{"id":20038598,"url":"https://github.com/defra/ffc-helm-library","last_synced_at":"2025-08-17T10:39:26.206Z","repository":{"id":46177085,"uuid":"252420171","full_name":"DEFRA/ffc-helm-library","owner":"DEFRA","description":"FFC Helm chart library","archived":false,"fork":false,"pushed_at":"2025-07-24T16:57:16.000Z","size":121,"stargazers_count":5,"open_issues_count":2,"forks_count":9,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-07-24T20:22:24.905Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Smarty","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DEFRA.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-04-02T10:07:58.000Z","updated_at":"2025-07-24T16:57:18.000Z","dependencies_parsed_at":"2024-11-12T11:27:37.288Z","dependency_job_id":"06517cf2-e499-43e9-976e-28ed12369db4","html_url":"https://github.com/DEFRA/ffc-helm-library","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/DEFRA/ffc-helm-library","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DEFRA%2Fffc-helm-library","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DEFRA%2Fffc-helm-library/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DEFRA%2Fffc-helm-library/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DEFRA%2Fffc-helm-library/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DEFRA","download_url":"https://codeload.github.com/DEFRA/ffc-helm-library/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DEFRA%2Fffc-helm-library/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270837408,"owners_count":24654377,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-17T02:00:09.016Z","response_time":129,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-13T10:30:14.774Z","updated_at":"2025-08-17T10:39:26.195Z","avatar_url":"https://github.com/DEFRA.png","language":"Smarty","funding_links":[],"categories":[],"sub_categories":[],"readme":"# FCP Platform Helm Library Chart\n\nA Helm library chart that captures general configuration for the FCP Kubernetes platform. It can be used by any FCP microservice Helm chart to import K8s object templates configured to run on the FCP platform.\n\n## Including the library chart\n\nIn your microservice Helm chart:\n\n- Update `Chart.yaml` to `apiVersion: v2`.\n- Add the library chart under `dependencies` and choose the version you want (example below). Version number can include `~` or `^` to pick up latest PATCH and MINOR versions respectively.\n- Issue the following commands to add the repo that contains the library chart, update the repo, then update dependencies in your Helm chart:\n\n```bash\nhelm repo add ffc https://raw.githubusercontent.com/defra/ffc-helm-repository/master/\nhelm repo update\nhelm dependency update \u003chelm_chart_location\u003e\n```\n\nAn example FCP microservice `Chart.yaml`:\n\n```yaml\napiVersion: v2\ndescription: A Helm chart to deploy a microservice to the FCP Kubernetes platform\nname: ffc-microservice\nversion: 1.0.0\ndependencies:\n  - name: ffc-helm-library\n    version: 4.1.0\n    repository: https://raw.githubusercontent.com/defra/ffc-helm-repository/master/\n```\n\n## Using the K8s object templates\n\nFirst, follow [the instructions](#including-the-library-chart) for including the FCP Helm library chart.\n\nThe FCP Helm library chart has been configured using the conventions described in the [Helm library chart documentation](https://helm.sh/docs/topics/library_charts/). The K8s object templates provide settings shared by all objects of that type, which can be augmented with extra settings from the parent (FCP microservice) chart. The library object templates will merge the library and parent templates. In the case where settings are defined in both the library and parent chart, the parent chart settings will take precedence, so library chart settings can be overridden. The library object templates will expect values to be set in the parent `.values.yaml`. Any required values (defined for each template below) that are not provided will result in an error message when processing the template (`helm install`, `helm upgrade`, `helm template`).\n\nThe general strategy for using one of the library templates in the parent microservice Helm chart is to create a template for the K8s object formateted as so:\n\n```yaml\n{{- include \"ffc-helm-library.secret\" (list . \"ffc-microservice.secret\") -}}\n{{- define \"ffc-microservice.secret\" -}}\n# Microservice specific configuration in here\n{{- end -}}\n```\n\nThis example would be for `template/secret.yaml` in the `ffc-microservice` Helm chart. The initial `include` statement can be wrapped in an `if` statement if you only wish to create the K8s object based on a condition. E.g., only create the secret is a `pr` value has been set in `values.yaml`:\n\n```yaml\n{{- if .Values.pr }}\n{{- include \"ffc-helm-library.secret\" (list . \"ffc-microservice.secret\") -}}\n{{- end }}\n{{- define \"ffc-microservice.secret\" -}}\n# Microservice specific configuration in here\n{{- end -}}\n```\n\n### Azure Identity template\n\n- Template file: `_azure-identity.yaml`\n- Template name: `ffc-helm-library.azure-identity`\n\nA K8s `AzureIdentity` object. Must be used in conjunction with the `AzureIdentityBinding` described below. The name of the template is set automatically based on the name of the Helm chart (as defined by `name:` in the `values.yaml`) to `\u003cname\u003e-identity`.\n\nA basic usage of this object template would involve the creation of `templates/azure-identity.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.azure-identity\" (list . \"ffc-microservice.azure-identity\") -}}\n{{- define \"ffc-microservice.azure-identity\" -}}\n{{- end -}}\n```\n\n#### Required values\n\nThe following values need to be set in the parent chart's `values.yaml`:\n\n```yaml\nazureIdentity:\n  resourceID:\n  clientID:\n```\n\n### Azure Identity Binding template\n\n- Template file: `_azure-identity-binding.yaml`\n- Template name: `ffc-helm-library.azure-identity-binding`\n\nA K8s `AzureIdentityBinding` object. Must be used in conjunction with the `AzureIdentity` described above. The name of the template is set automatically based on the name of the Helm chart (as defined by `name:` in the `values.yaml`) to `\u003cname\u003e-identity-binding`.\n\nA basic usage of this object template would involve the creation of `templates/azure-identity-binding.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.azure-identity-binding\" (list . \"ffc-microservice.azure-identity-binding\") -}}\n{{- define \"ffc-microservice.azure-identity-binding\" -}}\n{{- end -}}\n```\n\n### Cluster IP service template\n\n- Template file: `_cluster-ip-service.yaml`\n- Template name: `ffc-helm-library.cluster-ip-service`\n\nA K8s `Service` object of type `ClusterIP`.\n\nA basic usage of this object template would involve the creation of `templates/cluster-ip-service.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.cluster-ip-service\" (list . \"ffc-microservice.service\") -}}\n{{- define \"ffc-microservice.service\" -}}\n# Microservice specific configuration in here\n{{- end -}}\n```\n\n#### Required values\n\nThe following values need to be set in the parent chart's `values.yaml`:\n\n```yaml\ncontainer:\n  port: \u003cinteger\u003e\n```\n\n### Container template\n\n- Template file: `_container.yaml`\n- Template name: `ffc-helm-library.container`\n\nA template for the container definition to be used within a K8s `Deployment` object.\n\nA basic usage of this object template would involve the creation of `templates/_container.yaml` in the parent Helm chart (e.g. `ffc-microservice`). Note the `_` in the name. This template is part of the `Deployment` object definition and will be used in conjunction the `_deployment.yaml` template ([see below](#deployment-template)). As a minimum `templates/_container.yaml` would define environment variables and may also include liveness/readiness probes when applicable e.g.:\n\n```yaml\n{{- define \"ffc-microservice.container\" -}}\nenv: \u003clist\u003e\nlivenessProbe: \u003cmap\u003e\nreadinessProbe: \u003cmap\u003e\n{{- end -}}\n```\n\nThe liveness and readiness probes could take advantage of the helper templates for [http GET probe](#http-get-probe) and [exec probe](#exec-probe) defined within the library chart and described below.\n\n#### Required values\n\nThe following values need to be set in the parent chart's `values.yaml`:\n\n```yaml\nimage: \u003cstring\u003e\ncontainer:\n  resourceTier: \u003cstring\u003e # Allowed values: S, M, L, XL\n```\n\n#### Optional values\n\nThe following values can optionally be set in the parent chart's `values.yaml` to enable a command with arguments to run within the container or change the security context:\n\n```yaml\ncontainer:\n  imagePullPolicy: \u003cstring\u003e\n  command: \u003clist of strings\u003e\n  args: \u003clist of strings\u003e\n  readOnlyRootFilesystem: \u003cboolean\u003e\n  allowPrivilegeEscalation: \u003cboolean\u003e\n  requestMemory: \u003cstring\u003e # if not using resourceTier\n  requestCPU: \u003cstring\u003e # if not using resourceTier\n  limitMemory: \u003cstring\u003e # if not using resourceTier\n  limitCPU: \u003cstring\u003e # if not using resourceTier\n```\n\n### Container ConfigMap template\n\n- Template file: `_containter-config-map.yaml`\n- Template name: `ffc-helm-library.containter-config-map`\n\nA K8s `ConfigMap` object object to host non-sensitive container configuration data.\n\nA basic usage of this object template would involve the creation of `templates/containter-config-map.yaml` in the parent Helm chart (e.g. `ffc-microservice`), which should include the `data` map containing the configuration data:\n\n```yaml\n{{- include \"ffc-helm-library.containter-config-map\" (list . \"ffc-microservice.containter-config-map\") -}}\n{{- define \"ffc-microservice.containter-config-map\" -}}\ndata:\n  \u003ckey1\u003e: \u003cvalue1\u003e\n  ...\n{{- end -}}\n```\n\n### Container Secret template\n\n- Template file: `_containter-secret.yaml`\n- Template name: `ffc-helm-library.containter-secret`\n\nA K8s `Secret` object to host sensitive data such as a password or token in a container.\n\nA basic usage of this object template would involve the creation of `templates/containter-secret.yaml` in the parent Helm chart (e.g. `ffc-microservice`), which should include the `data` map containing the sensitive data :\n\n```yaml\n{{- include \"ffc-helm-library.containter-secret\" (list . \"ffc-microservice.containter-secret\") -}}\n{{- define \"ffc-microservice.containter-secret\" -}}\ndata:\n  \u003ckey1\u003e: \u003cvalue1\u003e\n  ...\n{{- end -}}\n```\n\n### Deployment template\n\n- Template file: `_deployment.yaml`\n- Template name: `ffc-helm-library.deployment`\n\nA K8s `Deployment` object.\n\nA basic usage of this object template would involve the creation of `templates/deployment.yaml` in the parent Helm chart (e.g. `ffc-microservice`) that includes the template defined in `_container.yaml` template:\n\n```yaml\n{{- include \"ffc-helm-library.deployment\" (list . \"ffc-microservice.deployment\") -}}\n{{- define \"ffc-microservice.deployment\" -}}\n{{- end -}}\n```\n\n#### Optional values\n\nThe following value can optionally be set in the parent chart's `values.yaml` to enable the configuration of imagePullSecrets in the K8s object or change the running user:\n\n```yaml\ndeployment:\n  automountServiceAccountToken: \u003cboolean\u003e # defaults to false\n  imagePullSecret: \u003cstring\u003e\n  runAsUser: \u003cinteger\u003e\n  runAsNonRoot: \u003cboolean\u003e\n  priorityClassName: \u003cstring\u003e\n  restartPolicy: \u003cstring\u003e\n  replicas: \u003cinteger\u003e\n  minReadySeconds: \u003cinteger\u003e\n```\n\nThe following value can optionally be set in the parent chart's `values.yaml` to link the deployment to a service account K8s object:\n\n```yaml\nserviceAccount:\n  name: \u003cstring\u003e\n  roleArn: \u003cstring\u003e\n```\n\n### Service account template\n\n- Template file: `_service-account.yaml`\n- Template name: `ffc-helm-library.service-account`\n\nA K8s `ServiceAccount` object.\n\nA basic usage of this object template would involve the creation of `templates/service-account.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\nA service account is needed when the service needs to use Workload Identity to connect to the resources in Azure\nAfter adding the service account, `workloadIdentity: true` needs to be added to the `value.yaml` file. By activating Workload Identity, the Pod Identity will be disabled.\n\n```yaml\n{{- include \"ffc-helm-library.service-account\" (list . \"ffc-microservice.service-account\") -}}\n{{- define \"ffc-microservice.service-account\" -}}\n# Microservice specific configuration in here\n{{- end -}}\n```\n\n### EKS service account template\n\n- Template file: `_eks-service-account.yaml`\n- Template name: `ffc-helm-library.eks-service-account`\n\nA K8s `ServiceAccount` object configured for use on AWS's managed K8s service EKS.\n\nA basic usage of this object template would involve the creation of `templates/eks-service-account.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.eks-service-account\" (list . \"ffc-microservice.eks-service-account\") -}}\n{{- define \"ffc-microservice.eks-service-account\" -}}\n# Microservice specific configuration in here\n{{- end -}}\n```\n\n#### Required values\n\nThe following values need to be set in the parent chart's `values.yaml`:\n\n```yaml\nserviceAccount:\n  name: \u003cstring\u003e\n  roleArn: \u003cstring\u003e\n```\n\n### Ingress template\n\n- Template file: `_ingress.yaml`\n- Template name: `ffc-helm-library.ingress`\n\nA K8s `Ingress` object that can be configured for Nginx or AWS ALB (Amazon Load Balancer).\n\nA basic Nginx `Ingress` object would involve the creation of `templates/ingress.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.ingress\" (list . \"ffc-microservice.ingress\") -}}\n{{- define \"ffc-microservice.ingress\" -}}\nmetadata:\n  annotations:\n    \u003cmap_of_nginx-ingress-annotations\u003e\n{{- end -}}\n```\n\nA basic ALB `Ingress` object would involve the creation of `templates/ingress-alb.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.ingress\" (list . \"ffc-microservice.ingress-alb\") -}}\n{{- define \"ffc-microservice.ingress-alb\" -}}\nmetadata:\n  annotations:\n    \u003cmap_of_alb-ingress-annotation\u003e\n{{- end -}}\n```\n\n#### Optional values\n\nThe following values can optionally be set in the parent chart's `values.yaml` to set the value of `host`:\n\n```yaml\npr: \u003cstring\u003e\ningress:\n  endpoint: \u003cstring\u003e\n  server: \u003cstring\u003e\n```\n\n### Azure Ingress template\n\n- Template file: `_azure-ingress.yaml`\n- Template name: `ffc-helm-library.azure-ingress`\n\nA K8s `Ingress` object that can be configured for Nginx for use in Azure.\n\nA basic Nginx `Ingress` object would involve the creation of `templates/ingress.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.azure-ingress\" (list . \"ffc-microservice.ingress\") -}}\n{{- define \"ffc-microservice.ingress\" -}}\nmetadata:\n  annotations:\n    \u003cmap_of_nginx-ingress-annotations\u003e\n{{- end -}}\n```\n\n#### Optional values\n\nThe following values can optionally be set in the parent chart's `values.yaml` to set the value of `host`:\n\n```yaml\npr: \u003cstring\u003e\ningress:\n  endpoint: \u003cstring\u003e\n  server: \u003cstring\u003e\n  type: \u003cstring\u003e\n  path: \u003cstring\u003e\n```\n\nThe `type` value is used to create a [mergeable ingress type](https://github.com/nginxinc/kubernetes-ingress/tree/master/examples/mergeable-ingress-types)\nand should have the value `master` or `minion`.\n\n### Azure Ingress template (master)\n\n- Template file: `_azure-ingress-master.yaml`\n- Template name: `ffc-helm-library.azure-ingress-master`\n\nA K8s `Ingress` object that can be configured for Nginx for use in Azure with a `master` [mergeable ingress type](https://github.com/nginxinc/kubernetes-ingress/tree/master/examples/mergeable-ingress-types).\n\nAlthough the `Azure Ingress template` can also be used to create `master` mergeable ingress types. This template exists to support scenarios where a Helm chart needs to contain both a `master` and a `minion` resource without conflicts in value properties.\n\nA basic Nginx `Ingress` object would involve the creation of `templates/ingress.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.azure-ingress-master\" (list . \"ffc-microservice.ingress\") -}}\n{{- define \"ffc-microservice.ingress\" -}}\nmetadata:\n  annotations:\n    \u003cmap_of_nginx-ingress-annotations\u003e\n{{- end -}}\n```\n\n#### Optional values\n\nThe following values can optionally be set in the parent chart's `values.yaml` to set the value of `host`:\n\n```yaml\npr: \u003cstring\u003e\ningress:\n  endpoint: \u003cstring\u003e\n  server: \u003cstring\u003e\n```\n\n### Postgres service template\n\n- Template file: `_postgres-service.yaml`\n- Template name: `ffc-helm-library.postgres-service`\n\nA K8s `Service` object of type `ExternalName` configured to refer to a Postgres database hosted on a server outside of the K8s cluster such as AWS RDS.\n\nA basic usage of this object template would involve the creation of `templates/postgres-service.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.postgres-service\" (list . \"ffc-microservice.postgres-service\") -}}\n{{- define \"ffc-microservice.postgres-service\" -}}\n# Microservice specific configuration in here\n{{- end -}}\n```\n\n#### Required values\n\nThe following values need to be set in the parent chart's `values.yaml`:\n\n```\npostgresService:\n  postgresHost: \u003cstring\u003e\n  postgresExternalName: \u003cstring\u003e\n  postgresPort: \u003cinteger\u003e\n```\n\n### RBAC role binding template\n\n- Template file: `_role-binding.yaml`\n- Template name: `ffc-helm-library.role-binding`\n\nA K8s `RoleBinding` object used to bind a role to a user as part of RBAC configuration in the K8s cluster.\n\nA basic usage of this object template would involve the creation of `templates/role-binding.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.role-binding\" (list . \"ffc-microservice.role-binding\") -}}\n{{- define \"ffc-microservice.role-binding\" -}}\n# Microservice specific configuration in here\n{{- end -}}\n```\n\n### Secret template\n\n- Template file: `_secret.yaml`\n- Template name: `ffc-helm-library.secret`\n\nA K8s `Secret` object to host sensitive data such as a password or token.\n\nA basic usage of this object template would involve the creation of `templates/secret.yaml` in the parent Helm chart (e.g. `ffc-microservice`), which should include the `data` map containing the sensitive data :\n\n```yaml\n{{- include \"ffc-helm-library.secret\" (list . \"ffc-microservice.secret\") -}}\n{{- define \"ffc-microservice.secret\" -}}\nstringData:\n  \u003ckey1\u003e: \u003cvalue1\u003e\n  ...\n{{- end -}}\n```\n\n### Secret Provider Class template\n\n- Template file: `_secret-provider-class.yaml`\n- Template name: `ffc-helm-library.secret-provider-class`\n\nA K8s `SecretProviderClass` object for the Secrets Store CSI Driver. This template enables integration with external secret management systems like Azure Key Vault to mount secrets as volumes in pods, using [workload identity](https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-identity-access?tabs=azure-portal\u0026pivots=access-with-a-microsoft-entra-workload-identity) for authentication.\n\nWhen `secretProviderClass` is configured, secrets from Azure Key Vault are automatically mounted as files at `/mnt/secrets-store` in all containers (Deployment, StatefulSet, and CronJob). Applications can read these secrets directly from the filesystem.\n\nA basic usage of this object template would involve the creation of `templates/secret-provider-class.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- if .Values.secretProviderClass }}\n{{- include \"ffc-helm-library.secret-provider-class.tpl\" . }}\n{{- end }}\n```\n\n#### Required values\n\nThe following values need to be set in the parent chart's `values.yaml` for Azure Key Vault integration:\n\n```yaml\nsecretProviderClass:\n  azure:\n    clientID: \u003cstring\u003e # Client ID for workload identity\n    keyvaultName: \u003cstring\u003e # Name of the Azure Key Vault\n    tenantId: \u003cstring\u003e # Azure tenant ID\n    objects:\n      - objectName: \u003cstring\u003e # Name of the secret in Key Vault\n        objectType: secret # Type: secret, key, or cert (default: \"secret\")\n        objectVersion: \u003cstring\u003e # Specific version (optional, default: latest)\n```\n\n#### Optional values\n\nThe following values can optionally be set in the parent chart's `values.yaml`:\n\n```yaml\nsecretProviderClass:\n  azure:\n    usePodIdentity: \"false\" # Default: \"false\" (for workload identity)\n\n  # Optional: Create Kubernetes secrets from mounted secrets\n  secretObjects:\n    - secretName: \u003cstring\u003e # Name of the K8s secret to create\n      type: \u003cstring\u003e # Default: \"Opaque\"\n      data:\n        - objectName: \u003cstring\u003e # Name from Key Vault\n          key: \u003cstring\u003e # Key name in the K8s secret\n```\n\n#### Example configuration\n\n```yaml\nsecretProviderClass:\n  azure:\n    usePodIdentity: \"false\" # Default: \"false\" (can be omitted)\n    clientID: \"your-client-id\" # Setting this to use workload identity\n    keyvaultName: \"your-keyvault-name\" # Set to the name of your key vault\n    tenantId: \"87654321-4321-4321-4321-210987654321\" # Your Azure tenant ID\n    objects:\n      - objectName: \"database-password\" # Set to the name of your secret\n        objectType: \"secret\" # object types: secret, key, or cert\n      - objectName: \"api-key\"\n        objectType: \"secret\"\n        objectVersion: \"latest\" # [OPTIONAL] object versions, default to latest if empty\n\n  # Optional: Create Kubernetes secrets from mounted secrets\n  secretObjects:\n    - secretName: \"app-secrets\"\n      type: \"Opaque\"\n      data:\n        - objectName: \"database-password\"\n          key: \"DB_PASSWORD\"\n        - objectName: \"api-key\"\n          key: \"API_KEY\"\n```\n\n### Service template\n\n- Template file: `_service.yaml`\n- Template name: `ffc-helm-library.service`\n\nA generic K8s `Service` object requiring a service type to be set.\n\nA basic usage of this object template would involve the creation of `templates/secret.yaml` in the parent Helm chart (e.g. `ffc-microservice`) containing:\n\n```yaml\n{{- include \"ffc-helm-library.service\" (list . \"ffc-microservice.service\") -}}\n{{- define \"ffc-microservice.service\" -}}\n# Microservice specific configuration in here\n{{- end -}}\n```\n\n#### Required values\n\nThe following values need to be set in the parent chart's `values.yaml`:\n\n```yaml\nservice:\n  type: \u003cstring\u003e\n```\n\n### Horizontal Pod Autoscaler template\n\n- Template file: `_horizontal-pod-autoscaler.yaml`\n- Template name: `helm-library.horizontal-pod-autoscaler`\n\nA k8s `HorizontalPodAutoscaler`.\n\nA basic usage of this object template would involve the creation of `templates/horizontal-pod-autoscaler.yaml` in the parent Helm chart (e.g. `microservice`).\n\n```yaml\n{{- include \"ffc-helm-library.horizontal-pod-autoscaler\" (list . \"microservice.horizontal-pod-autoscaler\") -}}\n{{- define \"microservice.horizontal-pod-autoscaler\" -}}\nspec:\n  metrics:\n  - type: Resource\n    resource:\n      name: cpu\n      target:\n        type: Utilization\n        averageUtilization: 50\n  - type: Resource\n    resource:\n      name: memory\n      target:\n        type: AverageValue\n        averageValue: 100Mi\n{{- end -}}\n```\n\n#### Required values\n\nThe following values need to be set in the parent chart's `values.yaml`:\n\n```yaml\ndeployment:\n  minReplicas: \u003cinteger\u003e\n  maxReplicas: \u003cinteger\u003e\n```\n\n### Vertical Pod Autoscaler template\n\n- Template file: `_vertical-pod-autoscaler.yaml`\n- Template name: `helm-library.vertical-pod-autoscaler`\n\nA k8s `VerticalPodAutoscaler`.\n\nA basic usage of this object template would involve the creation of `templates/vertical-pod-autoscaler.yaml` in the parent Helm chart (e.g. `microservice`).\n\n```yaml\n{{- include \"ffc-helm-library.vertical-pod-autoscaler\" (list . \"microservice.vertical-pod-autoscaler\") -}}\n{{- define \"microservice.vertical-pod-autoscaler\" -}}\n{{- end -}}\n```\n\n#### Required values\n\nThe following values need to be set in the parent chart's `values.yaml`:\n\n```yaml\ndeployment:\n  updateMode: \u003cstring\u003e\n```\n\n### Storage Class template\n\n- Template file: `_storage-class.yaml`\n- Template name: `helm-library.storage-class`\n\nA k8s `StorageClass`.\n\nA basic usage of this object template would involve the creation of `templates/storage-class.yaml` in the parent Helm chart (e.g. `microservice`).\n\n```yaml\n{{- include \"ffc-helm-library.storage-class\" (list . \"microservice.storage-class\") -}}\n{{- define \"microservice.storage-class\" -}}\n{{- end -}}\n```\n\n### Persistent Volume template\n\n- Template file: `_persistent-volume.yaml`\n- Template name: `helm-library.persistent-volume`\n\nA k8s `PersistentVolume`.\n\nA basic usage of this object template would involve the creation of `templates/persistent-volume.yaml` in the parent Helm chart (e.g. `microservice`).\n\n```yaml\n{{- include \"ffc-helm-library.persistent-volume\" (list . \"microservice.persistent-volume\") -}}\n{{- define \"microservice.persistent-volume\" -}}\n{{- end -}}\n```\n\n### Persistent Volume Claim template\n\n- Template file: `_persistent-volume-claim.yaml`\n- Template name: `helm-library.persistent-volume-claim`\n\nA k8s `PersistentVolumeClaim`.\n\nA basic usage of this object template would involve the creation of `templates/persistent-volume-claim.yaml` in the parent Helm chart (e.g. `microservice`).\n\n```yaml\n{{- include \"ffc-helm-library.persistent-volume-claim\" (list . \"microservice.persistent-volume-claim\") -}}\n{{- define \"microservice.persistent-volume-claim\" -}}\n{{- end -}}\n```\n\n## Helper templates\n\nIn addition to the K8s object templates described above, a number of helper templates are defined in `_helpers.tpl` that are both used within the library chart and available to use within a consuming parent chart.\n\n### Default check required message\n\n- Template name: `ffc-helm-library.default-check-required-msg`\n- Usage: `{{- include \"ffc-helm-library.default-check-required-msg\" . }}`\n\nA template defining the default message to print when checking for a required value within the library. This is not designed to be used outside of the library.\n\n### Labels\n\n- Template name: `ffc-helm-library.labels`\n- Usage: `{{- include \"ffc-helm-library.labels\" . }}`\n\nCommon labels to apply to `metadata` of all K8s objects on the FCP K8s platform. This template relies on the globally required values [listed above](#all-template-required-values).\n\n### Selector labels\n\n- Template name: `ffc-helm-library.selector-labels`\n- Usage: `{{- include \"ffc-helm-library.selector-labels\" . }}`\n\nCommon selector labels that can be applied where necessary to K8s objects on the FCP K8s platform. This template relies on the globally required values [listed above](#all-template-required-values).\n\n### Http GET probe\n\n- Template name: `ffc-helm-library.http-get-probe`\n- Usage: `{{- include \"ffc-helm-library.http-get-probe\" (list . \u003cmap_of_probe_values\u003e) }}`\n\nTemplate for configuration of an http GET probe, which can be used for `readinessProbe` and/or `livenessProbe` in a container definition within a `Deployment` (see [container template](#container-template)).\n\n#### Required values\n\nThe following values need to be passed to the probe in the `\u003cmap_of_probe_values\u003e`:\n\n```yaml\npath: \u003cstring\u003e\nport: \u003cinteger\u003e\ninitialDelaySeconds: \u003cinteger\u003e\nperiodSeconds: \u003cinteger\u003e\nfailureThreshold: \u003cinteger\u003e\n```\n\n#### Optional values\n\n```yaml\ntimeoutSeconds: \u003cinteger\u003e\n```\n\n### Exec probe\n\n- Template name: `ffc-helm-library.exec-probe`\n- Usage: `{{- include \"ffc-helm-library.exec-probe\" (list . \u003cmap_of_probe_values\u003e) }}`\n\nTemplate for configuration of an \"exec\" probe that runs a local script, which can be used for `readinessProbe` and/or `livenessProbe` in a container definition within a `Deployment` (see [container template](#container-template)).\n\n#### Required values\n\nThe following values need to be passed to the probe in the `\u003cmap_of_probe_values\u003e`:\n\n```yaml\nscript: \u003cstring\u003e\ninitialDelaySeconds: \u003cinteger\u003e\nperiodSeconds: \u003cinteger\u003e\ntimeoutSeconds: \u003cinteger\u003e\nfailureThreshold: \u003cinteger\u003e\n```\n\n#### Optional values\n\n```yaml\ntimeoutSeconds: \u003cinteger\u003e\n```\n\n### Cron Job template\n\n- Template file: `_cron-job.yaml`\n- Template name: `ffc-helm-library.cron-job`\n\nA k8s `CronJob`.\n\nA basic usage of this object template would involve the creation of `templates/cron-job.yaml` in the parent Helm chart (e.g. `microservice`) that includes the template defined in `_container.yaml` template:\n\n```yaml\n{{- include \"ffc-helm-library.cron-job\" (list . \"microservice.cron-job\") -}}\n{{- define \"microservice.cron-job\" -}}\n{{- end -}}\n\n```\n\n### StatefulSet template\n\n- Template file: `_statefulset.yaml`\n- Template name: `ffc-helm-library.statefulset`\n\nA K8s `StatefulSet` object.\n\nA basic usage of this object template would involve the creation of `templates/statefulset.yaml` in the parent Helm chart (e.g. `microservice`) that includes the template defined in `_container.yaml` template:\n\n```yaml\n{{- include \"ffc-helm-library.statefulset\" (list . \"microservice.deployment\") -}}\n{{- define \"microservice.deployment\" -}}\n{{- end -}}\n```\n\n## Licence\n\nTHIS INFORMATION IS LICENSED UNDER THE CONDITIONS OF THE OPEN GOVERNMENT LICENCE found at:\n\nhttp://www.nationalarchives.gov.uk/doc/open-government-licence/version/3\n\nThe following attribution statement MUST be cited in your products and applications when using this information.\n\n\u003e Contains public sector information licensed under the Open Government license v3\n\n### About the licence\n\nThe Open Government Licence (OGL) was developed by the Controller of Her Majesty's Stationery Office (HMSO) to enable information providers in the public sector to license the use and re-use of their information under a common open licence.\n\nIt is designed to encourage use and re-use of information freely and flexibly, with only a few conditions.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdefra%2Fffc-helm-library","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdefra%2Fffc-helm-library","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdefra%2Fffc-helm-library/lists"}