apiVersion: application.kubero.dev/v1alpha1 kind: Kubero metadata: name: kubero spec: # Default values copied from /helm-charts/kubero/values.yaml affinity: {} fullnameOverride: "" image: pullPolicy: Always repository: ghcr.io/kubero-dev/kubero/kubero tag: "latest" imagePullSecrets: [] ingress: annotations: {} className: "" enabled: true hosts: - host: kubero.lacolhost.com paths: - path: / pathType: ImplementationSpecific tls: [] nameOverride: "" nodeSelector: {} podAnnotations: {} podSecurityContext: {} prometheus: enabled: false endpoint: http://kubero-prometheus-server # for internal access via service without ingress registry: enabled: false # creates registry credentials for a external or a local registry (required for build strategy apps) create: false # spins up a local registry public: true # makes the registry public available #host: registry.kubero.svc.cluster.local # works for pushes, but not for pulls. DO NOT USE THIS :( since it requires to configure all nodes ot acceppt this "insecure" registry #host: docker.io # requires a docker account. Might be the best choice when running on a non public domain host: registry.demo.kubero.dev # will make your images publicly avaialble with a basic auth protection account: # create account with: # docker run --entrypoint htpasswd httpd:2 -Bbn [username] [password] # http://aspirine.org/htpasswd_en.html (use bcrypt) username: kubero password: kubero hash: $2y$05$czQZpvtDYc5OzM/1r1pH0eAplT/okohh/mXoWl/Y65ZP/8/jnSWZq port: 443 storage: 1Gi storageClassName: replicaCount: 1 resources: {} securityContext: {} service: port: 2000 type: ClusterIP serviceAccount: annotations: {} create: true name: "" tolerations: [] kubero: debug: "" namespace: kubero context: inClusterContext webhook_url: https://kubero.example.com/api/repo/webhooks sessionKey: "randomString" auth: github: enabled: false id: "" secret: "" callbackUrl: "" org: "" oauth2: enabled: false name: "" id: "" authUrl: "" tokenUrl: "" secret: "" callbackUrl: "" scopes: "" auditLogs: enabled: false storageClassName: accessModes: - ReadWriteOnce size: 0.1Gi limit: 1000 config: kubero: readonly: false admin: disabled: false console: enabled: false banner: show: false message: "Welcome to Kubero!" bgcolor: "#8560A9" fontcolor: "azure" clusterissuer: letsencrypt-prod notifications: [] templates: enabled: true catalogs: - name: "Kubero" description: "Kubero templates" templateBasePath: "https://raw.githubusercontent.com/kubero-dev/kubero/main/services/" index: url: "https://raw.githubusercontent.com/kubero-dev/templates/main/index.json" format: "json" # json or yaml # TODO has no effect yet. json is always used - name: "Kubero Frameworks" description: "Kubero templates" templateBasePath: "https://raw.githubusercontent.com/kubero-dev/kubero/main/services/" index: url: "https://raw.githubusercontent.com/kubero-dev/templates/main/index-frameworks.json" format: "json" # json or yaml # TODO has no effect yet. json is always used buildPacks: - name: NodeJS language: JavaScript fetch: repository: ghcr.io/kubero-dev/fetch tag: v1 securityContext: runAsUser: 1000 build: repository: node tag: latest command: "npm install" securityContext: runAsUser: 1000 run: repository: node tag: latest command: "node index.js" - name: PHP language: PHP fetch: repository: ghcr.io/kubero-dev/fetch tag: v1 securityContext: runAsUser: 1000 build: repository: composer tag: latest command: "composer install; chown -R 1000:1000 /app" run: repository: webdevops/php-apache tag: "8.1" readOnlyAppStorage: false securityContext: allowPrivilegeEscalation: true readOnlyRootFilesystem: false command: "apache2-foreground" - name: Python language: Python fetch: repository: ghcr.io/kubero-dev/fetch tag: v1 securityContext: runAsUser: 1000 build: repository: python tag: 3.10-buster command: "python3 -m venv .venv && . .venv/bin/activate && pip install -r requirements.txt" run: repository: python tag: 3.10-buster command: ". .venv/bin/activate && python3 main.py" - name: GoLang language: GoLang fetch: repository: ghcr.io/kubero-dev/fetch tag: v1 securityContext: runAsUser: 1000 build: repository: golang tag: alpine command: "go mod download && go mod verify && go build -v -o app" run: repository: golang tag: alpine command: "./app" - name: Hugo language: GoLang fetch: repository: ghcr.io/kubero-dev/fetch tag: v1 securityContext: runAsUser: 1000 build: repository: klakegg/hugo tag: latest command: hugo -D run: repository: caddy tag: latest command: caddy file-server --listen :8080 --root /app/public - name: Ruby language: Ruby fetch: repository: ghcr.io/kubero-dev/fetch tag: v1 securityContext: runAsUser: 1000 build: repository: ruby tag: "2.7" command: "export GEM_HOME=/app/bundle; bundle install --jobs=4 --retry=3" run: repository: ruby tag: "2.7" command: "export GEM_HOME=/app/bundle; bundle exec ruby main.rb" - name: Static language: HTML fetch: repository: ghcr.io/kubero-dev/fetch tag: v1 securityContext: runAsUser: 1000 build: repository: busybox tag: latest command: "echo 'Buildpack not required'" run: repository: caddy tag: latest command: caddy file-server --listen :8080 --root /app podSizeList: - name: small description: 'Small (CPU: 0.25, Memory: 0.5Gi)' default: true resources: requests: memory: 0.5Gi cpu: 250m limits: memory: 1Gi cpu: 500m - name: medium description: 'Medium (CPU: 1, Memory: 2Gi)' resources: requests: memory: 2Gi cpu: 1000m limits: memory: 4Gi cpu: 2000m - name: large description: 'Large (CPU: 2, Memory: 4Gi)' active: false resources: requests: memory: 4Gi cpu: 2000m limits: memory: 4Gi cpu: 2000m