diff --git a/.github/workflows/scheduled-snyk-docker.yaml b/.github/workflows/scheduled-snyk-docker.yaml index 0acd8046..f99c1106 100644 --- a/.github/workflows/scheduled-snyk-docker.yaml +++ b/.github/workflows/scheduled-snyk-docker.yaml @@ -48,6 +48,8 @@ jobs: INCLUDE_CHARTS: charts/cc-schema-registry-proxy charts/cert-manager-lets-encrypt charts/kube-prometheus-stack + charts/kubecost + charts/kubernetes-dashboard charts/radar-grafana charts/radar-hydra charts/radar-kratos diff --git a/charts/kubecost/.gitignore b/charts/kubecost/.gitignore new file mode 100644 index 00000000..68a42e46 --- /dev/null +++ b/charts/kubecost/.gitignore @@ -0,0 +1,11 @@ +# Ignore all files with sensitive production values +production.yaml +prod.yaml +*-prod.yaml +*-production.yaml +prod-*.yaml +production-*.yaml +aws-*.yaml +secrets/ +private/ +*.secret.yaml diff --git a/charts/kubecost/Chart.lock b/charts/kubecost/Chart.lock new file mode 100644 index 00000000..d078d0c0 --- /dev/null +++ b/charts/kubecost/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: cost-analyzer + repository: https://kubecost.github.io/cost-analyzer/ + version: 2.6.3 +digest: sha256:41c2b63837f60e037abd962bcb35fe035d9dd97b33eea6ebfb68a5b51a43ad9c +generated: "2026-01-23T10:34:16.581903Z" diff --git a/charts/kubecost/Chart.yaml b/charts/kubecost/Chart.yaml new file mode 100644 index 00000000..b2fd4954 --- /dev/null +++ b/charts/kubecost/Chart.yaml @@ -0,0 +1,30 @@ +apiVersion: v2 +appVersion: "2.6.3" +description: A Helm chart for Kubecost cost analyzer. This chart is an overlay for the official cost-analyzer chart with custom resource limits configured for RADAR-K8s environments. +name: kubecost +version: 1.0.0 +sources: +- https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/kubecost +- https://github.com/kubecost/cost-analyzer-helm-chart +keywords: + - kubecost + - cost-analyzer + - monitoring + - kubernetes + - radar-base +annotations: + artifacthub.io/license: Apache-2.0 +deprecated: false +type: application +home: "https://www.kubecost.com" +maintainers: + - email: mani.thumu@kcl.ac.uk + name: Mani Thumu + url: https://www.kcl.ac.uk + - email: yatharth.ranjan@kcl.ac.uk + name: Yatharth Ranjan + url: https://www.kcl.ac.uk/people/yatharth-ranjan +dependencies: +- name: cost-analyzer + repository: https://kubecost.github.io/cost-analyzer/ + version: 2.6.3 diff --git a/charts/kubecost/README.md b/charts/kubecost/README.md new file mode 100644 index 00000000..345185b7 --- /dev/null +++ b/charts/kubecost/README.md @@ -0,0 +1,74 @@ + + +# kubecost + +![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.6.3](https://img.shields.io/badge/AppVersion-2.6.3-informational?style=flat-square) + +A Helm chart for Kubecost cost analyzer. This chart is an overlay for the official cost-analyzer chart with custom resource limits configured for RADAR-K8s environments. + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| Mani Thumu | | | +| Yatharth Ranjan | | | + +## Source Code + +* +* + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| https://kubecost.github.io/cost-analyzer/ | cost-analyzer | 2.6.3 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| cost-analyzer.kubecostProductConfigs.clusters[0].name | string | `""` | | +| cost-analyzer.kubecostProductConfigs.clusters[0].address | string | `"http://127.0.0.1:9090"` | | +| cost-analyzer.kubecostProductConfigs.athenaProjectID | string | `""` | | +| cost-analyzer.kubecostProductConfigs.athenaBucketName | string | `""` | | +| cost-analyzer.kubecostProductConfigs.athenaRegion | string | `""` | | +| cost-analyzer.kubecostProductConfigs.athenaDatabase | string | `""` | | +| cost-analyzer.kubecostProductConfigs.athenaTable | string | `""` | | +| cost-analyzer.kubecostProductConfigs.athenaWorkgroup | string | `"primary"` | | +| cost-analyzer.kubecostProductConfigs.awsSpotDataRegion | string | `""` | | +| cost-analyzer.kubecostProductConfigs.awsSpotDataBucket | string | `""` | | +| cost-analyzer.kubecostProductConfigs.spotLabel | string | `"eks.amazonaws.com/capacityType"` | | +| cost-analyzer.kubecostProductConfigs.spotLabelValue | string | `"SPOT"` | | +| cost-analyzer.kubecostProductConfigs.serviceKeySecretName | string | `"cloud-service-key"` | | +| cost-analyzer.grafana.enabled | bool | `false` | | +| cost-analyzer.grafana.resources.requests.cpu | string | `"10m"` | | +| cost-analyzer.grafana.resources.requests.memory | string | `"164Mi"` | | +| cost-analyzer.grafana.resources.limits.cpu | string | `"100m"` | | +| cost-analyzer.grafana.resources.limits.memory | string | `"256Mi"` | | +| cost-analyzer.prometheus.server.global.external_labels.cluster_id | string | `""` | | +| cost-analyzer.prometheus.server.resources.requests.cpu | string | `"50m"` | | +| cost-analyzer.prometheus.server.resources.requests.memory | string | `"181Mi"` | | +| cost-analyzer.prometheus.server.resources.limits.cpu | string | `"100m"` | | +| cost-analyzer.prometheus.server.resources.limits.memory | string | `"256Mi"` | | +| cost-analyzer.networkCosts.enabled | bool | `true` | | +| cost-analyzer.networkCosts.config.services.amazon-web-services | bool | `true` | | +| cost-analyzer.networkCosts.replicas | int | `4` | | +| cost-analyzer.networkCosts.resources.requests.cpu | string | `"50m"` | | +| cost-analyzer.networkCosts.resources.requests.memory | string | `"20Mi"` | | +| cost-analyzer.networkCosts.resources.limits.cpu | string | `"100m"` | | +| cost-analyzer.networkCosts.resources.limits.memory | string | `"256Mi"` | | +| cost-analyzer.kubecostModel.resources.requests.cpu | string | `"50m"` | | +| cost-analyzer.kubecostModel.resources.requests.memory | string | `"2500Mi"` | | +| cost-analyzer.kubecostModel.resources.limits.cpu | string | `"200m"` | | +| cost-analyzer.kubecostModel.resources.limits.memory | string | `"3072Mi"` | | +| cost-analyzer.forecasting.enabled | bool | `true` | | +| cost-analyzer.forecasting.resources.requests.cpu | string | `"10m"` | | +| cost-analyzer.forecasting.resources.requests.memory | string | `"150Mi"` | | +| cost-analyzer.forecasting.resources.limits.cpu | string | `"200m"` | | +| cost-analyzer.forecasting.resources.limits.memory | string | `"512Mi"` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/kubecost/charts/cost-analyzer-2.6.3.tgz b/charts/kubecost/charts/cost-analyzer-2.6.3.tgz new file mode 100644 index 00000000..bd4c84c5 Binary files /dev/null and b/charts/kubecost/charts/cost-analyzer-2.6.3.tgz differ diff --git a/charts/kubecost/values.yaml b/charts/kubecost/values.yaml new file mode 100644 index 00000000..a160199d --- /dev/null +++ b/charts/kubecost/values.yaml @@ -0,0 +1,81 @@ +# AWS/ATHENA CONFIGURATION +# This Kubecost chart supports multiple cloud platforms: AWS EKS, GCP GKE, and Azure Kubernetes Service +# For GCP and Azure deployments, refer to: https://docs.kubecost.com/ +# Values are prefixed with 'cost-analyzer:' to pass them to the subchart dependency +cost-analyzer: + kubecostProductConfigs: + clusters: + - name: "" # Example: dev-cluster-1 + address: http://127.0.0.1:9090 + athenaProjectID: "" # Example: "123456789012" (Your AWS Account ID) + athenaBucketName: "" # Example: s3://aws-athena-query-results-yourorg + athenaRegion: "" # Example: eu-west-2 + athenaDatabase: "" # Example: athenacurcfn_yourdb + athenaTable: "" # Example: your_table_name + athenaWorkgroup: "primary" + awsSpotDataRegion: "" # Example: eu-west-2 + awsSpotDataBucket: "" # Example: yourorg-spot-instance-data-feed + spotLabel: "eks.amazonaws.com/capacityType" + spotLabelValue: "SPOT" + serviceKeySecretName: "cloud-service-key" + + # Grafana component + grafana: + enabled: false + resources: + requests: + cpu: 10m + memory: 164Mi + limits: + cpu: 100m + memory: 256Mi + + # Prometheus server configuration + prometheus: + server: + global: + external_labels: + cluster_id: "" # Example: dev-cluster-1 + resources: + requests: + cpu: 50m + memory: 181Mi + limits: + cpu: 100m + memory: 256Mi + + # Network costs configuration + networkCosts: + enabled: true + config: + services: + amazon-web-services: true + replicas: 4 + resources: + requests: + cpu: 50m + memory: 20Mi + limits: + cpu: 100m + memory: 256Mi + + # Cost analyzer configuration + kubecostModel: + resources: + requests: + cpu: 50m + memory: 2500Mi + limits: + cpu: 200m + memory: 3072Mi + + # Forecasting configuration + forecasting: + enabled: true + resources: + requests: + cpu: 10m + memory: 150Mi + limits: + cpu: 200m + memory: 512Mi diff --git a/devbox.json b/devbox.json index 719177fb..64f60cbe 100644 --- a/devbox.json +++ b/devbox.json @@ -4,7 +4,7 @@ "kubectl@latest", "chart-testing@latest", "pre-commit@latest", - "trivy@latest", + "trivy@0.57.1", "checkov@3.2.336", "kubernetes-helm@latest", "actionlint@latest", diff --git a/devbox.lock b/devbox.lock index 606af49c..a93dbfcc 100644 --- a/devbox.lock +++ b/devbox.lock @@ -632,51 +632,51 @@ } } }, - "trivy@latest": { - "last_modified": "2025-02-01T06:33:04Z", - "resolved": "github:NixOS/nixpkgs/047ebac174c408d6e5428b1865478893001276c5#trivy", + "trivy@0.57.1": { + "last_modified": "2024-12-03T12:40:06Z", + "resolved": "github:NixOS/nixpkgs/566e53c2ad750c84f6d31f9ccb9d00f823165550#trivy", "source": "devbox-search", - "version": "0.59.0", + "version": "0.57.1", "systems": { "aarch64-darwin": { "outputs": [ { "name": "out", - "path": "/nix/store/nqygrh6vkw2a8cj83yxwc786mcg6km6w-trivy-0.59.0", + "path": "/nix/store/rv93ihqdpksprkpp4bsbfgrg1551i5qa-trivy-0.57.1", "default": true } ], - "store_path": "/nix/store/nqygrh6vkw2a8cj83yxwc786mcg6km6w-trivy-0.59.0" + "store_path": "/nix/store/rv93ihqdpksprkpp4bsbfgrg1551i5qa-trivy-0.57.1" }, "aarch64-linux": { "outputs": [ { "name": "out", - "path": "/nix/store/2pkijvw6405qq106s0y49j8956wmikyp-trivy-0.59.0", + "path": "/nix/store/fcbxz60idc7fzqyx4svnlm2dl1bihzsh-trivy-0.57.1", "default": true } ], - "store_path": "/nix/store/2pkijvw6405qq106s0y49j8956wmikyp-trivy-0.59.0" + "store_path": "/nix/store/fcbxz60idc7fzqyx4svnlm2dl1bihzsh-trivy-0.57.1" }, "x86_64-darwin": { "outputs": [ { "name": "out", - "path": "/nix/store/6cfkq5apf2nzq229gjr6y6vn40f5nv3b-trivy-0.59.0", + "path": "/nix/store/517pgmyj9r1bsggcd7wcf64gryw2i0na-trivy-0.57.1", "default": true } ], - "store_path": "/nix/store/6cfkq5apf2nzq229gjr6y6vn40f5nv3b-trivy-0.59.0" + "store_path": "/nix/store/517pgmyj9r1bsggcd7wcf64gryw2i0na-trivy-0.57.1" }, "x86_64-linux": { "outputs": [ { "name": "out", - "path": "/nix/store/r3dqya9whwij5wmvzr12hphvq4vvqsch-trivy-0.59.0", + "path": "/nix/store/5js971jz5jxfjrnlik7qh03bxclralzk-trivy-0.57.1", "default": true } ], - "store_path": "/nix/store/r3dqya9whwij5wmvzr12hphvq4vvqsch-trivy-0.59.0" + "store_path": "/nix/store/5js971jz5jxfjrnlik7qh03bxclralzk-trivy-0.57.1" } } },