addopted helm config to the new zenflow container

2024-09-20 04:18:52 +02:00 · 2022-10-25 13:38:56 +02:00 · 2022-10-25 13:38:56 +02:00 · 3b7931a57a
parent 629e99f69b
commit 3b7931a57a
18 changed files with 414 additions and 528 deletions
--- a/.editorconfig
+++ b/.editorconfig
@ -15,3 +15,7 @@ indent_style = space
 [*.md]
 indent_size = 2
 indent_style = space
 [{Makefile, *.make}]
 indent_size = 4
 indent_style = tab
--- a/Chart.lock
+++ b/Chart.lock
@ -1,12 +1,9 @@
 dependencies:
 - name: common
  repository: https://charts.bitnami.com/bitnami
-  version: 1.16.0
+  version: 1.17.1
 - name: postgresql
  repository: https://charts.bitnami.com/bitnami
-  version: 11.6.7
+  version: 11.9.11
- name: meilisearch
+digest: sha256:0042e55164e56c2a5c4c62caa278095edaf48ab9e0a0428e07d652d628764470
-  repository: https://meilisearch.github.io/meilisearch-kubernetes
+generated: "2022-10-24T12:23:47.26450072+02:00"
  version: 0.1.35
 digest: sha256:70e320755869e63e382e3f1398f99aadba81d9bd538fe04092f24fb64eea984e
 generated: "2022-06-22T00:09:39.352294916+02:00"
--- a/Chart.yaml
+++ b/Chart.yaml
@ -3,21 +3,22 @@ name: fcoscore
 description: Fab City OS Core Chart using Kubernetes Helm
 version: 0.0.1
 type: application
-appVersion: 0.1.0-beta.280
+appVersion: latest
 home: https://gitlab.fabcity.hamburg/software/fabcity-os-core-chart
 icon: https://www.fabcity.hamburg/wp-content/uploads/2021/04/cropped-Fab_City_Hamburg@4x-192x192.png
 sources:
-  - https://github.com/dyne/reflow-os
+  - https://github.com/dyne/zenflows
  - https://github.com/dyne/zenflows-crypto
  - https://www.interfacerproject.eu/
 keywords:
  - bonfire
  - fabcity
  - fcos
  - zenflow
  - zvmlet
  - fediverse
  - graphql
  - reflowos
  - valueflows
  - zenroom
 maintainers:
  - name: Sebastian Wendel
    email: s.wendel@fabcity.hamburg
@ -34,8 +35,3 @@ dependencies:
    name: postgresql
    repository: https://charts.bitnami.com/bitnami
    version: 11.x.x
  - name: meilisearch
    version: 0.1.35
    repository: https://meilisearch.github.io/meilisearch-kubernetes
    tags:
      - meilisearch
--- a/109
+++ b/109
@ -0,0 +1,109 @@
 ##@ General
 # The help target prints out all targets with their descriptions organized
 # beneath their categories. The categories are represented by '##@' and the
 # target descriptions by '##'. The awk commands is responsible for reading the
 # entire set of makefiles included in this invocation, looking for lines of the
 # file as xyz: ## something, and then pretty-format the target and help. Then,
 # if there's a line with ##@ something, that gets pretty-printed as a category.
 # More info on the usage of ANSI control characters for terminal formatting:
 # https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters
 # More info on the awk command:
 # http://linuxcommand.org/lc3_adv_awk.php
 help: ## Display this help.
 	@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n  make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf "  \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
 ##@ Setup
 up: k3d-create update build ## Create a local k3d development cluster.
 down: k3d-delete ## Delete the local k3d development cluster.
 k3d-create: ## Create a local K3D development cluster.
 	@k3d cluster create fcos-dev --config k3d-dev.yaml
 k3d-delete: ## Delete the local K3D development cluster
 	@k3d cluster delete fcos-dev
 info: ## Show k3d cluster info
 	@k3d cluster list
 	@kubectl cluster-info
 ##@ Helm
 update: ## Update helm dependencies
 	@helm dependency update
 build: ## Build helm dependencies
 	@helm dependency build
 dry-run: ## Run helm dry run
 	@helm install --dry-run fcoscore .
 install: ## Run helm install
 	@helm install fcoscore .
 uninstall: ## Run helm uninstall
 	@helm uninstall fcoscore || true
 reinstall: uninstall install ## Run helm reinstall
 clean: down up ## Clean the local Kubernetes development cluster.
 ##@ Lint
 lint: helm ## Lint all input files.
 lint-yaml: ## Lint YAML files.
 	@yamllint -f auto .
 lint-markdown: ## Lint Markdown files.
 	@mdl .
 lint-chart: ## Lint Charts files.
 	@ct lint
 lint-helm: ## Lint Helm files.
 	@helm lint .
 ##@ Show
 get: ## Get specific Kubernetes resources from all namespaces.
 	@kubectl get --all-namespaces $(filter-out $@, $(MAKECMDGOALS))
 get-pods: ## Get Kubernetes pods from all namespaces.
 	@kubectl get --all-namespaces pods
 get-events: ## Get Kubernetes events from all namespaces.
 	@kubectl get --all-namespaces events
 get-all: ## Get the state of all Kubernetes resources.
 	@kubectl get all --all-namespaces
 get-ns: ## Get all Kubernetes namespaces.
 	@kubectl get namespaces
 get-api: ## Get all Kubernetes api resources.
 	@kubectl api-resources
 get-crd: ## Get all Kubernetes api resources.
 	@kubectl get crd
 get-node: ## Get all Kubernetes nodes.
 	@kubectl get nodes -o wide
 watch-all: ## Watch the state of all Kubernetes resources.
 	@watch -n 1 kubectl get all --all-namespaces
 ##@ Log
 events: ## Show all Kubernetes cluster events.
 	@kubectl get events --watch --all-namespaces
 ##@ Tools
 nav: ## Start K9s to view and manage your Kubernetes clusters.
 	@k9s --all-namespaces --headless
 %:
 	@true
--- a/flake.lock
+++ b/flake.lock
@ -1,26 +1,5 @@
 {
  "nodes": {
    "agenix": {
      "inputs": {
        "nixpkgs": [
          "ragenix",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1648942457,
        "narHash": "sha256-i29Z1t3sVfCNfpp+KAfeExvpqHQSbLO1KWylTtfradU=",
        "owner": "ryantm",
        "repo": "agenix",
        "rev": "0d5e59ed645e4c7b60174bc6f6aac6a203dc0b01",
        "type": "github"
      },
      "original": {
        "owner": "ryantm",
        "repo": "agenix",
        "type": "github"
      }
    },
    "flake-compat": {
      "flake": false,
      "locked": {
@ -53,64 +32,13 @@
        "type": "github"
      }
    },
    "ragenix": {
      "inputs": {
        "agenix": "agenix",
        "flake-utils": [
          "utils"
        ],
        "nixpkgs": [
          "nixpkgs"
        ],
        "rust-overlay": "rust-overlay"
      },
      "locked": {
        "lastModified": 1651391319,
        "narHash": "sha256-KmNO8/Ll8M4kKyvLxeELmr02TYX8ADLDKVQO4t9OaDk=",
        "owner": "yaxitech",
        "repo": "ragenix",
        "rev": "36964905ee503b51de804d9cf29319a5004779cd",
        "type": "github"
      },
      "original": {
        "owner": "yaxitech",
        "repo": "ragenix",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "flake-compat": "flake-compat",
        "nixpkgs": "nixpkgs",
        "ragenix": "ragenix",
        "utils": "utils"
      }
    },
    "rust-overlay": {
      "inputs": {
        "flake-utils": [
          "ragenix",
          "flake-utils"
        ],
        "nixpkgs": [
          "ragenix",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1651286718,
        "narHash": "sha256-sPGOKDL6TNRfLnwarbdlmeD0FW4BmPfOoB/AMax91pg=",
        "owner": "oxalica",
        "repo": "rust-overlay",
        "rev": "8a687a6e5dc1f5c39715b01521a7aa0122529a05",
        "type": "github"
      },
      "original": {
        "owner": "oxalica",
        "repo": "rust-overlay",
        "type": "github"
      }
    },
    "utils": {
      "locked": {
        "lastModified": 1652776076,
--- a/flake.nix
+++ b/flake.nix
@ -2,22 +2,13 @@
  description = "fc k8s runtime flake";
  inputs = {
-    nixpkgs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small";
-      url = "github:NixOS/nixpkgs/nixos-unstable-small";
+    utils.url = "github:numtide/flake-utils";
    };
    flake-compat = {
      url = "github:edolstra/flake-compat";
      flake = false;
    };
    utils.url = "github:numtide/flake-utils";
    ragenix = {
      url = "github:yaxitech/ragenix";
      inputs.flake-utils.follows = "utils";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };
  outputs = { self, nixpkgs, utils, ... }@inputs:
--- a/k3d-dev.yaml
+++ b/k3d-dev.yaml
@ -3,7 +3,7 @@ apiVersion: k3d.io/v1alpha4
 kind: Simple
 servers: 1
 agents: 1
-image: docker.io/rancher/k3s:v1.23.4-k3s1
+image: docker.io/rancher/k3s:v1.24.4-k3s1
 options:
  kubeconfig:
    updateDefaultKubeconfig: true
--- a/shell.nix
+++ b/shell.nix
@ -1,52 +1,22 @@
 {pkgs ? import <nixpkgs> {}}:
-
+with pkgs;
-with pkgs; mkShell {
+  mkShell {
    name = "fcoscore-chart";
    nativeBuildInputs = with pkgs; [
      chart-testing
    delve
    dgoss
    dotenv-linter
      editorconfig-checker
      git
    git-lfs
    gitlint
      gnumake
    go
    go-outline
    go-tools
    gocode
    gocode-gomod
    godef
    golangci-lint
    gopkgs
    gopls
    goss
    grype
    hadolint
      k9s
      kube3d
    kubebuilder
    kubeconform
      kubectl
      kubectx
      kubernetes-helm
    kubeval
    kubeval-schema
    kustomize
      mdl
    mdsh
    nix-build-uncached
    nix-linter
      nixpkgs-fmt
      pre-commit
      rnix-lsp
    shfmt
    skaffold
    trivy
      vscodium-fhs
    yamale
      yaml-language-server
      yamllint
    ];
@ -56,7 +26,6 @@ with pkgs; mkShell {
      . <(k3d completion $(basename $SHELL))
      . <(k9s completion $(basename $SHELL))
      . <(kubectl completion $(basename $SHELL))
-    . <(kustomize completion $(basename $SHELL))
+      . <(ct completion $(basename $SHELL))
    . <(golangci-lint completion $(basename $SHELL))
    '';
  }
--- a/templates/NOTES.txt
+++ b/templates/NOTES.txt
@ -1,15 +1,12 @@
->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
+>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
- ________ ________  ________       ________  ___  _________    ___    ___    ________  ________
+    ____      __            ____                     ____  _____
-|\  _____\\   __  \|\   __  \     |\   ____\|\  \|\___   ___\ |\  \  /  /|  |\   __  \|\   ____\
+   /  _/___  / /____  _____/ __/___ _________  _____/ __ \/ ___/
-\ \  \__/\ \  \|\  \ \  \|\ /_    \ \  \___|\ \  \|___ \  \_| \ \  \/  / /  \ \  \|\  \ \  \___|_
+   / // __ \/ __/ _ \/ ___/ /_/ __ `/ ___/ _ \/ ___/ / / /\__ \
- \ \   __\\ \   __  \ \   __  \    \ \  \    \ \  \   \ \  \   \ \    / /    \ \  \\\  \ \_____  \
+ _/ // / / / /_/  __/ /  / __/ /_/ / /__/  __/ /  / /_/ /___/ /
-  \ \  \_| \ \  \ \  \ \  \|\  \    \ \  \____\ \  \   \ \  \   \/  /  /      \ \  \\\  \|____|\  \
+/___/_/ /_/\__/\___/_/  /_/  \__,_/\___/\___/_/   \____//____/
   \ \__\   \ \__\ \__\ \_______\    \ \_______\ \__\   \ \__\__/  / /         \ \_______\____\_\  \
    \|__|    \|__|\|__|\|_______|     \|_______|\|__|    \|__|\___/ /           \|_______|\_________\
                                                             \|___|/                     \|_________|
-<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 Get the application URL by running these commands:
@ -19,29 +16,29 @@ Get the application URL by running these commands:
        http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
        {{- end }}
    {{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
+{{- else if contains "NodePort" .Values.zenflow.service.type }}
  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "fcoscore.fullname" . }})
  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
+{{- else if contains "LoadBalancer" .Values.zenflow.service.type }}
 NOTE: It may take a few minutes for the LoadBalancer IP to be available.
 You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "fcoscore.fullname" . }}'
  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "fcoscore.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
-  echo http://$SERVICE_IP:{{ .Values.service.port }}
+  echo http://$SERVICE_IP:{{ .Values.zenflow.service.port }}
-{{- else if contains "ClusterIP" .Values.service.type }}
+{{- else if contains "ClusterIP" .Values.zenflow.service.type }}
  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "fcoscore.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
-  echo "Visit http://127.0.0.1:{{ .Values.service.port }} to use your application"
+  echo "Visit http://127.0.0.1:{{ .Values.zenflow.service.port }} to use your application"
 {{- end }}
--- a/templates/_helpers.tpl
+++ b/templates/_helpers.tpl
@ -23,6 +23,15 @@ If release name contains chart name it will be used as a full name.
 {{- end }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "fcoscore.zvmlet.fullname" -}}
 {{- printf "%s-%s" (include "common.names.fullname" . )  ( .Values.zvmlet.name) }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
@ -97,9 +106,9 @@ Return true if a secret object for FabCityOS should be created
 {{- end -}}
 {{/*
-Return the FabCityOS secret name
+Return the zenflow secret name
 */}}
-{{- define "fcoscore.secretName" -}}
+{{- define "zenflow.secretName" -}}
 {{- default (include "common.names.fullname" .) -}}
 {{- end -}}
@ -216,6 +225,14 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
 {{- include "common.names.dependency.fullname" (dict "chartName" "postgresql" "chartValues" .Values.postgresql "context" $) -}}
 {{- end -}}
 {{- define "fcoscore.zvmlet.host" -}}
 {{- printf "%s" (include "fcoscore.zvmlet.fullname" . ) -}}
 {{- end -}}
 {{- define "fcoscore.zvmlet.port" -}}
 {{- .Values.zvmlet.service.port | quote -}}
 {{- end -}}
 {{- define "fcoscore.meilisearch.host" -}}
 {{- include "common.names.dependency.fullname" (dict "chartName" "meilisearch" "chartValues" .Values.meilisearch "context" $) -}}
 {{- end }}
@ -243,3 +260,20 @@ Return true if FabCityOS SMTP uses password authentication
    {{- true -}}
 {{- end -}}
 {{- end -}}
 {{- /*
    Returns given number of random Hex characters.
    - randNumeric 4 | atoi generates a random number in [0, 10^4)
      This is a range range evenly divisble by 16, but even if off by one,
      that last partial interval offsetting randomness is only 1 part in 625.
    - mod N 16 maps to the range 0-15
    - printf "%x" represents a single number 0-15 as a single hex character
 */}}
 {{- define "randHex" -}}
    {{- $result := "" }}
    {{- range $i := until . }}
        {{- $rand_hex_char := mod (randNumeric 4 | atoi) 16 | printf "%x" }}
        {{- $result = print $result $rand_hex_char }}
    {{- end }}
    {{- $result }}
 {{- end }}
--- a/templates/configmaps.yaml
+++ b/templates/configmaps.yaml
@ -1,65 +0,0 @@
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ include "common.names.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
  {{- if .Values.commonLabels }}
  {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
  {{- end }}
  {{- if .Values.commonAnnotations }}
  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
  {{- end }}
 data:
  APP_NAME: {{ include "fcoscore.fullname" . | quote }}
  MIX_ENV: {{ .Values.fcoscore.mix_env | quote }}
  ORG_NAME: {{ .Values.fcoscore.org_name | quote }}
  FLAVOUR: {{ .Values.fcoscore.flavour | quote }}
  HOSTNAME: {{ include "fcoscore.host" .  | quote }}
  INSTANCE_DESCRIPTION: {{ .Values.siteName | quote }}
  INVITE_ONLY: {{ .Values.fcoscore.invite_only | quote }}
  INVITE_KEY: {{ .Values.fcoscore.invite_key | quote }}
  REPLACE_OS_VARS: {{ .Values.fcoscore.replace_os_vars | quote }}
  LANG: {{ .Values.fcoscore.lang | quote }}
  ERLANG_COOKIE: {{ .Values.fcoscore.erlang_cookie | quote }}
  PUBLIC_PORT: {{ .Values.service.port | quote }}
  SERVER_PORT: {{ .Values.service.port | quote }}
  LIVEVIEW_ENABLED: {{ .Values.fcoscore.liveview_enabled | quote }}
  UPLOAD_LIMIT: {{ .Values.fcoscore.upload_limit | quote }}
  ACME_AGREE: {{ .Values.fcoscore.acme_agree | quote }}
  SEEDS_USER: {{ .Values.fcoscore.seeds_user | quote }}
  GEOLOCATE_OPENCAGEDATA: {{ .Values.fcoscore.geolocate_opencagedata | quote }}
  WEB_PUSH_PUBLIC_KEY: {{ .Values.fcoscore.web_push_public_key | quote }}
  WEB_PUSH_SUBJECT: {{ .Values.fcoscore.web_push.subject | quote }}
  SEARCH_MEILI_INSTANCE: {{ include "fcoscore.meilisearch.url" . | quote }}
  {{- if .Values.smtp.enabled }}
  MAIL_BACKEND: {{ .Values.smtp.backend | quote }}
  MAIL_DOMAIN: {{ .Values.smtp.host | quote }}
  MAIL_SERVER: {{ .Values.smtp.host | quote }}
  MAIL_PORT: {{ .Values.smtp.port | quote }}
  MAIL_FROM: {{ .Values.smtp.from | quote }}
  MAIL_USER: {{ .Values.smtp.user | quote }}
  {{- end }}
  DISABLE_DB_AUTOMIGRATION: {{ .Values.fcoscore.disable_db_automigration | quote }}
  {{- if .Values.postgresql.enabled }}
  POSTGRES_DB: {{ include "fcoscore.database.name" . }}
  POSTGRES_HOST: {{ include "fcoscore.database.host" . }}
  POSTGRES_PORT: {{ include "fcoscore.database.port" . }}
  POSTGRES_USER: {{ include "fcoscore.database.user" . }}
  POSTGRES_TIMEOUT: {{ .Values.fcoscore.timeout | quote }}
  {{- end }}
  {{- if or .Values.postgresql.enabled .Values.externalDatabase.create }}
  POSTGRESQL_CLIENT_DATABASE_HOST: {{ include "fcoscore.database.host" . }}
  POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER: {{ include "fcoscore.database.port" . }}
  POSTGRESQL_CLIENT_DATABASE_NAME: {{ include "fcoscore.database.name" . }}
  {{- if or .Values.postgresql.enabled (not .Values.externalDatabase.postgresUser) }}
  POSTGRESQL_CLIENT_POSTGRES_USER: "postgres"
  {{- else }}
  POSTGRESQL_CLIENT_POSTGRES_USER: {{ .Values.externalDatabase.postgresUser | quote }}
  POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME: {{ .Values.externalDatabase.user | quote }}
  {{- end }}
  POSTGRESQL_CLIENT_CREATE_DATABASE_NAME: {{ include "fcoscore.database.name" . }}
  POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS: {{ .Values.postgresql.extensions | quote }}
  {{- end }}
--- a/templates/deployment.yaml
+++ b/templates/deployment.yaml
@ -2,7 +2,7 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ include "fcoscore.fullname" . }}
+  name: "{{ .Chart.Name }}-{{ .Values.zenflow.name }}"
  labels:
    {{- include "fcoscore.labels" . | nindent 4 }}
 spec:
@ -29,11 +29,11 @@ spec:
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
      containers:
-        - name: {{ .Chart.Name }}
+        - name: {{ .Values.zenflow.name }}
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          image: "{{ .Values.zenflow.repository }}:{{ .Values.zenflow.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          imagePullPolicy: {{ .Values.zenflow.pullPolicy }}
          {{- if .Values.lifecycleHooks }}
          lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }}
          {{- end }}
@ -52,94 +52,126 @@ spec:
          {{- end }}
          env:
            {{- if or .Values.postgresql.enabled .Values.externalDatabase.create }}
-            - name: POSTGRESQL_CLIENT_POSTGRES_PASSWORD
+            - name: DB_HOST
-              valueFrom:
+              value: {{ template "fcoscore.database.host" . }}
-                secretKeyRef:
+            - name: DB_PORT
-                  name: {{ include "fcoscore.database.secretName" . }}
+              value: {{ template "fcoscore.database.port" . }}
-                  key: {{ include "fcoscore.database.secretPostgresPasswordKey" . }}
+            - name: DB_NAME
-            - name: POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD
+              value: {{ template "fcoscore.database.name" . }}
-              valueFrom:
+            - name: DB_USER
-                secretKeyRef:
+              value: {{ template "fcoscore.database.user" . }}
-                  name: {{ include "fcoscore.database.secretName" . }}
+            - name: DB_PASS
                  key: {{ include "fcoscore.database.secretPasswordKey" . }}
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: {{ include "fcoscore.database.secretName" . }}
                  key: {{ include "fcoscore.database.secretPasswordKey" . }}
            {{- end }}
-            - name: SECRET_KEY_BASE
+            - name: ROOM_HOST
              value: {{ template "fcoscore.zvmlet.host" . }}
            - name: ROOM_PORT
              value: {{ template "fcoscore.zvmlet.port" . }}
            - name: ROOM_SALT
              valueFrom:
                secretKeyRef:
-                  name: {{ include "fcoscore.secretName" . }}
+                  name: {{ include "zenflow.secretName" . }}
-                  key: secret_key_base
+                  key: room-salt
-            - name: SIGNING_SALT
+            - name: ADMIN_KEY
              valueFrom:
                secretKeyRef:
-                  name: {{ include "fcoscore.secretName" . }}
+                  name: {{ include "zenflow.secretName" . }}
-                  key: signing_salt
+                  key: admin-key
            - name: ENCRYPTION_SALT
              valueFrom:
                secretKeyRef:
                  name: {{ include "fcoscore.secretName" . }}
                  key: encryption_salt
            - name: SEEDS_PW
              valueFrom:
                secretKeyRef:
                  name: {{ include "fcoscore.secretName" . }}
                  key: seeds_pw
            {{- if (include "smtp.password.enabled" .) }}
            - name: MAIL_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: {{ include "smtp.secretName" . }}
                  key: smtp_password
            - name: MAIL_KEY
              valueFrom:
                secretKeyRef:
                  name: {{ include "smtp.api_key" . }}
                  key: smtp_api_key
            {{- end }}
            - name: MEILI_MASTER_KEY
              valueFrom:
                secretKeyRef:
                  name: {{ include "fcoscore.secretName" . }}
                  key: meili_master_key
            - name: WEB_PUSH_PRIVATE_KEY
              valueFrom:
                secretKeyRef:
                  name: {{ include "fcoscore.secretName" . }}
                  key: web_push_private_key
            - name: GITHUB_TOKEN
              valueFrom:
                secretKeyRef:
                  name: {{ include "fcoscore.secretName" . }}
                  key: github_token
            {{- if .Values.fcoscore.extraEnvVars }}
            {{- include "common.tplvalues.render" (dict "value" .Values.fcoscore.extraEnvVars "context" $) | nindent 12 }}
            {{- end }}
          envFrom:
            - configMapRef:
                name: {{ include "common.names.fullname" . }}
            {{- if .Values.fcoscore.extraEnvVarsCM }}
            - configMapRef:
                name: {{ .Values.fcoscore.extraEnvVarsCM }}
            {{- end }}
            {{- if .Values.fcoscore.extraEnvVarsSecret }}
            - secretRef:
                name: {{ .Values.fcoscore.extraEnvVarsSecret }}
            {{- end }}
          ports:
            - name: http
-              containerPort: {{ .Values.service.port }}
+              containerPort: {{ .Values.zenflow.service.port }}
              protocol: TCP
          # livenessProbe:
          #   httpGet:
          #     path: /
          #     port: http
          # readinessProbe:
          #   httpGet:
          #     path: /
          #     port: http
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: "{{ .Chart.Name }}-{{ .Values.zvmlet.name }}"
  labels:
    {{- include "fcoscore.labels" . | nindent 4 }}
 spec:
  {{- if not .Values.autoscaling.enabled }}
  replicas: {{ .Values.replicaCount }}
  {{- end }}
  selector:
    matchLabels:
      {{- include "fcoscore.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      {{- with .Values.podAnnotations }}
      annotations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      labels:
        {{- include "fcoscore.selectorLabels" . | nindent 8 }}
    spec:
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      serviceAccountName: {{ include "fcoscore.serviceAccountName" . }}
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
      containers:
        - name: {{ .Values.zvmlet.name }}
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.zvmlet.repository }}:{{ .Values.zvmlet.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.zvmlet.pullPolicy }}
          {{- if .Values.lifecycleHooks }}
          lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }}
          {{- end }}
          {{- if .Values.containerSecurityContext.enabled }}
          securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
          {{- end }}
          {{- if .Values.diagnosticMode.enabled }}
          command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
          {{- else if .Values.command }}
          command: {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }}
          {{- end }}
          {{- if .Values.diagnosticMode.enabled }}
          args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
          {{- else if .Values.args }}
          args: {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }}
          {{- end }}
          env:
            - name: HTTP_PORT
              value: {{ .Values.zvmlet.service.port | quote }}
          ports:
            - name: http
              containerPort: {{ .Values.zvmlet.service.port }}
              protocol: TCP
          livenessProbe:
            httpGet:
-              path: /
+              path: /docs/
              port: http
          readinessProbe:
            httpGet:
-              path: /
+              path: /docs/
              port: http
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
--- a/templates/secrets-database.yaml
+++ b/templates/secrets-database.yaml
@ -1,18 +0,0 @@
 {{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) }}
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ printf "%s-database" (include "common.names.fullname" .) }}
  namespace: {{ .Release.Namespace }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
  {{- if .Values.commonLabels }}
  {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
  {{- end }}
  {{- if .Values.commonAnnotations }}
  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
  {{- end }}
 type: Opaque
 data:
  {{ include "fcoscore.database.secretPasswordKey" . }}: {{ .Values.externalDatabase.password | b64enc | quote }}
  {{ include "fcoscore.database.secretPostgresPasswordKey" . }}: {{ .Values.externalDatabase.postgresPassword | b64enc | quote }}
 {{- end }}
--- a/templates/secrets-fcoscore.yaml
+++ b/templates/secrets-fcoscore.yaml
@ -1,26 +0,0 @@
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ include "common.names.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    {{- if .Values.commonLabels }}
    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
    {{- end }}
  {{- if .Values.commonAnnotations }}
  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
  {{- end }}
 type: Opaque
 data:
  seeds_pw: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-discourse" (include "common.names.fullname" .)) "key" "seeds_pw" "providedValues" (list "auth.password") "context" $) }}
  meili_master_key: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "meili_master_key" "providedValues" (list "fcoscore.meili_master_key") "context" $) }}
  encryption_salt: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "encryption_salt" "providedValues" (list "fcoscore.encryption_salt") "context" $) }}
  secret_key_base: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "secret_key_base" "providedValues" (list "fcoscore.secret_key_base") "context" $) }}
  signing_salt: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "signing_salt" "providedValues" (list "fcoscore.signing_salt") "context" $) }}
  github_token: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "github_token" "providedValues" (list "fcoscore.github_token") "context" $) }}
  web_push_private_key: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s" (include "common.names.fullname" .)) "key" "web_push_private_key" "providedValues" (list "fcoscore.web_push_private_key") "context" $) }}
  {{- if and .Values.smtp.enabled .Values.smtp.password (not .Values.smtp.existingSecret) }}
  smtp_password: {{ .Values.smtp.password | b64enc | quote }}
  smtp_api_key: {{ .Values.smtp.api_key | b64enc | quote }}
  {{- end }}
--- a/templates/secrets.yaml
+++ b/templates/secrets.yaml
@ -0,0 +1,17 @@
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ include "common.names.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels: {{- include "common.labels.standard" . | nindent 4 }}
    {{- if .Values.commonLabels }}
    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
    {{- end }}
  {{- if .Values.commonAnnotations }}
  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
  {{- end }}
 type: Opaque
 data:
  room-salt: {{ ternary (randAlphaNum 64 | b64enc) .Values.zenflow.room.salt (empty .Values.zenflow.room.salt) | b64enc | quote }}
  admin-key: {{ ternary (include "randHex" 128) .Values.auth.password (empty .Values.auth.password) | b64enc | quote }}
--- a/templates/service.yaml
+++ b/templates/service.yaml
@ -1,15 +1,30 @@
 ---
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ include "fcoscore.fullname" . }}
+  name: "{{ .Chart.Name }}-{{ .Values.zenflow.name }}"
  labels:
    {{- include "fcoscore.labels" . | nindent 4 }}
 spec:
-  type: {{ .Values.service.type }}
+  type: {{ .Values.zenflow.service.type }}
  ports:
-    - port: {{ .Values.service.port }}
+    - port: {{ .Values.zenflow.service.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    {{- include "fcoscore.selectorLabels" . | nindent 4 }}
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: "{{ .Chart.Name }}-{{ .Values.zvmlet.name }}"
  labels:
    {{- include "fcoscore.labels" . | nindent 4 }}
 spec:
  type: {{ .Values.zvmlet.service.type }}
  ports:
    - port: {{ .Values.zvmlet.service.port }}
      targetPort: http
      protocol: TCP
      name: http
--- a/templates/tests/test-connection.yaml
+++ b/templates/tests/test-connection.yaml
@ -1,16 +0,0 @@
 ---
 apiVersion: v1
 kind: Pod
 metadata:
  name: "{{ include "fcoscore.fullname" . }}-test-connection"
  labels:
    {{- include "fcoscore.labels" . | nindent 4 }}
  annotations:
    "helm.sh/hook": test
 spec:
  containers:
    - name: wget
      image: busybox
      command: ['wget']
      args: ['{{ include "fcoscore.fullname" . }}:{{ .Values.service.port }}']
  restartPolicy: Never
--- a/values.yaml
+++ b/values.yaml
@ -33,37 +33,6 @@ diagnosticMode:
  args:
    - infinity
 ## @param image.registry fcoscore image registry
 ## @param image.repository fcoscore image repository
 ## @param image.pullPolicy fcoscore image pull policy
 ## @param image.pullSecrets fcoscore image pull secrets
 ## @param image.tag fcoscore image tag
 ## @param image.debug Enable image debug mode
 ##
 image:
  registry: docker.io
  repository: dyne/reflow
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
  ##
  pullPolicy: IfNotPresent
  ## Optionally specify an array of imagePullSecrets.
  ## Secrets must be manually created in the namespace.
  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  ## e.g:
  ## pullSecrets:
  ##   - myRegistryKeySecretName
  ##
  pullSecrets: []
  ## Set to true if you would like to see extra information on logs
  ##
  # Overrides the image tag whose default is the chart appVersion.
  # tag: ""
  tag: ""
  # debug: false
  debug: true
 audit:
  pgAuditLog: true
  logLinePrefix: ""
@ -75,9 +44,6 @@ fullnameOverride: ""
 ## Authentication parameters
 ##
 auth:
  ## @param auth.username FabCityOS admin user
  ##
  username: root
  ## @param auth.password FabCityOS admin password. WARNING: Minimum length of 10 characters
  ## Defaults to a random 10-character alphanumeric string if not set
  ##
@ -94,7 +60,7 @@ auth:
 host: ""
 ## @param siteName fcoscore site name
 ##
-siteName: 'Fab City Core node for valueflows circular economy networks'
+siteName: "Fab City Core node for valueflows circular economy networks"
 ## fcoscore SMTP settings
 ## @param smtp.enabled Enable/disable SMTP
@ -131,7 +97,8 @@ serviceAccount:
 podAnnotations: {}
-securityContext: {}
+securityContext:
  {}
  # capabilities:
  #   drop:
  #   - ALL
@ -139,14 +106,11 @@ securityContext: {}
  # runAsNonRoot: true
  # runAsUser: 1000
 service:
  type: ClusterIP
  port: 4000
 ingress:
  enabled: false
  className: ""
-  annotations: {}
+  annotations:
    {}
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  hosts:
@ -159,7 +123,8 @@ ingress:
  #    hosts:
  #      - chart-example.local
-resources: {}
+resources:
  {}
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
@ -176,7 +141,8 @@ resources: {}
 ## @param podSecurityContext.enabled Enabled Odoo pods' Security Context
 ## @param podSecurityContext.fsGroup Set Odoo pod's Security Context fsGroup
 ##
-podSecurityContext: {}
+podSecurityContext:
  {}
  # fsGroup: 2000
 ## Configure Container Security Context (only main container)
@ -201,101 +167,69 @@ tolerations: []
 affinity: {}
-fcoscore:
+## @param image.registry fcoscore image registry
-  secretName: fcoscore
+## @param image.repository fcoscore image repository
-  ## @param fcoscore.command Custom command to override image cmd
+## @param image.pullPolicy fcoscore image pull policy
 ## @param image.pullSecrets fcoscore image pull secrets
 ## @param image.tag fcoscore image tag
 ## @param image.debug Enable image debug mode
 ##
-  command: []
+zenflow:
-  ## @param fcoscore.args Custom args for the custom command
+  name: zenflow
  registry: docker.io
  repository: fabcityhamburg/zenflows
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
  ##
-  args: []
+  pullPolicy: IfNotPresent
-  ## @param fcoscore.extraEnvVars Array with extra environment variables to add fcoscore pods
+  ## Optionally specify an array of imagePullSecrets.
  ## Secrets must be manually created in the namespace.
  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  ## e.g:
  ## pullSecrets:
  ##   - myRegistryKeySecretName
  ##
-  extraEnvVars: []
+  pullSecrets: []
-  ## @param fcoscore.extraEnvVarsCM ConfigMap containing extra environment variables for fcoscore pods
+  ## Set to true if you would like to see extra information on logs
  ##
-  extraEnvVarsCM: ""
+  # Overrides the image tag whose default is the chart appVersion.
-  ## @param fcoscore.extraEnvVarsSecret Secret containing extra environment variables (in case of sensitive data) for fcoscore pods
+  # tag: ""
  tag: ""
  secretName: ""
  existingSecret: ""
  debug: false
  service:
    type: ClusterIP
    port: 8000
  room:
    salt: ""
 zvmlet:
  name: zvmlet
  registry: docker.io
  repository: fabcityhamburg/zvmlet
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
  ##
-  extraEnvVarsSecret: ""
+  pullPolicy: IfNotPresent
-  ## config properties
+  ## Optionally specify an array of imagePullSecrets.
  ## Secrets must be manually created in the namespace.
  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  ## e.g:
  ## pullSecrets:
  ##   - myRegistryKeySecretName
  ##
-  org_name: "FabCity"
+  pullSecrets: []
-  ## config properties
+  ## Set to true if you would like to see extra information on logs
  ##
-  mix_env: "prod"
+  # Overrides the image tag whose default is the chart appVersion.
-  ## config properties
+  tag: ""
-  ##
+  debug: false
-  flavour: "reflow"
+  service:
-  ## config properties
+    type: ClusterIP
-  ##
+    port: 3000
  lang: "en_US.UTF-8"
  ## config properties
  ##
  upload_limit: "30000000"
  ## config properties
  ##
  timeout: "10000"
  ## config properties
  ##
  invite_only: true
  ## config properties
  ##
  invite_key: ""
  ## config properties
  ##
  replace_os_vars: true
  ## config properties
  ##
  liveview_enabled: true
  ## config properties
  ##
  acme_agree: true
  ## config properties
  ##
  erlang_cookie: "bonfire"
  ## config properties
  ##
  web_push:
    ## config properties
    ##
    subject: "mailto:hostmaster@example.com"
    ## config properties
    ##
    public_key: ""
  ## config properties
  ##
  geolocate_opencagedata: ""
  ## config properties
  ##
  meili_master_key: ""
  ## config properties
  ##
  encryption_salt: ""
  ## config properties
  ##
  secret_key_base: ""
  ## config properties
  ##
  signing_salt: ""
  ## config properties
  ##
  github_token: ""
  ## config properties
  ##
  disable_db_automigration: false
  ## config properties
  ##
  seeds_user: ""
  ## config properties
  ##
  seeds_pw: ""
  ## config properties
  ##
  web_push_public_key: ""
  ## config properties
  ##
  web_push_private_key: ""
 ## Persistence Parameters
 ## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/
@ -335,7 +269,6 @@ persistence:
  ##
  annotations: {}
 networkPolicy:
  ## @param networkPolicy.enabled Enable network policies
  ## If ingress.enabled is true, configure networkPolicy.ingress selectors to allow communication
@ -423,10 +356,8 @@ networkPolicy:
 postgresql:
  enabled: true
  auth:
-    host: ""
+    username: zenflow
-    # port: 5432
+    database: fcos_zenflow
    username: fcoscore
    database: bonfire
  audit:
    logHostname: true
    logConnections: true
@ -434,15 +365,6 @@ postgresql:
    pgAuditLogCatalog: "on"
    clientMinMessages: error
  extensions: hstore,pg_trgm,postgis
  # primary:
  #   initdb:
  #     scripts:
  #       init.sql: |
  #         CREATE DATABASE bonfire;
  #         CREATE EXTENSION IF NOT EXISTS postgis;
  #         CREATE EXTENSION IF NOT EXISTS hstore;
  #         GRANT ALL ON bonfire TO fcoscore;
  #       # CREATE USER usr_fcos_core WITH PASSWORD 'pwd_fcos_core';
 ## External PostgreSQL configuration
 ## All of these values are only used when postgresql.enabled is set to false