-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
6 changed files
with
239 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -58,7 +58,7 @@ _See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command doc | |
## OpenBAS | ||
|
||
* [Environment configuration](https://docs.openbas.io/latest/deployment/configuration/#platform) | ||
* [Connectors](https://github.com/OpenBAS-Platform/collectors/tree/main). Review `docker-compose.yaml` with the properly config | ||
* [Collectors](https://github.com/OpenBAS-Platform/collectors/tree/main). Review `docker-compose.yaml` with the properly config | ||
* Check collectors samples on `collector-examples` folder | ||
|
||
## Basic installation and examples | ||
|
@@ -95,7 +95,7 @@ helm show values openbas/openbas | |
| caldera.service.targetPort | int | `8888` | Pod expose port | | ||
| caldera.service.type | string | `"ClusterIP"` | Kubernetes Service type. Allowed values: NodePort, LoadBalancer or ClusterIP | | ||
| caldera.tolerations | list | `[]` | Tolerations for pod assignment | | ||
| collectorGlobalEnv | string | `nil` | Connector Global environment | | ||
| collectorGlobalEnv | string | `nil` | Collector Global environment | | ||
| collectors | list | `[]` | Collectors Ref: https://github.com/OpenBAS-Platform/collectors | | ||
| env | object | `{"INJECTOR_CALDERA_API_KEY":"ChangeMe","INJECTOR_CALDERA_PUBLIC_URL":"http://release-name-caldera:8888","INJECTOR_CALDERA_URL":"http://release-name-caldera:8888","MINIO_ENDPOINT":"release-name-minio:9000","OPENBAS_ADMIN_EMAIL":"[email protected]","OPENBAS_ADMIN_PASSWORD":"ChangeMe","OPENBAS_ADMIN_TOKEN":"ChangeMe","OPENBAS_AUTH-LOCAL-ENABLE":true,"OPENBAS_BASE-URL":"http://localhost:8080","OPENBAS_RABBITMQ_HOSTNAME":"release-name-rabbitmq","OPENBAS_RABBITMQ_MANAGEMENT-PORT":15672,"OPENBAS_RABBITMQ_PASS":"ChangeMe","OPENBAS_RABBITMQ_PORT":5672,"OPENBAS_RABBITMQ_USER":"user","SERVER_ADDRESS":"0.0.0.0","SERVER_PORT":8080,"SPRING_DATASOURCE_PASSWORD":"ChangeMe","SPRING_DATASOURCE_URL":"jdbc:postgresql://release-name-postgresql:5432/openbas","SPRING_DATASOURCE_USERNAME":"user"}` | Environment variables to configure application Ref: https://docs.openbas.io/latest/deployment/configuration/#platform | | ||
| envFromSecrets | object | `{}` | Secrets from variables | | ||
|
@@ -104,6 +104,8 @@ helm show values openbas/openbas | |
| image | object | `{"pullPolicy":"IfNotPresent","repository":"openbas/platform","tag":""}` | Image registry | | ||
| imagePullSecrets | list | `[]` | Global Docker registry secret names as an array | | ||
| ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}],"tls":[]}` | Ingress configuration to expose app | | ||
| injectorGlobalEnv | string | `nil` | Injector Global environment | | ||
| injectors | list | `[]` | Injectors Ref: https://github.com/OpenBAS-Platform/injectors | | ||
| livenessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":180,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5}` | Configure liveness checker Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes | | ||
| livenessProbeCustom | object | `{}` | Custom livenessProbe | | ||
| minio | object | `{"auth":{"rootPassword":"ChangeMe","rootUser":"ChangeMe"},"enabled":true,"mode":"standalone","persistence":{"enabled":false}}` | MinIO subchart deployment Ref: https://github.com/bitnami/charts/blob/main/bitnami/minio/values.yaml | | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
# http-query | ||
# ref: https://github.com/OpenBAS-Platform/injectors/blob/main/http-query | ||
- name: http-query | ||
enabled: true | ||
replicas: 1 | ||
image: {} | ||
env: | ||
OPENBAS_URL: http://localhost | ||
OPENBAS_TOKEN: ChangeMe | ||
INJECTOR_ID: ChangeMe | ||
INJECTOR_NAME: "HTTP query" | ||
INJECTOR_LOG_LEVEL: error |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
{{- range .Values.injectors }} | ||
{{- $injectorName := .name }} | ||
|
||
{{- if .enabled }} | ||
--- | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: {{ $injectorName }}-injector-{{ include "openbas.fullname" $ }} | ||
labels: | ||
openbas.injector: {{ $injectorName }} | ||
{{- include "openbas.labels" $ | nindent 4 }} | ||
spec: | ||
{{- if not .autoscaling }} | ||
replicas: {{ .replicas }} | ||
{{- end }} | ||
selector: | ||
matchLabels: | ||
openbas.injector: {{ $injectorName }} | ||
{{- include "openbas.selectorLabels" $ | nindent 6 }} | ||
template: | ||
metadata: | ||
{{- with .podAnnotations }} | ||
annotations: | ||
{{- toYaml $ | nindent 8 }} | ||
{{- end }} | ||
labels: | ||
openbas.injector: {{ $injectorName }} | ||
{{- include "openbas.selectorLabels" $ | nindent 8 }} | ||
spec: | ||
{{- if .imagePullSecrets }} | ||
{{- with .imagePullSecrets }} | ||
imagePullSecrets: | ||
{{- toYaml . | nindent 8 }} | ||
{{- end }} | ||
{{- else if $.Values.global.imagePullSecrets }} | ||
{{- with $.Values.global.imagePullSecrets }} | ||
imagePullSecrets: | ||
{{- toYaml . | nindent 8 }} | ||
{{- end }} | ||
{{- end }} | ||
securityContext: | ||
{{- toYaml .podSecurityContext | nindent 8 }} | ||
containers: | ||
- name: {{ $injectorName }}-injector | ||
securityContext: | ||
{{- toYaml .securityContext | nindent 12 }} | ||
{{- if .image.repository }} | ||
image: "{{ .image.repository }}:{{ .image.tag | default $.Chart.AppVersion }}" | ||
{{- else if $.Values.global.imageRegistry }} | ||
image: "{{ printf "%s/openbas/injector-%s" $.Values.global.imageRegistry .name }}:{{ .image.tag | default $.Chart.AppVersion }}" | ||
{{- else }} | ||
image: "{{ printf "openbas/injector-%s" .name }}:{{ .image.tag | default $.Chart.AppVersion }}" | ||
{{- end }} | ||
imagePullPolicy: {{ .image.pullPolicy | default "IfNotPresent" }} | ||
env: | ||
# Variables from secrets have precedence | ||
{{- $envList := dict -}} | ||
|
||
{{- if .envFromSecrets }} | ||
{{- range $key, $value := .envFromSecrets }} | ||
- name: {{ $key | upper }} | ||
valueFrom: | ||
secretKeyRef: | ||
name: {{ $value.name }} | ||
key: {{ $value.key | default $key }} | ||
{{- $_ := set $envList $key true }} | ||
{{- end }} | ||
{{- end }} | ||
|
||
# Special handling for OPENBAS_URL which is constructed from other values | ||
{{- if not (hasKey .env "OPENBAS_URL") }} | ||
- name: OPENBAS_URL | ||
value: "http://{{ include "openbas.fullname" $ }}-server:{{ $.Values.service.port }}" | ||
{{- end }} | ||
|
||
# Special handling for OPENBAS_TOKEN which is constructed from other values | ||
{{- if and (not (hasKey .env "OPENBAS_TOKEN")) ($.Values.env.OPENBAS_ADMIN_TOKEN) }} | ||
- name: OPENBAS_TOKEN | ||
value: "{{ $.Values.env.OPENBAS_ADMIN_TOKEN }}" | ||
{{- end }} | ||
|
||
# Add Variables in plain text if they were not already added from secrets | ||
{{- if .env }} | ||
{{- range $key, $value := .env }} | ||
{{- if not (hasKey $envList $key) }} | ||
- name: {{ $key | upper }} | ||
value: {{ $value | quote }} | ||
{{- $_ := set $envList $key true }} | ||
{{- end }} | ||
{{- end }} | ||
{{- end }} | ||
|
||
resources: | ||
{{- toYaml .resources | nindent 12 }} | ||
{{- with .nodeSelector }} | ||
nodeSelector: | ||
{{- toYaml . | nindent 8 }} | ||
{{- end }} | ||
{{- with .tolerations }} | ||
tolerations: | ||
{{- toYaml . | nindent 8 }} | ||
{{- end }} | ||
{{- with .affinity }} | ||
affinity: | ||
{{- toYaml . | nindent 8 }} | ||
{{- end }} | ||
|
||
{{- end }} | ||
{{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters