Created a document simplifying deployment with Helm-Charts (#615)

Alan-Cha · web-flow · commit f9a416dcc9f0 · 2025-06-03T15:37:27.000-04:00
diff --git a/docs/README.md b/docs/README.md
@@ -1,5 +1,7 @@
 # Index
 
+-   [Tornjak Deployment Using Helm-Charts](/docs/helm/tornjak-helm-chart.md)
+
 -   [Blogs](/docs/blogs.md)
 
 -   [Debugging, Hints and Tips for Solving Common Problems with Tornjak](/docs/tornjak-hints.md)
@@ -16,7 +18,6 @@
 -   [Server plugin: Datastore "SQL"](/docs/plugins/plugin_server_datastore_sql.md)
 
 -   [Server plugin: SPIRECRDManager](/docs/plugins/plugin_server_spirecrd.md)
-
 -   [Tornjak Agent](/docs/tornjak-agent.md)
     - [Tornjak SPIRE Server Agent](/docs/tornjak-agent.md#tornjak-spire-server-agent)
     - [APIs](/docs/tornjak-agent.md#apis)
diff --git a/docs/helm/tornjak-helm-chart.md b/docs/helm/tornjak-helm-chart.md
@@ -0,0 +1,85 @@
+# Deploying Tornjak via Helm Charts
+
+## Overview
+
+You can deploy **Tornjak** using the [SPIFFE helm-charts-hardened repository](https://github.com/spiffe/helm-charts-hardened).
+
+This guide walks you through deploying both the frontend and backend of Tornjak with Direct Access, using Helm charts in a local Kubernetes environment via Minikube.
+
+By the end, you’ll have a working instance of SPIRE integrated with Tornjak for easier visibility and management of your SPIFFE identities.
+
+## Prerequisites
+
+Make sure you have the following installed on your system:
+
+- [Minikube](https://minikube.sigs.k8s.io/docs/start/?arch=%2Fmacos%2Fx86-64%2Fstable%2Fbinary+download)
+- [Helm](https://helm.sh/docs/intro/install/)
+
+## Step-by-Step Deployment
+
+### 1. Clone Repo
+
+```sh
+git clone https://github.com/spiffe/tornjak.git
+cd tornjak
+cd docs/helm
+```
+
+### 2. Start Minikube
+
+```sh
+minikube start
+```
+
+### 3. Deploy SPIRE
+
+Now we can excute the following to deploy our SPIRE instance:
+
+```sh
+helm upgrade --install -n spire-server spire-crds spire-crds --repo https://spiffe.github.io/helm-charts-hardened/ --create-namespace
+```
+
+### 4. Deploy Tornjak
+
+Now we can deploy Tornjak with SPIRE.
+
+First, we need to export the Tornjak backend API URL:
+
+```sh
+export TORNJAK_API=http://localhost:10000
+```
+
+Then, run the following Helm command to deploy Tornjak with the frontend and backend enabled:
+
+```sh
+helm upgrade --install -n spire-server spire spire \
+--repo https://spiffe.github.io/helm-charts-hardened/ \
+--set tornjak-frontend.apiServerURL=$TORNJAK_API \
+--values values.yaml \
+--render-subchart-notes
+```
+
+### 5. Test Deployment
+
+You can verify the deployment with:
+
+```sh
+helm test spire -n spire-server
+```
+
+### 6. Access Tornjak UI
+
+Run the backend.
+
+```sh
+kubectl -n spire-server port-forward service/spire-tornjak-backend 10000:10000
+```
+
+In a separate terminal, run the frontend.
+
+```sh
+kubectl -n spire-server port-forward service/spire-tornjak-frontend 3000:3000
+```
+
+Open your browser and go to [http://localhost:3000](http://localhost:3000)
+You should now see the Tornjak UI!
diff --git a/docs/helm/values.yaml b/docs/helm/values.yaml
@@ -0,0 +1,16 @@
+spire-server:
+  tornjak:
+    enabled: true
+
+tornjak-frontend:
+  enabled: true
+  service:
+    type: ClusterIP
+    port: 3000
+  resources:
+    requests:
+      cpu: 50m
+      memory: 128Mi
+    limits:
+      cpu: 100m
+      memory: 512Mi
