b/charts/keep/templates/keep-frontend.yaml
new file mode 100644
index 0000000..bbe04e6
--- /dev/null
+++ b/charts/keep/templates/keep-frontend.yaml
@@ -0,0 +1,75 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "keep.fullname" . }}-frontend
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ keep-component: frontend
+spec:
+ {{- if not .Values.frontend.autoscaling.enabled }}
+ replicas: {{ .Values.frontend.replicaCount }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "keep.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.frontend.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "keep.selectorLabels" . | nindent 8 }}
+ keep-component: frontend
+ spec:
+ {{- with .Values.frontend.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "keep.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.frontend.podSecurityContext | nindent 8 }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext:
+ {{- toYaml .Values.frontend.securityContext | nindent 12 }}
+ image: "{{ .Values.frontend.image.repository }}" # :{{ .Values.frontend.image.tag | default .Chart.AppVersion }}
+ imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
+ ports:
+ - name: http
+ containerPort: {{ .Values.frontend.service.port }}
+ protocol: TCP
+ env:
+ {{- range .Values.frontend.env }}
+ - name: {{ .name }}
+ value: {{ .value | quote }}
+ {{- end }}
+ volumeMounts:
+ - name: state-volume
+ mountPath: /state
+ readOnly: false
+ # livenessProbe:
+ # httpGet:
+ # path: /
+ # port: http
+ # readinessProbe:
+ # httpGet:
+ # path: /
+ # port: http
+ resources:
+ {{- toYaml .Values.frontend.resources | nindent 12 }}
+ {{- with .Values.frontend.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.frontend.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.frontend.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: state-volume
+ emptyDir: {}
diff --git a/charts/keep/templates/keep-websocket-server-service.yaml b/charts/keep/templates/keep-websocket-server-service.yaml
new file mode 100644
index 0000000..4911495
--- /dev/null
+++ b/charts/keep/templates/keep-websocket-server-service.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "keep.fullname" . }}-websocket
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ keep-component: websocket-service
+spec:
+ type: {{ .Values.websocket.service.type }}
+ ports:
+ - port: {{ .Values.websocket.service.port }}
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ {{- include "keep.selectorLabels" . | nindent 4 }}
+ keep-component: websocket
diff --git a/charts/keep/templates/keep-websocket-server.yaml b/charts/keep/templates/keep-websocket-server.yaml
new file mode 100644
index 0000000..1744ea7
--- /dev/null
+++ b/charts/keep/templates/keep-websocket-server.yaml
@@ -0,0 +1,75 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "keep.fullname" . }}-websocket
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ keep-component: websocket
+spec:
+ {{- if not .Values.frontend.autoscaling.enabled }}
+ replicas: {{ .Values.websocket.replicaCount }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "keep.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.websocket.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "keep.selectorLabels" . | nindent 8 }}
+ keep-component: websocket
+ spec:
+ {{- with .Values.websocket.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "keep.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.websocket.podSecurityContext | nindent 8 }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext:
+ {{- toYaml .Values.websocket.securityContext | nindent 12 }}
+ image: "{{ .Values.websocket.image.repository }}" # :{{ .Values.frontend.image.tag | default .Chart.AppVersion }}
+ imagePullPolicy: {{ .Values.websocket.image.pullPolicy }}
+ ports:
+ - name: http
+ containerPort: {{ .Values.websocket.service.port }}
+ protocol: TCP
+ env:
+ {{- range .Values.websocket.env }}
+ - name: {{ .name }}
+ value: {{ .value | quote }}
+ {{- end }}
+ volumeMounts:
+ - name: state-volume
+ mountPath: /state
+ readOnly: false
+ # livenessProbe:
+ # httpGet:
+ # path: /
+ # port: http
+ # readinessProbe:
+ # httpGet:
+ # path: /
+ # port: http
+ resources:
+ {{- toYaml .Values.websocket.resources | nindent 12 }}
+ {{- with .Values.websocket.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.websocket.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.websocket.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: state-volume
+ emptyDir: {}
diff --git a/charts/keep/templates/serviceaccount.yaml b/charts/keep/templates/serviceaccount.yaml
new file mode 100644
index 0000000..2289734
--- /dev/null
+++ b/charts/keep/templates/serviceaccount.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "keep.serviceAccountName" . }}
+ labels:
+ {{- include "keep.labels" . | nindent 4 }}
+ {{- with .Values.serviceAccount.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+{{- end }}
diff --git a/charts/keep/values.yaml b/charts/keep/values.yaml
new file mode 100644
index 0000000..d378b62
--- /dev/null
+++ b/charts/keep/values.yaml
@@ -0,0 +1,215 @@
+namespace: default
+serviceAccount:
+ create: true
+ annotations: {}
+ name: ""
+nameOverride: ""
+fullnameOverride: ""
+
+backend:
+ enabled: true
+ env:
+ - name: SECRET_MANAGER_TYPE
+ value: k8s
+ - name: PORT
+ value: "8080"
+ - name: SECRET_MANAGER_DIRECTORY
+ value: /state
+ - name: DATABASE_CONNECTION_STRING
+ value: mysql+pymysql://root@keep-database:3306/keep
+ - name: PUSHER_APP_ID
+ value: 1
+ - name: PUSHER_APP_KEY
+ value: keepappkey
+ - name: PUSHER_APP_SECRET
+ value: keepappsecret
+ - name: PUSHER_HOST
+ value: keep-websocket
+ - name: PUSHER_PORT
+ value: 6001
+ openAiApi:
+ enabled: false
+ openAiApiKey: ""
+ replicaCount: 1
+ image:
+ repository: us-central1-docker.pkg.dev/keephq/keep/keep-api
+ pullPolicy: Always
+ tag: "latest"
+ imagePullSecrets: []
+ podAnnotations: {}
+ podSecurityContext: {}
+ securityContext: {}
+ service:
+ type: ClusterIP
+ port: 8080
+ ingress:
+ enabled: true
+ className: ""
+ annotations: {}
+ hosts:
+ - host: chart-example-backend.local
+ paths:
+ - path: /
+ pathType: ImplementationSpecific
+ tls: []
+ route:
+ enabled: false
+ host: chart-example-backend.local
+ path: /
+ tls: []
+ wildcardPolicy: None
+ resources: {}
+ autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 3
+ targetCPUUtilizationPercentage: 80
+ nodeSelector: {}
+ tolerations: []
+ affinity: {}
+
+frontend:
+ enabled: true
+ env:
+ - name: NEXTAUTH_SECRET
+ value: secret
+ - name: NEXTAUTH_URL
+ value: http://localhost:3000
+ - name: API_URL
+ value: http://keep-backend:8080
+ - name: NEXT_PUBLIC_API_URL
+ value: ""
+ - name: NEXT_PUBLIC_POSTHOG_KEY
+ value: "phc_muk9qE3TfZsX3SZ9XxX52kCGJBclrjhkP9JxAQcm1PZ"
+ - name: NEXT_PUBLIC_POSTHOG_HOST
+ value: https://app.posthog.com
+ - name: ENV
+ value: development
+ - name: NODE_ENV
+ value: development
+ - name: HOSTNAME
+ value: 0.0.0.0
+ - name: PUSHER_HOST
+ value: localhost
+ - name: PUSHER_PORT
+ value: 6001
+ - name: PUSHER_APP_KEY
+ value: "keepappkey"
+ replicaCount: 1
+ image:
+ repository: us-central1-docker.pkg.dev/keephq/keep/keep-ui
+ pullPolicy: Always
+ tag: "latest"
+ imagePullSecrets: []
+ serviceAccount:
+ create: true
+ annotations: {}
+ name: ""
+ podAnnotations: {}
+ podSecurityContext: {}
+ securityContext: {}
+ service:
+ type: ClusterIP
+ port: 3000
+ ingress:
+ enabled: true
+ className: ""
+ annotations: {}
+ hosts:
+ - host: chart-example.local
+ paths:
+ - path: /
+ pathType: ImplementationSpecific
+ tls: []
+ route:
+ enabled: false
+ host: chart-example.local
+ path: /
+ tls: []
+ wildcardPolicy: None
+ resources: {}
+ autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 3
+ targetCPUUtilizationPercentage: 80
+ nodeSelector: {}
+ tolerations: []
+ affinity: {}
+
+websocket:
+ enabled: true
+ env:
+ - name: SOKETI_USER_AUTHENTICATION_TIMEOUT
+ value: 3000
+ - name: SOKETI_DEFAULT_APP_ID
+ value: 1
+ - name: SOKETI_DEFAULT_APP_KEY
+ value: keepappkey
+ - name: SOKETI_DEFAULT_APP_SECRET
+ value: keepappsecret
+ replicaCount: 1
+ image:
+ repository: quay.io/soketi/soketi:1.4-16-debian
+ pullPolicy: Always
+ tag: "latest"
+ imagePullSecrets: []
+ serviceAccount:
+ create: true
+ annotations: {}
+ name: ""
+ podAnnotations: {}
+ podSecurityContext: {}
+ securityContext: {}
+ service:
+ type: ClusterIP
+ port: 6001
+ ingress:
+ enabled: false
+ className: ""
+ annotations: {}
+ hosts:
+ - host: chart-example.local
+ paths:
+ - path: /
+ pathType: ImplementationSpecific
+ tls: []
+ resources: {}
+ autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 3
+ targetCPUUtilizationPercentage: 80
+ nodeSelector: {}
+ tolerations: []
+ affinity: {}
+
+database:
+ enabled: true
+ replicaCount: 1
+ size: 5Gi
+ storageClasss: ""
+ image:
+ repository: mysql
+ pullPolicy: IfNotPresent
+ tag: "latest"
+ env:
+ - name: MYSQL_ALLOW_EMPTY_PASSWORD
+ value: yes
+ - name: MYSQL_DATABASE
+ value: keep
+ - name: MYSQL_PASSWORD
+ value: null
+ imagePullSecrets: []
+ podAnnotations: {}
+ podSecurityContext: {}
+ securityContext: {}
+ service:
+ type: ClusterIP
+ port: 3306
+ resources: {}
+ autoscaling:
+ enabled: false
+ nodeSelector: {}
+ tolerations: []
+ affinity: {}
diff --git a/ct.yml b/ct.yml
new file mode 100644
index 0000000..0a2dfa5
--- /dev/null
+++ b/ct.yml
@@ -0,0 +1,9 @@
+remote: origin
+target-branch: main
+debug: true
+check-version-increment: false
+helm-extra-args: --timeout 15m
+charts:
+ - charts/keep
+chart-repos:
+ - keep=https://keephq.github.io/helm-charts # TODO: replace with custom domain