diff --git a/.github/workflows/chart-lint-and-test.yml b/.github/workflows/chart-lint-and-test.yml index 99962dc..96376f6 100644 --- a/.github/workflows/chart-lint-and-test.yml +++ b/.github/workflows/chart-lint-and-test.yml @@ -2,9 +2,9 @@ name: ct-linting-and-testing on: pull_request: paths: - - ../../chart/** - - "!helm/README.md" - - "!helm/README.md.gotmpl" + - chart/** + - "!chart/pulumi-esc-csi-provider/README.md" + - "!chart/pulumi-esc-csi-provider/README.md.gotmpl" permissions: read-all @@ -33,7 +33,7 @@ jobs: scan-type: 'config' hide-progress: false format: 'sarif' - scan-ref: 'helm' + scan-ref: 'chart/pulumi-esc-csi-provider' output: 'trivy-results.sarif' limit-severities-for-sarif: true exit-code: '0' diff --git a/.gitignore b/.gitignore index ec118c2..8c6658d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ **/dist .idea -pulumi-esc-csi-provider +./pulumi-esc-csi-provider diff --git a/chart/pulumi-esc-csi-provider/.helmignore b/chart/pulumi-esc-csi-provider/.helmignore new file mode 100644 index 0000000..e69de29 diff --git a/chart/pulumi-esc-csi-provider/Chart.yaml b/chart/pulumi-esc-csi-provider/Chart.yaml new file mode 100644 index 0000000..136eca5 --- /dev/null +++ b/chart/pulumi-esc-csi-provider/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v2 +name: pulumi-esc-csi-provider +description: A Helm chart for the Pulumi ESC CSI provider + +type: application + +version: 0.1.0 +appVersion: "0.1.0" + +maintainers: +- name: dirien + email: engin@pulumi.com + url: https://pulumi.com diff --git a/chart/pulumi-esc-csi-provider/README.md b/chart/pulumi-esc-csi-provider/README.md new file mode 100644 index 0000000..e69de29 diff --git a/chart/pulumi-esc-csi-provider/README.md.gotmpl b/chart/pulumi-esc-csi-provider/README.md.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/chart/pulumi-esc-csi-provider/templates/NOTES.txt b/chart/pulumi-esc-csi-provider/templates/NOTES.txt new file mode 100644 index 0000000..e69de29 diff --git a/chart/pulumi-esc-csi-provider/templates/daemonset.yaml b/chart/pulumi-esc-csi-provider/templates/daemonset.yaml new file mode 100644 index 0000000..e69de29 diff --git a/chart/pulumi-esc-csi-provider/values.yaml b/chart/pulumi-esc-csi-provider/values.yaml new file mode 100644 index 0000000..72602f4 --- /dev/null +++ b/chart/pulumi-esc-csi-provider/values.yaml @@ -0,0 +1,57 @@ +name: pulumi-esc-csi-provider +namespace: kube-system +image: + repository: ghcr.io/dirien/secrets-store-csi-driver-provider-pulumi-esc + tag: latest + pullPolicy: Always + +args: +- "-endpoint=/provider/pulumi.sock" + +# Resource limits and requests +resources: + requests: + cpu: 50m # Minimum CPU needed + memory: 100Mi # Minimum memory needed + limits: + cpu: 50m # Maximum CPU allowed + memory: 100Mi # Maximum memory allowed + +# Volume configuration for provider socket +providerVolume: + mountPath: /provider + hostPath: /etc/kubernetes/secrets-store-csi-providers + +# Health check for container liveness +livenessProbe: + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + failureThreshold: 2 + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + +# Health check for container readiness +readinessProbe: + httpGet: + path: /readyz + port: 8080 + scheme: HTTP + failureThreshold: 2 + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + +nodeSelector: {} +labels: {} +podLabels: {} +tolerations: [] + +serviceAccount: + create: true + name: pulumi-esc-csi-provider + annotations: {}