pelotech · tinyzimmer · Sep 12, 2021
diff --git a/charts/calendso/.helmignore b/charts/calendso/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/calendso/Chart.lock b/charts/calendso/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: postgresql
+  repository: https://charts.bitnami.com/bitnami
+  version: 10.9.5
+digest: sha256:a555b5ad8fb0f50610f8f2c1dc89debb1d542f23b920b096fcd4ee56597cb011
+generated: "2021-09-11T22:47:48.034322147+03:00"
diff --git a/charts/calendso/Chart.yaml b/charts/calendso/Chart.yaml
@@ -0,0 +1,14 @@
+apiVersion: v2
+name: calendso
+description: A Helm chart for Calendso
+type: application
+
+version: 0.1.0
+appVersion: "latest"
+
+dependencies:
+  # https://github.com/bitnami/charts/tree/master/bitnami/postgresql
+  - name: postgresql
+    version: 10.9.5
+    repository: https://charts.bitnami.com/bitnami
+    condition: postgresql.enabled
diff --git a/charts/calendso/Dockerfile b/charts/calendso/Dockerfile
@@ -0,0 +1,28 @@
+FROM node:14-alpine as builder
+
+RUN apk add --no-cache libc6-compat git
+
+WORKDIR /app
+
+ARG VERSION=main
+RUN git clone -b ${VERSION} https://github.com/calendso/calendso
+RUN cd calendso && \
+    yarn --frozen-lockfile && \
+    yarn build && \
+    yarn install --production --ignore-scripts --prefer-offline
+
+
+FROM node:14-alpine as runner
+
+WORKDIR /app
+
+ENV NODE_ENV production
+
+COPY --from=builder --chown=1000 /app/calendso/next.config.js ./
+COPY --from=builder --chown=1000 /app/calendso/public ./public
+COPY --from=builder --chown=1000 /app/calendso/.next ./.next
+COPY --from=builder --chown=1000 /app/calendso/node_modules ./node_modules
+COPY --from=builder --chown=1000 /app/calendso/package.json ./package.json
+COPY --from=builder --chown=1000 /app/calendso/prisma ./prisma
+
+CMD ["yarn", "start"]
diff --git a/charts/calendso/README.md b/charts/calendso/README.md
@@ -0,0 +1,60 @@
+# calendso
+
+![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square)
+
+A Helm chart for Calendso
+
+## Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://charts.bitnami.com/bitnami | postgresql | 10.9.5 |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` | Affinity for the calendso deployment. |
+| config.baseURL | string | `"http://localhost:3000"` | The base URL of the calendso server. It is important to configure this for callbacks to work correctly. |
+| config.collectAnonymousUsage | bool | `true` | Whether to allow calendso to collect anonymous usage statistics. |
+| config.databaseURL | string | `""` | The full URI for the database connection. If left blank, it will be generated from the postgresql chart values. |
+| config.email.from | string | `"[email protected]"` | Configure the From: header whilst sending emails. |
+| config.email.smtpCredentialsSecret | string | `""` | The name of a secret with the keys `EMAIL_SERVER_USER` and `EMAIL_SERVER_PASSWORD` containing the credentials for the SMTP server. |
+| config.email.smtpHost | string | `""` | The host of the SMTP server. |
+| config.email.smtpPort | string | `"587"` | The port of the SMTP server. |
+| config.encryptionKeySecret | string | `""` | The name of a secret with a key `CALENDSO_ENCRYPTION_KEY` that will be used to encrypt CalDAV credentials. Choose a random string, for example with `dd if: /dev/urandom bs: 1K count: 1 | md5sum`. |
+| config.googleCredentialsSecret | string | `""` | The name of a secret with a key `GOOGLE_API_CREDENTIALS` containing the full contents of a Google JSON credentials file. For more information on obtaining the credentials, see the [documentation](https://github.com/calendso/calendso#obtaining-the-google-api-credentials). |
+| config.msCredentialsSecret | string | `""` | The name of a secret with the keys `MS_GRAPH_CLIENT_ID` and `MS_GRAPH_CLIENT_SECRET` containing credentials for connecting with the Microsoft Graph Client. For more information on obtainining the credentials, see the [documentation](https://github.com/calendso/calendso#obtaining-microsoft-graph-client-id-and-secret). |
+| config.nextAuthURL | string | `"http://localhost:3000"` | The NextAuth URL for the server. |
+| config.zoomCredentialsSecret | string | `""` | The name of a secret with the keys `ZOOM_CLIENT_ID` and `ZOOM_CLIENT_SECRET` containing credentials for connecting to Zoom. For more information on obtaining the credentials, see the [documentation](https://github.com/calendso/calendso#obtaining-zoom-client-id-and-secret). |
+| externalConfigSecret | string | `""` | Provide the name of a pre-populated secret for calendso configurations. All values in the `config` block will be ignored. |
+| fullnameOverride | string | `""` | Override the full name of resources. |
+| global.postgresql.postgresqlDatabase | string | `"calendso"` | The name for the postgresql database. |
+| global.postgresql.postgresqlPassword | string | `"changeme"` | The password for calendso to authenticate to the database. |
+| global.postgresql.postgresqlUsername | string | `"calendso"` | The username for calendso to authenticate to the database. |
+| image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. |
+| image.repository | string | `"ghcr.io/pelotech/calendso"` | The repository to pull the image from. |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
+| imagePullSecrets | list | `[]` | Image pull secrets. |
+| ingress.annotations | object | `{}` | Extra annotations to apply to the ingress object. |
+| ingress.className | string | `""` | The name of the ingress class. |
+| ingress.enabled | bool | `false` | Enable ingress to the calendso service. |
+| ingress.hosts | list | `[{"host":"calendso.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}]` | Host and path configurations for the ingress. |
+| ingress.tls | list | `[]` | TLS configurations for the ingress. |
+| nameOverride | string | `""` | Override the name in resource name templates. |
+| nodeSelector | object | `{}` | A node selector for the calendso deployment. |
+| podAnnotations | object | `{}` | Additional annotations to apply to the calendso pods. |
+| podSecurityContext.fsGroup | int | `1000` | Pod fs group. |
+| postgresql.enabled | bool | `true` | Use the bitnami chart to lay down a postgresql server. |
+| postgresql.fullnameOverride | string | `"calendso-db"` | Overrides the names generated in the dependant chart. |
+| resources | object | `{}` | Resource requests and limits for the calendso deployment. |
+| securityContext.capabilities | object | `{"drop":["ALL"]}` | Container capabilities. |
+| securityContext.readOnlyRootFilesystem | bool | `true` | Container read-only root filesystem. |
+| securityContext.runAsNonRoot | bool | `true` | Container run as non-root. |
+| securityContext.runAsUser | int | `1000` | Container run-as user. |
+| service.port | int | `80` | The port the service should listen on. |
+| service.type | string | `"ClusterIP"` | The type of service to create in front of the calendso deployment. |
+| tolerations | list | `[]` | Tolertations for for the calendso deployment. |
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0)
diff --git a/charts/calendso/templates/NOTES.txt b/charts/calendso/templates/NOTES.txt
@@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "calendso.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "calendso.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "calendso.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "calendso.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
diff --git a/charts/calendso/templates/_helpers.tpl b/charts/calendso/templates/_helpers.tpl
@@ -0,0 +1,89 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "calendso.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "calendso.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "calendso.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "calendso.labels" -}}
+helm.sh/chart: {{ include "calendso.chart" . }}
+{{ include "calendso.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "calendso.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "calendso.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Database URL
+*/}}
+{{- define "calendso.databaseURL" -}}
+{{- if eq .Values.config.databaseURL "" -}}
+postgresql://{{ .Values.global.postgresql.postgresqlUsername }}:{{ .Values.global.postgresql.postgresqlPassword }}@{{ .Values.postgresql.fullnameOverride }}:5432/{{ .Values.global.postgresql.postgresqlDatabase }}
+{{- else -}}
+{{ .Values.config.databaseURL }}
+{{- end -}}
+{{- end }}
+
+{{/*
+Telemetry Key
+*/}}
+{{- define "calendso.telemetryKey" -}}
+{{- if .Values.config.collectAnonymousUsage -}}
+js.2pvs2bbpqq1zxna97wcml.oi2jzirnbj1ev4tc57c5r
+{{- end -}}
+{{- end }}
+
+{{/*
+Environment variable sources
+*/}}
+{{- define "calendso.envSources" -}}
+{{- if .Values.externalConfigSecret -}}
+- secretRef:
+    name: {{ .Values.externalConfigSecret }}
+{{- else -}}
+- secretRef:
+    name: {{ include "calendso.fullname" . }}-base-env
+{{- $secrets := compact (list .Values.config.googleCredentialsSecret .Values.config.msCredentialsSecret .Values.config.zoomCredentialsSecret .Values.config.encryptionKeySecret .Values.config.email.smtpCredentialsSecret | uniq) -}}
+{{- range $idx, $secret := $secrets }}
+- secretRef:
+    name: {{ $secret }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/charts/calendso/templates/deployment.yaml b/charts/calendso/templates/deployment.yaml
@@ -0,0 +1,91 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "calendso.fullname" . }}
+  labels:
+    {{- include "calendso.labels" . | nindent 4 }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      {{- include "calendso.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "calendso.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      initContainers:
+        - name: migrate-db
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          envFrom:
+            {{- include "calendso.envSources" . | nindent 12 }}
+          command: ["npx", "prisma", "db", "push"]
+          resources:
+            requests:
+              cpu: 50m
+              memory: 64Mi
+            limits:
+              cpu: 100m
+              memory: 128Mi
+          volumeMounts:
+            - name: node-home
+              mountPath: /home/node
+            - name: tmp
+              mountPath: /tmp
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          envFrom:
+            {{- include "calendso.envSources" . | nindent 12 }}
+          ports:
+            - name: http
+              containerPort: 3000
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+            - name: node-home
+              mountPath: /home/node
+            - name: tmp
+              mountPath: /tmp
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: node-home
+          emptyDir: {}
+        - name: tmp
+          emptyDir: {}