Add Pomerium Zero Helm chart #3
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Create initial Helm chart for deploying Pomerium Zero - Implement basic deployment, service, and secret resources - Add configurable values for token, image, and service settings - Include health check test for /healthz endpoint - Provide comprehensive README with installation and usage instructions - Ensure chart follows Helm best practices and naming conventions - Add Apache 2.0 license This PR introduces a new Helm chart for easy deployment and management of Pomerium Zero in Kubernetes environments. It includes essential resources, configuration options, and a basic health check test.
wasaga
reviewed
Oct 25, 2024
wasaga
reviewed
Oct 25, 2024
| labels: | ||
| {{- include "pomerium-zero.selectorLabels" . | nindent 8 }} | ||
| spec: | ||
| containers: |
There was a problem hiding this comment.
can we make it non-root and readonly fs (see https://github.com/pomerium/install/pull/4/files)
There was a problem hiding this comment.
I think this (why only port 80), the additional tmp files, and why/how you are sourcing secrets is a little over my head.
type instead of ClusterIP. This enables external accessibility for Pomerium Zero in cloud environments supporting LoadBalancer services. Important considerations for this change include: - Allowing time for LoadBalancer IP assignment - Configuring DNS to point to the LoadBalancer IP - Properly setting up SSL/TLS certificates - Configuring necessary firewall rules - Being aware of potential additional costs The README has been updated with detailed notes to guide users through these aspects when exposing Pomerium Zero externally. This change facilitates easier access to Pomerium Zero for users in supported environments, but proper security measures must be taken.
|
@gaurdro Is the repo name |
|
nota bene: The original chart uses |
|
I'd suggest keeping the chart oci-only (much easier to maintain), so we would push to |
wasaga
reviewed
Oct 30, 2024
s/info/support/g Co-authored-by: Denis Mishin <denis.s.mishin@gmail.com>
wrmedford
approved these changes
Nov 1, 2024
gaurdro
approved these changes
Nov 4, 2024
calebdoxsey
approved these changes
Nov 4, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR introduces a new Helm chart for easy deployment and management of Pomerium Zero in Kubernetes environments. It includes essential resources, configuration options, and a basic health check test.
Summary
Related issues
Checklist
improvement/bug/ etc)