Helm Chart to deploy CVE Processor

This repository contains Helm chart designed to deploy webapp cve processor along with database migrations on Kubernetes cluster.

Helm Installation

Please follow the installation instructions required for setting up the project here.

Chart Structure

The chart contains the following key files:

• Chart.yaml: Contains metadata for the chart.
• values.yaml: Contains default values for the chart.
• templates/kafka-configmap.yaml: Defines a ConfigMap for Kafka configuration.
• templates/kafka-secrets.yaml: Defines secrets for Kafka.
• templates/job.yaml: Defines a Job for running database migrations & webapp cve processor.
• templates/secrets.yaml: Defines secrets for the webapp cve processor.
• templates/serviceaccount.yaml: Defines a ServiceAccount for the webapp cve processor.

Installation

To install the chart with default variables set in values.yaml, helm install requires following secrets to be provided.

Following secrets are required:

• secrets.dockerhubconfigjson - DockerHub credentials in base64 encoded format.
• kafka.secrets.username - Kafka username in base64 encoded format.
• kafka.secrets.password - Kafka password in base64 encoded format.
• kafka.env - List of kafka configuration environment variables.

Following Kafka variables are required:

• KAFKA_BROKERS
• KAFKA_TOPIC

This can be provided in following two ways:

1. Update the values.yaml file variable:

   secrets:
       dockerhub: <base64 encoded dockerhub config/credentials>
   kafka:
       secrets:
           username: <base64 encoded kafka username>
           password: <base64 encoded kafka password>
       env:
           KAFKA_BROKERS: <kafka brokers>
           KAFKA_TOPIC: <kafka topic>

   and then run the following command:

   helm install webapp-cve-processor .

   This will install the chart with the default values set in values.yaml in the default namespace.

Uninstallation

To uninstall the chart, use the following command:

helm uninstall webapp-cve-processor

Configuration

The following table lists the configurable parameters of the Helm chart and their default values.

Parameter	Description	Default
nameOverride	Name override instead of fullname	cve-processor
secrets.dockerhubconfigjson	DockerHub credentials in base64 encoded format	''
kafka.secrets.username	Kafka username in base64 encoded format	''
kafka.secrets.password	Kafka password in base64 encoded format	''
kafka.env	List of kafka configuration environment variables	{}
image.repository	Image repository	marlapativ/webapp-cve-processor
image.tag	Image tag	latest
image.pullPolicy	Image pull policy	Always
initContainers	Deployment init containers configuration	See values.yaml
serviceAccount.create	Whether to create a service account	true
serviceAccount.name	Service account name	webapp-cve-processor-sa
serviceAccount.automount	Automount service account token	true
serviceAccount.annotations	Service account annotations	{}
podAnnotations	Pod annotations	{}
podLabels	Pod labels	{}
resources	Pod resource requests and limits	{}
livenessProbe	Liveness probe configuration	See values.yaml
readinessProbe	Readiness probe configuration	See values.yaml