feat: CodeZero Helm chart — first ISV partner#12
Open
robinbraemer wants to merge 3 commits intomainfrom
Open
Conversation
First ISV partner chart. Converts Code Zero's docker-compose (12 services) to Kubernetes-native Helm chart: IDE profile: - Postgres 16.1 StatefulSet with PVC - Sagittarius Rails web (backend API, health checks) - Sagittarius Rails background (GoodJob worker) - Sagittarius gRPC server - Sculptor (Next.js frontend) - Nginx reverse proxy (routes graphql, grpc, static to backends) Runtime profile (conditional, runtime.enabled): - NATS with JetStream - Aquila (runtime gateway, connects to sagittarius via token) - Taurus (flow execution engine) - Draco REST (HTTP trigger adapter) - Draco Cron (scheduled trigger adapter) Config generator replaced with Helm-rendered ConfigMaps — nginx routing config and sagittarius DB config are templated directly, no Ruby ERB container needed. Images from registry.gitlab.com/code0-tech/packages with -ce/-ee suffix.
Replace inline Postgres StatefulSet with Bitnami postgresql 16.7.5 subchart. Gets us production-grade Postgres with: - Proper StatefulSet + PVC management - Health checks, probes, security context - PodDisruptionBudget, NetworkPolicy, ServiceAccount - Backup support, replication option, metrics exporter - Configurable via standard postgresql.* values Removed: deployment-postgres.yaml, inline postgres Service Added: Chart.yaml dependency, postgresql.* values block Updated: secret, configmap, helpers to reference Bitnami service name NATS kept inline — simple single-instance broker, Bitnami chart would be overkill for Code Zero's use case.
- Upgraded from 16.7.5 to 18.5.17 (latest, PostgreSQL 18.3) - Removed hardcoded postgres password from values.yaml — Bitnami auto-generates and stores in K8s Secret - All sagittarius containers read POSTGRES_PASSWORD from Bitnami's secret via secretKeyRef - envFrom used for other env vars from codezero secret
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Helm chart for CodeZero — CNAP's first ISV deployment partner. Converts their docker-compose (12 services) to a production-ready Kubernetes chart hosted in
cnap-tech/charts.Architecture
IDE profile (the app):
Runtime profile (flow execution, conditional):
Key design decisions
runtime.enabledtoggles all flow execution services.Resources generated
10 Deployments, 9 Services, 2 ConfigMaps, 2 Secrets, 1 StatefulSet, 1 ServiceAccount, 1 PodDisruptionBudget, 1 NetworkPolicy (Bitnami)
Test plan
helm lint— 0 errorshelm template— renders 28 resources correctlyContext
registry.gitlab.com/code0-tech/packageswith-ce/-eeedition suffix