{"id":16567173,"url":"https://github.com/zloeber/helm-namespace","last_synced_at":"2025-03-05T10:28:29.557Z","repository":{"id":86166835,"uuid":"231262508","full_name":"zloeber/helm-namespace","owner":"zloeber","description":"A generic helm namespace chart","archived":false,"fork":false,"pushed_at":"2020-03-06T02:57:50.000Z","size":9,"stargazers_count":6,"open_issues_count":2,"forks_count":11,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-01-15T23:43:07.377Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Smarty","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zloeber.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-01-01T20:48:58.000Z","updated_at":"2024-12-13T12:16:04.000Z","dependencies_parsed_at":"2023-03-13T08:44:26.043Z","dependency_job_id":null,"html_url":"https://github.com/zloeber/helm-namespace","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zloeber%2Fhelm-namespace","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zloeber%2Fhelm-namespace/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zloeber%2Fhelm-namespace/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zloeber%2Fhelm-namespace/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zloeber","download_url":"https://codeload.github.com/zloeber/helm-namespace/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242008883,"owners_count":20056983,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-11T21:05:51.024Z","updated_at":"2025-03-05T10:28:29.500Z","avatar_url":"https://github.com/zloeber.png","language":"Smarty","funding_links":[],"categories":[],"sub_categories":[],"readme":"# helm-namespace\n\nA generic helm3 namespace chart for use with helmfile or similar helm gluing toolsets. This is just a carry over solution for helm 3's inabilty to create namespaces for a release (likely going to change with helm 3.1). \n\n## Values\n\nPretty much just a list of namespaces to create as well as additional labels and annotations you'd like to append. You can also set if helm is allowed to delete the namespace or not. Default policy is 'keep'.\n\n```\nnamespaces:\n- namespace1\n- namespace2\nhelmResourcePolicy: keep\nannotations:\n  certmanager.k8s.io/disable-validation: true\nlabels:\n  additional_label1: myvalue\n```\n## Example - helmfile\n\nA simple example helmfile that creates a namespace as part of a cert-manager deployment. The default helm resource policy of 'keep' is used so that the namespace will not be removed in a helm destroy operation. This means you will have to manually delete the namespace if you want to reinstall the deployment while testing things out. Default tillerless plugin options are also set if this helmfile is created with helm version 2. I only include the namespace generation in this example for brevity.\n\n```\nhelmDefaults:\n  tillerless: true\n  tillerNamespace: platform\n  atomic: false\n  verify: false\n  wait: true\n  timeout: 1200\n  recreatePods: true\n  force: true\n\nrepositories:\n- name: jetstack\n  url: \"https://charts.jetstack.io\"\n- name: \"incubator\"\n  url: \"https://kubernetes-charts-incubator.storage.googleapis.com\"\n- name: \"zloeber\"\n  url: \"git+https://github.com/zloeber/helm-namespace@chart\"\nreleases:\n###############################################################################\n## CERT-MANAGER - Automatic Let's Encrypt for Ingress  ########################\n##   Also provides local CA for issuing locally valid TLS certificates  #######\n###############################################################################\n# References:\n# - https://github.com/jetstack/cert-manager/blob/v0.11.0/deploy/charts/cert-manager/values.yaml\n# Instructions for installing and testing correct install are at\n# - https://docs.cert-manager.io/en/release-0.9/getting-started/install/kubernetes.html\n- name: namespace-cert-manager\n  # Helm 3 needs to put deployment info into a namespace. As this creates a namespace it will not exist yet so we use 'kube-system' \n  #  which should exist in all clusters.\n  chart: zloeber/namespace\n  namespace: kube-system\n  labels:\n    chart: namespace-cert-manager\n    component: \"cert-manager\"\n    namespace: \"cert-manager\"\n  values:\n  - namespaces:\n    - cert-manager\n    annotations:\n      certmanager.k8s.io/disable-validation: true\n- name: \"cert-manager\"\n  namespace: \"cert-manager\"\n  labels:\n    chart: \"cert-manager\"\n    repo: \"stable\"\n    component: \"kiam\"\n    namespace: \"cert-manager\"\n    vendor: \"jetstack\"\n    default: \"false\"\n  chart: jetstack/cert-manager\n  version: \"v0.9.0\"\n  wait: true\n  installed: {{ env \"CERT_MANAGER_INSTALLED\" | default \"true\" }}\n  hooks:\n    # This hook adds the CRDs\n    - events: [\"presync\"]\n      showlogs: true\n      command: \"/bin/sh\"\n      args: [\"-c\", \"kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.9/deploy/manifests/00-crds.yaml\"]\n  values:\n    - fullnameOverride: cert-manager\n      rbac:\n        create: {{ env \"RBAC_ENABLED\" | default \"true\" }}\n      ingressShim:\n        defaultIssuerName: '{{ env \"CERT_MANAGER_INGRESS_SHIM_DEFAULT_ISSUER_NAME\" | default \"letsencrypt-staging\" }}'\n        defaultIssuerKind: '{{ env \"CERT_MANAGER_INGRESS_SHIM_DEFAULT_ISSUER_KIND\" | default \"ClusterIssuer\" }}'\n{{ if env \"CERT_MANAGER_IAM_ROLE\" | default \"\" }}\n      podAnnotations:\n        iam.amazonaws.com/role: '{{ env \"CERT_MANAGER_IAM_ROLE\" }}'\n{{ end }}\n      serviceAccount:\n        create: {{ env \"RBAC_ENABLED\" | default \"true\" }}\n        name: '{{ env \"CERT_MANAGER_SERVICE_ACCOUNT_NAME\" | default \"\" }}'\n{{- if eq (env \"MONITORING_ENABLED\" | default \"true\") \"true\" }}\n      prometheus:\n        enabled: true\n        servicemonitor:\n          enabled: true\n          prometheusInstance: {{ env \"PROMETHEUS_INSTANCE\" | default \"kube-prometheus\" }}\n          targetPort: 9402\n          path: /metrics\n          interval: 60s\n          scrapeTimeout: 30s\n{{ end }}\n      webhook:\n        enabled: false\n      cainjector:\n        enabled: true\n      resources:\n        limits:\n          cpu: \"200m\"\n          memory: \"256Mi\"\n        requests:\n          cpu: \"50m\"\n          memory: \"128Mi\"\n- name: 'cert-manager-issuers'\n  chart: \"incubator/raw\"\n  namespace: \"cert-manager\"\n  labels:\n    component: \"iam\"\n    namespace: \"cert-manager\"\n    default: \"true\"\n  wait: true\n  force: true\n  recreatePods: true\n  installed: {{ env \"CERT_MANAGER_INSTALLED\" | default \"true\" }}\n  values:\n  - resources:\n    - apiVersion: certmanager.k8s.io/v1alpha1\n      kind: ClusterIssuer\n      metadata:\n        name: letsencrypt-staging\n      spec:\n        acme:\n          server: https://acme-staging-v02.api.letsencrypt.org/directory\n          email: {{ coalesce (env \"SMTP_RECIPIENT\") (env \"CERT_MANAGER_EMAIL\") (env \"KUBE_LEGO_EMAIL\") \"user@example.com\" }}\n          privateKeySecretRef:\n            name: letsencrypt-staging\n          solvers:\n            - http01:\n                ingress:\n                  class: nginx\n{{- if env \"CERT_MANAGER_IAM_ROLE\" | default \"\" }}\n            - dns01:\n                route53: {}\n{{- end }}\n    - apiVersion: certmanager.k8s.io/v1alpha1\n      kind: ClusterIssuer\n      metadata:\n        name: letsencrypt-prod\n      spec:\n        acme:\n          server: https://acme-v02.api.letsencrypt.org/directory\n          email: {{ coalesce (env \"SMTP_RECIPIENT\") (env \"CERT_MANAGER_EMAIL\") (env \"KUBE_LEGO_EMAIL\") \"user@example.com\" }}\n          privateKeySecretRef:\n            name: letsencrypt-prod\n          solvers:\n            - http01:\n                ingress:\n                  class: nginx\n{{- if env \"CERT_MANAGER_IAM_ROLE\" | default \"\" }}\n            - dns01:\n                route53: {}\n{{- end }}\n```\n\nThis helmfile will require that you use the helm-git plugin\n\n```\nhelm plugin install https://github.com/aslafy-z/helm-git.git\n```\n\n## Alternatives\n\nThere are some alternatives which may be better suited to your particular need. See [this thread](https://github.com/roboll/helmfile/issues/891) for more information on each of these.\n\n### Alternative 1 - helm-namespace\n\nI've also done some testing with the helm-namespace plugin and it works very well. Unfortunately this requires changing your helm commands and may interrupt existing workflows. This is the first alternative and honestly, probably the best one.\n\n```\nplugin install https://github.com/thomastaylor312/helm-namespace\n```\n\n### Alternative 2 - presync hooks\n\nThere are also presync helm hooks which will allow you to run kubectl commands to create the namespace if it does not exist. A helmfile would have a presync hook like the following to accomplish this task.\n```\n- events: [\"presync\"]\n      showlogs: true\n      command: \"/bin/sh\"\n      args:\n      - \"-c\"\n      - \u003e-\n        kubectl get namespace \"{{`{{ .Release.Namespace }}`}}\" \u003e/dev/null 2\u003e\u00261 || kubectl create namespace \"{{`{{ .Release.Namespace }}`}}\";\n```\n\nThis has the drawback of requiring 100% certainty of your kubectl context and version. It also obscures your end helm state (imho). Benefits for using this would be that your helm deployment will not puke out on you if the resource (namespace) already exists.\n\n### Alternative 3 - raw charts\n\nThe incubator/raw helm chart is a wonderous chart that you can do so many cool things with that of course you can also create your namespaces with it if desired. Drawback is that it is pure kubernetes declarative manifest yaml (for the most part). Plus, I just wanted a small point solution for use in all my existing helm charts so I opted to not use the raw chart for this particular need.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzloeber%2Fhelm-namespace","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzloeber%2Fhelm-namespace","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzloeber%2Fhelm-namespace/lists"}