zulip
diff --git a/‎.gitignore
Lines changed: 11 additions & 0 deletions b/‎.gitignore
Lines changed: 11 additions & 0 deletions
diff --git a/‎README.md
Lines changed: 4 additions & 10 deletions b/‎README.md
Lines changed: 4 additions & 10 deletions
diff --git a/‎kubernetes/chart/zulip/.helmignore
Lines changed: 23 additions & 0 deletions b/‎kubernetes/chart/zulip/.helmignore
Lines changed: 23 additions & 0 deletions
diff --git a/‎kubernetes/chart/zulip/CHANGELOG.md
Lines changed: 28 additions & 0 deletions b/‎kubernetes/chart/zulip/CHANGELOG.md
Lines changed: 28 additions & 0 deletions
diff --git a/‎kubernetes/chart/zulip/Chart.lock
Lines changed: 15 additions & 0 deletions b/‎kubernetes/chart/zulip/Chart.lock
Lines changed: 15 additions & 0 deletions
diff --git a/‎kubernetes/chart/zulip/Chart.yaml
Lines changed: 42 additions & 0 deletions b/‎kubernetes/chart/zulip/Chart.yaml
Lines changed: 42 additions & 0 deletions
diff --git a/‎kubernetes/chart/zulip/README.md
Lines changed: 146 additions & 0 deletions b/‎kubernetes/chart/zulip/README.md
Lines changed: 146 additions & 0 deletions
diff --git a/‎kubernetes/chart/zulip/README.md.gotmpl
Lines changed: 92 additions & 0 deletions b/‎kubernetes/chart/zulip/README.md.gotmpl
Lines changed: 92 additions & 0 deletions
diff --git a/‎kubernetes/chart/zulip/templates/NOTES.txt
Lines changed: 8 additions & 0 deletions b/‎kubernetes/chart/zulip/templates/NOTES.txt
Lines changed: 8 additions & 0 deletions
@@ -1,2 +1,13 @@
+# OS
+.DS_Store
+
+# Various IDEs
+.project
+.idea/
+*.tmproj
+
+# dev files
 docker-compose-dev.yml
 kubernetes/*-dev.yml
+kubernetes/chart/zulip/values-local.yaml
+kubernetes/chart/zulip/charts/
@@ -329,17 +329,11 @@ signing up for a cloud service is to install
 
 ### Helm charts
 
-We are aware of two efforts at building Helm Charts for Zulip:
-* [A PR to the main Helm repo](https://github.com/kubernetes/charts/pull/5168/files),
-  which is further along.
-* [The zulip-helm project](https://github.com/armooo/zulip-helm),
-  which might be a helpful reference for work on this.
+Read the [Helm Chart README](kubernetes/chart/zulip/README.md) to learn more
+about installing Zulip on a Kubernetes cluster with Helm.
 
-Contributions to finish either of those and get them integrated are
-very welcome!  If you're interested in helping with this, post on
-[this thread][helm-chart-thread].
-
-[helm-chart-thread]: https://chat.zulip.org/#narrow/stream/21-provision-help/subject/K8.20and.20Helm/near/589098
+Feedback is welcome in the [helm-chart-thread]:
+https://chat.zulip.org/#narrow/stream/21-provision-help/subject/K8.20and.20Helm/near/589098
 
 ### Scaling out and high availability
 
 
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
@@ -0,0 +1,28 @@
+## [0.3.0] - 2022-04-21
+
+* Update dependencies:
+
+  * Helm charts:
+
+    | Repository | Name | Version |
+    |------------|------|---------|
+    | https://charts.bitnami.com/bitnami | memcached | 6.0.16 |
+    | https://charts.bitnami.com/bitnami | postgresql | 11.1.22 |
+    | https://charts.bitnami.com/bitnami | rabbitmq | 8.32.0 |
+    | https://charts.bitnami.com/bitnami | redis | 16.8.7 |
+
+  * Update postgres 10 to postgres 14
+  * Update Zulip 4.7 to 5.2
+* Remove autoscaling code
+* Remove readiness probe because its function is the same as the liveness probe
+
+## [0.2.0] - 2021-11-22
+
+* Use dependency charts from the Bitnami repository for Memcached, Rabbitmq,
+  Redis and PostgreSQL
+* Use a StatefulSet instead of a Deployment
+* Add the possibility to run postSetup scripts
+
+## [0.1.0] - 2020-12-30
+
+* First version of  helm chart created
@@ -0,0 +1,15 @@
+dependencies:
+- name: memcached
+  repository: https://charts.bitnami.com/bitnami
+  version: 6.0.16
+- name: rabbitmq
+  repository: https://charts.bitnami.com/bitnami
+  version: 8.32.0
+- name: redis
+  repository: https://charts.bitnami.com/bitnami
+  version: 16.8.7
+- name: postgresql
+  repository: https://charts.bitnami.com/bitnami
+  version: 11.1.22
+digest: sha256:376a93b6d6df79610d9ba283727a95560378644bb006f4ffc2c19571453a5cad
+generated: "2022-04-21T11:44:41.427111348+02:00"
@@ -0,0 +1,42 @@
+apiVersion: v2
+description: Zulip is an open source threaded team chat that helps teams stay productive and focused.
+name: zulip
+type: application
+icon: https://raw.githubusercontent.com/zulip/zulip/main/static/images/logo/zulip-icon-square.svg
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.3.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "5.2-0"
+dependencies:
+  - name: memcached
+    repository: https://charts.bitnami.com/bitnami
+    tags:
+      - memcached
+    version: 6.0.16
+  - name: rabbitmq
+    repository: https://charts.bitnami.com/bitnami
+    tags:
+      - rabbitmq
+    version: 8.32.0
+  - name: redis
+    repository: https://charts.bitnami.com/bitnami
+    tags:
+      - redis
+    version: 16.8.7
+  - name: postgresql
+    repository: https://charts.bitnami.com/bitnami
+    tags:
+      - postgresql
+    # Note: values.yaml overwrites posgresql image to zulip/zulip-postgresql:14
+    version: 11.1.22
+
+sources:
+  - https://github.com/zulip/zulip
+  - https://github.com/zulip/docker-zulip
+  - https://hub.docker.com/r/zulip/docker-zulip
@@ -0,0 +1,146 @@
+# Zulip
+
+![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.2-0](https://img.shields.io/badge/AppVersion-5.2--0-informational?style=flat-square)
+
+[Zulip](https://zulip.com/) is an open source threaded team chat that helps teams stay productive and focused.
+
+Helm chart based on https://github.com/zulip/docker-zulip
+
+## Installation
+
+Copy `values-local.yaml.example`, modify it as instructed in the comments, then
+install with the following commands:
+
+```
+helm dependency update                      # Get helm dependency charts
+helm install -f ./values-local.yaml zulip . # Install Zulip
+```
+
+This will show a message on how to reach your Zulip installation and how to
+create your first realm. Wait for all your pods to be ready before you continue.
+You can run `kubectl get pods` to their current state. Once all pods are ready,
+you can run the commands to create a Realm, and you can reach Zulip following
+the instructions as well.
+
+### Installing on Minikube
+
+You need to do a few things to make
+[minikube](https://minikube.sigs.k8s.io/docs/) serve Zulip with a TLS
+certificate. Without it, Zulip will not work.
+
+If you haven't already, you need to set up `cert-manager` inside your minikube.
+
+First, enable the "ingress" minikube addon ([more info available
+here](https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/#enable-the-ingress-controller))
+
+```
+minikube addons enable ingress
+```
+
+Second, [install cert-manager into your minikube
+cluster](https://cert-manager.io/docs/installation/#default-static-install):
+
+```
+kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.0/cert-manager.yaml
+```
+
+Now you'll need to add an issuer that issues self-signed certificates. Copy this
+into a file, `self-signed-issuer.yaml`
+
+```
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: selfsigned
+  namespace: cert-manager
+spec:
+  selfSigned: {}
+```
+
+Now apply the issuer: `kubectl apply -f self-signed-issuer.yaml`
+
+We'll host Zulip on `zulip.local`. Add that to your `/etc/hosts` file and
+point it to the IP address you get with the command `minikube ip`.
+
+Now you're ready to follow [the installation instructions above](#installation).
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` | Affinity for pod assignment. Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity |
+| fullnameOverride | string | `""` | Fully override common.names.fullname template. |
+| image.pullPolicy | string | `"IfNotPresent"` | Pull policy for Zulip docker image. Ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images |
+| image.repository | string | `"zulip/docker-zulip"` | Defaults to hub.docker.com/zulip/docker-zulip, but can be overwritten with a full HTTPS address. |
+| image.tag | string | `"5.2-0"` | Zulip image tag (immutable tags are recommended) |
+| imagePullSecrets | list | `[]` | Global Docker registry secret names as an array. |
+| ingress.annotations | object | `{}` | Can be used to add custom Ingress annotations. |
+| ingress.enabled | bool | `false` | Enable this to use an Ingress to reach the Zulip service. |
+| ingress.hosts[0] | object | `{"host":"zulip.example.com","paths":[{"path":"/"}]}` | Host for the Ingress. Should be the same as `zulip.environment.SETTING_EXTERNAL_HOST`. |
+| ingress.hosts[0].paths | list | `[{"path":"/"}]` | Serves Zulip root of the chosen host domain. |
+| ingress.tls | list | `[]` | Set a specific secret to read the TLS certificate from. If you use cert-manager, it will save the TLS secret here. If you do not, you need to manually create a secret with your TLS certificate. |
+| livenessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5}` | Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes |
+| memcached | object | `{"memcachedUsername":"zulip@localhost"}` | Memcached settings, see [Requirements](#Requirements). |
+| nameOverride | string | `""` | Partially override common.names.fullname template (will maintain the release name). |
+| nodeSelector | object | `{}` | Optionally add a nodeSelector to the Zulip pod, so it runs on a specific node. Ref: https://kubernetes.io/docs/user-guide/node-selection/ |
+| podAnnotations | object | `{}` | Custom annotations to add to the Zulip Pod. |
+| podLabels | object | `{}` | Custom labels to add to the Zulip Pod. |
+| podSecurityContext | object | `{}` | Can be used to override the default PodSecurityContext (fsGroup, runAsUser and runAsGroup) of the Zulip _Pod_. |
+| postSetup.scripts | object | `{}` | The Docker entrypoint script runs commands from `/data/post-setup.d` after the Zulip application's Setup phase has completed. Scripts can be added here  as `script_filename: <script contents>` and they will be mounted in `/data/post-setup.d/script_filename`. |
+| postgresql | object | `{"auth":{"database":"zulip","username":"zulip"},"image":{"repository":"zulip/zulip-postgresql","tag":14},"primary":{"containerSecurityContext":{"runAsUser":0}}}` | PostgreSQL settings, see [Requirements](#Requirements). |
+| rabbitmq | object | `{"auth":{"username":"zulip"},"persistence":{"enabled":false}}` | Rabbitmq settings, see [Requirements](#Requirements). |
+| redis | object | `{"architecture":"standalone","master":{"persistence":{"enabled":false}}}` | Redis settings, see [Requirements](#Requirements). |
+| resources | object | `{}` |  |
+| securityContext | object | `{}` | Can be used to override the default SecurityContext of the Zulip _container_. |
+| service | object | `{"port":80,"type":"ClusterIP"}` | Service type and port for the Kubernetes service that connects to Zulip. Default: ClusterIP, needs an Ingress to be used. |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account. |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created. |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| startupProbe | object | `{"enabled":true,"failureThreshold":30,"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5}` | Startup probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes |
+| statefulSetAnnotations | object | `{}` | Custom annotations to add to the Zulip StatefulSet. |
+| statefulSetLabels | object | `{}` | Custom labels to add to the Zulip StatefulSet. |
+| tolerations | list | `[]` | Tolerations for pod assignment. Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ |
+| zulip.environment.DISABLE_HTTPS | bool | `true` | Disables HTTPS if set to "true". HTTPS and certificates are managed by the Kubernetes cluster, so by default it's disabled inside the container |
+| zulip.environment.SECRETS_email_password | string | `"123456789"` | SMTP email password. |
+| zulip.environment.SETTING_EMAIL_HOST | string | `""` |  |
+| zulip.environment.SETTING_EMAIL_HOST_USER | string | `"[email protected]"` |  |
+| zulip.environment.SETTING_EMAIL_PORT | string | `"587"` |  |
+| zulip.environment.SETTING_EMAIL_USE_SSL | string | `"False"` |  |
+| zulip.environment.SETTING_EMAIL_USE_TLS | string | `"True"` |  |
+| zulip.environment.SETTING_EXTERNAL_HOST | string | `"zulip.example.com"` | Domain Zulip is hosted on. |
+| zulip.environment.SETTING_ZULIP_ADMINISTRATOR | string | `"[email protected]"` |  |
+| zulip.environment.SSL_CERTIFICATE_GENERATION | string | `"self-signed"` | Set SSL certificate generation to self-signed because Kubernetes manages the client-facing SSL certs. |
+| zulip.environment.ZULIP_AUTH_BACKENDS | string | `"EmailAuthBackend"` |  |
+| zulip.persistence | object | `{"accessMode":"ReadWriteOnce","enabled":true,"size":"10Gi"}` | If `persistence.existingClaim` is not set, a PVC is generated with these specifications. |
+
+## About this helm chart
+
+This helm chart sets up a StatefulSet that runs a Zulip pod, that in turn runs
+the [docker-zulip](https://hub.docker.com/r/zulip/docker-zulip/) Dockerized
+Zulip version. Configuration of Zulip happens through environment variables that
+are defined in the `values.yaml` under `zulip.environment`. These environment
+variables are forwarded to the Docker container, you can read more about
+configuring Zulip through environment variables
+[here](https://github.com/zulip/docker-zulip/#configuration).
+
+### Dependencies
+
+The chart uses Memcached, RabbitMQ and Redis helm charts defined in
+the Bitnami Helm repository. Most of these are configured following their
+default settings, but you can check
+https://github.com/bitnami/charts/tree/master/bitnami/ for more configuration
+options of the subcharts.
+
+For PostgreSQL the chart also uses the Bitnami chart to install it on the
+Kubernetes cluster. However, in this case we use Zulip's
+[zulip-postgresql](https://hub.docker.com/r/zulip/zulip-postgresql) docker
+image, because it contains the Postgresql plugins that are needed to run Zulip.
+
+## Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://charts.bitnami.com/bitnami | memcached | 6.0.16 |
+| https://charts.bitnami.com/bitnami | postgresql | 11.1.22 |
+| https://charts.bitnami.com/bitnami | rabbitmq | 8.32.0 |
+| https://charts.bitnami.com/bitnami | redis | 16.8.7 |
@@ -0,0 +1,92 @@
+# Zulip
+
+{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }}
+
+[Zulip](https://zulip.com/) is an open source threaded team chat that helps teams stay productive and focused.
+
+Helm chart based on https://github.com/zulip/docker-zulip
+
+## Installation
+
+Copy `values-local.yaml.example`, modify it as instructed in the comments, then
+install with the following commands:
+
+```
+helm dependency update                      # Get helm dependency charts
+helm install -f ./values-local.yaml zulip . # Install Zulip
+```
+
+This will show a message on how to reach your Zulip installation and how to
+create your first realm. Wait for all your pods to be ready before you continue.
+You can run `kubectl get pods` to their current state. Once all pods are ready,
+you can run the commands to create a Realm, and you can reach Zulip following
+the instructions as well.
+
+### Installing on Minikube
+
+You need to do a few things to make
+[minikube](https://minikube.sigs.k8s.io/docs/) serve Zulip with a TLS
+certificate. Without it, Zulip will not work.
+
+If you haven't already, you need to set up `cert-manager` inside your minikube.
+
+First, enable the "ingress" minikube addon ([more info available
+here](https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/#enable-the-ingress-controller))
+
+```
+minikube addons enable ingress
+```
+
+Second, [install cert-manager into your minikube
+cluster](https://cert-manager.io/docs/installation/#default-static-install):
+
+```
+kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.0/cert-manager.yaml
+```
+
+Now you'll need to add an issuer that issues self-signed certificates. Copy this
+into a file, `self-signed-issuer.yaml`
+
+```
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: selfsigned
+  namespace: cert-manager
+spec:
+  selfSigned: {}
+```
+
+Now apply the issuer: `kubectl apply -f self-signed-issuer.yaml`
+
+We'll host Zulip on `zulip.local`. Add that to your `/etc/hosts` file and
+point it to the IP address you get with the command `minikube ip`.
+
+Now you're ready to follow [the installation instructions above](#installation).
+
+{{ template "chart.valuesSection" . }}
+
+## About this helm chart
+
+This helm chart sets up a StatefulSet that runs a Zulip pod, that in turn runs
+the [docker-zulip](https://hub.docker.com/r/zulip/docker-zulip/) Dockerized
+Zulip version. Configuration of Zulip happens through environment variables that
+are defined in the `values.yaml` under `zulip.environment`. These environment
+variables are forwarded to the Docker container, you can read more about
+configuring Zulip through environment variables
+[here](https://github.com/zulip/docker-zulip/#configuration).
+
+### Dependencies
+
+The chart uses Memcached, RabbitMQ and Redis helm charts defined in
+the Bitnami Helm repository. Most of these are configured following their
+default settings, but you can check
+https://github.com/bitnami/charts/tree/master/bitnami/ for more configuration
+options of the subcharts.
+
+For PostgreSQL the chart also uses the Bitnami chart to install it on the
+Kubernetes cluster. However, in this case we use Zulip's
+[zulip-postgresql](https://hub.docker.com/r/zulip/zulip-postgresql) docker
+image, because it contains the Postgresql plugins that are needed to run Zulip.
+
+{{ template "chart.requirementsSection" . }}
@@ -0,0 +1,8 @@
+1. To create a realm so you can sign in:
+
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ template "zulip.name" . }}" -o jsonpath="{.items[0].metadata.name}")
+  kubectl -n {{ .Release.Namespace }} exec -it "$POD_NAME" -c zulip -- sudo -u zulip /home/zulip/deployments/current/manage.py generate_realm_creation_link
+
+2. Zulip will be available on:
+
+  https://{{ .host }}