Add Hermes Helm chart

2026-05-25 11:21:25 +05:30
parent 186bf25cb1
commit c59ef9f30c
7 changed files with 210 additions and 0 deletions
--- a/charts/hermes/Chart.yaml
+++ b/charts/hermes/Chart.yaml
@@ -0,0 +1,6 @@
 apiVersion: v2
 name: hermes
 description: Helm chart for Hermes Agent
 type: application
 version: 0.1.0
 appVersion: latest
--- a/charts/hermes/README.md
+++ b/charts/hermes/README.md
@@ -0,0 +1,47 @@
 # Hermes Helm Chart
 This chart deploys the Hermes Agent image from the private Gitea registry.
 The current `git.openputer.com/common/hermes:latest` image is amd64-only, so
 the default values schedule pods on amd64 nodes.
 ## Registry Secret
 Create the registry pull secret in the target namespace before installing:
 ```sh
 kubectl create namespace hermes
 kubectl create secret docker-registry gitea-registry \
  --namespace hermes \
  --docker-server=git.openputer.com \
  --docker-username='<username>' \
  --docker-password='<token-or-password>'
 ```
 ## Install
 ```sh
 helm upgrade --install hermes ./charts/hermes \
  --namespace hermes \
  --create-namespace
 ```
 ## Check
 ```sh
 kubectl get pods -n hermes
 kubectl logs -n hermes deploy/hermes
 ```
 ## Dashboard
 The dashboard is disabled by default. If you enable it, keep it behind
 authentication or a private tunnel.
 ```sh
 helm upgrade --install hermes ./charts/hermes \
  --namespace hermes \
  --set env.HERMES_DASHBOARD=1 \
  --set env.HERMES_DASHBOARD_HOST=0.0.0.0 \
  --set service.enabled=true
 ```
--- a/charts/hermes/templates/_helpers.tpl
+++ b/charts/hermes/templates/_helpers.tpl
@@ -0,0 +1,29 @@
 {{- define "hermes.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{- define "hermes.fullname" -}}
 {{- if .Values.fullnameOverride -}}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- $name := default .Chart.Name .Values.nameOverride -}}
 {{- if contains $name .Release.Name -}}
 {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{- end -}}
 {{- end -}}
 {{- define "hermes.labels" -}}
 helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
 app.kubernetes.io/name: {{ include "hermes.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end -}}
 {{- define "hermes.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "hermes.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end -}}
--- a/charts/hermes/templates/deployment.yaml
+++ b/charts/hermes/templates/deployment.yaml
@@ -0,0 +1,60 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ include "hermes.fullname" . }}
  labels:
    {{- include "hermes.labels" . | nindent 4 }}
 spec:
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
      {{- include "hermes.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
        {{- include "hermes.selectorLabels" . | nindent 8 }}
    spec:
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      containers:
        - name: hermes
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          args:
            {{- toYaml .Values.command | nindent 12 }}
          env:
            - name: HERMES_HOME
              value: /opt/data
            {{- range $name, $value := .Values.env }}
            - name: {{ $name }}
              value: {{ $value | quote }}
            {{- end }}
          {{- with .Values.resources }}
          resources:
            {{- toYaml . | nindent 12 }}
          {{- end }}
          volumeMounts:
            - name: hermes-data
              mountPath: /opt/data
      volumes:
        - name: hermes-data
          {{- if .Values.persistence.enabled }}
          persistentVolumeClaim:
            claimName: {{ include "hermes.fullname" . }}-data
          {{- else }}
          emptyDir: {}
          {{- end }}
--- a/charts/hermes/templates/pvc.yaml
+++ b/charts/hermes/templates/pvc.yaml
@@ -0,0 +1,17 @@
 {{- if .Values.persistence.enabled }}
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: {{ include "hermes.fullname" . }}-data
  labels:
    {{- include "hermes.labels" . | nindent 4 }}
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: {{ .Values.persistence.size }}
  {{- if .Values.persistence.storageClassName }}
  storageClassName: {{ .Values.persistence.storageClassName }}
  {{- end }}
 {{- end }}
--- a/charts/hermes/templates/service.yaml
+++ b/charts/hermes/templates/service.yaml
@@ -0,0 +1,16 @@
 {{- if .Values.service.enabled }}
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "hermes.fullname" . }}
  labels:
    {{- include "hermes.labels" . | nindent 4 }}
 spec:
  type: {{ .Values.service.type }}
  selector:
    {{- include "hermes.selectorLabels" . | nindent 4 }}
  ports:
    - name: http
      port: {{ .Values.service.port }}
      targetPort: {{ .Values.service.targetPort }}
 {{- end }}
--- a/charts/hermes/values.yaml
+++ b/charts/hermes/values.yaml
@@ -0,0 +1,35 @@
 image:
  repository: git.openputer.com/common/hermes
  tag: latest
  pullPolicy: IfNotPresent
 imagePullSecrets:
  - name: gitea-registry
 replicaCount: 1
 command:
  - gateway
  - run
 env: {}
 persistence:
  enabled: true
  size: 10Gi
  storageClassName: ""
 service:
  enabled: false
  type: ClusterIP
  port: 9119
  targetPort: 9119
 resources: {}
 nodeSelector:
  kubernetes.io/arch: amd64
 tolerations: []
 affinity: {}