From 9ee5f3d41bbb19b74be9f5c3a2e3fcf2e83ab555 Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Mon, 5 Dec 2022 12:04:23 -0500 Subject: [PATCH 1/8] upload helm chart to cloudsmith --- .github/workflows/helm-chart-release.yaml | 25 ++++++++--------------- helm-charts/upload-to-cloudsmith.sh | 10 +++++++++ 2 files changed, 19 insertions(+), 16 deletions(-) create mode 100644 helm-charts/upload-to-cloudsmith.sh diff --git a/.github/workflows/helm-chart-release.yaml b/.github/workflows/helm-chart-release.yaml index e3a3e32bc8..b611dde890 100644 --- a/.github/workflows/helm-chart-release.yaml +++ b/.github/workflows/helm-chart-release.yaml @@ -1,33 +1,26 @@ -name: Release Charts +name: Release Helm Charts on: [workflow_dispatch] jobs: release: - # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions - # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token - permissions: - contents: write runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 with: fetch-depth: 0 - - - name: Configure Git - run: | - git config user.name "$GITHUB_ACTOR" - git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - name: Install Helm uses: azure/setup-helm@v3 with: version: v3.10.0 - - - name: Run chart-releaser + - name: Build helm package + run: cd helm-charts && helm package ./infisical uses: helm/chart-releaser-action@v1.4.1 - with: - charts_dir: helm-charts + - name: Install python and Cloudsmith CLI + uses: actions/setup-python@v4 + run: pip install --upgrade cloudsmith-cli + - name: Push helm package to Cloudsmith + run: cd helm-charts && sh upload-to-cloudsmith.sh env: - CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + CLOUDSMITH_API_KEY: ${{ secrets.CLOUDSMITH_API_KEY }} \ No newline at end of file diff --git a/helm-charts/upload-to-cloudsmith.sh b/helm-charts/upload-to-cloudsmith.sh new file mode 100644 index 0000000000..218c11149a --- /dev/null +++ b/helm-charts/upload-to-cloudsmith.sh @@ -0,0 +1,10 @@ +## Loop through each helm chart directoy and build each into helm package +for d in */ ; do + helm package $d +done + +## Upload each packaged helm chart +for i in *.tgz; do + [ -f "$i" ] || break + cloudsmith push helm --republish infisical/helm-charts $i +done \ No newline at end of file From 05a19a2201e4ddb132f589ce90803f0c3a1c6e6c Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Mon, 5 Dec 2022 12:13:52 -0500 Subject: [PATCH 2/8] Rewrite upload steps action --- .../{helm-chart-release.yaml => helm-chart-release.yml} | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) rename .github/workflows/{helm-chart-release.yaml => helm-chart-release.yml} (69%) diff --git a/.github/workflows/helm-chart-release.yaml b/.github/workflows/helm-chart-release.yml similarity index 69% rename from .github/workflows/helm-chart-release.yaml rename to .github/workflows/helm-chart-release.yml index b611dde890..6372cc7738 100644 --- a/.github/workflows/helm-chart-release.yaml +++ b/.github/workflows/helm-chart-release.yml @@ -14,13 +14,11 @@ jobs: uses: azure/setup-helm@v3 with: version: v3.10.0 - - name: Build helm package - run: cd helm-charts && helm package ./infisical - uses: helm/chart-releaser-action@v1.4.1 - - name: Install python and Cloudsmith CLI + - name: Install python uses: actions/setup-python@v4 + - name: Install Cloudsmith CLI run: pip install --upgrade cloudsmith-cli - - name: Push helm package to Cloudsmith + - name: Build and push helm package to Cloudsmith run: cd helm-charts && sh upload-to-cloudsmith.sh env: CLOUDSMITH_API_KEY: ${{ secrets.CLOUDSMITH_API_KEY }} \ No newline at end of file From 6fb22b68dd0ede5b01c7af15b9e5d96d718e11fa Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Mon, 5 Dec 2022 12:17:06 -0500 Subject: [PATCH 3/8] update workflow file name --- .../{helm-chart-release.yml => helm_chart_release.yml} | 2 -- .github/workflows/release_build.yml | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) rename .github/workflows/{helm-chart-release.yml => helm_chart_release.yml} (93%) diff --git a/.github/workflows/helm-chart-release.yml b/.github/workflows/helm_chart_release.yml similarity index 93% rename from .github/workflows/helm-chart-release.yml rename to .github/workflows/helm_chart_release.yml index 6372cc7738..8f47da69d0 100644 --- a/.github/workflows/helm-chart-release.yml +++ b/.github/workflows/helm_chart_release.yml @@ -8,8 +8,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v2 - with: - fetch-depth: 0 - name: Install Helm uses: azure/setup-helm@v3 with: diff --git a/.github/workflows/release_build.yml b/.github/workflows/release_build.yml index aea82a9d2b..695b0ea240 100644 --- a/.github/workflows/release_build.yml +++ b/.github/workflows/release_build.yml @@ -1,4 +1,4 @@ -name: goreleaser +name: Go releaser on: push: From 3e2ed62e50c6a07a20044ada5989b255227c957e Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Mon, 5 Dec 2022 12:31:48 -0500 Subject: [PATCH 4/8] update readme of helm repo --- helm-charts/README.md | 28 +++++++++++----------------- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/helm-charts/README.md b/helm-charts/README.md index ffcef1a657..0974640287 100644 --- a/helm-charts/README.md +++ b/helm-charts/README.md @@ -1,22 +1,16 @@ -## Usage - -[Helm](https://helm.sh) must be installed to use the charts. Please refer to -Helm's [documentation](https://helm.sh/docs) to get started. - -Once Helm has been set up correctly, add the repo as follows: +### helm repository Setup +Assuming you have helm already installed, it is straight-forward to add a Cloudsmith-based chart repository: ``` - helm repo add https://infisical.github.io/helm-charts +helm repo add infisical-helm-charts 'https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts/' + +helm repo update ``` -If you had already added this repo earlier, run `helm repo update` to retrieve -the latest versions of the packages. You can then run `helm search repo -` to see the charts. - -To install the chart: - - helm install my- / - -To uninstall the chart: +### Installing a Helm Chart +``` +helm install infisical-helm-charts/ +``` - helm delete my- +#### Available chart names +- infisical From e98b76cba5397318d542195e631cb63d5f57faf5 Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Mon, 5 Dec 2022 12:57:18 -0500 Subject: [PATCH 5/8] remove manual namespace --- helm-charts/infisical/templates/backend-deployment.yaml | 2 -- helm-charts/infisical/templates/frontend-deployment.yaml | 2 -- helm-charts/infisical/templates/ingress.yaml | 1 - helm-charts/infisical/templates/mongodb-deployment.yaml | 2 -- helm-charts/infisical/templates/namespace.yaml | 4 ---- 5 files changed, 11 deletions(-) delete mode 100644 helm-charts/infisical/templates/namespace.yaml diff --git a/helm-charts/infisical/templates/backend-deployment.yaml b/helm-charts/infisical/templates/backend-deployment.yaml index ca45c528b8..9bc72eaf53 100644 --- a/helm-charts/infisical/templates/backend-deployment.yaml +++ b/helm-charts/infisical/templates/backend-deployment.yaml @@ -4,7 +4,6 @@ metadata: name: {{ .Release.Name }}-backend-deployment labels: app: backend - namespace: {{ .Values.namespace }} spec: replicas: {{ .Values.backend.replicaCount }} selector: @@ -35,7 +34,6 @@ apiVersion: v1 kind: Service metadata: name: infisical-backend-service - namespace: {{ .Values.namespace }} spec: selector: app: backend diff --git a/helm-charts/infisical/templates/frontend-deployment.yaml b/helm-charts/infisical/templates/frontend-deployment.yaml index f19beaa3d4..e0dbdae0db 100644 --- a/helm-charts/infisical/templates/frontend-deployment.yaml +++ b/helm-charts/infisical/templates/frontend-deployment.yaml @@ -4,7 +4,6 @@ metadata: name: {{ .Release.Name }}-frontend-deployment labels: app: frontend - namespace: {{ .Values.namespace }} spec: replicas: {{ .Values.frontend.replicaCount }} selector: @@ -26,7 +25,6 @@ apiVersion: v1 kind: Service metadata: name: infisical-frontend-service - namespace: {{ .Values.namespace }} spec: selector: app: frontend diff --git a/helm-charts/infisical/templates/ingress.yaml b/helm-charts/infisical/templates/ingress.yaml index e8b0febb39..a987627f4b 100644 --- a/helm-charts/infisical/templates/ingress.yaml +++ b/helm-charts/infisical/templates/ingress.yaml @@ -3,7 +3,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: infisical-ingress - namespace: {{ .Values.namespace }} {{- with .Values.ingress.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/helm-charts/infisical/templates/mongodb-deployment.yaml b/helm-charts/infisical/templates/mongodb-deployment.yaml index 02d380b1e2..90b755ad3e 100644 --- a/helm-charts/infisical/templates/mongodb-deployment.yaml +++ b/helm-charts/infisical/templates/mongodb-deployment.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: mongodb-deployment - namespace: {{ .Values.namespace }} labels: app: mongodb spec: @@ -30,7 +29,6 @@ apiVersion: v1 kind: Service metadata: name: mongodb-service - namespace: {{ .Values.namespace }} spec: selector: app: mongodb diff --git a/helm-charts/infisical/templates/namespace.yaml b/helm-charts/infisical/templates/namespace.yaml deleted file mode 100644 index 3f9c2c1ada..0000000000 --- a/helm-charts/infisical/templates/namespace.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: infisical \ No newline at end of file From afb374ff134f15d4fc9126587c1b10fd9172241a Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Mon, 5 Dec 2022 14:32:16 -0500 Subject: [PATCH 6/8] Add docs for k8 support --- docs/mint.json | 7 ++- docs/self-hosting/deployments/kubernetes.mdx | 54 ++++++++++++++++++++ docs/self-hosting/overview.mdx | 11 ++-- 3 files changed, 67 insertions(+), 5 deletions(-) create mode 100644 docs/self-hosting/deployments/kubernetes.mdx diff --git a/docs/mint.json b/docs/mint.json index 4ff49b5b98..1d52466808 100644 --- a/docs/mint.json +++ b/docs/mint.json @@ -102,8 +102,11 @@ "pages": [ "self-hosting/overview", { - "group": "Deployments", - "pages": ["self-hosting/deployments/linux"] + "group": "Deployments options", + "pages": [ + "self-hosting/deployments/linux", + "self-hosting/deployments/kubernetes" + ] }, { "group": "Configuration", diff --git a/docs/self-hosting/deployments/kubernetes.mdx b/docs/self-hosting/deployments/kubernetes.mdx new file mode 100644 index 0000000000..4515aa667d --- /dev/null +++ b/docs/self-hosting/deployments/kubernetes.mdx @@ -0,0 +1,54 @@ +--- +title: "Kubernetes" +description: "Deploy with Kubernetes" +--- + + +Self-host vs. Infisical Cloud + +Self-hosting Infisical means managing the service yourself, taking care of upgrades, scaling, security, etc. + +If you're less technical and looking for a hands-free experience with minimal overhead then we recommend Infisical Cloud. + + + +**Prerequisites** +- You have understanding of [Kubernetes](https://kubernetes.io/) +- You have understanding of [Helm package manager](https://helm.sh/) +- You have [kubectl](https://kubernetes.io/docs/reference/kubectl/kubectl/) installed and connected to your kubernetes cluster + + +#### 1. Fill our environment variables + +Before you can deploy the Helm chart, you must fill out the required environment variables. To do so, please either download or copy the +contents of [this file](https://raw.githubusercontent.com/Infisical/infisical/main/helm-charts/infisical/values.yaml) to a `.yaml` file. +_Refer to the available [environment variables](../../self-hosting/configuration/envars)_ + +Once you have a local copy of the values file, fill our the required environment variables and save the file. + + +#### 2. Install Infisical Helm repository + +```bash +helm repo add infisical-helm-charts 'https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts/' + +helm repo update +``` + +#### 3. Install the Helm chart + +By default, the helm chart will be installed on your default namespace. If you wish to install the Chart on a different namespace, you may specify +that by adding the `--namespace ` to your `helm install` command. + +```bash +## Installs to default namespace +helm install infisical-helm-charts/infisical --values +``` + + +If you have not filled out all of the required environment variables, you will see an error message prompting you to +do so. + + +5. Your Infisical installation is complete and should be running on the host name you specified in Ingress in `values.yaml`. +Note: Please allow an additional time (2 minutes) for the frontend pods to be fully ready. \ No newline at end of file diff --git a/docs/self-hosting/overview.mdx b/docs/self-hosting/overview.mdx index 8f2df5c378..d4c2aa303e 100644 --- a/docs/self-hosting/overview.mdx +++ b/docs/self-hosting/overview.mdx @@ -17,9 +17,14 @@ Infisical Cloud also comes with some extra features unavailabe in the self-hoste Infisical can be deployed on a Linux VM with docker-compose. We're rolling out more specific deployment options for DigitalOcean, AWS, GCP, and Azure soon. -Options: - -- [Linux VM](/self-hosting/deployments/linux) + + + Deploy to any Linux with Docker + + + Deploy to your Kubernetes cluster + + ## Telemetry From 13f2ab9425b56bff6d3d942bfd8f779360d26624 Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Mon, 5 Dec 2022 14:41:09 -0500 Subject: [PATCH 7/8] update steps number --- docs/self-hosting/deployments/kubernetes.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/self-hosting/deployments/kubernetes.mdx b/docs/self-hosting/deployments/kubernetes.mdx index 4515aa667d..8ed2c0e056 100644 --- a/docs/self-hosting/deployments/kubernetes.mdx +++ b/docs/self-hosting/deployments/kubernetes.mdx @@ -50,5 +50,5 @@ If you have not filled out all of the required environment variables, you will s do so. -5. Your Infisical installation is complete and should be running on the host name you specified in Ingress in `values.yaml`. +4. Your Infisical installation is complete and should be running on the host name you specified in Ingress in `values.yaml`. Note: Please allow an additional time (2 minutes) for the frontend pods to be fully ready. \ No newline at end of file From c5a422fe640e4edb7ef3f015f9359d6de6dd5f4d Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Mon, 5 Dec 2022 15:26:20 -0500 Subject: [PATCH 8/8] update self host docs --- docs/self-hosting/overview.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/self-hosting/overview.mdx b/docs/self-hosting/overview.mdx index d4c2aa303e..b0729637cb 100644 --- a/docs/self-hosting/overview.mdx +++ b/docs/self-hosting/overview.mdx @@ -9,13 +9,13 @@ Self-hosting Infisical means managing the service yourself, taking care of upgra If you're less technical and looking for a hands-free experience with minimal overhead then we recommend Infisical Cloud. -Infisical Cloud also comes with some extra features unavailabe in the self-hosted edition. You can find more information about Infisical Cloud's offering on the pricing page. +Infisical Cloud also comes with some extra features unavailable in the self-hosted edition. You can find more information about Infisical Cloud's offering on the pricing page. ## Deployment options -Infisical can be deployed on a Linux VM with docker-compose. We're rolling out more specific deployment options for DigitalOcean, AWS, GCP, and Azure soon. +Infisical can be deployed on a Linux VM with docker-compose and Kubernetes. We're rolling out more specific deployment options for DigitalOcean, AWS, GCP, and Azure soon.