helmfile.yaml

environments:
  {{ .Environment.Name }}:
    values:
      - ./environments/{{ .Environment.Name }}.yaml.gotmpl

repositories:
  - name: georgedriver
    url: https://georgedriver.github.io/helm-charts
  - name: argo
    url: https://argoproj.github.io/argo-helm
  - name: jetstack
    url: https://charts.jetstack.io
  - name: banzaicloud
    url: https://kubernetes-charts.banzaicloud.com
  - name: incubator
    url: https://charts.helm.sh/incubator
  - name: stable
    url: https://charts.helm.sh/stable
  - name: elastic
    url: https://helm.elastic.co
  - name: prometheus-community
    url: https://prometheus-community.github.io/helm-charts

helmDefaults:
  wait: true
  timeout: 1000
  createNamespace: true

releases:
{{- if (and (.Environment.Values | getOrNil "ingress.enabled") (eq .Environment.Values.cluster.provider "docker-for-mac"))}}
  - name: nginx-ingress
    chart: georgedriver/nginx-ingress-docker-for-mac
    namespace: ingress-nginx
    version: 0.1.1
{{- end }}

{{- if .Environment.Values | getOrNil "cert_manager.enabled" }}
  - name: cert-manager
    chart: jetstack/cert-manager
    version: v1.4.0
    namespace: cert-manager
    set:
      - name: installCRDs
        value: true
{{- end }}

{{- if .Environment.Values | getOrNil "alidns_webhook.enabled" }}
  - name: cert-manager-alidns-webhook
    chart: georgedriver/alidns-webhook
    version: 0.1.0
    namespace: cert-manager
    set:
      - name: alicloud_access_key
        value: {{ .Environment.Values.alidns_webhook.alicloud_access_key }}
      - name: alicloud_secret_key
        value: {{ .Environment.Values.alidns_webhook.alicloud_secret_key }}
      - name: domain
        value: {{ .Environment.Values.alidns_webhook.domain }}
      - name: email
        value: {{ .Environment.Values.alidns_webhook.email }}
    labels:
      depend_on_others: true
{{- end }}

{{- if .Environment.Values | getOrNil "vault.enabled" }}
  - name: vault
    chart: banzaicloud/vault
    version: 1.15.3
    namespace: default
    values:
      - ./values/vault.yaml.gotmpl

  - name: banzaicloud-vault-secrets-webhook
    chart: banzaicloud/vault-secrets-webhook
    version: 1.15.7
    namespace: system-addons
{{- end }}

{{- if .Environment.Values | getOrNil "argocd.enabled" }}
  {{- if .Environment.Values | getOrNil "argocd.git_user" }}
  - name: argo-git-repo-secret
    chart: incubator/raw
    version: 0.2.4
    namespace: argocd
    values:
    - templates:
      - |
        apiVersion: v1
        kind: Secret
        metadata:
          name: argo-git-repo-secret
        stringData:
          username: {{ .Environment.Values.argocd.git_user }}
          password: {{ .Environment.Values.argocd.git_token }}
    labels:
      depend_on_others: true
  {{- end }}

  - name: argocd
    chart: argo/argo-cd
    version: 3.21.0
    namespace: argocd
    values:
      - ./values/argocd.yaml.gotmpl
    labels:
      depend_on_others: true
{{- end }}

{{- if .Environment.Values | getOrNil "prometheus_bundles.enabled" }}
  - name: k8s-prometheus-operator-pv
    chart: incubator/raw
    version: 0.2.4
    namespace: system-monitoring
    values:
    - templates:
      - |
        apiVersion: v1
        kind: PersistentVolume
        metadata:
          labels:
            app: k8s-prometheus-operator-pv
          name: k8s-prometheus-operator-pv
        spec:
          accessModes:
          - ReadWriteOnce
          capacity:
            storage: {{ .Environment.Values.prometheus_bundles.storage }}
          hostPath:
            path: {{ .Environment.Values.prometheus_bundles.hostPath }}
          persistentVolumeReclaimPolicy: Retain
          storageClassName: manual

  - name: k8s-prometheus-operator
    chart: prometheus-community/kube-prometheus-stack
    version: 33.2.0
    namespace: system-monitoring
    values:
      - ./values/k8s-prometheus-operator.yaml.gotmpl

  - name: k8s-prometheus-pushgateway
    chart: prometheus-community/prometheus-pushgateway
    version: 1.16.1
    namespace: system-monitoring
    values:
      - ./values/k8s-prometheus-pushgateway.gotmpl
    labels:
      depend_on_others: true

  {{- if (eq .Environment.Values.cluster.provider "microk8s") }}
  - name: microk8s-kube-metrics
    chart: georgedriver/microk8s-kube-metrics
    namespace: system-monitoring
    set:
      - name: masterIP
        value: {{ .Environment.Values.cluster.master_ip }}
    version: 0.0.1
    labels:
      depend_on_others: true
  {{- end }}
{{- end }}

{{- if .Environment.Values | getOrNil "elk.enabled" }}
  - name: elasticsearch
    chart: elastic/elasticsearch
    version: 7.13.2
    namespace: logging
    values:
      - ./values/elasticsearch.yaml.gotmpl

  - name: kibana
    chart: elastic/kibana
    version: 7.13.2
    namespace: logging
    values:
      - ./values/kibana.yaml.gotmpl
{{- end }}