Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/cyse7125-su24-team10/helm-webapp-cve-processor
The cve-processor Helm chart deploys a Go-based application designed to fetch CVE data from the CVE repository and push it to Kafka for further processing. The chart includes configuration for running the application as a Kubernetes job, secured access via environment variables, and a robust scaling policy.
https://github.com/cyse7125-su24-team10/helm-webapp-cve-processor
aws golang groovy helm jenkins kafka kubernetes semantic-release
Last synced: 2 months ago
JSON representation
The cve-processor Helm chart deploys a Go-based application designed to fetch CVE data from the CVE repository and push it to Kafka for further processing. The chart includes configuration for running the application as a Kubernetes job, secured access via environment variables, and a robust scaling policy.
- Host: GitHub
- URL: https://github.com/cyse7125-su24-team10/helm-webapp-cve-processor
- Owner: cyse7125-su24-team10
- Created: 2024-06-10T20:15:08.000Z (8 months ago)
- Default Branch: main
- Last Pushed: 2024-09-09T23:27:23.000Z (5 months ago)
- Last Synced: 2024-10-19T23:14:59.142Z (3 months ago)
- Topics: aws, golang, groovy, helm, jenkins, kafka, kubernetes, semantic-release
- Language: Smarty
- Homepage:
- Size: 149 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
Awesome Lists containing this project
README
# Helm CVE Processor
[](https://aws.amazon.com/)
[](https://golang.org/)
[](https://www.jenkins.io/)
[](https://groovy-lang.org/)
[](https://www.docker.com/)
[](https://www.postgresql.org/)
[](https://kubernetes.io/)
[](https://helm.sh/)
[](https://semantic-release.gitbook.io/)
[](https://kafka.apache.org/)
### Helm Chart Summary for cve-processor Application
**Description:**
The cve-processor Helm chart deploys a Go-based application designed to fetch CVE data from the CVE repository and push it to Kafka for further processing. The chart includes configuration for running the application as a Kubernetes job, secured access via environment variables, and a robust scaling policy.
**Specifications:**
- **Kubernetes Job:** Defines a one-time job to fetch CVE data and push it to Kafka.
- **InitContainer:** Ensures database schema migration using Flyway before the main job starts.
- **RBAC Configuration:** Includes a role and role binding that provides necessary permissions for jobs and secrets.
- **Horizontal Pod Autoscaler (HPA):** Automatically scales the application pods between 1 and 3 replicas based on CPU utilization.
- **Pod Disruption Budget (PDB):** Ensures at least one pod is available during disruptions.
- **Service Account:** Runs the job under a service account with no automounted tokens for added security.
- **Resource Limits:** Manages CPU and memory requests and limits for efficient resource usage.
- **Liveness and Readiness Probes:** Configured for health checks, ensuring the application is running and ready to serve requests.
- **Secrets Management:** Handles sensitive information such as database passwords and Kafka credentials using Kubernetes secrets.
- **Image Pull Secrets:** Securely pulls Docker images from Docker Hub using a personal access token (PAT).
**Usage:**
To deploy the cve-processor application using Helm, run the following command:
```
helm install cve-processor ./cve-processor -n cve-processor
```
Replace `-n cve-processor` with your desired namespace.
This Helm chart provides a scalable, secure, and reliable solution for fetching CVE data and pushing it to Kafka in a Kubernetes environment.