Add experimental chart

.github/workflows/release.yml

@@ -5,6 +5,7 @@ on:
     branches:
       - master
       - development
+      - experimental
 
 jobs:
   packages:

charts/brokencrystals-experimental/Chart.yaml

@@ -0,0 +1,10 @@
+apiVersion: v2
+name: brokencrystals-exp
+description: |
+  Benchmark application that uses modern technologies and implements a set of
+  common security vulnerabilities
+type: application
+version: 0.0.21
+keywords:
+  - brokencrystals-exp
+  - brkn-e

charts/brokencrystals-experimental/templates/NOTES.txt

@@ -0,0 +1 @@
+https://{{ include "brokencrystals.fullname" . }}.brokencrystals.{{ .Values.ingress.basedomain }}

charts/brokencrystals-experimental/templates/_helpers.tpl

@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "brokencrystals.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "brokencrystals.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "brokencrystals.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "brokencrystals.labels" -}}
+helm.sh/chart: {{ include "brokencrystals.chart" . }}
+{{ include "brokencrystals.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "brokencrystals.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "brokencrystals.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "brokencrystals.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "brokencrystals.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

charts/brokencrystals-experimental/templates/bc-postgres-deployment.yaml

@@ -0,0 +1,62 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "brokencrystals.fullname" . }}-postgres
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ include "brokencrystals.fullname" . }}-postgres
+spec:
+  selector:
+    matchLabels:
+      app: {{ include "brokencrystals.fullname" . }}-postgres
+  template:
+    metadata:
+      labels:
+        app: {{ include "brokencrystals.fullname" . }}-postgres
+    spec:
+      containers:
+        - name: {{ include "brokencrystals.fullname" . }}-postgres
+          image: postgres
+          livenessProbe:
+            tcpSocket:
+              port: 5432
+            initialDelaySeconds: 60
+            periodSeconds: 30
+          env:
+            - name: POSTGRES_DB
+              value: "bc"
+            - name: POSTGRES_USER
+              value: "bc"
+            - name: POSTGRES_PASSWORD
+              value: "bc"
+          resources:
+            requests:
+              cpu: 200m
+              memory: 100Mi
+          volumeMounts:
+          - name: {{ include "brokencrystals.fullname" . }}-postgres
+            mountPath: /docker-entrypoint-initdb.d/pg.sql
+            subPath: pg.sql
+            readOnly: true
+      volumes:
+      - name: {{ include "brokencrystals.fullname" . }}-postgres
+        configMap:
+          name: {{ include "brokencrystals.fullname" . }}-postgres
+
+
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: {{ include "brokencrystals.fullname" . }}-postgres-service
+  namespace: {{ .Release.Namespace }}
+spec:
+  selector:
+    app: {{ include "brokencrystals.fullname" . }}-postgres
+  ports:
+    - name: postgres
+      port: 5432
+      protocol: TCP
+      targetPort: 5432
+

charts/brokencrystals-experimental/templates/bc-prod-deployment.yaml

@@ -0,0 +1,86 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "brokencrystals.fullname" . }}-nodejs
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ include "brokencrystals.fullname" . }}-nodejs
+spec:
+  selector:
+    matchLabels:
+      app: {{ include "brokencrystals.fullname" . }}-nodejs
+  template:
+    metadata:
+      labels:
+        app: {{ include "brokencrystals.fullname" . }}-nodejs
+    spec:
+      containers:
+        - name: {{ include "brokencrystals.fullname" . }}-nodejs-app
+          image: brokencrystals:{{ .Values.images.main }}
+#          command: ["/bin/sleep"]
+#          args: ["10000"]
+          env:
+            - name: URL
+              value: "https://{{ .Values.ingress.url }}"
+     #         value: "https://brokencrystals.com"
+            - name: DATABASE_HOST
+              value: "{{ include "brokencrystals.fullname" . }}-postgres-service"
+            - name: DATABASE_SCHEMA
+              value: "bc"
+            - name: DATABASE_USER
+              value: "bc"
+            - name: DATABASE_PASSWORD
+              value: "bc"
+            - name: DATABASE_PORT
+              value: "5432"
+            - name: DATABASE_DEBUG
+              value: "true"
+            - name: AWS_BUCKET
+              value: "https://neuralegion-open-bucket.s3.amazonaws.com"
+            - name: GOOGLE_MAPS_API
+              value: "AIzaSyD2wIxpYCuNI0Zjt8kChs2hLTS5abVQfRQ"
+            - name: JWT_PRIVATE_KEY_LOCATION
+              value: "config/keys/jwtRS256.key"
+            - name: JWT_PUBLIC_KEY_LOCATION
+              value: "config/keys/jwtRS256.key.pub.pem"
+            - name: JWT_SECRET_KEY
+              value: "1234"
+            - name: JWK_PRIVATE_KEY_LOCATION
+              value: "config/keys/jwk.key.pem"
+            - name: JWK_PUBLIC_KEY_LOCATION
+              value: "config/keys/jwk.pub.key.pem"
+            - name: JWK_PUBLIC_JSON 
+              value: "config/keys/jwk.pub.json"
+            - name: JKU_URL
+              value: "https://raw.githubusercontent.com/NeuraLegion/brokencrystals/development/config/keys/jku.json"
+            - name: X5U_URL
+              value: "https://raw.githubusercontent.com/NeuraLegion/brokencrystals/development/config/keys/x509.crt"
+          resources:
+            requests:
+              cpu: 500m
+              memory: 1024Mi
+          livenessProbe:
+            httpGet:
+              path: /api/config
+              port: 3000
+              scheme: HTTP
+            initialDelaySeconds: 120
+            periodSeconds: 30
+
+---
+kind: Service
+apiVersion: v1
+metadata:
+#  name: bc-nodejs-service
+  name: {{ include "brokencrystals.fullname" . }}-nodejs
+  namespace: {{ .Release.Namespace }}
+spec:
+  selector:
+    app: {{ include "brokencrystals.fullname" . }}-nodejs
+  ports:
+    - name: http
+      port: 3000
+      protocol: TCP
+      targetPort: 3000
+