Helm chart example and env configs for drift detection

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 La Rebelion Labs
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,72 @@
+# QBot OTS App Template - Drift Detection
+
+This project is a template for creating a Kubernetes application that uses the QBot OTS (Off-The-Shelf) platform to detect drift in Kubernetes resources.
+
+This project requires the following resources:
+
+* [ ] - Kubernetes 1.16+
+* [ ] - Kustomize 3.0.0+
+* [ ] - Helm 3.0+
+
+## Resources
+
+For more information about the project, see the following resources:
+
+./charts/drift-detection/README.md
+
+- [Project Details](./charts/drift-detection/README.md)
+- [QBot](https://k1s.sh/qbot)
+- [Agentico Tools](https://agentico.com/tools)
+
+## Motivation
+
+Maintaining a Kubernetes applications can be challenging, and even more so when the application is deployed in multiple environments. This project aims to provide a simple way to detect drift configurations in Kubernetes resources across multiple environments. The best part, it aims to do this leveraging AI agent by Agentico. 🤖
+
+We are following the official Kubernetes best practices for [configuration management of OTS applications](https://kubectl.docs.kubernetes.io/guides/config_management/offtheshelf/), and we are using `helm` and `kustomize` to manage the Kubernetes resources.
+
+![OTS Drift Detection](https://kubectl.docs.kubernetes.io/images/new_ots.jpg)
+> *Reference: [kubectl.docs.kubernetes.io](https://kubectl.docs.kubernetes.io/guides/config_management/offtheshelf/)*
+
+If you find this project useful, please consider giving it a star. ⭐
+
+Also, star the [QBot](https://github.com/orgs/la-rebelion/repositories?q=qbot-) and the [Agentico Tools](https://github.com/orgs/agentico-dev/repositories) projects, we will appreciate it. 🙏
+
+## Getting Started
+
+If you want to do it with QBot, you can follow the instructions in the [QBot](https://k1s.sh/qbot) website. If you want to do it manually, you can follow the instructions below.
+
+First of all, [fork the repository](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/fork-a-repo) to your GitHub account. 
+
+Example with the `gh` CLI:
+
+```bash
+gh repo fork [email protected]:la-rebelion/qbot-base-template.git --clone=true --remote=true --remote-name "my-qbot-fork"
+```
+
+Then, clone the repository to your local machine with the following commands:
+
+```bash
+# Repository was forked and cloned
+# Change the directory
+cd my-qbot-fork
+# deploy the application in the dev environment
+kubectl kustomize --enable-helm=true envs/dev/ | kubectl apply -f -
+# also, you can deploy the application in multiple environments
+kubectl kustomize --enable-helm=true envs/ | kubectl apply -f -
+```
+
+The last command will deploy the application in the `dev`, `staging`, and `prod` environments. Review the `envs` [kustomization](./envs/kustomization.yaml) files to see the different environments.
+
+## License
+
+This project is licensed under the MIT License - see the [LICENSE](./LICENSE) file for details.
+
+## Acknowledgments
+
+- [Helm](https://helm.sh/)
+- [Kubernetes](https://kubernetes.io/)
+- [Bitnami](https://bitnami.com/)
+- ["La Rebelion" GitHub](https://github.com/la-rebelion/)
+- ["La Rebelion" Website](https://rebelion.la/)
+- [Agentico](https://agentico.com/)
+- [Agentico GitHub](https://github.com/agentico-dev/)

charts/drift-detection/.helmignore

@@ -0,0 +1,18 @@
+# Ignore the following files and directories when packaging the Helm chart
+*.tgz
+*.zip
+*.tar.gz
+*.bak
+*.swp
+*.DS_Store
+node_modules/
+vendor/
+charts/
+tmp/
+*.log
+*.tmp
+*.out
+*.pid
+*.seed
+*.tgz
+*.tgz.*

charts/drift-detection/Chart.yaml

@@ -0,0 +1,21 @@
+name: drift-detection
+apiVersion: v2
+version: 0.1.0
+description: A Helm chart for deploying a sample application with database configuration and secrets
+type: application
+keywords:
+  - helm
+  - chart
+  - application
+  - database
+  - drift-detection
+  - qbot
+maintainers:
+  - name: Adrian Escutia
+  - name: La Rebelion
+sources:
+  - https://github.com/la-rebelion/drift-detection-template
+# dependencies:
+#   - name: busybox
+#     version: 1.2.3
+#     repository: https://kubernetes-charts.storage.googleapis.com

charts/drift-detection/README.md

@@ -0,0 +1,89 @@
+# My Helm Project
+
+This project is a Helm chart for deploying a sample application with two services, a stateful set, and a deployment. The application is configured to use BusyBox images and demonstrates how to manage configurations and secrets in Kubernetes.
+
+## Project Structure
+
+For easy listing and understanding, the file names are prefixed with a code that represents the type of file. The code is as follows:
+
+- `0-`: Application specific
+- `conf-`: Configuration files, including ConfigMaps and Secrets.
+- `netw-`: Network files, including Ingress, Services, and Endpoints.
+- `wrkl-`: Workload files, including Deployments, StatefulSets, and Jobs.
+
+Deployment and statefulset resources are configured to use the `index-html` configmap and display the content of the `index.html` file, populated with all the config values; just a simple example to simulate a web application and its configurations - feel free to replace it with your own application.
+
+```
+drift-detection
+├── Chart.yaml
+├── README.md
+├── templates
+│   ├── 0-configmap-index-html.yaml
+│   ├── NOTES.txt
+│   ├── _helpers.tpl
+│   ├── conf-secret-app.yaml
+│   ├── conf-secret-db.yaml
+│   ├── configmap-app.yaml
+│   ├── configmap-db.yaml
+│   ├── netw-ingress.yaml
+│   ├── netw-service-app.yaml
+│   ├── netw-service-db.yaml
+│   ├── wrkl-deployment.yaml
+│   └── wrkl-statefulset.yaml
+└── values.yaml
+```
+
+## Installation
+
+To install the Helm chart, follow these steps:
+
+1. Ensure you have Helm installed on your machine.
+2. Navigate to the project directory:
+   ```
+   cd drift-detection
+   ```
+3. Install the chart:
+   ```
+   helm install la-rebelion-drift-detection .
+   ```
+
+## Configuration
+
+You can customize the deployment by modifying the `values.yaml` file. This file contains default values for the templates in the chart.
+
+## Services
+
+This project includes:
+- A StatefulSet with 2 replicas for managing stateful applications.
+- A Deployment with 2 replicas for stateless applications.
+- ConfigMaps for application and database configurations.
+- Secrets for sensitive information such as database credentials.
+
+## Cluster Requirements
+
+This chart requires a Kubernetes cluster where you can access the services using the NodePort service type. You can also use a LoadBalancer service type if your cluster supports it.
+
+If you don't have a cluster, you can create one, for your convenience I have created a [guide to install a Kubernetes cluster using K0s, K3s, minikube, or microk8s](https://rebelion.la/the-easiest-kubernetes-installations-ever).
+Kubernetes in Docker ([Kind](https://kind.sigs.k8s.io)) is another great tool for testing Kubernetes configurations locally.
+**Or you can use the ["K1s, a Serverless Kubernetes"](https://k1s.sh/serverless-kubernetes) to access a Kubernetes cluster in 1 second withouth any installation, no resource management, no cost.**
+
+Port-forward the services to access them from your local machine:
+
+```
+kubectl port-forward svc/db-service 5432:5432
+kubectl port-forward svc/app-service 8080:8080
+```
+
+This will create two services with NodePort type that you can access from your local machine. Access the services by running the following command:
+
+```
+curl 
+```
+
+## Usage
+
+Once the chart is installed, you can access the services as defined in the `service-app.yaml` and `service-db.yaml` templates. The application pods will print the environment variables configured from the ConfigMaps and Secrets.
+
+## License
+
+This project is licensed under the MIT License.

charts/drift-detection/templates/0-configmap-index-html.yaml

@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: index-html
+data:
+  index.html: |
+    <!DOCTYPE html>
+    <html>
+    <head>
+      <title>Environment Variables</title>
+      <script>
+        window.onload = function() {
+          var envVars = {
+            DB_SERVER: "{{ .Values.db.server }}",
+            APP_CONFIG: "{{ .Values.app.env }}",
+            DB_USERNAME: "{{ .Values.secrets.db.username }}"
+          };
+          document.getElementById('env').innerText = JSON.stringify(envVars, null, 2);
+        };
+      </script>
+    </head>
+    <body>
+      <h1>Environment Variables</h1>
+      <pre id="env"></pre>
+    </body>
+    </html>

charts/drift-detection/templates/NOTES.txt

@@ -0,0 +1,20 @@
+Thank you for installing {{ .Chart.Name }} v{{ .Chart.Version }}.
+Your release is named {{ .Release.Name }}.
+
+A sample skeleton for the drift detection configuration using helm charts.
+
+To access the application go to http://<service-ip>:<service-port>/
+To access the database go to http://<service-ip>:<service-port>/
+
+Firts, you need to port-forward the services to access the application and the database.
+
+kubectl port-forward svc/db-service 5432:5432
+kubectl port-forward svc/app-service 8080:8080
+
+http://localhost:8080/ - for the deployment
+http://localhost:5432/ - for the statefulset
+
+The example uses the `index-html` configmap to populate the `index.html` file with the values from the `values.yaml` file.
+
+Enjoy, and happy drifting! Go Rebels! ✊🏻
+

charts/drift-detection/templates/_helpers.tpl

@@ -0,0 +1,16 @@
+{{- define "la-rebelion.fullname" -}}
+{{- printf "%s-%s" .Release.Name .Chart.Name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "la-rebelion.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+{{- .Release.Name }}-{{ .Chart.Name }}-sa
+{{- else -}}
+{{- .Values.serviceAccount.name -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "la-rebelion.labels" -}}
+app: {{ .Chart.Name }}
+release: {{ .Release.Name }}
+{{- end -}}

charts/drift-detection/templates/conf-secret-app.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: app-secret
+type: Opaque
+data:
+  app-username: {{ .Values.secrets.app.username }}
+  app-password: {{ .Values.secrets.app.password | b64enc | quote }}

charts/drift-detection/templates/conf-secret-db.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: db-secret
+type: Opaque
+data:
+  username: {{ .Values.secrets.db.username | quote }}
+  password: {{ .Values.secrets.db.password | quote | b64enc }}

charts/drift-detection/templates/configmap-app.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: app-config
+data:
+  APP_ENV: "production"
+  APP_LOG_LEVEL: "info"
+  DB_SERVER: "{{ .Values.db.server }}"
+  DB_PORT: "{{ .Values.db.port }}"
+  DB_NAME: "{{ .Values.db.name }}"

charts/drift-detection/templates/configmap-db.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: db-config
+data:
+  DB_SERVER: "{{ .Values.db.server }}"
+  DB_PORT: "{{ .Values.db.port }}"

charts/drift-detection/templates/ingress.yaml

@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: la-rebelion-ingress
+spec:
+  rules:
+  - http:
+      paths:
+      - pathType: Prefix
+        path: /
+        backend:
+          service:
+            name: app-service
+            port:
+              number: 8080
+      - pathType: Prefix
+        path: /db
+        backend:
+          service:
+            name: db-service            
+            port:
+              number: 5432

charts/drift-detection/templates/netw-service-app.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: app-service
+  labels:
+    app: la-rebelion
+    tier: frontend
+spec:
+  type: NodePort
+  ports:
+    - port: 8080
+      targetPort: 8080
+      nodePort: 30080
+  selector:
+    app: la-rebelion
+    tier: frontend

charts/drift-detection/templates/netw-service-db.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: db-service
+  labels:
+    app: la-rebelion
+    tier: backend
+spec:
+  type: NodePort
+  ports:
+    - port: 5432
+      targetPort: 5432
+      nodePort: 32345
+  selector:
+    app: la-rebelion
+    tier: backend