SkillAgentSearch skills...

Application

Generic helm chart for all kind of applications

GenerateConvertImprove

Install / Use

/learn @stakater/Application
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

License: MIT

Application

Generic helm chart for applications which:

  • are stateless
  • creates only namespace scoped resources (e.g. it doesn't need CRB - Cluster Role Bindings)
  • don't need privileged containers
  • don't call the underlying Kubernetes API or use the underlying etcd as a database by defining custom resources
  • run either as deployment, job or cronjob

Installing the Chart

To install the chart with the release name my-application in namespace test:

helm repo add stakater https://stakater.github.io/stakater-charts
helm repo update
helm install my-application stakater/application --namespace test

Uninstall the Chart

To uninstall the chart:

helm delete --namespace test my-application

Values

Parameters

| Key | Type | Default | Description | |-----|------|---------|-------------| | namespaceOverride | string | "" | Override the namespace for all resources. | | componentOverride | string | "" | Override the component label for all resources. | | partOfOverride | string | "" | Override the partOf label for all resources. | | applicationName | string | {{ .Chart.Name }} | Application name. | | additionalLabels | tpl/object | nil | Additional labels for all resources. | | extraObjects | [list or object] of [tpl/object or tpl/string] | nil | Extra K8s manifests to deploy. Can be of type list or object. If object, keys are ignored and only values are used. The used values can be defined as object or string and are passed through tpl to render. |

CronJob Parameters

| Key | Type | Default | Description | |-----|------|---------|-------------| | cronJob.enabled | bool | false | Deploy CronJob resources. | | cronJob.jobs | object | nil | Map of CronJob resources. Key will be used as a name suffix for the CronJob. Value is the CronJob configuration. See values for more details. |

Job Parameters

| Key | Type | Default | Description | |-----|------|---------|-------------| | job.enabled | bool | false | Deploy Job resources. | | job.jobs | object | nil | Map of Job resources. Key will be used as a name suffix for the Job. Value is the Job configuration. See values for more details. |

Deployment Parameters

| Key | Type | Default | Description | |-----|------|---------|-------------| | deployment.enabled | bool | true | Enable Deployment. | | deployment.additionalLabels | object | nil | Additional labels for Deployment. | | deployment.podLabels | object | nil | Additional pod labels which are used in Service's Label Selector. | | deployment.annotations | object | nil | Annotations for Deployment. | | deployment.additionalPodAnnotations | object | nil | Additional pod annotations. | | deployment.strategy.type | string | "RollingUpdate" | Type of deployment strategy. | | deployment.reloadOnChange | bool | true | Reload deployment if attached Secret/ConfigMap changes. | | deployment.nodeSelector | object | nil | Select the node where the pods should be scheduled. | | deployment.hostAliases | list | nil | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files. | | deployment.initContainers | object | nil | Add init containers to the pods. | | deployment.fluentdConfigAnnotations | object | nil | Configuration details for fluentdConfigurations. Only works for specific setup, see https://medium.com/stakater/dynamic-log-processing-with-fluentd-konfigurator-and-slack-935a5de4eddb. | | deployment.replicas | int | nil | Number of replicas. | | deployment.imagePullSecrets | list | [] | List of secrets to be used for pulling the images. | | deployment.envFrom | object | nil | Mount environment variables from ConfigMap or Secret to the pod. See the README "Consuming environment variable in application chart" section for more details. | | deployment.env | object | nil | Environment variables to be added to the pod. See the README "Consuming environment variable in application chart" section for more details. | | deployment.volumes | object | nil | Volumes to be added to the pod. Key is the name of the volume. Value is the volume definition. | | deployment.volumeMounts | object | nil | Mount path for Volumes. Key is the name of the volume. Value is the volume mount definition. | | deployment.priorityClassName | string | "" | Define the priority class for the pod. | | deployment.runtimeClassName | string | "" | Set the runtimeClassName for the deployment's pods. | | deployment.tolerations | list | nil | Taint tolerations for the pods. | | deployment.affinity | object | nil | Affinity for the pods. | | deployment.topologySpreadConstraints | list | nil | Topology spread constraints for the pods. | | deployment.revisionHistoryLimit | int | 2 | Number of ReplicaSet revisions to retain. | | deployment.image.repository | tpl/string | "" | Repository. | | deployment.image.tag | tpl/string | "" | Tag. | | deployment.image.digest | tpl/string | "" | Image digest. If resolved to a non-empty value, digest takes precedence on the tag. | | deployment.image.pullPolicy | string | "IfNotPresent" | Image pull policy. | | deployment.dnsConfig | object | nil | DNS config for the pods. | | deployment.dnsPolicy | string | "" | DNS Policy. | | deployment.enableServiceLinks | bool | true | Enable Kubernetes service links. | | deployment.startupProbe | object | See below | Startup probe. Must specify either one of the following field when enabled: httpGet, exec, tcpSocket, grpc | | deployment.startupProbe.enabled | bool | false | Enable Startup probe. | | deployment.startupProbe.failureThreshold | int | 30 | Number of retries before marking the pod as failed. | | deployment.startupProbe.periodSeconds | int | 10 | Time between retries. | | deployment.startupProbe.successThreshold | int | 1 | Number of successful probes before marking the pod as ready. | | deployment.startupProbe.timeoutSeconds | int | 1 | Time before the probe times out. | | deployment.startupProbe.httpGet | object | {} | HTTP Get probe. | | deployment.startupProbe.exec | object | {} | Exec probe. | | deployment.startupProbe.tcpSocket | object | {} | TCP Socket probe. | | deployment.startupProbe.grpc | object | {} | gRPC probe. | | deployment.readinessProbe | object | See below | Readiness probe. Must specify either one of the following field when enabled: httpGet, exec, tcpSocket, grpc | | deployment.readinessProbe.enabled | bool | false | Enable Readiness probe. | | deployment.readinessProbe.failureThreshold | int | 30 | Number of retries before marking the pod as failed. | | deployment.readinessProbe.periodSeconds | int | 10 | Time between retries. | | deployment.readinessProbe.successThreshold | int | 1 | Number of successful probes before marking the pod as ready. | | deployment.readinessProbe.timeoutSeconds | int | 1 | Time before the probe times out. | | deployment.readinessProbe.httpGet | object | {} | HTTP Get probe. | | deployment.readinessProbe.exec | object | {} | Exec probe. | | deployment.readinessProbe.tcpSocket | object | {} | TCP Socket probe. | | deployment.readinessProbe.grpc | object | {} | gRPC probe. | | deployment.livenessProbe | object | See below | Liveness probe. Must specify either one of the following field when enabled: httpGet, exec, tcpSocket, grpc | | deployment.livenessProbe.enabled | bool | false | Enable Liveness probe. | | deployment.livenessProbe.failureThreshold | int | 30 | Number of retries before marking the pod as failed. | | deployment.livenessProbe.periodSeconds | int | 10 | Time between retries. | | deployment.livenessProbe.successThreshold | int | 1 | Number of successful probes before marking the pod as ready. | | deployment.livenessProbe.timeoutSeconds | int | 1 | Time before the probe times out. | | deployment.livenessProbe.httpGet | object | {} | HTTP Get probe. | | deployment.livenessProbe.exec | object | {} | Exec probe. | | deployment.livenessProbe.tcpSocket | object | {} | TCP Socket probe. | | deployment.livenessProbe.grpc | object | {} | gRPC probe. | | deployment.resources | object | {} | Resource limits and requests for the pod. | | deployment.containerSecurityContext | object | {"readOnlyRootFilesystem":true,"runAsNonRoot":true} | Security Context at Container Level. | | deployment.openshiftOAuthProxy.enabled | bool | false | Enable OpenShift OAuth Proxy. | | deployment.openshiftOAuthProxy.port | int | 8080 | Port on which application is running inside container. | | deployment.openshiftOAuthProxy.secretName | string | "openshift-oauth-proxy-tls" | Secret name for the OAuth Proxy TLS certificate. | | deployment.openshiftOAuthProxy.image | string | "openshift/oauth-proxy:latest" | Image for the OAuth Proxy. | | deployment.openshiftOAuthProxy.disableTLSArg | bool | false | If disabled --http-address=:8081 will be used instead of --https-address=:8443. It can be useful when an ingress is enabled for the application. | | deployment.securityContext | object | nil | Security Context for the pod. | | deployment.command | list | [] | Command for the app container. | | deployment.args | list | [] | Args for the app container. | | deployment.automountServiceAccountToken | bool | true | Mount Service Account token. | | deployment.ports | list | nil | List of ports for the app container. | | deployment.hostNetwork | bool | nil | Host network connectivity. | | deployment.terminationGracePeriodSeconds | int | nil | Gracefull termination period. | | deployment.minReadySeconds | int | nil | Minimum number of seconds for which a newly created Pod should be ready without any of its containers crashing. | | deployment.lifecycle | object | {} | Lifecycle configuration for the pod. | | deployment.additionalContainers | list | nil | Addit

stakater

View profile

View on GitHub
GitHub Stars355
CategoryDevelopment
Updated6d ago
Forks122
stakater/application

Languages

Starlark

Security Score

100/100

Audited on Mar 28, 2026

No findings