fix: docs

kubeshop · Nov 28, 2024 · 60cc9ef · 60cc9ef
1 parent 985ab2c
commit 60cc9ef
Show file tree

Hide file tree

Showing 4 changed files with 108 additions and 5 deletions.
diff --git a/charts/testkube-cloud-api/README.md b/charts/testkube-cloud-api/README.md
@@ -58,6 +58,7 @@ A Helm chart for Testkube Cloud API
 | api.logServer.secure | string | `"false"` | Log server TLS configuration secure connection |
 | api.logServer.skipVerify | string | `"true"` | Log server TLS configuration skip Verify |
 | api.migrations.enabled | bool | `false` | Toggle whether to apply migrations for MongoDB |
+| api.migrations.ignoreNoDbError | bool | `true` | Ignoring no db error - exit 0 - used when helm hooks are enabled on pre-install |
 | api.migrations.ttlSecondsAfterFinished | int | `345600` | TTL for the migration job, defaults to 4 days |
 | api.migrations.useHelmHooks | bool | `true` | Toggle whether to enable pre-install & pre-upgrade hooks |
 | api.minio.accessKeyId | string | `""` | MinIO access key id |
@@ -192,6 +193,10 @@ A Helm chart for Testkube Cloud API
 | init.mongo.image.registry | string | `"docker.io"` | MongoSH image registry |
 | init.mongo.image.repository | string | `"alpine/mongosh"` | MongoSH image repository |
 | init.mongo.image.tag | string | `"2.0.2"` | MongoSH image tag |
+| migrationImage.pullPolicy | string | `"IfNotPresent"` |  |
+| migrationImage.registry | string | `""` | If defined, it will prepend the registry to the image name, if not, default docker.io will be prepended |
+| migrationImage.repository | string | `"kubeshop/testkube-migration"` |  |
+| migrationImage.tag | string | `"0.0.7"` |  |
 | nameOverride | string | `""` |  |
 | nodeSelector | object | `{}` |  |
 | payments.apiKey | string | `""` | Payments API key (currently only Stripe is supported) |

diff --git a/charts/testkube-enterprise/README.md b/charts/testkube-enterprise/README.md
@@ -208,7 +208,7 @@ A Helm chart for Testkube Enterprise
 | testkube-cloud-api.api.migrations.enabled | bool | `true` | Toggle whether to run database migrations |
 | testkube-cloud-api.api.migrations.image.repository | string | `"kubeshop/testkube-enterprise-api-migrations"` | Migrations image repository |
 | testkube-cloud-api.api.migrations.ttlSecondsAfterFinished | int | `345600` | TTL for the migration job, defaults to 4 days |
-| testkube-cloud-api.api.migrations.useHelmHooks | bool | `false` | Toggle whether to enable pre-install & pre-upgrade hooks (should be disabled if mongo is installed using this chart) |
+| testkube-cloud-api.api.migrations.useHelmHooks | bool | `true` | Toggle whether to enable pre-install & pre-upgrade hooks (should be disabled if mongo is installed using this chart) |
 | testkube-cloud-api.api.minio.certSecret.baseMountPath | string | `"/etc/client-certs/storage"` | Base path to mount the client certificate secret |
 | testkube-cloud-api.api.minio.certSecret.caFile | string | `"ca.crt"` | Path to ca file (used for self-signed certificates) |
 | testkube-cloud-api.api.minio.certSecret.certFile | string | `"cert.crt"` | Path to client certificate file |
@@ -260,6 +260,9 @@ A Helm chart for Testkube Enterprise
 | testkube-cloud-api.init.mongo.image.repository | string | `"kubeshop/bitnami-mongodb"` | MongoSH image repository |
 | testkube-cloud-api.init.mongo.image.tag | string | `"7.0.12"` | MongoSH image tag |
 | testkube-cloud-api.init.mongo.securityContext | object | `{}` | Init container Security Context |
+| testkube-cloud-api.migrationImage.registry | string | `""` | If defined, it will prepend the registry to the image name, if not, default docker.io will be prepended |
+| testkube-cloud-api.migrationImage.repository | string | `"kubeshop/testkube-migration"` |  |
+| testkube-cloud-api.migrationImage.tag | string | `"0.0.7"` |  |
 | testkube-cloud-api.podSecurityContext | object | `{}` | Pod Security Context |
 | testkube-cloud-api.prometheus.enabled | bool | `false` |  |
 | testkube-cloud-api.resources | object | `{"limits":{"cpu":1,"memory":"512Mi"},"requests":{"cpu":"50m","memory":"64Mi"}}` | Set resources requests and limits for Testkube Api |

diff --git a/charts/testkube-enterprise/charts/dex/README.md b/charts/testkube-enterprise/charts/dex/README.md
@@ -0,0 +1,99 @@
+## Getting started
+
+### Minimal configuration
+
+Dex requires a minimal configuration in order to work.
+You can pass configuration to Dex using Helm values:
+
+```yaml
+config:
+  # Set it to a valid URL
+  issuer: http://my-issuer-url.com
+
+  # See https://dexidp.io/docs/storage/ for more options
+  storage:
+    type: memory
+
+  # Enable at least one connector
+  # See https://dexidp.io/docs/connectors/ for more options
+  enablePasswordDB: true
+```
+
+The above configuration won't make Dex automatically available on the configured URL.
+One (and probably the easiest) way to achieve that is configuring ingress:
+
+```yaml
+ingress:
+  enabled: true
+
+  hosts:
+    - host: my-issuer-url.com
+      paths:
+        - path: /
+```
+
+### Minimal TLS configuration
+
+HTTPS is basically mandatory these days, especially for authentication and authorization services.
+There are several solutions for protecting services with TlS in Kubernetes,
+but by far the most popular and portable is undoubtedly [Cert Manager](https://cert-manager.io).
+
+Cert Manager can be [installed](https://cert-manager.io/docs/installation/kubernetes) with a few steps:
+
+```shell
+helm repo add jetstack https://charts.jetstack.io
+helm repo update
+kubectl create namespace cert-manager
+helm install \
+  cert-manager jetstack/cert-manager \
+  --namespace cert-manager \
+  --set installCRDs=true
+```
+
+The next step is setting up an [issuer](https://cert-manager.io/docs/concepts/issuer/) (eg. [Let's Encrypt](https://letsencrypt.org/)):
+
+```shell
+cat <<EOF | kubectl apply -f -
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: acme
+spec:
+  acme:
+    email: YOUR@EMAIL_ADDRESS
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: acme-account-key
+    solvers:
+    - http01:
+       ingress:
+         class: YOUR_INGRESS_CLASS
+EOF
+```
+
+Finally, change the ingress config to use TLS:
+
+```yaml
+ingress:
+  enabled: true
+
+  annotations:
+    cert-manager.io/cluster-issuer: acme
+
+  hosts:
+    - host: my-issuer-url.com
+      paths:
+        - path: /
+
+  tls:
+    - hosts:
+        - my-issuer-url.com
+      secretName: dex-cert
+```
+
+## Migrating from stable/dex (or banzaicloud-stable/dex) chart
+
+This chart is not backwards compatible with the `stable/dex` (or `banzaicloud-stable/dex`) chart.
+
+However, Dex itself remains backwards compatible, so you can easily install the new chart in place of the old one
+and continue using Dex with a minimal downtime.
diff --git a/charts/testkube-enterprise/charts/dex/README.md.gotmpl b/charts/testkube-enterprise/charts/dex/README.md.gotmpl
@@ -1,5 +1,3 @@
-{{ template "chart.baseHead" . }}
-
 ## Getting started
 
 ### Minimal configuration
@@ -93,8 +91,6 @@ ingress:
       secretName: dex-cert
 ```
 
-{{ template "chart.valuesSection" . }}
-
 ## Migrating from stable/dex (or banzaicloud-stable/dex) chart
 
 This chart is not backwards compatible with the `stable/dex` (or `banzaicloud-stable/dex`) chart.