working version

Makefile

@@ -0,0 +1,3 @@
+pre-commit:
+	pip install pre-commit
+	pre-commit install

charts/ansible-semaphore/Chart.yaml

@@ -1,12 +1,12 @@
 ---
 apiVersion: v2
-name: gotify
-description: Gotify · a simple server for sending and receiving messages
+name: ansible-semaphore
+description: Powerful API for Ansible
 type: application
 version: 1.0.0
-appVersion: 2.5.0
+appVersion: v2.8.53
 kubeVersion: ">=1.27.0"
-home: https://gotify.net/
+home: https://semaphoreui.com/
 sources:
   - https://git.rre.nu/jonas/helm-charts
 maintainers:
@@ -14,5 +14,5 @@ maintainers:
     email: barregargamel@gmail.com
 dependencies:
   - name: lib
-    repository: "oci://repo.rre.nu/helm"
-    version: 1.0.2
+    repository: "file://../../../lib/"
+    version: 1.0.1

charts/ansible-semaphore/README.md

@@ -0,0 +1,62 @@
+
+Ansible-semaphore
+===========
+
+Powerful API for Ansible
+
+
+## Configuration
+
+The following table lists the configurable parameters of the Ansible-semaphore chart and their default values.
+
+| Parameter                | Description             | Default        |
+| ------------------------ | ----------------------- | -------------- |
+| `image.repository` |  | `"ansiblesemaphore/semaphore"` |
+| `config.bolt.host` | Path to the BoltDB database file | `null` |
+| `config.mysql.host` | MySQL database host | `null` |
+| `config.mysql.name` | MySQL database (schema) name | `null` |
+| `config.mysql.user` | MySQL user name | `null` |
+| `config.mysql.pass` | MySQL user's password | `null` |
+| `config.postgres.host` | Postgres database host | `null` |
+| `config.postgres.name` | Postgres database (schema) name | `null` |
+| `config.postgres.user` | Postgres user name | `null` |
+| `config.postgres.pass` | Postgres user's password | `null` |
+| `config.dialect` | Can be mysql, postgres or bolt | `"bolt"` |
+| `config.port` | TCP port on which the web interface will be available. Default: 3000 | `3000` |
+| `config.interface` | Useful if your server has multiple network interfaces | `null` |
+| `config.tmp_path` | Path to directory where cloned repositories and generated files are stored. Default: /tmp/semaphore | `"/tmp/semaphore"` |
+| `config.access_key_encryption` | Secret key used for encrypting access keys in database. Read more in [Database encryption reference](https://docs.semaphoreui.com/administration-guide/security#database-encryption). | `null` |
+| `config.web_host` | Can be useful if you want to use Semaphore by the subpath, for example: http://yourdomain.com/semaphore. Do not add a trailing /. | `null` |
+| `config.email_sender` |  | `null` |
+| `config.email_host` |  | `null` |
+| `config.email_port` |  | `null` |
+| `config.email_secure` |  | `null` |
+| `config.email_username` |  | `null` |
+| `config.email_password` |  | `null` |
+| `config.email_alert` |  | `null` |
+| `config.telegram_alert` |  | `null` |
+| `config.slack_alert` | Set to True to enable pushing alerts to slack. It should be used in combination with slack_url | `null` |
+| `config.slack_url` | The slack webhook url. Semaphore will used it to POST Slack formatted json alerts to the provided url | `null` |
+| `config.rocketchat_alert` | Set to True to enable pushing alerts to Rocket.Chat. It should be used in combination with rocketchat_url. Available since v2.9.56. | `null` |
+| `config.rocketchat_url` | The rocketchat webhook url. Semaphore will used it to POST Rocket.Chat formatted json alerts to the provided url. Available since v2.9.56. | `null` |
+| `config.ldap_enable` |  | `null` |
+| `config.ldap_needtls` |  | `null` |
+| `config.ldap_binddn` |  | `null` |
+| `config.ldap_bindpassword` |  | `null` |
+| `config.ldap_server` |  | `null` |
+| `config.ldap_searchdn` |  | `null` |
+| `config.concurrency_mode` | Can be unset/empty or project or node. When set to project, tasks will run in parallel if and only if they do not share the same project id, with no regard to the nodes/hosts that are affected. When set to node, a task will run in parallel if and only if the hosts affected by tasks already running does not intersect with the hosts that would be affected by the task in question. If concurrency_mode is not specified or left empty, no task will start before the previous one has finished. | `null` |
+| `max_parallel_tasks` |  | `null` |
+| `oidc_providers` | OpenID provider settings. You can provide multiple OpenID providers. More about OpenID configuration read in [OpenID](https://docs.semaphoreui.com/administration-guide/openid/). | `null` |
+| `password_login_disable` | Disable login with using password. Only LDAP and OpenID. | `false` |
+| `non_admin_can_create_project` | Allow non-admin users to create new projects. | `false` |
+| `service.http.enabled` |  | `true` |
+| `service.http.ports.http.port` |  | `80` |
+| `service.http.ports.http.targetPort` |  | `3000` |
+| `volumes` |  | `[{"name": "config", "secret": {"secretName": "ansible-semaphore-config", "optional": false}}]` |
+| `volumeMounts` |  | `[{"name": "config", "mountPath": "/etc/semaphore", "readOnly": true}]` |
+
+
+
+
+

charts/ansible-semaphore/templates/config.tpl

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: ansible-semaphore-config
+  namespace: {{- .Values.namespace }}
+  labels:
+    {{- include "lib.labels" . | nindent 4}}
+type: Opauge
+data:
+  config.json: {{ toJson .Values.config | b64enc }}

charts/ansible-semaphore/values.yaml

@@ -0,0 +1,64 @@
+image:
+  repository: ansiblesemaphore/semaphore
+
+config:
+  bolt:
+    host: # Path to the BoltDB database file
+  mysql:
+    host: # MySQL database host
+    name: # MySQL database (schema) name
+    user: # MySQL user name
+    pass: # MySQL user's password
+  postgres:
+    host: # Postgres database host
+    name: # Postgres database (schema) name
+    user: # Postgres user name
+    pass: # Postgres user's password
+  dialect: bolt # Can be mysql, postgres or bolt
+  port: 3000 # TCP port on which the web interface will be available. Default: 3000
+  interface: # Useful if your server has multiple network interfaces
+  tmp_path: /tmp/semaphore # Path to directory where cloned repositories and generated files are stored. Default: /tmp/semaphore
+  access_key_encryption: # Secret key used for encrypting access keys in database. Read more in [Database encryption reference](https://docs.semaphoreui.com/administration-guide/security#database-encryption).
+  web_host: # Can be useful if you want to use Semaphore by the subpath, for example: http://yourdomain.com/semaphore. Do not add a trailing /.
+  email_sender:
+  email_host:
+  email_port:
+  email_secure:
+  email_username:
+  email_password:
+  email_alert:
+  telegram_alert:
+  slack_alert:  # Set to True to enable pushing alerts to slack. It should be used in combination with slack_url
+  slack_url: # The slack webhook url. Semaphore will used it to POST Slack formatted json alerts to the provided url
+  rocketchat_alert: # Set to True to enable pushing alerts to Rocket.Chat. It should be used in combination with rocketchat_url. Available since v2.9.56.
+  rocketchat_url: # The rocketchat webhook url. Semaphore will used it to POST Rocket.Chat formatted json alerts to the provided url. Available since v2.9.56.
+  ldap_enable:
+  ldap_needtls:
+  ldap_binddn:
+  ldap_bindpassword:
+  ldap_server:
+  ldap_searchdn:
+  concurrency_mode: # Can be unset/empty or project or node. When set to project, tasks will run in parallel if and only if they do not share the same project id, with no regard to the nodes/hosts that are affected. When set to node, a task will run in parallel if and only if the hosts affected by tasks already running does not intersect with the hosts that would be affected by the task in question. If concurrency_mode is not specified or left empty, no task will start before the previous one has finished.
+max_parallel_tasks:
+oidc_providers: # OpenID provider settings. You can provide multiple OpenID providers. More about OpenID configuration read in [OpenID](https://docs.semaphoreui.com/administration-guide/openid/).
+password_login_disable: false # Disable login with using password. Only LDAP and OpenID.
+non_admin_can_create_project: false # Allow non-admin users to create new projects.
+
+service:
+  http:
+    enabled: true
+    ports:
+      http:
+        port: 80
+        targetPort: 3000
+
+volumes:
+  - name: config
+    secret:
+      secretName: ansible-semaphore-config
+      optional: false
+
+volumeMounts:
+  - name: config
+    mountPath: /etc/semaphore
+    readOnly: true

charts/gotify/values.yaml

@@ -1,91 +0,0 @@
-image:
-  repository: ghcr.io/gotify/server
-gotify:
-  server:
-    keepaliveperiodseconds: 0 # 0 = use Go default (15s); -1 = disable keepalive; set the interval in which keepalive packets will be sent. Only change this value if you know what you are doing.
-    listenaddr: "" # the address to bind on, leave empty to bind on all addresses. Prefix with "unix:" to create a unix socket. Example: "unix:/tmp/gotify.sock".
-    port: 80 # the port the HTTP server will listen on
-
-    ssl:
-      enabled: false # if https should be enabled
-      redirecttohttps: true # redirect to https if site is accessed by http
-      listenaddr: "" # the address to bind on, leave empty to bind on all addresses. Prefix with "unix:" to create a unix socket. Example: "unix:/tmp/gotify.sock".
-      port: 443 # the https port
-      certfile: # the cert file (leave empty when using letsencrypt)
-      certkey: # the cert key (leave empty when using letsencrypt)
-      letsencrypt:
-        enabled: false # if the certificate should be requested from letsencrypt
-        accepttos: false # if you accept the tos from letsencrypt
-        cache: data/certs # the directory of the cache from letsencrypt
-        hosts: # the hosts for which letsencrypt should request certificates
-    #     - mydomain.tld
-    #     - myotherdomain.tld
-    responseheaders: # response headers are added to every response (default: none)
-    # X-Custom-Header: "custom value"
-    trustedproxies: # IPs or IP ranges of trusted proxies. Used to obtain the remote ip via the X-Forwarded-For header. (configure 127.0.0.1 to trust sockets)
-    #   - 127.0.0.1
-    #   - 192.168.178.0/24
-    #   - ::1
-
-    cors: # Sets cors headers only when needed and provides support for multiple allowed origins. Overrides Access-Control-* Headers in response headers.
-      alloworigins:
-      # - ".+.example.com"
-      # - "otherdomain.com"
-      allowmethods:
-      # - "GET"
-      # - "POST"
-      allowheaders:
-    #   - "Authorization"
-    #   - "content-type"
-
-    stream:
-      pingperiodseconds: 45 # the interval in which websocket pings will be sent. Only change this value if you know what you are doing.
-      allowedorigins: # allowed origins for websocket connections (same origin is always allowed, default only same origin)
-  #     - ".+.example.com"
-  #     - "otherdomain.com"
-  database: # see below
-    dialect: sqlite3
-    connection: data/gotify.db
-  defaultuser: # on database creation, gotify creates an admin user (these values will only be used for the first start, if you want to edit the user after the first start use the WebUI)
-    name: admin # the username of the default user
-    pass: admin # the password of the default user
-  passstrength: 10 # the bcrypt password strength (higher = better but also slower)
-  uploadedimagesdir: data/images # the directory for storing uploaded images
-  pluginsdir: data/plugins # the directory where plugin resides (leave empty to disable plugins)
-  registration: false # enable registrations
-
-service: # services that should be created
-  main:
-    enabled: true
-    type: ClusterIP
-    annotations: {}
-    labels: {}
-    ports:
-      http:
-        port: 80
-
-ingress:
-  enabled: false
-  service: http # what service should the ingress target
-  #Service to target
-  servicePort: 80
-  className: ""
-  annotations:
-    {}
-    # kubernetes.io/ingress.class: nginx
-    # kubernetes.io/tls-acme: "true"
-  hosts:
-    - host: chart-example.local
-      paths:
-        - path: /
-          pathType: ImplementationSpecific
-
-
-livenessProbe:
-  httpGet:
-    path: /
-    port: http
-readinessProbe:
-  httpGet:
-    path: /
-    port: http

charts/semaphoreui/.gitignore

@@ -0,0 +1,2 @@
+Chart.lock
+charts/

charts/semaphoreui/Chart.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: v2
+name: semaphoreui
+description: Powerful API for Ansible
+type: application
+version: 1.0.0
+appVersion: v2.10.31
+kubeVersion: ">=1.27.0"
+home: https://semaphoreui.com/
+sources:
+  - https://git.rre.nu/jonas/helm-charts
+maintainers:
+  - name: Jonas Forsberg
+    email: barregargamel@gmail.com
+dependencies:
+  - name: lib
+    repository: "file://../../../lib/"
+    version: 1.0.1

charts/semaphoreui/Makefile

@@ -0,0 +1,2 @@
+doc:
+	frigate gen --output-format markdown --no-deps --no-credits ./ > README.md

charts/semaphoreui/README.md

@@ -0,0 +1,33 @@
+
+Semaphoreui
+===========
+
+Powerful API for Ansible
+
+
+## Configuration
+
+The following table lists the configurable parameters of the Semaphoreui chart and their default values.
+
+| Parameter                | Description             | Default        |
+| ------------------------ | ----------------------- | -------------- |
+| `image.repository` |  | `"semaphoreui/semaphore"` |
+| `config` |  | `{}` |
+| `service.http.enabled` |  | `true` |
+| `service.http.ports.http.port` |  | `80` |
+| `service.http.ports.http.targetPort` |  | `3000` |
+| `ingress.enabled` |  | `false` |
+| `ingress.service` | what service should the ingress target | `"http"` |
+| `ingress.servicePort` |  | `80` |
+| `ingress.className` |  | `"nginx"` |
+| `ingress.hosts` |  | `[{"host": "example.local", "paths": [{"path": "/", "pathType": "Prefix"}]}]` |
+| `ingress.annotations` |  | `{}` |
+| `controller.command` | Need to override server-wrapper due to stupid DB ping in container | `["/bin/sh"]` |
+| `controller.args` |  | `["/var/local/bin/entrypoint.sh"]` |
+| `volumes` |  | `[{"name": "config", "secret": {"secretName": "semaphoreui-config", "optional": false}}, {"name": "entrypoint", "configMap": {"name": "semaphoreui-entrypoint", "items": [{"key": "entrypoint.sh", "path": "entrypoint.sh"}]}}]` |
+| `volumeMounts` |  | `[{"name": "config", "mountPath": "/var/semaphoreui-secret", "readOnly": true}, {"name": "entrypoint", "mountPath": "/var/local/bin/entrypoint.sh", "subPath": "entrypoint.sh"}]` |
+
+
+
+
+

charts/semaphoreui/templates/base.tpl

@@ -0,0 +1 @@
+{{ include "lib.all" . }}

charts/semaphoreui/templates/config.tpl

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: semaphoreui-config
+  namespace: {{ .Values.namespace | default "default" }}
+  labels:
+    {{- include "lib.labels" . | nindent 4}}
+type: Opauge
+data:
+  config.json: {{ toJson .Values.config | b64enc }}

charts/semaphoreui/templates/entrypoint.sh

@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: semaphoreui-entrypoint
+  namespace: {{ .Values.namespace | default "default" }}
+  labels:
+    {{- include "lib.labels" . | nindent 4}}
+data:
+  entrypoint.sh: |
+    #!/bin/sh
+    echo "creating /etc/semaphore/config.json"
+    cp /var/semaphoreui-secret/config.json /etc/semaphore/config.json
+    if test -f /etc/semaphore/packages.txt; then
+      echo "Installing additional system dependencies"
+      apk add --no-cache --upgrade \
+      $(cat /etc/semaphore/packages.txt | xargs)
+    else
+      echo "No additional system dependencies to install"
+    fi
+    if test -f /etc/semaphore/requirements.txt; then
+      echo "Installing additional python dependencies"
+      pip3 install --upgrade \
+        -r /etc/semaphore/requirements.txt
+    else
+      echo "No additional python dependencies to install"
+    fi
+    echo "Starting semapore server"
+    exec /usr/local/bin/semaphore server  --config /etc/semaphore/config.json

charts/semaphoreui/values.yaml

@@ -0,0 +1,92 @@
+image:
+  repository: semaphoreui/semaphore
+
+config: {}
+#  bolt:
+#    host: # Path to the BoltDB database file
+#  mysql:
+#    host: # MySQL database host
+#    name: # MySQL database (schema) name
+#    user: # MySQL user name
+#    pass: # MySQL user's password
+#  postgres:
+#    host: # Postgres database host
+#    name: # Postgres database (schema) name
+#    user: # Postgres user name
+#    pass: # Postgres user's password
+#  dialect: bolt # Can be mysql, postgres or bolt
+#  port: 3000 # TCP port on which the web interface will be available. Default: 3000
+#  interface: # Useful if your server has multiple network interfaces
+#  tmp_path: /tmp/semaphore # Path to directory where cloned repositories and generated files are stored. Default: /tmp/semaphore
+#  access_key_encryption: # Secret key used for encrypting access keys in database. Read more in [Database encryption reference](https://docs.semaphoreui.com/administration-guide/security#database-encryption).
+#  web_host: # Can be useful if you want to use Semaphore by the subpath, for example: http://yourdomain.com/semaphore. Do not add a trailing /.
+#  email_sender:
+#  email_host:
+#  email_port:
+#  email_secure:
+#  email_username:
+#  email_password:
+#  email_alert:
+#  telegram_alert:
+#  slack_alert:  # Set to True to enable pushing alerts to slack. It should be used in combination with slack_url
+#  slack_url: # The slack webhook url. Semaphore will used it to POST Slack formatted json alerts to the provided url
+#  rocketchat_alert: # Set to True to enable pushing alerts to Rocket.Chat. It should be used in combination with rocketchat_url. Available since v2.9.56.
+#  rocketchat_url: # The rocketchat webhook url. Semaphore will used it to POST Rocket.Chat formatted json alerts to the provided url. Available since v2.9.56.
+#  ldap_enable:
+#  ldap_needtls:
+#  ldap_binddn:
+#  ldap_bindpassword:
+#  ldap_server:
+#  ldap_searchdn:
+#  concurrency_mode: # Can be unset/empty or project or node. When set to project, tasks will run in parallel if and only if they do not share the same project id, with no regard to the nodes/hosts that are affected. When set to node, a task will run in parallel if and only if the hosts affected by tasks already running does not intersect with the hosts that would be affected by the task in question. If concurrency_mode is not specified or left empty, no task will start before the previous one has finished.
+#max_parallel_tasks:
+#oidc_providers: # OpenID provider settings. You can provide multiple OpenID providers. More about OpenID configuration read in [OpenID](https://docs.semaphoreui.com/administration-guide/openid/).
+#password_login_disable: false # Disable login with using password. Only LDAP and OpenID.
+#non_admin_can_create_project: false # Allow non-admin users to create new projects.
+
+service:
+  http:
+    enabled: true
+    ports:
+      http:
+        port: 80
+        targetPort: 3000
+
+ingress:
+  enabled: false
+  service: http # what service should the ingress target
+  servicePort: 80
+  className: "nginx"
+  hosts:
+    - host: example.local
+      paths:
+        - path: /
+          pathType: Prefix
+  annotations:
+    {}
+
+
+controller:
+  command: ["/bin/sh"] # Need to override server-wrapper due to stupid DB ping in container
+  args:
+    - /var/local/bin/entrypoint.sh
+
+volumes:
+  - name: config
+    secret:
+      secretName: semaphoreui-config
+      optional: false
+  - name: entrypoint
+    configMap:
+      name: semaphoreui-entrypoint
+      items:
+        - key: entrypoint.sh
+          path: entrypoint.sh
+
+volumeMounts:
+  - name: config
+    mountPath: /var/semaphoreui-secret
+    readOnly: true
+  - name: entrypoint
+    mountPath: /var/local/bin/entrypoint.sh
+    subPath: entrypoint.sh