andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated Coder Partner Chart Addition (#1102)

main-source
greg-the-coder 2025-01-22 12:29:53 -06:00 committed by GitHub
parent 4516e2f443
commit 747a847b17
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
23 changed files with 1134 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/coder/coder-2.18.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/icons/coder.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 11 KiB

27
charts/coder/coder/2.18.3/.helmignore Normal file
View File

@ -0,0 +1,27 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
Makefile
artifacthub-repo.yml
tests

6
charts/coder/coder/2.18.3/Chart.lock Normal file
View File

@ -0,0 +1,6 @@
dependencies:
- name: libcoder
repository: file://../libcoder
version: 0.1.0
digest: sha256:5c9a99109258073b590a9f98268490ef387fde24c0c7c7ade9c1a8c7ef5e6e10
generated: "2023-08-08T07:27:19.677972411Z"

27
charts/coder/coder/2.18.3/Chart.yaml Normal file
View File

@ -0,0 +1,27 @@
annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Coder
catalog.cattle.io/kube-version: '>=1.19-0'
catalog.cattle.io/release-name: coder
apiVersion: v2
appVersion: 2.18.3
dependencies:
- name: libcoder
repository: file://../libcoder
version: 0.1.0
description: Remote development environments on your infrastructure
home: https://github.com/coder/coder
icon: file://assets/icons/coder.png
keywords:
- coder
- terraform
kubeVersion: '>=1.19-0'
maintainers:
- email: support@coder.com
name: Coder Technologies, Inc.
url: https://coder.com/contact
name: coder
sources:
- https://github.com/coder/coder/tree/main/helm/coder
type: application
version: 2.18.3

53
charts/coder/coder/2.18.3/README.md Normal file
View File

@ -0,0 +1,53 @@
# Coder Helm Chart
This directory contains the Helm chart used to deploy Coder onto a Kubernetes
cluster. It contains the minimum required components to run Coder on Kubernetes,
and notably (compared to Coder Classic) does not include a database server.
## Getting Started
> **Warning**: The main branch in this repository does not represent the
> latest release of Coder. Please reference our installation docs for
> instructions on a tagged release.
View
[our docs](https://coder.com/docs/install/kubernetes)
for detailed installation instructions.
## Values
Please refer to [values.yaml](values.yaml) for available Helm values and their
defaults.
A good starting point for your values file is:
```yaml
coder:
# You can specify any environment variables you'd like to pass to Coder
# here. Coder consumes environment variables listed in
# `coder server --help`, and these environment variables are also passed
# to the workspace provisioner (so you can consume them in your Terraform
# templates for auth keys etc.).
#
# Please keep in mind that you should not set `CODER_HTTP_ADDRESS`,
# `CODER_TLS_ENABLE`, `CODER_TLS_CERT_FILE` or `CODER_TLS_KEY_FILE` as
# they are already set by the Helm chart and will cause conflicts.
env:
- name: CODER_ACCESS_URL
value: "https://coder.example.com"
- name: CODER_PG_CONNECTION_URL
valueFrom:
secretKeyRef:
# You'll need to create a secret called coder-db-url with your
# Postgres connection URL like:
# postgres://coder:password@postgres:5432/coder?sslmode=disable
name: coder-db-url
key: url
# This env enables the Prometheus metrics endpoint.
- name: CODER_PROMETHEUS_ADDRESS
value: "0.0.0.0:2112"
tls:
secretNames:
- my-tls-secret-name
```

16
charts/coder/coder/2.18.3/app-readme.md Normal file
View File

@ -0,0 +1,16 @@
# Coder/coder
## Overview
Coder provides development environments in your public and private clouds. Environments are defined with Terraform, connected through a secure high-speed tunnel, and automatically shut down when not in use to save on costs. Coder gives engineering teams the flexibility to use the cloud for workloads that are most beneficial to them.
Developers can connect to Coder workspaces using the tools and IDEs they know and love including VS Code Remote, JetBrains Gateway, SSH as well as web IDEs such as JupyterLab, code-server, RStudio, and web terminals.
## Highlights
- Onboard developers in seconds instead of days
- Define development environments in Terraform (EC2 VMs, Kubernetes Pods, Docker Containers, etc.)
- Keep source code within your infrastructure, and use RBAC with existing authentication systems
- Automatically shutdown idle resources to save on costs
## Getting Started
Review the Coder Kubernetes [installation instructions](https://coder.com/docs/install/kubernetes) for required prerequisites and options for the [values.yaml](https://github.com/coder/coder/blob/main/helm/coder/values.yaml) used by the chart.
## Resources
- [Coder Documentation](https://coder.com/docs)
- [Coder Quickstart Guide](https://coder.com/docs/tutorials/quickstart)
- [Discord Community](https://discord.gg/coder)

11
charts/coder/coder/2.18.3/charts/libcoder/Chart.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v2
appVersion: 0.1.0
description: Coder library chart
home: https://github.com/coder/coder
maintainers:
- email: support@coder.com
name: Coder Technologies, Inc.
url: https://coder.com/contact
name: libcoder
type: library
version: 0.1.0

89
charts/coder/coder/2.18.3/charts/libcoder/templates/_coder.yaml Normal file
View File

@ -0,0 +1,89 @@
{{- define "libcoder.deployment.tpl" -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "coder.name" .}}
labels:
{{- include "coder.labels" . | nindent 4 }}
{{- with .Values.coder.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
annotations: {{ toYaml .Values.coder.annotations | nindent 4}}
spec:
replicas: {{ .Values.coder.replicaCount }}
selector:
matchLabels:
{{- include "coder.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "coder.labels" . | nindent 8 }}
{{- with .Values.coder.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
annotations:
{{- toYaml .Values.coder.podAnnotations | nindent 8 }}
spec:
serviceAccountName: {{ .Values.coder.serviceAccount.name | quote }}
restartPolicy: Always
{{- with .Values.coder.image.pullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
terminationGracePeriodSeconds: 60
{{- with .Values.coder.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.coder.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.coder.nodeSelector }}
nodeSelector:
{{ toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.coder.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.coder.initContainers }}
initContainers:
{{ toYaml . | nindent 8 }}
{{- end }}
containers: []
{{- include "coder.volumes" . | nindent 6 }}
{{- end -}}
{{- define "libcoder.deployment" -}}
{{- include "libcoder.util.merge" (append . "libcoder.deployment.tpl") -}}
{{- end -}}
{{- define "libcoder.containerspec.tpl" -}}
name: coder
image: {{ include "coder.image" . | quote }}
imagePullPolicy: {{ .Values.coder.image.pullPolicy }}
command:
{{- toYaml .Values.coder.command | nindent 2 }}
resources:
{{- toYaml .Values.coder.resources | nindent 2 }}
lifecycle:
{{- toYaml .Values.coder.lifecycle | nindent 2 }}
securityContext: {{ toYaml .Values.coder.securityContext | nindent 2 }}
{{ include "coder.volumeMounts" . }}
{{- end -}}
{{- define "libcoder.containerspec" -}}
{{- include "libcoder.util.merge" (append . "libcoder.containerspec.tpl") -}}
{{- end -}}
{{- define "libcoder.serviceaccount.tpl" -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.coder.serviceAccount.name | quote }}
annotations: {{ toYaml .Values.coder.serviceAccount.annotations | nindent 4 }}
labels:
{{- include "coder.labels" . | nindent 4 }}
{{- end -}}
{{- define "libcoder.serviceaccount" -}}
{{- include "libcoder.util.merge" (append . "libcoder.serviceaccount.tpl") -}}
{{- end -}}

200
charts/coder/coder/2.18.3/charts/libcoder/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,200 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "coder.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "coder.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Selector labels
!!!!! DO NOT ADD ANY MORE SELECTORS. IT IS A BREAKING CHANGE !!!!!
*/}}
{{- define "coder.selectorLabels" -}}
app.kubernetes.io/name: {{ include "coder.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "coder.labels" -}}
helm.sh/chart: {{ include "coder.chart" . }}
{{ include "coder.selectorLabels" . }}
app.kubernetes.io/part-of: {{ include "coder.name" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Coder Docker image URI
*/}}
{{- define "coder.image" -}}
{{- if and (eq .Values.coder.image.tag "") (eq .Chart.AppVersion "0.1.0") -}}
{{ fail "You must specify the coder.image.tag value if you're installing the Helm chart directly from Git." }}
{{- end -}}
{{ .Values.coder.image.repo }}:{{ .Values.coder.image.tag | default (printf "v%v" .Chart.AppVersion) }}
{{- end }}
{{/*
Coder TLS enabled.
*/}}
{{- define "coder.tlsEnabled" -}}
{{- if hasKey .Values.coder "tls" -}}
{{- if .Values.coder.tls.secretNames -}}
true
{{- else -}}
false
{{- end -}}
{{- else -}}
false
{{- end -}}
{{- end }}
{{/*
Coder TLS environment variables.
*/}}
{{- define "coder.tlsEnv" }}
{{- if eq (include "coder.tlsEnabled" .) "true" }}
- name: CODER_TLS_ENABLE
value: "true"
- name: CODER_TLS_ADDRESS
value: "0.0.0.0:8443"
- name: CODER_TLS_CERT_FILE
value: "{{ range $idx, $secretName := .Values.coder.tls.secretNames -}}{{ if $idx }},{{ end }}/etc/ssl/certs/coder/{{ $secretName }}/tls.crt{{- end }}"
- name: CODER_TLS_KEY_FILE
value: "{{ range $idx, $secretName := .Values.coder.tls.secretNames -}}{{ if $idx }},{{ end }}/etc/ssl/certs/coder/{{ $secretName }}/tls.key{{- end }}"
{{- end }}
{{- end }}
{{/*
Coder default access URL
*/}}
{{- define "coder.defaultAccessURL" }}
{{- if eq (include "coder.tlsEnabled" .) "true" -}}
https
{{- else -}}
http
{{- end -}}
://coder.{{ .Release.Namespace }}.svc.cluster.local
{{- end }}
{{/*
Coder volume definitions.
*/}}
{{- define "coder.volumeList" }}
{{- if hasKey .Values.coder "tls" -}}
{{- range $secretName := .Values.coder.tls.secretNames }}
- name: "tls-{{ $secretName }}"
secret:
secretName: {{ $secretName | quote }}
{{ end -}}
{{- end }}
{{ range $secret := .Values.coder.certs.secrets -}}
- name: "ca-cert-{{ $secret.name }}"
secret:
secretName: {{ $secret.name | quote }}
{{ end -}}
{{ if gt (len .Values.coder.volumes) 0 -}}
{{ toYaml .Values.coder.volumes }}
{{ end -}}
{{- end }}
{{/*
Coder volumes yaml.
*/}}
{{- define "coder.volumes" }}
{{- if trim (include "coder.volumeList" .) -}}
volumes:
{{- include "coder.volumeList" . -}}
{{- else -}}
volumes: []
{{- end -}}
{{- end }}
{{/*
Coder volume mounts.
*/}}
{{- define "coder.volumeMountList" }}
{{- if hasKey .Values.coder "tls" }}
{{ range $secretName := .Values.coder.tls.secretNames -}}
- name: "tls-{{ $secretName }}"
mountPath: "/etc/ssl/certs/coder/{{ $secretName }}"
readOnly: true
{{ end -}}
{{- end }}
{{ range $secret := .Values.coder.certs.secrets -}}
- name: "ca-cert-{{ $secret.name }}"
mountPath: "/etc/ssl/certs/{{ $secret.name }}.crt"
subPath: {{ $secret.key | quote }}
readOnly: true
{{ end -}}
{{ if gt (len .Values.coder.volumeMounts) 0 -}}
{{ toYaml .Values.coder.volumeMounts }}
{{ end -}}
{{- end }}
{{/*
Coder volume mounts yaml.
*/}}
{{- define "coder.volumeMounts" }}
{{- if trim (include "coder.volumeMountList" .) -}}
volumeMounts:
{{- include "coder.volumeMountList" . -}}
{{- else -}}
volumeMounts: []
{{- end -}}
{{- end }}
{{/*
Coder ingress wildcard hostname with the wildcard suffix stripped.
*/}}
{{- define "coder.ingressWildcardHost" -}}
{{/* This regex replace is required as the original input including the suffix
* is not a legal ingress host. We need to remove the suffix and keep the
* wildcard '*'.
*
* - '\\*' Starts with '*'
* - '[^.]*' Suffix is 0 or more characters, '-suffix'
* - '(' Start domain capture group
* - '\\.' The domain should be separated with a '.' from the subdomain
* - '.*' Rest of the domain.
* - ')' $1 is the ''.example.com'
*/}}
{{- regexReplaceAll "\\*[^.]*(\\..*)" .Values.coder.ingress.wildcardHost "*${1}" -}}
{{- end }}
{{/*
Fail on fully deprecated values or deprecated value combinations. This is
included at the top of coder.yaml.
*/}}
{{- define "coder.verifyDeprecated" }}
{{/*
Deprecated value coder.tls.secretName must not be used.
*/}}
{{- if .Values.coder.tls.secretName }}
{{ fail "coder.tls.secretName is deprecated, use coder.tls.secretNames instead." }}
{{- end }}
{{- end }}
{{/*
Renders a value that contains a template.
Usage:
{{ include "coder.renderTemplate" ( dict "value" .Values.path.to.the.Value "context" $) }}
*/}}
{{- define "coder.renderTemplate" -}}
{{- if typeIs "string" .value }}
{{- tpl .value .context }}
{{- else }}
{{- tpl (.value | toYaml) .context }}
{{- end }}
{{- end -}}

62
charts/coder/coder/2.18.3/charts/libcoder/templates/_rbac.yaml Normal file
View File

@ -0,0 +1,62 @@
{{- define "libcoder.rbac.tpl" -}}
{{- if .Values.coder.serviceAccount.workspacePerms }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ .Values.coder.serviceAccount.name }}-workspace-perms
rules:
- apiGroups: [""]
resources: ["pods"]
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch
{{- if .Values.coder.serviceAccount.enableDeployments }}
- apiGroups:
- apps
resources:
- deployments
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch
{{- end }}
{{- with .Values.coder.serviceAccount.extraRules }}
{{ toYaml . | nindent 2 }}
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ .Values.coder.serviceAccount.name | quote }}
subjects:
- kind: ServiceAccount
name: {{ .Values.coder.serviceAccount.name | quote }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ .Values.coder.serviceAccount.name }}-workspace-perms
{{- end }}
{{- end -}}

13
charts/coder/coder/2.18.3/charts/libcoder/templates/_util.yaml Normal file
View File

@ -0,0 +1,13 @@
{{- /*
libcoder.util.merge will merge two YAML templates and output the result.
This takes an array of three values:
- the top context
- the template name of the overrides (destination)
- the template name of the base (source)
*/}}
{{- define "libcoder.util.merge" -}}
{{- $top := first . -}}
{{- $overrides := fromYaml (include (index . 1) $top) | default (dict ) -}}
{{- $tpl := fromYaml (include (index . 2) $top) | default (dict ) -}}
{{- toYaml (merge $overrides $tpl) -}}
{{- end -}}

6
charts/coder/coder/2.18.3/templates/NOTES.txt Normal file
View File

@ -0,0 +1,6 @@
{{/*
Deprecation notices:
*/}}
Enjoy Coder! Please create an issue at https://github.com/coder/coder if you run
into any problems! :)

108
charts/coder/coder/2.18.3/templates/_coder.tpl Normal file
View File

@ -0,0 +1,108 @@
{{/*
Service account to merge into the libcoder template
*/}}
{{- define "coder.serviceaccount" -}}
{{- end -}}
{{/*
Deployment to merge into the libcoder template
*/}}
{{- define "coder.deployment" -}}
spec:
template:
spec:
containers:
-
{{ include "libcoder.containerspec" (list . "coder.containerspec") | indent 8}}
{{- end -}}
{{/*
ContainerSpec for the Coder container of the Coder deployment
*/}}
{{- define "coder.containerspec" -}}
args:
{{- if .Values.coder.commandArgs }}
{{- toYaml .Values.coder.commandArgs | nindent 12 }}
{{- else }}
{{- if .Values.coder.workspaceProxy }}
- wsproxy
{{- end }}
- server
{{- end }}
{{- if .Values.coder.envFrom }}
envFrom:
{{- with .Values.coder.envFrom }}
{{ toYaml . }}
{{- end }}
{{- end }}
env:
- name: CODER_HTTP_ADDRESS
value: "0.0.0.0:8080"
- name: CODER_PROMETHEUS_ADDRESS
value: "0.0.0.0:2112"
{{- if .Values.provisionerDaemon.pskSecretName }}
- name: CODER_PROVISIONER_DAEMON_PSK
valueFrom:
secretKeyRef:
name: {{ .Values.provisionerDaemon.pskSecretName | quote }}
key: psk
{{- end }}
# Set the default access URL so a `helm apply` works by default.
# See: https://github.com/coder/coder/issues/5024
{{- $hasAccessURL := false }}
{{- range .Values.coder.env }}
{{- if eq .name "CODER_ACCESS_URL" }}
{{- $hasAccessURL = true }}
{{- end }}
{{- end }}
{{- if and (not $hasAccessURL) .Values.coder.envUseClusterAccessURL }}
- name: CODER_ACCESS_URL
value: {{ include "coder.defaultAccessURL" . | quote }}
{{- end }}
# Used for inter-pod communication with high-availability.
- name: KUBE_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: CODER_DERP_SERVER_RELAY_URL
value: "http://$(KUBE_POD_IP):8080"
{{- include "coder.tlsEnv" . }}
{{- with .Values.coder.env }}
{{ toYaml . }}
{{- end }}
ports:
- name: "http"
containerPort: 8080
protocol: TCP
{{- if eq (include "coder.tlsEnabled" .) "true" }}
- name: "https"
containerPort: 8443
protocol: TCP
{{- end }}
{{- range .Values.coder.env }}
{{- if eq .name "CODER_PROMETHEUS_ENABLE" }}
{{/*
This sadly has to be nested to avoid evaluating the second part
of the condition too early and potentially getting type errors if
the value is not a string (like a `valueFrom`). We do not support
`valueFrom` for this env var specifically.
*/}}
{{- if eq .value "true" }}
- name: "prometheus-http"
containerPort: 2112
protocol: TCP
{{- end }}
{{- end }}
{{- end }}
readinessProbe:
httpGet:
path: /healthz
port: "http"
scheme: "HTTP"
livenessProbe:
httpGet:
path: /healthz
port: "http"
scheme: "HTTP"
{{- end }}

7
charts/coder/coder/2.18.3/templates/coder.yaml Normal file
View File

@ -0,0 +1,7 @@
---
{{- if not .Values.coder.serviceAccount.disableCreate }}
{{ include "libcoder.serviceaccount" (list . "coder.serviceaccount") }}
{{- end }}
---
{{ include "libcoder.deployment" (list . "coder.deployment") }}

4
charts/coder/coder/2.18.3/templates/extra-templates.yaml Normal file
View File

@ -0,0 +1,4 @@
{{- range .Values.extraTemplates }}
---
{{ include "coder.renderTemplate" (dict "value" . "context" $) }}
{{- end }}

54
charts/coder/coder/2.18.3/templates/ingress.yaml Normal file
View File

@ -0,0 +1,54 @@
{{- if .Values.coder.ingress.enable }}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: coder
labels:
{{- include "coder.labels" . | nindent 4 }}
annotations:
{{- toYaml .Values.coder.ingress.annotations | nindent 4 }}
spec:
{{- if .Values.coder.ingress.className }}
{{/* If this is set to an empty string it fails validation on K8s */}}
ingressClassName: {{ .Values.coder.ingress.className | quote }}
{{- end }}
rules:
- host: {{ .Values.coder.ingress.host | quote }}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: coder
port:
name: "http"
{{- if .Values.coder.ingress.wildcardHost }}
- host: {{ include "coder.ingressWildcardHost" . | quote }}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: coder
port:
name: "http"
{{- end }}
{{- if .Values.coder.ingress.tls.enable }}
tls:
- hosts:
- {{ .Values.coder.ingress.host | quote }}
secretName: {{ .Values.coder.ingress.tls.secretName | quote}}
{{- if .Values.coder.ingress.tls.wildcardSecretName }}
- hosts:
- {{ include "coder.ingressWildcardHost" . | quote }}
secretName: {{ .Values.coder.ingress.tls.wildcardSecretName | quote}}
{{- end }}
{{- end }}
{{- end }}

1
charts/coder/coder/2.18.3/templates/rbac.yaml Normal file
View File

@ -0,0 +1 @@
{{ include "libcoder.rbac.tpl" . }}

41
charts/coder/coder/2.18.3/templates/service.yaml Normal file
View File

@ -0,0 +1,41 @@
{{- if .Values.coder.service.enable }}
---
apiVersion: v1
kind: Service
metadata:
name: coder
labels:
{{- include "coder.labels" . | nindent 4 }}
annotations:
{{- toYaml .Values.coder.service.annotations | nindent 4 }}
spec:
type: {{ .Values.coder.service.type }}
sessionAffinity: {{ .Values.coder.service.sessionAffinity }}
ports:
- name: "http"
port: 80
targetPort: "http"
protocol: TCP
{{ if eq .Values.coder.service.type "NodePort" }}
nodePort: {{ .Values.coder.service.httpNodePort }}
{{ end }}
{{- if eq (include "coder.tlsEnabled" .) "true" }}
- name: "https"
port: 443
targetPort: "https"
protocol: TCP
{{ if eq .Values.coder.service.type "NodePort" }}
nodePort: {{ .Values.coder.service.httpsNodePort }}
{{ end }}
{{- end }}
{{- if eq "LoadBalancer" .Values.coder.service.type }}
{{- with .Values.coder.service.loadBalancerIP }}
loadBalancerIP: {{ . | quote }}
{{- end }}
{{- with .Values.coder.service.externalTrafficPolicy }}
externalTrafficPolicy: {{ . | quote }}
{{- end }}
{{- end }}
selector:
{{- include "coder.selectorLabels" . | nindent 4 }}
{{- end }}

354
charts/coder/coder/2.18.3/values.yaml Normal file
View File

@ -0,0 +1,354 @@
# coder -- Primary configuration for `coder server`.
coder:
# coder.env -- The environment variables to set for Coder. These can be used
# to configure all aspects of `coder server`. Please see `coder server --help`
# for information about what environment variables can be set.
# Note: The following environment variables are set by default and cannot be
# overridden:
# - CODER_HTTP_ADDRESS: set to 0.0.0.0:8080 and cannot be changed.
# - CODER_TLS_ADDRESS: set to 0.0.0.0:8443 if tls.secretName is not empty.
# - CODER_TLS_ENABLE: set if tls.secretName is not empty.
# - CODER_TLS_CERT_FILE: set if tls.secretName is not empty.
# - CODER_TLS_KEY_FILE: set if tls.secretName is not empty.
# - CODER_PROMETHEUS_ADDRESS: set to 0.0.0.0:2112 and cannot be changed.
# Prometheus must still be enabled by setting CODER_PROMETHEUS_ENABLE.
# - KUBE_POD_IP
# - CODER_DERP_SERVER_RELAY_URL
#
# We will additionally set CODER_ACCESS_URL if unset to the cluster service
# URL, unless coder.envUseClusterAccessURL is set to false.
env: []
# - name: "CODER_ACCESS_URL"
# value: "https://coder.example.com"
# coder.envFrom -- Secrets or ConfigMaps to use for Coder's environment
# variables. If you want one environment variable read from a secret, then use
# coder.env valueFrom. See the K8s docs for valueFrom here:
# https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#define-container-environment-variables-using-secret-data
#
# If setting CODER_ACCESS_URL in coder.envFrom, then you must set
# coder.envUseClusterAccessURL to false.
envFrom: []
# - configMapRef:
# name: coder-config
# - secretRef:
# name: coder-config
# coder.envUseClusterAccessURL -- Determines whether the CODER_ACCESS_URL env
# is added to coder.env if it's not already set there. Set this to false if
# defining CODER_ACCESS_URL in coder.envFrom to avoid conflicts.
envUseClusterAccessURL: true
# coder.image -- The image to use for Coder.
image:
# coder.image.repo -- The repository of the image.
repo: "ghcr.io/coder/coder"
# coder.image.tag -- The tag of the image, defaults to {{.Chart.AppVersion}}
# if not set. If you're using the chart directly from git, the default
# app version will not work and you'll need to set this value. The helm
# chart helpfully fails quickly in this case.
tag: ""
# coder.image.pullPolicy -- The pull policy to use for the image. See:
# https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
pullPolicy: IfNotPresent
# coder.image.pullSecrets -- The secrets used for pulling the Coder image from
# a private registry.
pullSecrets: []
# - name: "pull-secret"
# coder.initContainers -- Init containers for the deployment. See:
# https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
initContainers:
[]
# - name: init-container
# image: busybox:1.28
# command: ['sh', '-c', "sleep 2"]
# coder.annotations -- The Deployment annotations. See:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
annotations: {}
# coder.labels -- The Deployment labels. See:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
labels: {}
# coder.podAnnotations -- The Coder pod annotations. See:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
podAnnotations: {}
# coder.podLabels -- The Coder pod labels. See:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
podLabels: {}
# coder.serviceAccount -- Configuration for the automatically created service
# account. Creation of the service account cannot be disabled.
serviceAccount:
# coder.serviceAccount.workspacePerms -- Whether or not to grant the coder
# service account permissions to manage workspaces. This includes
# permission to manage pods and persistent volume claims in the deployment
# namespace.
#
# It is recommended to keep this on if you are using Kubernetes templates
# within Coder.
workspacePerms: true
# coder.serviceAccount.enableDeployments -- Provides the service account
# permission to manage Kubernetes deployments. Depends on workspacePerms.
enableDeployments: true
# coder.serviceAccount.extraRules -- Additional permissions added to the SA
# role. Depends on workspacePerms.
extraRules: []
# - apiGroups: [""]
# resources: ["services"]
# verbs:
# - create
# - delete
# - deletecollection
# - get
# - list
# - patch
# - update
# - watch
# coder.serviceAccount.annotations -- The Coder service account annotations.
annotations: {}
# coder.serviceAccount.name -- The service account name
name: coder
# coder.serviceAccount.disableCreate -- Whether to create the service account or use existing service account.
disableCreate: false
# coder.securityContext -- Fields related to the container's security
# context (as opposed to the pod). Some fields are also present in the pod
# security context, in which case these values will take precedence.
securityContext:
# coder.securityContext.runAsNonRoot -- Requires that the coder container
# runs as an unprivileged user. If setting runAsUser to 0 (root), this
# will need to be set to false.
runAsNonRoot: true
# coder.securityContext.runAsUser -- Sets the user id of the container.
# For security reasons, we recommend using a non-root user.
runAsUser: 1000
# coder.securityContext.runAsGroup -- Sets the group id of the container.
# For security reasons, we recommend using a non-root group.
runAsGroup: 1000
# coder.securityContext.readOnlyRootFilesystem -- Mounts the container's
# root filesystem as read-only.
readOnlyRootFilesystem: null
# coder.securityContext.seccompProfile -- Sets the seccomp profile for
# the coder container.
seccompProfile:
type: RuntimeDefault
# coder.securityContext.allowPrivilegeEscalation -- Controls whether
# the container can gain additional privileges, such as escalating to
# root. It is recommended to leave this setting disabled in production.
allowPrivilegeEscalation: false
# coder.volumes -- A list of extra volumes to add to the Coder pod.
volumes: []
# - name: "my-volume"
# emptyDir: {}
# coder.volumeMounts -- A list of extra volume mounts to add to the Coder pod.
volumeMounts: []
# - name: "my-volume"
# mountPath: "/mnt/my-volume"
# coder.tls -- The TLS configuration for Coder.
tls:
# coder.tls.secretNames -- A list of TLS server certificate secrets to mount
# into the Coder pod. The secrets should exist in the same namespace as the
# Helm deployment and should be of type "kubernetes.io/tls". The secrets
# will be automatically mounted into the pod if specified, and the correct
# "CODER_TLS_*" environment variables will be set for you.
secretNames: []
# coder.replicaCount -- The number of Kubernetes deployment replicas. This
# should only be increased if High Availability is enabled.
#
# This is an Enterprise feature. Contact sales@coder.com.
replicaCount: 1
# coder.workspaceProxy -- Whether or not this deployment of Coder is a Coder
# Workspace Proxy. Workspace Proxies reduce the latency between the user and
# their workspace for web connections (workspace apps and web terminal) and
# proxied connections from the CLI. Workspace Proxies are optional and only
# recommended for geographically sparse teams.
#
# Make sure you set CODER_PRIMARY_ACCESS_URL and CODER_PROXY_SESSION_TOKEN in
# the environment below. You can get a proxy token using the CLI:
# coder wsproxy create \
# --name "proxy-name" \
# --display-name "Proxy Name" \
# --icon "/emojis/xyz.png"
#
# This is an Enterprise feature. Contact sales@coder.com
# Docs: https://coder.com/docs/admin/workspace-proxies
workspaceProxy: false
# coder.lifecycle -- container lifecycle handlers for the Coder container, allowing
# for lifecycle events such as postStart and preStop events
# See: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
lifecycle:
{}
# postStart:
# exec:
# command: ["/bin/sh", "-c", "echo postStart"]
# preStop:
# exec:
# command: ["/bin/sh","-c","echo preStart"]
# coder.resources -- The resources to request for Coder. These are optional
# and are not set by default.
resources:
{}
# limits:
# cpu: 2000m
# memory: 4096Mi
# requests:
# cpu: 2000m
# memory: 4096Mi
# coder.certs -- CA bundles to mount inside the Coder pod.
certs:
# coder.certs.secrets -- A list of CA bundle secrets to mount into the Coder
# pod. The secrets should exist in the same namespace as the Helm
# deployment.
#
# The given key in each secret is mounted at
# `/etc/ssl/certs/{secret_name}.crt`.
secrets:
[]
# - name: "my-ca-bundle"
# key: "ca-bundle.crt"
# coder.affinity -- Allows specifying an affinity rule for the `coder` deployment.
# The default rule prefers to schedule coder pods on different
# nodes, which is only applicable if coder.replicaCount is greater than 1.
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/instance
operator: In
values:
- "coder"
topologyKey: kubernetes.io/hostname
weight: 1
topologySpreadConstraints:
# - maxSkew: 1
# topologyKey: kubernetes.io/hostname
# whenUnsatisfiable: DoNotSchedule
# labelSelector:
# matchLabels:
# app.kubernetes.io/instance: coder
# coder.tolerations -- Tolerations for tainted nodes.
# See: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations:
[]
# - key: "key"
# operator: "Equal"
# value: "value"
# effect: "NoSchedule"
# coder.nodeSelector -- Node labels for constraining coder pods to nodes.
# See: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
# kubernetes.io/os: linux
# coder.service -- The Service object to expose for Coder.
service:
# coder.service.enable -- Whether to create the Service object.
enable: true
# coder.service.type -- The type of service to expose. See:
# https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
type: LoadBalancer
# coder.service.sessionAffinity -- Must be set to ClientIP or None
# AWS ELB does not support session stickiness based on ClientIP, so you must set this to None.
# The error message you might see: "Unsupported load balancer affinity: ClientIP"
# https://kubernetes.io/docs/reference/networking/virtual-ips/#session-affinity
sessionAffinity: None
# coder.service.externalTrafficPolicy -- The external traffic policy to use.
# You may need to change this to "Local" to preserve the source IP address
# in some situations.
# https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
externalTrafficPolicy: Cluster
# coder.service.loadBalancerIP -- The IP address of the LoadBalancer. If not
# specified, a new IP will be generated each time the load balancer is
# recreated. It is recommended to manually create a static IP address in
# your cloud and specify it here in production to avoid accidental IP
# address changes.
loadBalancerIP: ""
# coder.service.annotations -- The service annotations. See:
# https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
annotations: {}
# coder.service.httpNodePort -- Enabled if coder.service.type is set to
# NodePort. If not set, Kubernetes will allocate a port from the default
# range, 30000-32767.
httpNodePort: ""
# coder.service.httpsNodePort -- Enabled if coder.service.type is set to
# NodePort. If not set, Kubernetes will allocate a port from the default
# range, 30000-32767.
httpsNodePort: ""
# coder.ingress -- The Ingress object to expose for Coder.
ingress:
# coder.ingress.enable -- Whether to create the Ingress object. If using an
# Ingress, we recommend not specifying coder.tls.secretNames as the Ingress
# will handle TLS termination.
enable: false
# coder.ingress.className -- The name of the Ingress class to use.
className: ""
# coder.ingress.host -- The hostname to match on.
# Be sure to also set CODER_ACCESS_URL within coder.env[]
host: ""
# coder.ingress.wildcardHost -- The wildcard hostname to match on. Should be
# in the form "*.example.com" or "*-suffix.example.com". If you are using a
# suffix after the wildcard, the suffix will be stripped from the created
# ingress to ensure that it is a legal ingress host. Optional if not using
# applications over subdomains.
# Be sure to also set CODER_WILDCARD_ACCESS_URL within coder.env[]
wildcardHost: ""
# coder.ingress.annotations -- The ingress annotations.
annotations: {}
# coder.ingress.tls -- The TLS configuration to use for the Ingress.
tls:
# coder.ingress.tls.enable -- Whether to enable TLS on the Ingress.
enable: false
# coder.ingress.tls.secretName -- The name of the TLS secret to use.
secretName: ""
# coder.ingress.tls.wildcardSecretName -- The name of the TLS secret to
# use for the wildcard host.
wildcardSecretName: ""
# coder.command -- The command to use when running the Coder container. Used
# for customizing the location of the `coder` binary in your image.
command:
- /opt/coder
# coder.commandArgs -- Set arguments for the entrypoint command of the Coder pod.
commandArgs: []
# provisionerDaemon -- Configuration for external provisioner daemons.
#
# This is an Enterprise feature. Contact sales@coder.com.
provisionerDaemon:
# provisionerDaemon.pskSecretName -- The name of the Kubernetes secret that contains the
# Pre-Shared Key (PSK) to use to authenticate external provisioner daemons with Coder. The
# secret must be in the same namespace as the Helm deployment, and contain an item called "psk"
# which contains the pre-shared key.
pskSecretName: ""
# extraTemplates -- Array of extra objects to deploy with the release. Strings
# are evaluated as a template and can use template expansions and functions. All
# other objects are used as yaml.
extraTemplates:
#- |
# apiVersion: v1
# kind: ConfigMap
# metadata:
# name: my-configmap
# data:
# key: {{ .Values.myCustomValue | quote }}

34
index.yaml
View File

@ -7344,6 +7344,38 @@ entries:
urls:
- assets/cockroach-labs/cockroachdb-11.0.1.tgz
version: 11.0.1
coder:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Coder
catalog.cattle.io/kube-version: '>=1.19-0'
catalog.cattle.io/release-name: coder
apiVersion: v2
appVersion: 2.18.3
created: "2025-01-22T17:51:06.449411019Z"
dependencies:
- name: libcoder
repository: file://../libcoder
version: 0.1.0
description: Remote development environments on your infrastructure
digest: cf181950caffe09a155059a2077630f0610d3b78338672f015bb83ec45ba5cec
home: https://github.com/coder/coder
icon: file://assets/icons/coder.png
keywords:
- coder
- terraform
kubeVersion: '>=1.19-0'
maintainers:
- email: support@coder.com
name: Coder Technologies, Inc.
url: https://coder.com/contact
name: coder
sources:
- https://github.com/coder/coder/tree/main/helm/coder
type: application
urls:
- assets/coder/coder-2.18.3.tgz
version: 2.18.3
community-operator:
- annotations:
catalog.cattle.io/certified: partner
@ -48143,4 +48175,4 @@ entries:
urls:
- assets/netfoundry/ziti-host-1.5.1.tgz
version: 1.5.1
generated: "2025-01-22T00:01:50.08010105Z"
generated: "2025-01-22T17:51:04.776244721Z"

16
packages/coder/coder/overlay/app-readme.md Normal file
View File

@ -0,0 +1,16 @@
# Coder/coder
## Overview
Coder provides development environments in your public and private clouds. Environments are defined with Terraform, connected through a secure high-speed tunnel, and automatically shut down when not in use to save on costs. Coder gives engineering teams the flexibility to use the cloud for workloads that are most beneficial to them.
Developers can connect to Coder workspaces using the tools and IDEs they know and love including VS Code Remote, JetBrains Gateway, SSH as well as web IDEs such as JupyterLab, code-server, RStudio, and web terminals.
## Highlights
- Onboard developers in seconds instead of days
- Define development environments in Terraform (EC2 VMs, Kubernetes Pods, Docker Containers, etc.)
- Keep source code within your infrastructure, and use RBAC with existing authentication systems
- Automatically shutdown idle resources to save on costs
## Getting Started
Review the Coder Kubernetes [installation instructions](https://coder.com/docs/install/kubernetes) for required prerequisites and options for the [values.yaml](https://github.com/coder/coder/blob/main/helm/coder/values.yaml) used by the chart.
## Resources
- [Coder Documentation](https://coder.com/docs)
- [Coder Quickstart Guide](https://coder.com/docs/tutorials/quickstart)
- [Discord Community](https://discord.gg/coder)

6
packages/coder/coder/upstream.yaml Normal file
View File

@ -0,0 +1,6 @@
HelmRepo: https://helm.coder.com/v2
HelmChart: coder
Vendor: Coder
DisplayName: Coder
ChartMetadata:
kubeVersion: '>=1.19-0'