Add hoppscotch Helm Chart

charts/hoppscotch/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: postgresql
+  repository: https://charts.bitnami.com/bitnami
+  version: 16.0.1
+digest: sha256:e895214dc2ca49991deb760fa99c4c37d8d52292426dba600efcde03400db3de
+generated: "2024-10-13T20:08:18.561698+09:00"

charts/hoppscotch/Chart.yaml

@@ -0,0 +1,9 @@
+apiVersion: v2
+name: hoppscotch
+description: A Helm chart for Hoppscotch services
+version: 0.1.0
+appVersion: "1.0"
+dependencies:
+  - name: postgresql
+    version: 16.0.1
+    repository: https://charts.bitnami.com/bitnami

charts/hoppscotch/templates/deployment.yaml

@@ -0,0 +1,92 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}-aio
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: {{ .Release.Name }}-aio
+  template:
+    metadata:
+      labels:
+        app: {{ .Release.Name }}-aio
+    spec:
+      securityContext:
+        sysctls:
+          - name: net.ipv4.ip_unprivileged_port_start
+            value: "0"
+      initContainers:
+        - name: init-db
+          image: "{{ .Values.hoppscotch.image.repository }}:{{ .Values.hoppscotch.image.tag }}"
+          imagePullPolicy: {{ .Values.hoppscotch.image.pullPolicy }} 
+          env:
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.postgresql.global.postgresql.auth.existingSecret | default (printf "%s-postgresql" .Release.Name) }}
+                  key: {{ .Values.postgresql.global.postgresql.auth.secretKeys.userPasswordKey | default "password" }}
+            - name: DATABASE_URL
+              value: "postgres://{{ .Values.postgresql.global.postgresql.auth.username }}:$(POSTGRES_PASSWORD)@{{ .Release.Name }}-postgresql:5432/{{ .Values.postgresql.global.postgresql.auth.database }}"
+            {{- range $key, $value := .Values.env }}
+            - name: {{ $key }}
+              value: "{{ $value }}"
+            {{- end }}
+          resources:
+            {{- toYaml .Values.hoppscotch.resources | nindent 12 }}
+          command: [ "/bin/sh", "-c" ]
+          args:
+            - "set -e; pnpx prisma migrate deploy"
+      containers:
+        - name: hoppscotch-aio
+          image: {{ .Values.hoppscotch.image.repository }}:{{ .Values.hoppscotch.image.tag }}
+          ports:
+            - containerPort: 3000
+            - containerPort: 3100
+            - containerPort: 3170
+          readinessProbe:
+            httpGet:
+              path: /
+              port: 3000
+            initialDelaySeconds: 5
+            periodSeconds: 10
+          livenessProbe:
+            httpGet:
+              path: /
+              port: 3000
+            initialDelaySeconds: 15
+            periodSeconds: 20
+          env:
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.postgresql.global.postgresql.auth.existingSecret | default (printf "%s-postgresql" .Release.Name) }}
+                  key: {{ .Values.postgresql.global.postgresql.auth.secretKeys.userPasswordKey | default "password" }}
+            - name: DATABASE_URL
+              value: "postgres://{{ .Values.postgresql.global.postgresql.auth.username }}:$(POSTGRES_PASSWORD)@{{ .Release.Name }}-postgresql:5432/{{ .Values.postgresql.global.postgresql.auth.database }}"
+            - name: JWT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.hoppscotch.auth.existingSecret | default (printf "%s-secrets" .Release.Name) }}
+                  key: jwt_secret
+            - name: SESSION_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.hoppscotch.auth.existingSecret | default (printf "%s-secrets" .Release.Name) }}
+                  key: session_secret
+            - name: MAILER_SMTP_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.hoppscotch.auth.existingSecret | default (printf "%s-secrets" .Release.Name) }}
+                  key: mailer_smtp_password
+            - name: DATA_ENCRYPTION_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.hoppscotch.auth.existingSecret | default (printf "%s-secrets" .Release.Name) }}
+                  key: data_encryption_key
+            {{- range $key, $value := .Values.hoppscotch.env }}
+            - name: {{ $key }}
+              value: "{{ $value }}"
+            {{- end }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}

charts/hoppscotch/templates/ingress.yaml

@@ -0,0 +1,28 @@
+{{- if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}-app-ingress
+  annotations:
+    {{- with .Values.ingress.annotations }}
+    {{ toYaml . | indent 4 }}
+    {{- end }}
+spec:
+  rules:
+    - host: {{ .Values.ingress.hostname }}
+      http:
+        paths:
+          - path: {{ .Values.ingress.path }}
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ .Release.Name }}-aio
+                port:
+                  number: 3000
+  {{- if .Values.ingress.tls.enabled }}
+  tls:
+    - hosts:
+        - {{ .Values.ingress.hostname }}
+      secretName: {{ .Values.ingress.tls.secretName }}
+  {{- end }}
+{{- end }}

charts/hoppscotch/templates/secrets.yaml

@@ -0,0 +1,17 @@
+{{- if not .Values.hoppscotch.auth.existingSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Release.Name }}-secrets
+  labels:
+    app.kubernetes.io/name: {{ .Release.Name | quote }}
+    helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    app.kubernetes.io/instance: {{ .Release.Name | quote }}
+    app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
+type: Opaque
+data:
+  jwt_secret: {{ .Values.hoppscotch.auth.JWT_SECRET | b64enc | quote }}
+  session_secret: {{ .Values.hoppscotch.auth.SESSION_SECRET | b64enc | quote }}
+  mailer_smtp_password: {{ .Values.hoppscotch.auth.MAILER_SMTP_PASSWORD | b64enc | quote }}
+  data_encryption_key: {{ .Values.hoppscotch.auth.DATA_ENCRYPTION_KEY | b64enc | quote }}
+{{- end }}

charts/hoppscotch/templates/service.yaml

@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Release.Name }}-aio
+spec:
+  type: ClusterIP
+  selector:
+    app: {{ .Release.Name }}-aio
+  ports:
+    - protocol: TCP
+      port: 3000
+      targetPort: 3000
+      name: http-web-port
+    - protocol: TCP
+      port: 3100
+      targetPort: 3100
+      name: http-admin-port
+    - protocol: TCP
+      port: 3170
+      targetPort: 3170
+      name: backend-port

charts/hoppscotch/values.yaml

@@ -0,0 +1,93 @@
+# Global values for the Bitnami PostgreSQL chart
+postgresql:
+  enabled: true
+  global:
+    postgresql:
+      auth:
+        username: "hoppscotch"
+        password: "your-hoppscotch-password"
+        database: "hoppscotch"
+        existingSecret: ""
+        secretKeys:
+          adminPasswordKey: ""
+          userPasswordKey: ""
+          replicationPasswordKey: ""
+
+  primary:
+    persistence:
+      enabled: false
+      storageClass: "standard"
+      size: 8Gi
+      accessModes:
+        - ReadWriteOnce
+
+hoppscotch:
+  image:
+    repository: hoppscotch/hoppscotch
+    tag: 2024.9.1
+    pullPolicy: IfNotPresent
+
+  auth:
+    JWT_SECRET: "secret1233"
+    SESSION_SECRET: "add some secret here"
+    DATA_ENCRYPTION_KEY: "data encryption key with 32 char"
+    MAILER_SMTP_PASSWORD: "pass"
+    existingSecret: ""
+
+    secretKeys:
+      jwtSecretKey: ""
+      sessionSecretKey: ""
+      mailerSmtpPasswordKey: ""
+      dataEncryptionKey: ""
+
+    resources: {}
+
+  # Environment variables to be use in the container. Please refer to the following document:
+  # https://docs.hoppscotch.io/documentation/self-host/community-edition/install-and-build#configuring-the-environment
+  env:
+    TOKEN_SALT_COMPLEXITY: 10
+    MAGIC_LINK_TOKEN_VALIDITY:  3
+    REFRESH_TOKEN_VALIDITY: "604800000"
+    ACCESS_TOKEN_VALIDITY: "86400000"
+    ALLOW_SECURE_COOKIES: true
+    REDIRECT_URL: "http://localhost:3000"
+    WHITELISTED_ORIGINS: "http://localhost:3170,http://localhost:3000,http://localhost:3100"
+    VITE_ALLOWED_AUTH_PROVIDERS: "GOOGLE,GITHUB,MICROSOFT,EMAIL"
+    GITHUB_CLIENT_ID: "************************************************"
+    GITHUB_CLIENT_SECRET: "************************************************"
+    GITHUB_CALLBACK_URL: "http://localhost:3170/v1/auth/github/callback"
+    GITHUB_SCOPE: "user:email"
+    MAILER_SMTP_ENABLE: "false"
+    MAILER_USE_CUSTOM_CONFIGS: "false"
+    #MAILER_ADDRESS_FROM: '"From Name Here" <[email protected]>'
+    MAILER_SMTP_URL: "smtps://[email protected]:[email protected]" # used if custom mailer configs is false
+    MAILER_SMTP_HOST: "smtp.domain.com"
+    MAILER_SMTP_PORT: "587"
+    MAILER_SMTP_SECURE: "true"
+    MAILER_SMTP_USER: "[email protected]"
+    MAILER_TLS_REJECT_UNAUTHORIZED: "true"
+    RATE_LIMIT_TTL: 60 # In seconds
+    RATE_LIMIT_MAX: 100 # Max requests per IP
+    VITE_BASE_URL: "http://localhost:3000"
+    VITE_SHORTCODE_BASE_URL: "http://localhost:3000"
+    VITE_ADMIN_URL: "http://localhost:3100"
+    VITE_BACKEND_GQL_URL: "http://localhost:3170/graphql"
+    VITE_BACKEND_WS_URL: "ws://localhost:3170/graphql"
+    VITE_BACKEND_API_URL: "http://localhost:3170/v1"
+    VITE_APP_TOS_LINK: "https://docs.hoppscotch.io/support/terms"
+    VITE_APP_PRIVACY_POLICY_LINK: "https://docs.hoppscotch.io/support/privacy"
+    ENABLE_SUBPATH_BASED_ACCESS: false
+  ports:
+    - 3000:3000
+    - 3100:3100
+    - 3170:3170
+    - 3080:80
+
+ingress:
+  enabled: true
+  hostname: "hoppscotch.test.com"
+  annotations:
+  path: /
+  tls:
+    enabled: true
+    secretName: hoppscotch-tls