diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 15ffe06..8f35447 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,6 +21,11 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + - name: Install Helm + uses: azure/setup-helm@v1 + with: + version: v3.4.0 + - name: Run chart-releaser uses: helm/chart-releaser-action@v1.1.0 env: diff --git a/.github/workflows/sync-readme.yaml b/.github/workflows/sync-readme.yaml new file mode 100644 index 0000000..3f83353 --- /dev/null +++ b/.github/workflows/sync-readme.yaml @@ -0,0 +1,28 @@ +name: sync-readme + +on: + push: + branches: + - 'master' + paths: + - 'README.md' + +jobs: + build: + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + + - run: | + cp -f README.md ${{ runner.temp }}/README.md + - uses: actions/checkout@v2 + with: + ref: gh-pages + + - run: | + cp -f ${{ runner.temp }}/README.md . + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + git add README.md + git commit --signoff -m "Sync README from master" + git push diff --git a/.idea/.gitignore b/.idea/.gitignore deleted file mode 100644 index 73f69e0..0000000 --- a/.idea/.gitignore +++ /dev/null @@ -1,8 +0,0 @@ -# Default ignored files -/shelf/ -/workspace.xml -# Datasource local storage ignored files -/dataSources/ -/dataSources.local.xml -# Editor-based HTTP Client requests -/httpRequests/ diff --git a/.idea/codeStyles/codeStyleConfig.xml b/.idea/codeStyles/codeStyleConfig.xml deleted file mode 100644 index a55e7a1..0000000 --- a/.idea/codeStyles/codeStyleConfig.xml +++ /dev/null @@ -1,5 +0,0 @@ - - - - \ No newline at end of file diff --git a/.idea/helm.iml b/.idea/helm.iml deleted file mode 100644 index 5e764c4..0000000 --- a/.idea/helm.iml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - \ No newline at end of file diff --git a/.idea/modules.xml b/.idea/modules.xml deleted file mode 100644 index a5fed1f..0000000 --- a/.idea/modules.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - \ No newline at end of file diff --git a/.idea/vcs.xml b/.idea/vcs.xml deleted file mode 100644 index 94a25f7..0000000 --- a/.idea/vcs.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - \ No newline at end of file diff --git a/Chart.yaml b/Chart.yaml deleted file mode 100644 index 6164dec..0000000 --- a/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -appVersion: "v2.16.3" -description: A Helm chart for Deploying Jumpserver on Kubernetes -name: jumpserver -version: 0.1.0 diff --git a/README.md b/README.md index 9a51a34..649e463 100644 --- a/README.md +++ b/README.md @@ -1,132 +1,27 @@ -# Jumpserver +# Unleash Kubernetes Helm Chart -[Jumpserver](http://www.jumpserver.org/) 是全球首款完全开源的堡垒机, 使用 GNU GPL v2.0 开源协议, 是符合 4A 的专业运维审计系统。 +![Release Charts](https://github.com/jumpserver/helm-charts/workflows/release-chart/badge.svg?branch=master) -## 使用方法 +## Usage -```bash -helm install jumpserver ./ +[Helm](https://helm.sh) must be installed to use the charts. +Please refer to Helm's [documentation](https://helm.sh/docs/) to get started. + +Once Helm is set up properly, add the repo as follows: + +```console +helm repo add jumpserver https://jumpserver.github.io/helm-charts ``` -## 介绍 +You can then run `helm search repo jumpserver` to see the charts. -当前 Chart 包含了 Jumpserver 所需的基本组件 + -## 安装 +## Helm charts build status -发布名为 `jumpserver` 的 release: - -```bash -helm install jumpserver ./ -``` - -安装到指定 namespace - -```bash -helm install jumpserver ./ -n default -``` - -上条命令把默认配置的 JumpServer 部署到了 kubernetes 集群中,[参数](#参数)一节中列出了配置参数 - -**Tip**: List all releases using `helm list` - -## 卸载 - -删除 `jumpserver` release: - -```bash -$ helm delete jumpserver -``` - -上条命令删除了所有包含在 release 中的组件 - -## 参数 - -下面的表格中列出了一些必要的参数,发布前请先阅读并设置 - -### 总览 - -| 参数 | 描述 | 默认值 | -| ------------------------- | ------------------ | ----------- | -| `nameOveride` | name override | `nil` | -| `fullNameOveride` | full name override | `nil` | -| `global.imageRegistry` | 仓库地址 | `docker.io` | -| `global.imageTag` | 版本号 | `v2.16.3 ` | -| `global.imagePullSecrets` | 私有仓库认证凭据 | `nil` -| `global.storageClass` | 存储 sc | `nil` | -| `ingress.enabled` | 开启 ingress | `true` | -| `core.enabled` | 开启 core | `true` | -| `koko.enabled` | 开启 koko | `true` | -| `lion.enabled` | 开启 lion | `true` | -| `web.enabled` | 开启 web | `true` | -| `xpack.enable` | 开启 xpack | `false` | - -### core - -| 参数 | 描述 | 默认值 | -| ---------------- | ---------------------------------------------------------------------- | ---------------------- | -| `secretKey` | 加密秘钥 生产环境中请修改为随机字符串,请勿外泄, 可使用命令生成 | `nil` | -| `bootstrapToken` | 预共享Token coco和guacamole用来注册服务账号,不在使用原来的注册接受机制 | `nil` | -| `debug` | 开启 debug 模式 | `false` | -| `log.level` | 日志等级 | `ERROR` | -| `db.engine` | 数据库引擎 | `mysql` | -| `db.host` | 数据库IP地址 | `nil` | -| `db.port` | 数据库端口 | `3306` | -| `db.username` | 数据库用户名 | `jumpserver` | -| `db.password` | 数据库密码 | `nil` | -| `db.name` | 数据库名称 | `nil` | -| `redis.host` | redisIP地址 | `nil` | -| `redis.port` | redis端口 | `6379` | -| `redis.password` | redis密码 | `nil` | -| `replicaCount` | 副本数量 | `1` | -| `tag` | 版本号 | `nil` | -| `persistence` | 持久化存储相关设置 | `nil` | - -### 其他组件 - -| 参数 | 描述 | 默认值 | -| --------------------- | --------------------------------------------------------- | ------- | -| `log.level` | 日志等级 | `INFO` | -| `replicaCount` | 副本数量 | `1` | -| `tag` | 版本号 | `nil` | -| `persistence` | 持久化存储相关设置 | `nil` | - -在 `helm install` 时通过 `--set key=value[,key=value]` 指定参数. 举例: - -```bash -helm install jumpserver ./ \ ---set ingress.enabled=true -``` - -上条命令开启了 ingress. - -**注**: 默认使用 [values.yaml](values.yaml) - -### 示例 - -```bash -helm install jumpserver . -n jms \ ---set core.config.secretKey=GxrLH7rewfsRN8B9Zl6MEGD50Uou4LF6UVsEIayGMhYll8dqmn \ ---set core.config.bootstrapToken=ilR8RvAbK7lgRTxs \ ---set global.storageClass=nfs \ ---set externalDatabase.engine=mysql \ ---set externalDatabase.host=jms-mysql \ ---set externalDatabase.port=3306 \ ---set externalDatabase.user=jms \ ---set externalDatabase.password=Password131 \ ---set externalDatabase.database=jumpserver \ ---set externalRedis.host=jms-redis-master \ ---set externalRedis.port=6379 \ ---set koko.service.type=NodePort \ ---set web.service.type=NodePort \ ---set externalRedis.password=PasswordRedis -``` - -## 鸣谢说明 - -本项目初始代码是由 [xiaomaimuchanyiyiba](https://github.com/xiaomaimuchanyiyiba) 贡献。[原仓库地址](https://github.com/xiaomaimuchanyiyiba/jumpserver) +![Release Charts](https://github.com/jumpserver/helm-charts/workflows/release-chart/badge.svg?branch=master) diff --git a/charts/jumpserver/Chart.yaml b/charts/jumpserver/Chart.yaml new file mode 100644 index 0000000..79acfd3 --- /dev/null +++ b/charts/jumpserver/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +appVersion: "v2.16.3" +description: A Helm chart for Deploying Jumpserver on Kubernetes +engine: gotpl +home: https://jumpserver.org +icon: https://jumpserver.org/images/logo/favicon.ico +maintainers: +- email: support@fit2cloud.com + name: jumpserver +sources: +- https://github.com/jumpserver/ +name: jumpserver +version: 2.16.3 diff --git a/charts/jumpserver/README.md b/charts/jumpserver/README.md new file mode 100644 index 0000000..9a51a34 --- /dev/null +++ b/charts/jumpserver/README.md @@ -0,0 +1,132 @@ +# Jumpserver + +[Jumpserver](http://www.jumpserver.org/) 是全球首款完全开源的堡垒机, 使用 GNU GPL v2.0 开源协议, 是符合 4A 的专业运维审计系统。 + +## 使用方法 + +```bash +helm install jumpserver ./ +``` + +## 介绍 + +当前 Chart 包含了 Jumpserver 所需的基本组件 + +## 依赖 + +- Kubernetes 1.20+ +- Helm 3.0 + +## 安装 + +发布名为 `jumpserver` 的 release: + +```bash +helm install jumpserver ./ +``` + +安装到指定 namespace + +```bash +helm install jumpserver ./ -n default +``` + +上条命令把默认配置的 JumpServer 部署到了 kubernetes 集群中,[参数](#参数)一节中列出了配置参数 + +**Tip**: List all releases using `helm list` + +## 卸载 + +删除 `jumpserver` release: + +```bash +$ helm delete jumpserver +``` + +上条命令删除了所有包含在 release 中的组件 + +## 参数 + +下面的表格中列出了一些必要的参数,发布前请先阅读并设置 + +### 总览 + +| 参数 | 描述 | 默认值 | +| ------------------------- | ------------------ | ----------- | +| `nameOveride` | name override | `nil` | +| `fullNameOveride` | full name override | `nil` | +| `global.imageRegistry` | 仓库地址 | `docker.io` | +| `global.imageTag` | 版本号 | `v2.16.3 ` | +| `global.imagePullSecrets` | 私有仓库认证凭据 | `nil` +| `global.storageClass` | 存储 sc | `nil` | +| `ingress.enabled` | 开启 ingress | `true` | +| `core.enabled` | 开启 core | `true` | +| `koko.enabled` | 开启 koko | `true` | +| `lion.enabled` | 开启 lion | `true` | +| `web.enabled` | 开启 web | `true` | +| `xpack.enable` | 开启 xpack | `false` | + +### core + +| 参数 | 描述 | 默认值 | +| ---------------- | ---------------------------------------------------------------------- | ---------------------- | +| `secretKey` | 加密秘钥 生产环境中请修改为随机字符串,请勿外泄, 可使用命令生成 | `nil` | +| `bootstrapToken` | 预共享Token coco和guacamole用来注册服务账号,不在使用原来的注册接受机制 | `nil` | +| `debug` | 开启 debug 模式 | `false` | +| `log.level` | 日志等级 | `ERROR` | +| `db.engine` | 数据库引擎 | `mysql` | +| `db.host` | 数据库IP地址 | `nil` | +| `db.port` | 数据库端口 | `3306` | +| `db.username` | 数据库用户名 | `jumpserver` | +| `db.password` | 数据库密码 | `nil` | +| `db.name` | 数据库名称 | `nil` | +| `redis.host` | redisIP地址 | `nil` | +| `redis.port` | redis端口 | `6379` | +| `redis.password` | redis密码 | `nil` | +| `replicaCount` | 副本数量 | `1` | +| `tag` | 版本号 | `nil` | +| `persistence` | 持久化存储相关设置 | `nil` | + +### 其他组件 + +| 参数 | 描述 | 默认值 | +| --------------------- | --------------------------------------------------------- | ------- | +| `log.level` | 日志等级 | `INFO` | +| `replicaCount` | 副本数量 | `1` | +| `tag` | 版本号 | `nil` | +| `persistence` | 持久化存储相关设置 | `nil` | + +在 `helm install` 时通过 `--set key=value[,key=value]` 指定参数. 举例: + +```bash +helm install jumpserver ./ \ +--set ingress.enabled=true +``` + +上条命令开启了 ingress. + +**注**: 默认使用 [values.yaml](values.yaml) + +### 示例 + +```bash +helm install jumpserver . -n jms \ +--set core.config.secretKey=GxrLH7rewfsRN8B9Zl6MEGD50Uou4LF6UVsEIayGMhYll8dqmn \ +--set core.config.bootstrapToken=ilR8RvAbK7lgRTxs \ +--set global.storageClass=nfs \ +--set externalDatabase.engine=mysql \ +--set externalDatabase.host=jms-mysql \ +--set externalDatabase.port=3306 \ +--set externalDatabase.user=jms \ +--set externalDatabase.password=Password131 \ +--set externalDatabase.database=jumpserver \ +--set externalRedis.host=jms-redis-master \ +--set externalRedis.port=6379 \ +--set koko.service.type=NodePort \ +--set web.service.type=NodePort \ +--set externalRedis.password=PasswordRedis +``` + +## 鸣谢说明 + +本项目初始代码是由 [xiaomaimuchanyiyiba](https://github.com/xiaomaimuchanyiyiba) 贡献。[原仓库地址](https://github.com/xiaomaimuchanyiyiba/jumpserver) diff --git a/configs/jms-core/config.yml b/charts/jumpserver/configs/jms-core/config.yml similarity index 100% rename from configs/jms-core/config.yml rename to charts/jumpserver/configs/jms-core/config.yml diff --git a/configs/jms-web/default.conf b/charts/jumpserver/configs/jms-web/default.conf similarity index 100% rename from configs/jms-web/default.conf rename to charts/jumpserver/configs/jms-web/default.conf diff --git a/templates/NOTES.txt b/charts/jumpserver/templates/NOTES.txt similarity index 100% rename from templates/NOTES.txt rename to charts/jumpserver/templates/NOTES.txt diff --git a/templates/_helpers.tpl b/charts/jumpserver/templates/_helpers.tpl similarity index 100% rename from templates/_helpers.tpl rename to charts/jumpserver/templates/_helpers.tpl diff --git a/templates/_images.tpl b/charts/jumpserver/templates/_images.tpl similarity index 100% rename from templates/_images.tpl rename to charts/jumpserver/templates/_images.tpl diff --git a/templates/celery/deployment-celery.yaml b/charts/jumpserver/templates/celery/deployment-celery.yaml similarity index 100% rename from templates/celery/deployment-celery.yaml rename to charts/jumpserver/templates/celery/deployment-celery.yaml diff --git a/templates/core/configmap-core.yaml b/charts/jumpserver/templates/core/configmap-core.yaml similarity index 100% rename from templates/core/configmap-core.yaml rename to charts/jumpserver/templates/core/configmap-core.yaml diff --git a/templates/core/deployment-core.yaml b/charts/jumpserver/templates/core/deployment-core.yaml similarity index 100% rename from templates/core/deployment-core.yaml rename to charts/jumpserver/templates/core/deployment-core.yaml diff --git a/templates/core/pvc-core-data.yaml b/charts/jumpserver/templates/core/pvc-core-data.yaml similarity index 100% rename from templates/core/pvc-core-data.yaml rename to charts/jumpserver/templates/core/pvc-core-data.yaml diff --git a/templates/core/pvc-core-logs.yaml b/charts/jumpserver/templates/core/pvc-core-logs.yaml similarity index 100% rename from templates/core/pvc-core-logs.yaml rename to charts/jumpserver/templates/core/pvc-core-logs.yaml diff --git a/templates/core/service-core.yaml b/charts/jumpserver/templates/core/service-core.yaml similarity index 100% rename from templates/core/service-core.yaml rename to charts/jumpserver/templates/core/service-core.yaml diff --git a/templates/koko/deployment-koko.yaml b/charts/jumpserver/templates/koko/deployment-koko.yaml similarity index 100% rename from templates/koko/deployment-koko.yaml rename to charts/jumpserver/templates/koko/deployment-koko.yaml diff --git a/templates/koko/pvc-koko-data.yaml b/charts/jumpserver/templates/koko/pvc-koko-data.yaml similarity index 100% rename from templates/koko/pvc-koko-data.yaml rename to charts/jumpserver/templates/koko/pvc-koko-data.yaml diff --git a/templates/koko/service-koko.yaml b/charts/jumpserver/templates/koko/service-koko.yaml similarity index 100% rename from templates/koko/service-koko.yaml rename to charts/jumpserver/templates/koko/service-koko.yaml diff --git a/templates/lion/deployment-lion.yaml b/charts/jumpserver/templates/lion/deployment-lion.yaml similarity index 100% rename from templates/lion/deployment-lion.yaml rename to charts/jumpserver/templates/lion/deployment-lion.yaml diff --git a/templates/lion/pvc-lion-data.yaml b/charts/jumpserver/templates/lion/pvc-lion-data.yaml similarity index 100% rename from templates/lion/pvc-lion-data.yaml rename to charts/jumpserver/templates/lion/pvc-lion-data.yaml diff --git a/templates/lion/service-lion.yaml b/charts/jumpserver/templates/lion/service-lion.yaml similarity index 100% rename from templates/lion/service-lion.yaml rename to charts/jumpserver/templates/lion/service-lion.yaml diff --git a/templates/omnidb/deployment-omnidb.yaml b/charts/jumpserver/templates/omnidb/deployment-omnidb.yaml similarity index 100% rename from templates/omnidb/deployment-omnidb.yaml rename to charts/jumpserver/templates/omnidb/deployment-omnidb.yaml diff --git a/templates/omnidb/pvc-omnidb-data.yaml b/charts/jumpserver/templates/omnidb/pvc-omnidb-data.yaml similarity index 100% rename from templates/omnidb/pvc-omnidb-data.yaml rename to charts/jumpserver/templates/omnidb/pvc-omnidb-data.yaml diff --git a/templates/omnidb/service-omnidb.yaml b/charts/jumpserver/templates/omnidb/service-omnidb.yaml similarity index 100% rename from templates/omnidb/service-omnidb.yaml rename to charts/jumpserver/templates/omnidb/service-omnidb.yaml diff --git a/templates/pre-install-initdb.yaml b/charts/jumpserver/templates/pre-install-initdb.yaml similarity index 100% rename from templates/pre-install-initdb.yaml rename to charts/jumpserver/templates/pre-install-initdb.yaml diff --git a/templates/serviceaccount.yaml b/charts/jumpserver/templates/serviceaccount.yaml similarity index 100% rename from templates/serviceaccount.yaml rename to charts/jumpserver/templates/serviceaccount.yaml diff --git a/templates/web/configmap-web.yaml b/charts/jumpserver/templates/web/configmap-web.yaml similarity index 100% rename from templates/web/configmap-web.yaml rename to charts/jumpserver/templates/web/configmap-web.yaml diff --git a/templates/web/deployment-nginx.yaml b/charts/jumpserver/templates/web/deployment-nginx.yaml similarity index 100% rename from templates/web/deployment-nginx.yaml rename to charts/jumpserver/templates/web/deployment-nginx.yaml diff --git a/templates/web/ingress.yaml b/charts/jumpserver/templates/web/ingress.yaml similarity index 100% rename from templates/web/ingress.yaml rename to charts/jumpserver/templates/web/ingress.yaml diff --git a/templates/web/pvc-nginx-logs.yaml b/charts/jumpserver/templates/web/pvc-nginx-logs.yaml similarity index 100% rename from templates/web/pvc-nginx-logs.yaml rename to charts/jumpserver/templates/web/pvc-nginx-logs.yaml diff --git a/templates/web/service-web.yaml b/charts/jumpserver/templates/web/service-web.yaml similarity index 100% rename from templates/web/service-web.yaml rename to charts/jumpserver/templates/web/service-web.yaml diff --git a/templates/xrdp/deployment-xrdp.yaml b/charts/jumpserver/templates/xrdp/deployment-xrdp.yaml similarity index 100% rename from templates/xrdp/deployment-xrdp.yaml rename to charts/jumpserver/templates/xrdp/deployment-xrdp.yaml diff --git a/templates/xrdp/pvc-xrdp-data.yaml b/charts/jumpserver/templates/xrdp/pvc-xrdp-data.yaml similarity index 100% rename from templates/xrdp/pvc-xrdp-data.yaml rename to charts/jumpserver/templates/xrdp/pvc-xrdp-data.yaml diff --git a/templates/xrdp/service-xrdp.yaml b/charts/jumpserver/templates/xrdp/service-xrdp.yaml similarity index 100% rename from templates/xrdp/service-xrdp.yaml rename to charts/jumpserver/templates/xrdp/service-xrdp.yaml diff --git a/values.yaml b/charts/jumpserver/values.yaml similarity index 100% rename from values.yaml rename to charts/jumpserver/values.yaml