Kubernetes (Helm Chart)

RSTUF provides a Helm Chart to deploy the RSTUF API and Worker in a Kubernetes Cluster.

This guide shows how to deploy RSTUF using Helm Chart in a Kubernetes Cluster.

The Helm Chart is available in the https://repository-service-tuf.github.io/helm-charts/ repository.

Requirements

Software and tools

  • Kubernetes Cluster

  • kubectl

  • Helm

Using Helm Chart

Add the Helm Chart repository:

 helm repo add rstuf https://repository-service-tuf.github.io/helm-charts

Update the Helm Chart repository:

 helm repo update

Search the Helm Chart:

 helm search repo rstuf
NAME                    CHART VERSION   APP VERSION     DESCRIPTION
rstuf/rstuf-api         0.2.0           1.0.0b1         A RSTUF API Helm chart for Kubernetes
rstuf/rstuf-worker      0.2.0           1.0.0b1         A RSTUF Worker Helm chart for Kubernetes

Example of values.yaml

This example deploys:

  • RSTUF API

  • RSTUF Worker

  • Valkey

  • PostgreSQL database

 1rstuf-api:
 2  image:
 3    repository: ghcr.io/repository-service-tuf/repository-service-tuf-api
 4    tag: latest
 5  backend:
 6    brokerServer: "redis://rstuf-valkey-master.rstuf.svc.cluster.local"
 7    redisServer: "redis://rstuf-valkey-master.rstuf.svc.cluster.local"
 8  ingress:
 9    enabled: true
10    hosts:
11      - host: rstuf.internal.example.com
12        paths:
13          - path: /
14            pathType: ImplementationSpecific
15    tls: []
16
17rstuf-worker:
18  image:
19    repository: ghcr.io/repository-service-tuf/repository-service-tuf-worker
20    tag: latest
21  backend:
22    dbServer: "postgresql://postgres:postgres@rstuf-postgresql.rstuf.svc.cluster.local/rstuf"
23    brokerServer: "redis://rstuf-valkey-master.rstuf.svc.cluster.local"
24    redisServer: "redis://rstuf-valkey-master.rstuf.svc.cluster.local"
25  storage:
26    type: "AWSS3"
27    s3Bucket: "tuf-metadata"
28    s3KeyId: "s3-keyid"
29    s3AccessKey: "s3-access-key"
30    s3Region: "us-east-1"
31
32valkey:
33  enabled: true
34  architecture: standalone
35  auth:
36    enabled: false
37  persistence:
38    enabled: true
39    size: 2Gi
40  master:
41    service:
42      port: 6379
43
44postgresql:
45  enabled: true
46  auth:
47    username: postgres
48    password: postgres
49    database: rstuf
50  primary:
51    persistence:
52      enabled: true
53      size: 8Gi
54  replication:
55    enabled: false
56  service:
57    port: 5432