├── .github ├── .kodiak.toml ├── ISSUE_TEMPLATE │ ├── bug_report.yml │ └── feature_request.yml ├── renovate.json5 └── workflows │ ├── auto_update_docs.yml │ ├── lint_test.yml │ ├── pr_title.yml │ └── release_please.yml ├── .gitignore ├── .helmdocsignore ├── .helmignore ├── .release-please-manifest.json ├── CODEOWNERS ├── CONTRIBUTING.md ├── LICENSE ├── Makefile ├── README.md ├── charts └── cloudquery │ ├── .gitignore │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.lock │ ├── Chart.yaml │ ├── README.md │ ├── templates │ ├── NOTES.txt │ ├── _helpers.tpl │ ├── admin-deployment.yaml │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── job.yaml │ ├── secret.yaml │ └── serviceaccount.yaml │ └── values.yaml ├── ct.yaml ├── kind-config.yaml ├── release-please-config.json └── scripts └── e2e-kind.sh /.github/.kodiak.toml: -------------------------------------------------------------------------------- 1 | 2 | version = 1 3 | 4 | [approve] 5 | auto_approve_usernames = ["cq-bot"] 6 | 7 | [merge.message] 8 | body = "pull_request_body" 9 | cut_body_after = "Use the following steps to ensure your PR is ready to be reviewed" 10 | cut_body_and_text = true 11 | cut_body_before = "" 12 | title = "pull_request_title" 13 | 14 | [merge] 15 | blocking_labels = ["wip", "no automerge"] 16 | notify_on_conflict = false 17 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.yml: -------------------------------------------------------------------------------- 1 | name: 🐛 Bug Report 2 | description: If something isn't working as expected 🤔 3 | title: "bug: " 4 | labels: [bug] 5 | body: 6 | - type: checkboxes 7 | attributes: 8 | label: Are you positive this is an Helm Chart bug? 9 | description: Most bugs should be open on the [main repository](https://github.com/cloudquery/cloudquery). If you are not sure, please open an issue there first. 10 | options: 11 | - label: I'm positive this is an Helm Chart bug 12 | required: true 13 | 14 | - type: textarea 15 | attributes: 16 | label: Current Behavior 17 | description: A concise description of what you're experiencing 18 | validations: 19 | required: true 20 | 21 | - type: textarea 22 | attributes: 23 | label: Expected Behavior 24 | description: A concise description of what you expected to happen 25 | validations: 26 | required: true 27 | 28 | - type: textarea 29 | attributes: 30 | label: Helm Chart (redacted) configuration 31 | description: Please provide your Helm Chart configuration, redacted of any sensitive information 32 | placeholder: | 33 | ``` 34 | <config-content> 35 | ``` 36 | validations: 37 | required: true 38 | 39 | - type: input 40 | id: version 41 | attributes: 42 | label: Helm Chart version 43 | description: The version of the Helm Chart you are using 44 | validations: 45 | required: true 46 | 47 | - type: textarea 48 | id: context 49 | attributes: 50 | label: Additional Context 51 | description: | 52 | Add any other context the bug, such as links to related PRs or issues 53 | validations: 54 | required: false 55 | 56 | - type: checkboxes 57 | attributes: 58 | label: Pull request (optional) 59 | description: | 60 | Pull requests welcome! If you would like to help us fix this bug, please check our [contributions guidelines](../blob/main/CONTRIBUTING.md) 61 | options: 62 | - label: I can submit a pull request 63 | required: false 64 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.yml: -------------------------------------------------------------------------------- 1 | name: 🚀 Feature request 2 | description: Suggest an idea for this project 3 | title: 'feat: <title>' 4 | labels: ['enhancement'] 5 | body: 6 | - type: checkboxes 7 | attributes: 8 | label: Are you positive this feature should be implemented in the Helm Chart? 9 | description: Most features should be requested on the [main repository](https://github.com/cloudquery/cloudquery). If you are not sure, please open an issue there first. 10 | options: 11 | - label: I'm positive this is an Helm Chart feature 12 | required: true 13 | 14 | - type: textarea 15 | attributes: 16 | label: Which problem is this feature request solving? 17 | placeholder: I would like to [...] 18 | validations: 19 | required: true 20 | 21 | - type: textarea 22 | attributes: 23 | label: Describe the solution you'd like 24 | placeholder: This could be resolved by [...] 25 | validations: 26 | required: true 27 | 28 | - type: checkboxes 29 | attributes: 30 | label: Pull request (optional) 31 | description: 32 | Pull requests welcome! If you would like to help us implement this feature, please check our [contributions guidelines](../blob/main/CONTRIBUTING.md) 33 | options: 34 | - label: I can submit a pull request 35 | required: false -------------------------------------------------------------------------------- /.github/renovate.json5: -------------------------------------------------------------------------------- 1 | { 2 | extends: [ 3 | 'github>cloudquery/.github//.github/renovate-default.json5', 4 | ], 5 | customManagers: [ 6 | { 7 | customType: 'regex', 8 | fileMatch: [ 9 | '^charts/cloudquery/Chart.yaml$', 10 | ], 11 | matchStrings: [ 12 | 'appVersion: (?<currentValue>.*)', 13 | ], 14 | depNameTemplate: 'cloudquery/cloudquery', 15 | datasourceTemplate: 'github-releases', 16 | extractVersionTemplate: '^cli-v(?<version>.+)$', 17 | }, 18 | ], 19 | packageRules: [ 20 | { 21 | matchManagers: [ 22 | 'helm-values', 23 | 'helmv3', 24 | ], 25 | matchSourceUrls: [ 26 | 'https://github.com/cloudquery/cloudquery', 27 | ], 28 | postUpgradeTasks: { 29 | commands: [ 30 | "sed -i \"s/^version.*/version: $(grep '^version' charts/cloudquery/Chart.yaml | cut -d\" \" -f2 | awk -F. '{$NF = $NF + 1;} 1' | sed 's/ /./g')/g\" charts/cloudquery/Chart.yaml", 31 | 'docker run --rm --volume "$(pwd):/helm-docs" -u "$(id -u)" jnorwood/helm-docs:v1.11.0', 32 | ], 33 | fileFilters: [ 34 | 'charts/cloudquery/Chart.yaml', 35 | 'charts/cloudquery/README.md', 36 | ], 37 | executionMode: 'update', 38 | }, 39 | }, 40 | { 41 | matchSourceUrls: [ 42 | 'https://github.com/cloudquery/cloudquery' 43 | ], 44 | commitMessagePrefix: 'fix(deps): ', 45 | }, 46 | ], 47 | } 48 | -------------------------------------------------------------------------------- /.github/workflows/auto_update_docs.yml: -------------------------------------------------------------------------------- 1 | name: Auto Update Docs 2 | 3 | on: 4 | push: 5 | branches: 6 | - release-please-* 7 | 8 | jobs: 9 | docs: 10 | runs-on: ubuntu-latest 11 | steps: 12 | - name: Checkout 13 | uses: actions/checkout@v4 14 | with: 15 | token: ${{ secrets.GH_CQ_BOT }} 16 | 17 | - name: Update Docs 18 | run: | 19 | docker run --rm --volume "$(pwd):/helm-docs" -u "$(id -u)" jnorwood/helm-docs:v1.11.0 20 | 21 | - name: Get component from branch name 22 | uses: actions/github-script@v7 23 | id: component 24 | with: 25 | result-encoding: string 26 | script: | 27 | const lastPartOfBranch = context.ref.split('-').pop(); 28 | return lastPartOfBranch; 29 | 30 | - uses: stefanzweifel/git-auto-commit-action@v5 31 | with: 32 | file_pattern: charts/${{ steps.component.outputs.result }}/README.md 33 | commit_message: "chore: Update docs" 34 | -------------------------------------------------------------------------------- /.github/workflows/lint_test.yml: -------------------------------------------------------------------------------- 1 | # This workflow is copied from the official helm chart testing repo 2 | # https://github.com/helm/charts-repo-actions-demo/blob/main/.github/workflows/lint-test.yaml 3 | name: Lint and Test Charts 4 | 5 | on: pull_request 6 | 7 | jobs: 8 | lint-test: 9 | runs-on: ubuntu-latest 10 | steps: 11 | - name: Checkout 12 | uses: actions/checkout@v4 13 | with: 14 | fetch-depth: 0 15 | 16 | - name: Set up Helm 17 | uses: azure/setup-helm@v4 18 | with: 19 | version: v3.8.1 20 | 21 | # Python is required because `ct lint` runs Yamale (https://github.com/23andMe/Yamale) and 22 | # yamllint (https://github.com/adrienverge/yamllint) which require Python 23 | - name: Set up Python 24 | uses: actions/setup-python@v5 25 | with: 26 | python-version: 3.13.3 27 | 28 | - name: Set up chart-testing 29 | uses: helm/chart-testing-action@v2.7.0 30 | 31 | - name: Run chart-testing (lint PR) 32 | if: ${{ !startsWith(github.head_ref || '', 'release-please-') }} 33 | run: make lint-pr 34 | 35 | - name: Run chart-testing (lint release) 36 | if: ${{ startsWith(github.head_ref || '', 'release-please-') }} 37 | run: make lint 38 | 39 | - name: Run chart-testing (test) 40 | run: ./scripts/e2e-kind.sh 41 | -------------------------------------------------------------------------------- /.github/workflows/pr_title.yml: -------------------------------------------------------------------------------- 1 | # DONT EDIT. This file is synced from https://github.com/cloudquery/.github/.github 2 | name: "Validate PR title" 3 | 4 | on: 5 | pull_request_target: 6 | types: 7 | - opened 8 | - edited 9 | - synchronize 10 | 11 | jobs: 12 | main: 13 | name: Validate PR title 14 | runs-on: ubuntu-latest 15 | steps: 16 | # Please look up the latest version from 17 | # https://github.com/amannn/action-semantic-pull-request/releases 18 | - uses: amannn/action-semantic-pull-request@v5 19 | env: 20 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 21 | with: 22 | # Configure which types are allowed. 23 | # Default: https://github.com/commitizen/conventional-commit-types 24 | types: | 25 | fix 26 | feat 27 | chore 28 | refactor 29 | test 30 | # Configure that a scope must always be provided. 31 | requireScope: false 32 | # Configure additional validation for the subject based on a regex. 33 | # This example ensures the subject starts with an uppercase character. 34 | subjectPattern: ^[A-Z].+$ 35 | # If `subjectPattern` is configured, you can use this property to override 36 | # the default error message that is shown when the pattern doesn't match. 37 | # The variables `subject` and `title` can be used within the message. 38 | subjectPatternError: | 39 | The subject "{subject}" found in the pull request title "{title}" 40 | didn't match the configured pattern. Please ensure that the subject 41 | starts with an uppercase character. 42 | # For work-in-progress PRs you can typically use draft pull requests 43 | # from Github. However, private repositories on the free plan don't have 44 | # this option and therefore this action allows you to opt-in to using the 45 | # special "[WIP]" prefix to indicate this state. This will avoid the 46 | # validation of the PR title and the pull request checks remain pending. 47 | # Note that a second check will be reported if this is enabled. 48 | wip: true 49 | # When using "Squash and merge" on a PR with only one commit, GitHub 50 | # will suggest using that commit message instead of the PR title for the 51 | # merge commit, and it's easy to commit this by mistake. Enable this option 52 | # to also validate the commit message for one commit PRs. 53 | validateSingleCommit: false 54 | -------------------------------------------------------------------------------- /.github/workflows/release_please.yml: -------------------------------------------------------------------------------- 1 | name: Release Please 2 | on: 3 | push: 4 | branches: 5 | - main 6 | 7 | permissions: 8 | contents: write 9 | pull-requests: write 10 | 11 | jobs: 12 | release-please: 13 | runs-on: ubuntu-latest 14 | steps: 15 | - uses: googleapis/release-please-action@v4 16 | id: release 17 | with: 18 | token: ${{ secrets.GH_CQ_BOT }} 19 | 20 | - name: Checkout 21 | uses: actions/checkout@v4 22 | if: | 23 | startsWith(github.event.head_commit.message, 'chore(main): Release') 24 | with: 25 | fetch-depth: 0 26 | 27 | - name: Configure Git 28 | if: | 29 | startsWith(github.event.head_commit.message, 'chore(main): Release') 30 | run: | 31 | git config user.name "$GITHUB_ACTOR" 32 | git config user.email "$GITHUB_ACTOR@users.noreply.github.com" 33 | 34 | - name: Install Helm 35 | if: | 36 | startsWith(github.event.head_commit.message, 'chore(main): Release') 37 | uses: azure/setup-helm@v4 38 | with: 39 | version: v3.8.1 40 | 41 | - name: Helm Deps 42 | if: | 43 | startsWith(github.event.head_commit.message, 'chore(main): Release') 44 | run: | 45 | helm repo add secrets-store-csi-driver https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts 46 | helm repo add grafana https://grafana.github.io/helm-charts 47 | helm repo add bitnami https://charts.bitnami.com/bitnami 48 | 49 | - name: Run chart-releaser 50 | if: | 51 | startsWith(github.event.head_commit.message, 'chore(main): Release') 52 | uses: helm/chart-releaser-action@v1.7.0 53 | with: 54 | skip_existing: true 55 | env: 56 | CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" 57 | 58 | - name: Get PR data 59 | uses: actions/github-script@v7 60 | if: | 61 | startsWith(github.event.head_commit.message, 'chore(main): Release') 62 | id: get_pr_data 63 | with: 64 | script: | 65 | return ( 66 | await github.rest.repos.listPullRequestsAssociatedWithCommit({ 67 | commit_sha: context.sha, 68 | owner: context.repo.owner, 69 | repo: context.repo.repo, 70 | }) 71 | ).data[0]; 72 | 73 | - name: Update PR labels 74 | uses: actions/github-script@v7 75 | if: | 76 | startsWith(github.event.head_commit.message, 'chore(main): Release') 77 | with: 78 | script: | 79 | const prNumber = ${{ fromJson(steps.get_pr_data.outputs.result).number }}; 80 | 81 | // Remove the pending label 82 | await github.rest.issues.removeLabel({ 83 | owner: context.repo.owner, 84 | repo: context.repo.repo, 85 | issue_number: prNumber, 86 | name: 'autorelease: pending' 87 | }); 88 | 89 | // Add the tagged label 90 | await github.rest.issues.addLabels({ 91 | owner: context.repo.owner, 92 | repo: context.repo.repo, 93 | issue_number: prNumber, 94 | labels: ['autorelease: tagged'] 95 | }); 96 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | override.yaml 3 | .cq 4 | cloudquery.log 5 | **/.terraform 6 | terraform.tfstate 7 | terraform.tfvars 8 | .vscode 9 | .kind-kubeconfig 10 | -------------------------------------------------------------------------------- /.helmdocsignore: -------------------------------------------------------------------------------- 1 | charts/promtail -------------------------------------------------------------------------------- /.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | 25 | # CloudQuery 26 | .cq/ 27 | cloudquery.log 28 | terraform -------------------------------------------------------------------------------- /.release-please-manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "charts/cloudquery": "38.2.0", 3 | "charts/cloudquery+FILLER": "0.0.0" 4 | } 5 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @cloudquery/foundations-backend 2 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | :+1::tada: First off, thanks for taking the time to contribute! :tada::+1: 4 | 5 | Please don't file an issue to ask a question. You'll get faster results by reaching out to the community on our [discord channel](https://cloudquery.io/discord). 6 | 7 | The following is a set of guidelines for contributing to this repository. 8 | 9 | ## Setting up development environment 10 | 11 | - Install [ct](https://github.com/helm/chart-testing) (Official CLI tool for linting and testing helm charts) 12 | - Install [helm-docs](https://github.com/norwoodj/helm-docs) for auto doc generation 13 | - [Kind](https://kind.sigs.k8s.io/docs/user/quick-start/) (optional for local testing) 14 | 15 | ## Usage 16 | 17 | ```bash 18 | # Setup cluster 19 | kind create cluster 20 | # Install chart (default is to use the AWS plugin) 21 | helm install cloudquery ./charts/cloudquery/ -f ./charts/cloudquery/values.yaml \ 22 | # These environment variables should be exported before running the command 23 | --set envRenderSecret.CQ_DSN=$CQ_DSN \ 24 | --set envRenderSecret.AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \ 25 | --set envRenderSecret.AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \ 26 | --set envRenderSecret.AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN 27 | # Trigger cron job 28 | kubectl create job --from=cronjob/cloudquery-cron cloudquery-cron -n default 29 | # Get cron job logs 30 | kubectl logs -f jobs/cloudquery-cron -n default 31 | # Cleanup cluster 32 | kind delete cluster 33 | ``` 34 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Mozilla Public License, version 2.0 2 | 3 | 1. Definitions 4 | 5 | 1.1. “Contributor” 6 | 7 | means each individual or legal entity that creates, contributes to the 8 | creation of, or owns Covered Software. 9 | 10 | 1.2. “Contributor Version” 11 | 12 | means the combination of the Contributions of others (if any) used by a 13 | Contributor and that particular Contributor’s Contribution. 14 | 15 | 1.3. “Contribution” 16 | 17 | means Covered Software of a particular Contributor. 18 | 19 | 1.4. “Covered Software” 20 | 21 | means Source Code Form to which the initial Contributor has attached the 22 | notice in Exhibit A, the Executable Form of such Source Code Form, and 23 | Modifications of such Source Code Form, in each case including portions 24 | thereof. 25 | 26 | 1.5. “Incompatible With Secondary Licenses” 27 | means 28 | 29 | a. that the initial Contributor has attached the notice described in 30 | Exhibit B to the Covered Software; or 31 | 32 | b. that the Covered Software was made available under the terms of version 33 | 1.1 or earlier of the License, but not also under the terms of a 34 | Secondary License. 35 | 36 | 1.6. “Executable Form” 37 | 38 | means any form of the work other than Source Code Form. 39 | 40 | 1.7. “Larger Work” 41 | 42 | means a work that combines Covered Software with other material, in a separate 43 | file or files, that is not Covered Software. 44 | 45 | 1.8. “License” 46 | 47 | means this document. 48 | 49 | 1.9. “Licensable” 50 | 51 | means having the right to grant, to the maximum extent possible, whether at the 52 | time of the initial grant or subsequently, any and all of the rights conveyed by 53 | this License. 54 | 55 | 1.10. “Modifications” 56 | 57 | means any of the following: 58 | 59 | a. any file in Source Code Form that results from an addition to, deletion 60 | from, or modification of the contents of Covered Software; or 61 | 62 | b. any new file in Source Code Form that contains any Covered Software. 63 | 64 | 1.11. “Patent Claims” of a Contributor 65 | 66 | means any patent claim(s), including without limitation, method, process, 67 | and apparatus claims, in any patent Licensable by such Contributor that 68 | would be infringed, but for the grant of the License, by the making, 69 | using, selling, offering for sale, having made, import, or transfer of 70 | either its Contributions or its Contributor Version. 71 | 72 | 1.12. “Secondary License” 73 | 74 | means either the GNU General Public License, Version 2.0, the GNU Lesser 75 | General Public License, Version 2.1, the GNU Affero General Public 76 | License, Version 3.0, or any later versions of those licenses. 77 | 78 | 1.13. “Source Code Form” 79 | 80 | means the form of the work preferred for making modifications. 81 | 82 | 1.14. “You” (or “Your”) 83 | 84 | means an individual or a legal entity exercising rights under this 85 | License. For legal entities, “You” includes any entity that controls, is 86 | controlled by, or is under common control with You. For purposes of this 87 | definition, “control” means (a) the power, direct or indirect, to cause 88 | the direction or management of such entity, whether by contract or 89 | otherwise, or (b) ownership of more than fifty percent (50%) of the 90 | outstanding shares or beneficial ownership of such entity. 91 | 92 | 93 | 2. License Grants and Conditions 94 | 95 | 2.1. Grants 96 | 97 | Each Contributor hereby grants You a world-wide, royalty-free, 98 | non-exclusive license: 99 | 100 | a. under intellectual property rights (other than patent or trademark) 101 | Licensable by such Contributor to use, reproduce, make available, 102 | modify, display, perform, distribute, and otherwise exploit its 103 | Contributions, either on an unmodified basis, with Modifications, or as 104 | part of a Larger Work; and 105 | 106 | b. under Patent Claims of such Contributor to make, use, sell, offer for 107 | sale, have made, import, and otherwise transfer either its Contributions 108 | or its Contributor Version. 109 | 110 | 2.2. Effective Date 111 | 112 | The licenses granted in Section 2.1 with respect to any Contribution become 113 | effective for each Contribution on the date the Contributor first distributes 114 | such Contribution. 115 | 116 | 2.3. Limitations on Grant Scope 117 | 118 | The licenses granted in this Section 2 are the only rights granted under this 119 | License. No additional rights or licenses will be implied from the distribution 120 | or licensing of Covered Software under this License. Notwithstanding Section 121 | 2.1(b) above, no patent license is granted by a Contributor: 122 | 123 | a. for any code that a Contributor has removed from Covered Software; or 124 | 125 | b. for infringements caused by: (i) Your and any other third party’s 126 | modifications of Covered Software, or (ii) the combination of its 127 | Contributions with other software (except as part of its Contributor 128 | Version); or 129 | 130 | c. under Patent Claims infringed by Covered Software in the absence of its 131 | Contributions. 132 | 133 | This License does not grant any rights in the trademarks, service marks, or 134 | logos of any Contributor (except as may be necessary to comply with the 135 | notice requirements in Section 3.4). 136 | 137 | 2.4. Subsequent Licenses 138 | 139 | No Contributor makes additional grants as a result of Your choice to 140 | distribute the Covered Software under a subsequent version of this License 141 | (see Section 10.2) or under the terms of a Secondary License (if permitted 142 | under the terms of Section 3.3). 143 | 144 | 2.5. Representation 145 | 146 | Each Contributor represents that the Contributor believes its Contributions 147 | are its original creation(s) or it has sufficient rights to grant the 148 | rights to its Contributions conveyed by this License. 149 | 150 | 2.6. Fair Use 151 | 152 | This License is not intended to limit any rights You have under applicable 153 | copyright doctrines of fair use, fair dealing, or other equivalents. 154 | 155 | 2.7. Conditions 156 | 157 | Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in 158 | Section 2.1. 159 | 160 | 161 | 3. Responsibilities 162 | 163 | 3.1. Distribution of Source Form 164 | 165 | All distribution of Covered Software in Source Code Form, including any 166 | Modifications that You create or to which You contribute, must be under the 167 | terms of this License. You must inform recipients that the Source Code Form 168 | of the Covered Software is governed by the terms of this License, and how 169 | they can obtain a copy of this License. You may not attempt to alter or 170 | restrict the recipients’ rights in the Source Code Form. 171 | 172 | 3.2. Distribution of Executable Form 173 | 174 | If You distribute Covered Software in Executable Form then: 175 | 176 | a. such Covered Software must also be made available in Source Code Form, 177 | as described in Section 3.1, and You must inform recipients of the 178 | Executable Form how they can obtain a copy of such Source Code Form by 179 | reasonable means in a timely manner, at a charge no more than the cost 180 | of distribution to the recipient; and 181 | 182 | b. You may distribute such Executable Form under the terms of this License, 183 | or sublicense it under different terms, provided that the license for 184 | the Executable Form does not attempt to limit or alter the recipients’ 185 | rights in the Source Code Form under this License. 186 | 187 | 3.3. Distribution of a Larger Work 188 | 189 | You may create and distribute a Larger Work under terms of Your choice, 190 | provided that You also comply with the requirements of this License for the 191 | Covered Software. If the Larger Work is a combination of Covered Software 192 | with a work governed by one or more Secondary Licenses, and the Covered 193 | Software is not Incompatible With Secondary Licenses, this License permits 194 | You to additionally distribute such Covered Software under the terms of 195 | such Secondary License(s), so that the recipient of the Larger Work may, at 196 | their option, further distribute the Covered Software under the terms of 197 | either this License or such Secondary License(s). 198 | 199 | 3.4. Notices 200 | 201 | You may not remove or alter the substance of any license notices (including 202 | copyright notices, patent notices, disclaimers of warranty, or limitations 203 | of liability) contained within the Source Code Form of the Covered 204 | Software, except that You may alter any license notices to the extent 205 | required to remedy known factual inaccuracies. 206 | 207 | 3.5. Application of Additional Terms 208 | 209 | You may choose to offer, and to charge a fee for, warranty, support, 210 | indemnity or liability obligations to one or more recipients of Covered 211 | Software. However, You may do so only on Your own behalf, and not on behalf 212 | of any Contributor. You must make it absolutely clear that any such 213 | warranty, support, indemnity, or liability obligation is offered by You 214 | alone, and You hereby agree to indemnify every Contributor for any 215 | liability incurred by such Contributor as a result of warranty, support, 216 | indemnity or liability terms You offer. You may include additional 217 | disclaimers of warranty and limitations of liability specific to any 218 | jurisdiction. 219 | 220 | 4. Inability to Comply Due to Statute or Regulation 221 | 222 | If it is impossible for You to comply with any of the terms of this License 223 | with respect to some or all of the Covered Software due to statute, judicial 224 | order, or regulation then You must: (a) comply with the terms of this License 225 | to the maximum extent possible; and (b) describe the limitations and the code 226 | they affect. Such description must be placed in a text file included with all 227 | distributions of the Covered Software under this License. Except to the 228 | extent prohibited by statute or regulation, such description must be 229 | sufficiently detailed for a recipient of ordinary skill to be able to 230 | understand it. 231 | 232 | 5. Termination 233 | 234 | 5.1. The rights granted under this License will terminate automatically if You 235 | fail to comply with any of its terms. However, if You become compliant, 236 | then the rights granted under this License from a particular Contributor 237 | are reinstated (a) provisionally, unless and until such Contributor 238 | explicitly and finally terminates Your grants, and (b) on an ongoing basis, 239 | if such Contributor fails to notify You of the non-compliance by some 240 | reasonable means prior to 60 days after You have come back into compliance. 241 | Moreover, Your grants from a particular Contributor are reinstated on an 242 | ongoing basis if such Contributor notifies You of the non-compliance by 243 | some reasonable means, this is the first time You have received notice of 244 | non-compliance with this License from such Contributor, and You become 245 | compliant prior to 30 days after Your receipt of the notice. 246 | 247 | 5.2. If You initiate litigation against any entity by asserting a patent 248 | infringement claim (excluding declaratory judgment actions, counter-claims, 249 | and cross-claims) alleging that a Contributor Version directly or 250 | indirectly infringes any patent, then the rights granted to You by any and 251 | all Contributors for the Covered Software under Section 2.1 of this License 252 | shall terminate. 253 | 254 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user 255 | license agreements (excluding distributors and resellers) which have been 256 | validly granted by You or Your distributors under this License prior to 257 | termination shall survive termination. 258 | 259 | 6. Disclaimer of Warranty 260 | 261 | Covered Software is provided under this License on an “as is” basis, without 262 | warranty of any kind, either expressed, implied, or statutory, including, 263 | without limitation, warranties that the Covered Software is free of defects, 264 | merchantable, fit for a particular purpose or non-infringing. The entire 265 | risk as to the quality and performance of the Covered Software is with You. 266 | Should any Covered Software prove defective in any respect, You (not any 267 | Contributor) assume the cost of any necessary servicing, repair, or 268 | correction. This disclaimer of warranty constitutes an essential part of this 269 | License. No use of any Covered Software is authorized under this License 270 | except under this disclaimer. 271 | 272 | 7. Limitation of Liability 273 | 274 | Under no circumstances and under no legal theory, whether tort (including 275 | negligence), contract, or otherwise, shall any Contributor, or anyone who 276 | distributes Covered Software as permitted above, be liable to You for any 277 | direct, indirect, special, incidental, or consequential damages of any 278 | character including, without limitation, damages for lost profits, loss of 279 | goodwill, work stoppage, computer failure or malfunction, or any and all 280 | other commercial damages or losses, even if such party shall have been 281 | informed of the possibility of such damages. This limitation of liability 282 | shall not apply to liability for death or personal injury resulting from such 283 | party’s negligence to the extent applicable law prohibits such limitation. 284 | Some jurisdictions do not allow the exclusion or limitation of incidental or 285 | consequential damages, so this exclusion and limitation may not apply to You. 286 | 287 | 8. Litigation 288 | 289 | Any litigation relating to this License may be brought only in the courts of 290 | a jurisdiction where the defendant maintains its principal place of business 291 | and such litigation shall be governed by laws of that jurisdiction, without 292 | reference to its conflict-of-law provisions. Nothing in this Section shall 293 | prevent a party’s ability to bring cross-claims or counter-claims. 294 | 295 | 9. Miscellaneous 296 | 297 | This License represents the complete agreement concerning the subject matter 298 | hereof. If any provision of this License is held to be unenforceable, such 299 | provision shall be reformed only to the extent necessary to make it 300 | enforceable. Any law or regulation which provides that the language of a 301 | contract shall be construed against the drafter shall not be used to construe 302 | this License against a Contributor. 303 | 304 | 305 | 10. Versions of the License 306 | 307 | 10.1. New Versions 308 | 309 | Mozilla Foundation is the license steward. Except as provided in Section 310 | 10.3, no one other than the license steward has the right to modify or 311 | publish new versions of this License. Each version will be given a 312 | distinguishing version number. 313 | 314 | 10.2. Effect of New Versions 315 | 316 | You may distribute the Covered Software under the terms of the version of 317 | the License under which You originally received the Covered Software, or 318 | under the terms of any subsequent version published by the license 319 | steward. 320 | 321 | 10.3. Modified Versions 322 | 323 | If you create software not governed by this License, and you want to 324 | create a new license for such software, you may create and use a modified 325 | version of this License if you rename the license and remove any 326 | references to the name of the license steward (except to note that such 327 | modified license differs from this License). 328 | 329 | 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses 330 | If You choose to distribute Source Code Form that is Incompatible With 331 | Secondary Licenses under the terms of this version of the License, the 332 | notice described in Exhibit B of this License must be attached. 333 | 334 | Exhibit A - Source Code Form License Notice 335 | 336 | This Source Code Form is subject to the 337 | terms of the Mozilla Public License, v. 338 | 2.0. If a copy of the MPL was not 339 | distributed with this file, You can 340 | obtain one at 341 | http://mozilla.org/MPL/2.0/. 342 | 343 | If it is not possible or desirable to put the notice in a particular file, then 344 | You may include the notice in a location (such as a LICENSE file in a relevant 345 | directory) where a recipient would be likely to look for such a notice. 346 | 347 | You may add additional accurate notices of copyright ownership. 348 | 349 | Exhibit B - “Incompatible With Secondary Licenses” Notice 350 | 351 | This Source Code Form is “Incompatible 352 | With Secondary Licenses”, as defined by 353 | the Mozilla Public License, v. 2.0. -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | .PHONY: lint 2 | lint: 3 | ct lint --config=ct.yaml 4 | 5 | .PHONY: lint-pr 6 | lint-pr: 7 | ct lint --check-version-increment=false --config=ct.yaml 8 | 9 | .PHONY: generate-docs 10 | generate-docs: 11 | helm-docs 12 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # CloudQuery Helm Deployment 2 | 3 | [![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/cloudquery)](https://artifacthub.io/packages/search?repo=cloudquery) 4 | 5 | CloudQuery is an [open-source](https://github.com/cloudquery/cloudquery), 6 | high-performance data integration platform for security and infrastructure teams. 7 | 8 | CloudQuery extracts, transforms, and loads configuration from cloud APIs to 9 | variety of supported destinations such as databases, data lakes, or streaming platforms 10 | for further analysis. 11 | 12 | ## CloudQuery Helm Charts 13 | 14 | This repository contains Helm v3 chart that deploys CloudQuery to a Kubernetes cluster. 15 | 16 | Documentation can be found here [./charts/cloudquery](./charts/cloudquery). 17 | 18 | ## Other Links 19 | 20 | - Homepage: https://www.cloudquery.io 21 | - Documentation: https://www.cloudquery.io/docs 22 | - Plugins: https://www.cloudquery.io/docs/plugins/sources 23 | - Releases: https://github.com/cloudquery/cloudquery/releases 24 | -------------------------------------------------------------------------------- /charts/cloudquery/.gitignore: -------------------------------------------------------------------------------- 1 | charts 2 | -------------------------------------------------------------------------------- /charts/cloudquery/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | 25 | # CloudQuery 26 | .cq/ 27 | cloudquery.log 28 | terraform -------------------------------------------------------------------------------- /charts/cloudquery/CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | 3 | ## [38.2.0](https://github.com/cloudquery/helm-charts/compare/cloudquery-38.1.0...cloudquery-38.2.0) (2025-05-23) 4 | 5 | 6 | ### Features 7 | 8 | * Add ttlSecondsAfterFinished to cron as well ([#791](https://github.com/cloudquery/helm-charts/issues/791)) ([1601000](https://github.com/cloudquery/helm-charts/commit/16010000fe06f9c23ed23074b10481082e57f3d5)) 9 | 10 | ## [38.1.0](https://github.com/cloudquery/helm-charts/compare/cloudquery-38.0.3...cloudquery-38.1.0) (2025-05-23) 11 | 12 | 13 | ### Features 14 | 15 | * Add ttlSecondsAfterFinished configuration to chart ([#788](https://github.com/cloudquery/helm-charts/issues/788)) ([6e6077c](https://github.com/cloudquery/helm-charts/commit/6e6077c643e3e30f1fcedabb855e4294f40f9944)) 16 | 17 | 18 | ### Bug Fixes 19 | 20 | * **deps:** Update dependency cloudquery/cloudquery to v6.19.2 ([#785](https://github.com/cloudquery/helm-charts/issues/785)) ([58176d8](https://github.com/cloudquery/helm-charts/commit/58176d8216f7462c5bac36c6739ce4202591bb5e)) 21 | * **deps:** Update dependency cloudquery/cloudquery to v6.20.0 ([#787](https://github.com/cloudquery/helm-charts/issues/787)) ([04ea08f](https://github.com/cloudquery/helm-charts/commit/04ea08f44918aa2f1290e1675839eec257341510)) 22 | * **deps:** Update dependency cloudquery/cloudquery to v6.20.1 ([#789](https://github.com/cloudquery/helm-charts/issues/789)) ([80cb71a](https://github.com/cloudquery/helm-charts/commit/80cb71a6d592cbbe4c63ea0580f2b8b04d8cba9d)) 23 | * **deps:** Update dependency cloudquery/cloudquery to v6.20.2 ([#790](https://github.com/cloudquery/helm-charts/issues/790)) ([f146fee](https://github.com/cloudquery/helm-charts/commit/f146fee1692f45366495d14c95640738891c526b)) 24 | 25 | ## [38.0.3](https://github.com/cloudquery/helm-charts/compare/cloudquery-38.0.2...cloudquery-38.0.3) (2025-05-08) 26 | 27 | 28 | ### Bug Fixes 29 | 30 | * **deps:** Update dependency cloudquery/cloudquery to v6.17.5 ([#776](https://github.com/cloudquery/helm-charts/issues/776)) ([333c061](https://github.com/cloudquery/helm-charts/commit/333c061b0d634f2efd9160754af9cc96f8e7a54a)) 31 | * **deps:** Update dependency cloudquery/cloudquery to v6.17.6 ([#778](https://github.com/cloudquery/helm-charts/issues/778)) ([04cc31b](https://github.com/cloudquery/helm-charts/commit/04cc31be9469a0fcb4f59dff42279fd697df8222)) 32 | * **deps:** Update dependency cloudquery/cloudquery to v6.18.0 ([#779](https://github.com/cloudquery/helm-charts/issues/779)) ([791a0c1](https://github.com/cloudquery/helm-charts/commit/791a0c1f39de2d8d9f0e49a1352648757eb53e7a)) 33 | * **deps:** Update dependency cloudquery/cloudquery to v6.18.1 ([#780](https://github.com/cloudquery/helm-charts/issues/780)) ([a6fd578](https://github.com/cloudquery/helm-charts/commit/a6fd5787e74ad8e6b0ceb86cab09f92490c7fb8c)) 34 | * **deps:** Update dependency cloudquery/cloudquery to v6.18.2 ([#782](https://github.com/cloudquery/helm-charts/issues/782)) ([fb47529](https://github.com/cloudquery/helm-charts/commit/fb475292415bc5aea7ba0701b8e291a3d983ed16)) 35 | * **deps:** Update dependency cloudquery/cloudquery to v6.19.0 ([#783](https://github.com/cloudquery/helm-charts/issues/783)) ([8905b1e](https://github.com/cloudquery/helm-charts/commit/8905b1e46d0b46231ff8da7d9e585b6a0f3ea629)) 36 | * **deps:** Update dependency cloudquery/cloudquery to v6.19.1 ([#784](https://github.com/cloudquery/helm-charts/issues/784)) ([a5560b9](https://github.com/cloudquery/helm-charts/commit/a5560b9f655c13f32d82422d69beac9e2540ad9c)) 37 | 38 | ## [38.0.2](https://github.com/cloudquery/helm-charts/compare/cloudquery-38.0.1...cloudquery-38.0.2) (2025-04-07) 39 | 40 | 41 | ### Bug Fixes 42 | 43 | * **deps:** Update dependency cloudquery/cloudquery to v6.17.2 ([#754](https://github.com/cloudquery/helm-charts/issues/754)) ([4a6fa9a](https://github.com/cloudquery/helm-charts/commit/4a6fa9a85cde2d70ac91df886c77ee17d8d1003f)) 44 | * **deps:** Update dependency cloudquery/cloudquery to v6.17.3 ([#759](https://github.com/cloudquery/helm-charts/issues/759)) ([049ea88](https://github.com/cloudquery/helm-charts/commit/049ea88fc4c7bccc945d35836cf98ed714f741c4)) 45 | * **deps:** Update dependency cloudquery/cloudquery to v6.17.4 ([#762](https://github.com/cloudquery/helm-charts/issues/762)) ([3c8ac94](https://github.com/cloudquery/helm-charts/commit/3c8ac94b3e878506c8041465f311ff5c8d321d82)) 46 | 47 | ## [38.0.1](https://github.com/cloudquery/helm-charts/compare/cloudquery-38.0.0...cloudquery-38.0.1) (2025-03-27) 48 | 49 | 50 | ### Bug Fixes 51 | 52 | * **deps:** Update dependency cloudquery/cloudquery to v6.17.1 ([#748](https://github.com/cloudquery/helm-charts/issues/748)) ([c94d8be](https://github.com/cloudquery/helm-charts/commit/c94d8be38a66f4a08083f12b155b1165d2b510f6)) 53 | 54 | ## [38.0.0](https://github.com/cloudquery/helm-charts/compare/cloudquery-37.0.0...cloudquery-38.0.0) (2025-01-29) 55 | 56 | 57 | ### ⚠ BREAKING CHANGES 58 | 59 | * Update dependency source-aws to v32 60 | 61 | ### Features 62 | 63 | * Add initial support for the scheduler ([#564](https://github.com/cloudquery/helm-charts/issues/564)) ([ea6c1aa](https://github.com/cloudquery/helm-charts/commit/ea6c1aa2199abff18d910c3ddc85f1240212774b)) 64 | 65 | 66 | ### Bug Fixes 67 | 68 | * Update dependency source-aws to v32 ([063b669](https://github.com/cloudquery/helm-charts/commit/063b669c8544943d3aa60d44c0df1111b33f9bc7)) 69 | 70 | ## [37.0.0](https://github.com/cloudquery/helm-charts/compare/cloudquery-36.0.0...cloudquery-37.0.0) (2025-01-09) 71 | 72 | 73 | ### ⚠ BREAKING CHANGES 74 | 75 | * **deps:** Update dependency source-aws to v31 ([#533](https://github.com/cloudquery/helm-charts/issues/533)) 76 | 77 | ### Bug Fixes 78 | 79 | * **deps:** Update dependency source-aws to v31 ([#533](https://github.com/cloudquery/helm-charts/issues/533)) ([890cb5c](https://github.com/cloudquery/helm-charts/commit/890cb5cca1ef2a7f29571e481d60b961ce1e5bd7)) 80 | 81 | ## [36.0.0](https://github.com/cloudquery/helm-charts/compare/cloudquery-35.1.0...cloudquery-36.0.0) (2024-12-16) 82 | 83 | 84 | ### ⚠ BREAKING CHANGES 85 | 86 | * **deps:** Update dependency source-aws to v30 ([#512](https://github.com/cloudquery/helm-charts/issues/512)) 87 | * **deps:** Update dependency source-aws to v29 ([#492](https://github.com/cloudquery/helm-charts/issues/492)) 88 | 89 | ### Bug Fixes 90 | 91 | * **deps:** Update dependency source-aws to v29 ([#492](https://github.com/cloudquery/helm-charts/issues/492)) ([ba279af](https://github.com/cloudquery/helm-charts/commit/ba279afa7b576e0966b20f5e8c7a0e87e642e6b2)) 92 | * **deps:** Update dependency source-aws to v30 ([#512](https://github.com/cloudquery/helm-charts/issues/512)) ([5143310](https://github.com/cloudquery/helm-charts/commit/51433102562c7a35589e2bfc89ebb8627ed7fbc0)) 93 | -------------------------------------------------------------------------------- /charts/cloudquery/Chart.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: promtail 3 | repository: https://grafana.github.io/helm-charts 4 | version: 6.16.6 5 | digest: sha256:0156ff43ef593776b1801854d29acb4c590866aa7c3ce772f822906247a50079 6 | generated: "2024-10-01T00:47:15.571167496Z" 7 | -------------------------------------------------------------------------------- /charts/cloudquery/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: cloudquery 3 | description: >- 4 | Open source high performance data integration platform designed for security 5 | and infrastructure teams. 6 | home: https://cloudquery.io 7 | type: application 8 | kubeVersion: ^1.8.0-0 9 | icon: https://avatars.githubusercontent.com/u/74616112 10 | keywords: 11 | - cloudquery 12 | sources: 13 | - https://github.com/cloudquery/helm-charts/tree/main/charts/cloudquery 14 | maintainers: 15 | - name: yevgenypats 16 | email: yp@cloudquery.io 17 | version: 38.2.0 18 | appVersion: 6.20.5 19 | annotations: 20 | artifacthub.io/license: MPL-2.0 21 | artifacthub.io/links: | 22 | - name: cloudquery 23 | url: https://github.com/cloudquery/cloudquery 24 | artifacthub.io/maintainers: | 25 | - name: yevgenypats 26 | email: yp@cloudquery.io 27 | dependencies: 28 | - name: promtail 29 | version: 6.16.6 30 | repository: https://grafana.github.io/helm-charts 31 | condition: promtail.enabled 32 | -------------------------------------------------------------------------------- /charts/cloudquery/README.md: -------------------------------------------------------------------------------- 1 | # cloudquery 2 | 3 | ![Version: 38.2.0](https://img.shields.io/badge/Version-38.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.20.2](https://img.shields.io/badge/AppVersion-6.20.2-informational?style=flat-square) 4 | 5 | Open source high performance data integration platform designed for security and infrastructure teams. 6 | 7 | **Homepage:** <https://cloudquery.io> 8 | 9 | ## Maintainers 10 | 11 | | Name | Email | Url | 12 | | ---- | ------ | --- | 13 | | yevgenypats | <yp@cloudquery.io> | | 14 | 15 | ## Source Code 16 | 17 | * <https://github.com/cloudquery/helm-charts/tree/main/charts/cloudquery> 18 | 19 | ## Requirements 20 | 21 | Kubernetes: `^1.8.0-0` 22 | 23 | | Repository | Name | Version | 24 | |------------|------|---------| 25 | | https://grafana.github.io/helm-charts | promtail | 6.16.6 | 26 | 27 | ## Values 28 | 29 | | Key | Type | Default | Description | 30 | |-----|------|---------|-------------| 31 | | admin.enabled | bool | `true` | Enable admin container useful for debugging into cloudquery | 32 | | annotations | object | `{}` | Optional. Additional annotations to be applied to all resources. | 33 | | config | string | The chart will use a default CloudQuery aws config | CloudQuery cloudquery.yml content | 34 | | containerSecurityContext | object | See [values.yaml](./values.yaml) | Container security context | 35 | | cronJobAdditionalArgs | list | `[]` | Optional. Additional CLI arguments to pass to the scheduled sync job (e.g. setting log format) More information at: https://www.cloudquery.io/docs/reference/cli/cloudquery | 36 | | cronJobFailedJobsLimit | int | `1` | Number of failed cronjobs to retain. | 37 | | cronJobLimit | int | `3` | Number of successful cronjobs to retain. | 38 | | cronJobPodAnnotations | object | `{}` | Optional. CronJob Pod annotations. | 39 | | cronJobPodLabels | object | `{}` | Optional. CronJob Pod labels. | 40 | | cronJobSuspend | bool | `false` | Optional. Disable the execution of the Cronjob | 41 | | cronJobTTLSecondsAfterFinished | int | `259200` | How long to retain the job created by cron after it has finished. Default is 259200 seconds (3 days). | 42 | | deploymentAnnotations | object | `{}` | Optional. Admin Deployment annotations. | 43 | | envRenderSecret | object | `{}` | Sensible environment variables that will be rendered as new secret object This can be useful for auth tokens, etc Make sure not to commit sensitive values to git!! Better use AWS Secret manager (or any other) | 44 | | fullnameOverride | string | `""` | | 45 | | image.pullPolicy | string | `"IfNotPresent"` | | 46 | | image.registry | string | `"ghcr.io"` | | 47 | | image.repository | string | `"cloudquery/cloudquery"` | | 48 | | image.tag | string | `nil` | Overrides the image tag whose default is the chart appVersion | 49 | | job.enabled | bool | `false` | Create a job that runs once upon installation. | 50 | | job.ttlSecondsAfterFinished | int | `259200` | How long to retain the job after it has finished. Default is 259200 seconds (3 days). | 51 | | labels | object | `{}` | Optional. Additional labels to be applied to all resources. | 52 | | nameOverride | string | `""` | Partially override common.names.fullname template (will maintain the release name) | 53 | | nodeSelector | object | `{}` | Optional. Adds the nodeSelector to the admin pod and cronjob. | 54 | | promtail | object | See [values.yaml](./values.yaml) | Promtail sub-chart configuration | 55 | | resources.admin | object | `{"requests":{"cpu":"1000m","memory":"1024Mi"}}` | Optional. Resource requests/ limit for admin pod. | 56 | | resources.cronJob | object | `{"requests":{"cpu":"1000m","memory":"1024Mi"}}` | Optional. Resource requests/ limit for cronJob. | 57 | | schedule | string | `"0 */6 * * *"` | Schedule fetch time Every 6 hours. More information at: https://crontab.guru/#0_0_*_*_* | 58 | | secretRef | string | `nil` | Reference to an external secret that contains sensible environment variables This option is useful to avoid store sensitive values in Git. You need to create the secret manually and reference it. If secretRef is used, the envRenderSecret parameter will be omitted (in case that it has content). | 59 | | securityContext | object | `{"fsGroup":1001}` | Pod security context | 60 | | serviceAccount.annotations | object | `{}` | Additional custom annotations for the ServiceAccount to associate an AWS IAM role with service-account you need to add the following annotations. For more info checkout: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT_ID:role/ROLE | 61 | | serviceAccount.autoMount | bool | `false` | Auto-mount the service account token in the pod | 62 | | serviceAccount.enabled | bool | `false` | Enable service account (Note: Service Account will only be automatically created if `serviceAccount.name` is not set) | 63 | | serviceAccount.labels | object | `{}` | Additional custom label for the ServiceAccount | 64 | | serviceAccount.name | string | `""` | Name of an already existing service account. Setting this value disables the automatic service account creation | 65 | | tplConfig | bool | `false` | Pass the configuration directives and envRenderSecret through Helm's templating engine. # ref: https://helm.sh/docs/developing_charts/#using-the-tpl-function | 66 | | volumeMounts | string | `nil` | | 67 | | volumes | string | `nil` | | 68 | 69 | ---------------------------------------------- 70 | Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) 71 | -------------------------------------------------------------------------------- /charts/cloudquery/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Welcome! CloudQuery is Installed. 2 | 2. To trigger the cronjob manually run: 3 | kubectl create job --from=cronjob/{{ include "cloudquery.fullname" . }}-cron {{ include "cloudquery.fullname" . }}-cron -n {{ .Release.Namespace }} 4 | 3. To see logs for the job run: 5 | kubectl logs -f jobs/{JOB NAME} -n {{ .Release.Namespace }} 6 | 4. To exec to the admin container with cloudquery binary for debugging purposes run: 7 | kubectl exec -it deployment/{{ include "cloudquery.fullname" . }}-admin -n {{ .Release.Namespace }} -- /bin/sh 8 | # You can install psql in the admin-container with "apk --update add postgresql-client" -------------------------------------------------------------------------------- /charts/cloudquery/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "cloudquery.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "cloudquery.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "cloudquery.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "cloudquery.labels" -}} 37 | helm.sh/chart: {{ include "cloudquery.chart" . }} 38 | {{ include "cloudquery.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- with .Values.labels }} 44 | {{ toYaml . }} 45 | {{- end }} 46 | {{- end }} 47 | 48 | {{/* 49 | Common annotations 50 | */}} 51 | {{- define "cloudquery.annotations" -}} 52 | {{- if .Values.annotations }} 53 | {{ indent 2 "annotations:" }} 54 | {{- range $key, $value := .Values.annotations }} 55 | {{ indent 4 $key }}: {{ $value | quote }} 56 | {{- end }} 57 | {{- end }} 58 | {{- end }} 59 | 60 | {{/* 61 | Selector labels 62 | */}} 63 | {{- define "cloudquery.selectorLabels" -}} 64 | app.kubernetes.io/name: {{ include "cloudquery.name" . }} 65 | app.kubernetes.io/instance: {{ .Release.Name }} 66 | {{- end }} 67 | 68 | {{/* 69 | Create the name of the service account to use 70 | */}} 71 | {{- define "cloudquery.serviceAccountName" -}} 72 | {{- if .Values.serviceAccount.enabled }} 73 | {{- default (include "cloudquery.fullname" .) .Values.serviceAccount.name }} 74 | {{- else }} 75 | {{- default "default" .Values.serviceAccount.name }} 76 | {{- end }} 77 | {{- end }} 78 | 79 | {{/* 80 | Return the image to use depending on the AppVersion and image tag defined 81 | */}} 82 | {{- define "cloudquery.image" -}} 83 | {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }} 84 | {{- end }} 85 | -------------------------------------------------------------------------------- /charts/cloudquery/templates/admin-deployment.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.admin.enabled }} 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{ include "cloudquery.fullname" . }}-admin 6 | labels: 7 | {{- include "cloudquery.labels" . | nindent 4 }} 8 | {{- include "cloudquery.annotations" . }} 9 | spec: 10 | replicas: 1 11 | selector: 12 | matchLabels: 13 | {{- include "cloudquery.selectorLabels" . | nindent 8 }} 14 | template: 15 | metadata: 16 | labels: 17 | {{- include "cloudquery.labels" . | nindent 8 }} 18 | {{- if .Values.deploymentAnnotations }} 19 | annotations: 20 | {{- toYaml .Values.deploymentAnnotations | nindent 8 }} 21 | {{- end }} 22 | spec: 23 | {{- if ne (include "cloudquery.serviceAccountName" .) "default" }} 24 | serviceAccountName: {{ include "cloudquery.serviceAccountName" . }} 25 | {{- end }} 26 | {{- if .Values.securityContext }} 27 | securityContext: 28 | {{- toYaml .Values.securityContext | nindent 8 }} 29 | {{- end }} 30 | containers: 31 | - name: cloudquery 32 | env: 33 | - name: CQ_INSTALL_SRC 34 | value: "{{ .Values.cqInstallSrc | default "HELM" }}" 35 | envFrom: 36 | - secretRef: 37 | {{- if .Values.secretRef}} 38 | name: {{ .Values.secretRef }} 39 | {{- else}} 40 | name: {{ include "cloudquery.fullname" . }}-secret 41 | {{- end}} 42 | image: "{{ include "cloudquery.image" . }}" 43 | imagePullPolicy: Always 44 | command: ["/bin/sh"] 45 | # we want users to be able to exec into this pod and be able to debug and investigate cloudquery binary, envs and runtime 46 | args: ["-c", "echo admin container is running. run 'kubectl exec -it deploy/cloudquery-admin -- /bin/sh' to debug; while true; do sleep 10000; done"] 47 | resources: 48 | {{- toYaml .Values.resources.admin | nindent 12 }} 49 | volumeMounts: 50 | {{- if .Values.volumeMounts }} 51 | {{- toYaml .Values.volumeMounts | nindent 10 }} 52 | {{- end }} 53 | - name: config 54 | mountPath: /app/config 55 | {{- if .Values.containerSecurityContext }} 56 | securityContext: 57 | {{- toYaml .Values.containerSecurityContext | nindent 12 }} 58 | {{- end }} 59 | {{- if .Values.nodeSelector }} 60 | nodeSelector: 61 | {{- toYaml .Values.nodeSelector | nindent 8 }} 62 | {{- end }} 63 | volumes: 64 | {{- if .Values.volumes }} 65 | {{- toYaml .Values.volumes | nindent 6 }} 66 | {{- end }} 67 | - name: config 68 | configMap: 69 | name: {{ include "cloudquery.fullname" . }}-config 70 | items: 71 | - key: cloudquery.yml 72 | path: cloudquery.yml 73 | {{- end }} 74 | -------------------------------------------------------------------------------- /charts/cloudquery/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ include "cloudquery.fullname" . }}-config 5 | labels: 6 | {{- include "cloudquery.labels" . | nindent 4 }} 7 | {{- include "cloudquery.annotations" . }} 8 | data: 9 | cloudquery.yml: |- 10 | {{- if .Values.tplConfig }} 11 | {{- tpl .Values.config $ | nindent 4 }} 12 | {{- else }} 13 | {{- .Values.config | nindent 4 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /charts/cloudquery/templates/cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: CronJob 3 | metadata: 4 | name: {{ include "cloudquery.fullname" . }}-cron 5 | labels: 6 | {{- include "cloudquery.labels" . | nindent 4 }} 7 | {{- include "cloudquery.annotations" . }} 8 | spec: 9 | schedule: "{{ .Values.schedule }}" 10 | suspend: {{ .Values.cronJobSuspend }} 11 | {{- if .Values.cronJobSuspend }} 12 | startingDeadlineSeconds: 5 13 | {{- end }} 14 | successfulJobsHistoryLimit: {{ .Values.cronJobLimit }} 15 | failedJobsHistoryLimit: {{ .Values.cronJobFailedJobsLimit }} 16 | concurrencyPolicy: Forbid 17 | jobTemplate: 18 | metadata: 19 | labels: 20 | {{- include "cloudquery.labels" . | nindent 8 }} 21 | spec: 22 | backoffLimit: 0 23 | ttlSecondsAfterFinished: {{ .Values.cronJobTTLSecondsAfterFinished | default 259200 }} 24 | template: 25 | metadata: 26 | labels: 27 | {{- include "cloudquery.labels" . | nindent 12 }} 28 | {{- if .Values.cronJobPodLabels }} 29 | {{- toYaml .Values.cronJobPodLabels | nindent 12 }} 30 | {{- end }} 31 | {{- if .Values.cronJobPodAnnotations }} 32 | annotations: 33 | {{- toYaml .Values.cronJobPodAnnotations | nindent 12 }} 34 | {{- end }} 35 | spec: 36 | {{- if ne (include "cloudquery.serviceAccountName" .) "default" }} 37 | serviceAccountName: {{ include "cloudquery.serviceAccountName" . }} 38 | {{- end }} 39 | {{- if .Values.securityContext }} 40 | securityContext: 41 | {{- toYaml .Values.securityContext | nindent 12 }} 42 | {{- end }} 43 | containers: 44 | - name: cloudquery 45 | env: 46 | - name: CQ_INSTALL_SRC 47 | value: "{{ .Values.cqInstallSrc | default "HELM" }}" 48 | envFrom: 49 | - secretRef: 50 | {{- if .Values.secretRef}} 51 | name: {{ .Values.secretRef }} 52 | {{- else}} 53 | name: {{ include "cloudquery.fullname" . }}-secret 54 | {{- end}} 55 | image: "{{ include "cloudquery.image" . }}" 56 | imagePullPolicy: Always 57 | args: 58 | - "sync" 59 | - "/app/config/cloudquery.yml" 60 | - "--log-console" 61 | {{- range .Values.cronJobAdditionalArgs }} 62 | - {{ . | quote }} 63 | {{- end }} 64 | resources: 65 | {{- toYaml .Values.resources.cronJob | nindent 16 }} 66 | volumeMounts: 67 | {{- if .Values.volumeMounts }} 68 | {{- toYaml .Values.volumeMounts | nindent 14 }} 69 | {{- end }} 70 | - name: config 71 | mountPath: /app/config 72 | readOnly: true 73 | {{- if .Values.securityContext }} 74 | securityContext: 75 | {{- toYaml .Values.containerSecurityContext | nindent 16 }} 76 | {{- end }} 77 | {{- if .Values.nodeSelector }} 78 | nodeSelector: 79 | {{- toYaml .Values.nodeSelector | nindent 12 }} 80 | {{- end }} 81 | volumes: 82 | {{- if .Values.volumes }} 83 | {{- toYaml .Values.volumes | nindent 10 }} 84 | {{- end }} 85 | - name: config 86 | configMap: 87 | name: {{ include "cloudquery.fullname" . }}-config 88 | items: 89 | - key: cloudquery.yml 90 | path: cloudquery.yml 91 | restartPolicy: Never 92 | -------------------------------------------------------------------------------- /charts/cloudquery/templates/job.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.job.enabled .Release.IsInstall }} 2 | apiVersion: batch/v1 3 | kind: Job 4 | metadata: 5 | name: {{ include "cloudquery.fullname" . }} 6 | labels: 7 | {{- include "cloudquery.labels" . | nindent 4 }} 8 | {{- include "cloudquery.annotations" . }} 9 | spec: 10 | backoffLimit: 0 11 | ttlSecondsAfterFinished: {{ .Values.job.ttlSecondsAfterFinished | default 259200 }} 12 | template: 13 | metadata: 14 | labels: 15 | {{- include "cloudquery.labels" . | nindent 12 }} 16 | {{- if .Values.cronJobPodLabels }} 17 | {{- toYaml .Values.cronJobPodLabels | nindent 12 }} 18 | {{- end }} 19 | {{- if .Values.cronJobPodAnnotations }} 20 | annotations: 21 | {{- toYaml .Values.cronJobPodAnnotations | nindent 12 }} 22 | {{- end }} 23 | spec: 24 | {{- if ne (include "cloudquery.serviceAccountName" .) "default" }} 25 | serviceAccountName: {{ include "cloudquery.serviceAccountName" . }} 26 | {{- end }} 27 | {{- if .Values.securityContext }} 28 | securityContext: 29 | {{- toYaml .Values.securityContext | nindent 12 }} 30 | {{- end }} 31 | containers: 32 | - name: cloudquery 33 | env: 34 | - name: CQ_INSTALL_SRC 35 | value: "{{ .Values.cqInstallSrc | default "HELM" }}" 36 | envFrom: 37 | - secretRef: 38 | {{- if .Values.secretRef}} 39 | name: {{ .Values.secretRef }} 40 | {{- else}} 41 | name: {{ include "cloudquery.fullname" . }}-secret 42 | {{- end}} 43 | image: "{{ include "cloudquery.image" . }}" 44 | imagePullPolicy: Always 45 | args: 46 | - "sync" 47 | - "/app/config/cloudquery.yml" 48 | - "--log-console" 49 | {{- range .Values.cronJobAdditionalArgs }} 50 | - {{ . | quote }} 51 | {{- end }} 52 | resources: 53 | {{- toYaml .Values.resources.cronJob | nindent 16 }} 54 | volumeMounts: 55 | {{- if .Values.volumeMounts }} 56 | {{- toYaml .Values.volumeMounts | nindent 10 }} 57 | {{- end }} 58 | - name: config 59 | mountPath: /app/config 60 | readOnly: true 61 | {{- if .Values.securityContext }} 62 | securityContext: 63 | {{- toYaml .Values.containerSecurityContext | nindent 16 }} 64 | {{- end }} 65 | {{- if .Values.nodeSelector }} 66 | nodeSelector: 67 | {{- toYaml .Values.nodeSelector | nindent 12 }} 68 | {{- end }} 69 | volumes: 70 | {{- if .Values.volumes }} 71 | {{- toYaml .Values.volumes | nindent 6 }} 72 | {{- end }} 73 | - name: config 74 | configMap: 75 | name: {{ include "cloudquery.fullname" . }}-config 76 | items: 77 | - key: cloudquery.yml 78 | path: cloudquery.yml 79 | restartPolicy: Never 80 | {{- end }} 81 | -------------------------------------------------------------------------------- /charts/cloudquery/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.secretRef }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ include "cloudquery.fullname" . }}-secret 6 | labels: 7 | {{- include "cloudquery.labels" . | nindent 4 }} 8 | {{- include "cloudquery.annotations" . }} 9 | type: Opaque 10 | data: 11 | {{- $tplConfig := .Values.tplConfig -}} 12 | {{- range $k, $v := .Values.envRenderSecret }} 13 | {{- if $tplConfig }} 14 | {{ $k }}: {{ tpl $v $ | b64enc | quote }} 15 | {{- else }} 16 | {{ $k }}: {{ $v | b64enc | quote }} 17 | {{- end }} 18 | {{- end }} 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /charts/cloudquery/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.enabled -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | {{- with .Values.serviceAccount.autoMount }} 5 | automountServiceAccountToken: {{ . }} 6 | {{- end }} 7 | metadata: 8 | name: {{ include "cloudquery.serviceAccountName" . }} 9 | labels: 10 | {{- include "cloudquery.labels" . | nindent 4 }} 11 | {{- with .Values.serviceAccount.labels }} 12 | {{- toYaml . | nindent 4 }} 13 | {{- end }} 14 | {{- with .Values.serviceAccount.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /charts/cloudquery/values.yaml: -------------------------------------------------------------------------------- 1 | # -- Partially override common.names.fullname template (will maintain the release name) 2 | nameOverride: "" 3 | fullnameOverride: "" 4 | 5 | image: 6 | registry: ghcr.io 7 | repository: cloudquery/cloudquery 8 | # -- (string) Overrides the image tag whose default is the chart appVersion 9 | tag: 10 | pullPolicy: IfNotPresent 11 | 12 | # -- Pod security context 13 | securityContext: 14 | fsGroup: 1001 15 | 16 | # -- Container security context 17 | # @default -- See [values.yaml](./values.yaml) 18 | containerSecurityContext: 19 | allowPrivilegeEscalation: false 20 | capabilities: 21 | drop: 22 | - all 23 | 24 | # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ 25 | serviceAccount: 26 | # -- Enable service account (Note: Service Account will only be automatically created if `serviceAccount.name` is not set) 27 | enabled: false 28 | # -- Name of an already existing service account. Setting this value disables the automatic service account creation 29 | name: "" 30 | # -- Auto-mount the service account token in the pod 31 | autoMount: false 32 | # -- Additional custom annotations for the ServiceAccount 33 | # to associate an AWS IAM role with service-account you need to add the following annotations. For more info checkout: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html 34 | # eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT_ID:role/ROLE 35 | annotations: {} 36 | # -- Additional custom label for the ServiceAccount 37 | labels: {} 38 | 39 | admin: 40 | # -- Enable admin container 41 | # useful for debugging into cloudquery 42 | enabled: true 43 | 44 | # -- Sensible environment variables that will be rendered as new secret object 45 | # This can be useful for auth tokens, etc 46 | # Make sure not to commit sensitive values to git!! Better use AWS Secret manager (or any other) 47 | envRenderSecret: {} 48 | # CQ_DSN: "postgresql://postgres:pass@localhost:5432/postgres" 49 | 50 | # For AWS see https://github.com/cloudquery/cloudquery/blob/main/plugins/source/aws/README.md 51 | # AWS_ACCESS_KEY_ID: "" 52 | # AWS_SECRET_ACCESS_KEY: "" 53 | # AWS_SESSION_TOKEN: "" 54 | 55 | # For GCP see https://github.com/cloudquery/cloudquery/blob/main/plugins/source/gcp/README.md 56 | # GOOGLE_APPLICATION_CREDENTIALS: "" 57 | 58 | # For Azure see https://github.com/cloudquery/cloudquery/blob/main/plugins/source/azure/README.md 59 | # AZURE_TENANT_ID: "" 60 | # AZURE_CLIENT_ID: "" 61 | # AZURE_CLIENT_SECRET: "" 62 | 63 | # For any other plugins visit https://cloudquery.io/docs/plugins/sources 64 | 65 | # -- Pass the configuration directives and envRenderSecret through Helm's templating engine. 66 | ## ref: https://helm.sh/docs/developing_charts/#using-the-tpl-function 67 | tplConfig: false 68 | 69 | # -- Reference to an external secret that contains sensible environment variables 70 | # This option is useful to avoid store sensitive values in Git. You need to create the secret manually and reference it. 71 | # If secretRef is used, the envRenderSecret parameter will be omitted (in case that it has content). 72 | secretRef: 73 | 74 | # -- Schedule fetch time Every 6 hours. 75 | # More information at: https://crontab.guru/#0_0_*_*_* 76 | schedule: "0 */6 * * *" 77 | # -- (int) Number of successful cronjobs to retain. 78 | cronJobLimit: 3 79 | # -- (int) Number of failed cronjobs to retain. 80 | cronJobFailedJobsLimit: 1 81 | # -- (int) How long to retain the job created by cron after it has finished. Default is 259200 seconds (3 days). 82 | cronJobTTLSecondsAfterFinished: 259200 83 | 84 | job: 85 | # -- Create a job that runs once upon installation. 86 | enabled: false 87 | # -- (int) How long to retain the job after it has finished. Default is 259200 seconds (3 days). 88 | ttlSecondsAfterFinished: 259200 89 | 90 | # -- CloudQuery cloudquery.yml content 91 | # @default -- The chart will use a default CloudQuery aws config 92 | config: | 93 | kind: source 94 | spec: 95 | name: aws 96 | path: cloudquery/aws 97 | version: "v32.1.0" # latest version of aws plugin 98 | tables: ["aws_ec2_instances"] 99 | destinations: ["postgresql"] 100 | --- 101 | kind: destination 102 | spec: 103 | name: postgresql 104 | path: cloudquery/postgresql 105 | version: "v8.0.6" # latest version of postgresql plugin 106 | spec: 107 | connection_string: ${CQ_DSN} 108 | 109 | # Optional. Additional volumes to mount in the pod. 110 | volumes: 111 | 112 | # Optional. Additional volumes to mount in the pod. 113 | volumeMounts: 114 | 115 | 116 | resources: 117 | # -- Optional. Resource requests/ limit for admin pod. 118 | admin: 119 | requests: 120 | memory: 1024Mi 121 | cpu: 1000m 122 | 123 | # -- Optional. Resource requests/ limit for cronJob. 124 | cronJob: 125 | requests: 126 | memory: 1024Mi 127 | cpu: 1000m 128 | 129 | # -- Optional. Adds the nodeSelector to the admin pod and cronjob. 130 | nodeSelector: {} 131 | 132 | # -- Promtail sub-chart configuration 133 | # @default -- See [values.yaml](./values.yaml) 134 | promtail: 135 | enabled: false 136 | config: 137 | clients: 138 | - url: http://loki-gateway/loki/api/v1/push 139 | 140 | # -- Optional. Additional labels to be applied to all resources. 141 | labels: {} 142 | 143 | # -- Optional. Additional annotations to be applied to all resources. 144 | annotations: {} 145 | 146 | # -- Optional. Admin Deployment annotations. 147 | deploymentAnnotations: {} 148 | 149 | # -- Optional. CronJob Pod annotations. 150 | cronJobPodAnnotations: {} 151 | 152 | # -- Optional. CronJob Pod labels. 153 | cronJobPodLabels: {} 154 | 155 | # -- Optional. Additional CLI arguments to pass to the scheduled sync job (e.g. setting log format) 156 | # More information at: https://www.cloudquery.io/docs/reference/cli/cloudquery 157 | cronJobAdditionalArgs: [] 158 | 159 | # -- Optional. Disable the execution of the Cronjob 160 | cronJobSuspend: false 161 | -------------------------------------------------------------------------------- /ct.yaml: -------------------------------------------------------------------------------- 1 | # See https://github.com/helm/chart-testing#configuration 2 | remote: origin 3 | target-branch: main 4 | chart-dirs: 5 | - charts 6 | chart-repos: 7 | - bitnami=https://charts.bitnami.com/bitnami/ 8 | - grafana=https://grafana.github.io/helm-charts/ 9 | helm-extra-args: --timeout 600s 10 | -------------------------------------------------------------------------------- /kind-config.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | - role: worker 6 | -------------------------------------------------------------------------------- /release-please-config.json: -------------------------------------------------------------------------------- 1 | { 2 | "release-type": "helm", 3 | "skip-github-release": true, 4 | "extra-files": [ 5 | { 6 | "type": "yaml", 7 | "path": "Chart.yaml", 8 | "jsonpath": "$.version" 9 | } 10 | ], 11 | "packages": { 12 | "charts/cloudquery": { 13 | "component": "cloudquery" 14 | } 15 | }, 16 | "separate-pull-requests": true, 17 | "tag-separator": "-", 18 | "include-v-in-tag": false, 19 | "pull-request-title-pattern": "chore${scope}: Release${component} ${version}", 20 | "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json" 21 | } 22 | -------------------------------------------------------------------------------- /scripts/e2e-kind.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -o errexit 4 | set -o nounset 5 | set -o pipefail 6 | 7 | readonly CT_VERSION=v3.6.0 8 | readonly KIND_VERSION=v0.26.0 9 | readonly CLUSTER_NAME=chart-testing 10 | readonly K8S_VERSION=v1.32.0 11 | 12 | run_ct_container() { 13 | echo 'Running or reusing ct container...' 14 | 15 | docker ps -f name=ct | grep -w ct || docker run --rm --interactive --detach --network host --name ct \ 16 | --volume "$(pwd)/ct.yaml:/etc/ct/ct.yaml" \ 17 | --volume "$(pwd):/workdir" \ 18 | --workdir /workdir \ 19 | "quay.io/helmpack/chart-testing:$CT_VERSION" \ 20 | cat 21 | echo 22 | } 23 | 24 | cleanup_ct_container() { 25 | echo 'Removing ct container...' 26 | docker kill ct > /dev/null 2>&1 27 | 28 | echo 'Done!' 29 | } 30 | 31 | cleanup_kind_cluster() { 32 | cleanup_ct_container 33 | 34 | echo 'Removing kind cluster...' 35 | kind delete cluster --name "$CLUSTER_NAME" > /dev/null 2>&1 36 | 37 | echo 'Done!' 38 | } 39 | 40 | docker_exec() { 41 | docker exec --interactive ct "$@" 42 | } 43 | 44 | create_kind_cluster() { 45 | if ! command -v kind > /dev/null 2>&1; then 46 | echo 'Installing kind...' 47 | curl -sSLo kind "https://github.com/kubernetes-sigs/kind/releases/download/$KIND_VERSION/kind-linux-amd64" 48 | chmod +x kind 49 | sudo mv kind /usr/local/bin/kind 50 | fi 51 | 52 | echo 'Creating or reusing kind cluster...' 53 | kind get clusters | grep -v 'No kind clusters found.' || kind create cluster --name "$CLUSTER_NAME" --config kind-config.yaml --image "kindest/node:$K8S_VERSION" --wait 60s --kubeconfig .kind-kubeconfig 54 | 55 | echo 'Copying kubeconfig to container...' 56 | docker_exec mkdir /root/.kube || echo 57 | docker cp .kind-kubeconfig ct:/root/.kube/config 58 | 59 | docker_exec kubectl cluster-info 60 | echo 61 | 62 | docker_exec kubectl get nodes 63 | echo 64 | 65 | echo 'Cluster ready!' 66 | echo 67 | } 68 | 69 | install_charts() { 70 | docker_exec ct install --all 71 | echo 72 | } 73 | 74 | main() { 75 | run_ct_container 76 | trap cleanup_ct_container EXIT 77 | 78 | create_kind_cluster 79 | trap cleanup_kind_cluster EXIT 80 | install_charts 81 | } 82 | 83 | main 84 | --------------------------------------------------------------------------------