Skip to content

Latest commit

 

History

History

port-ocean

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 
 
 

Port Ocean

Port Ocean chart allow you to deploy Port intergations that were developed with Port Ocean Framewok .

Introduction

This chart installs any Port ocean integration and it's dependencies.

Usage

Helm must be installed to use the charts. Please refer to Helm's documentation to get started.

Once Helm has been set up correctly, add the repo as follows:

helm repo add port-labs https://port-labs.github.io/helm-charts

If you had already added this repo earlier, run helm repo update to retrieve the latest versions of the packages. You can then run helm search repo port-labs to see the charts.

Use your PORT_CLIENT_ID & PORT_CLIENT_SECRET to install the chart, with the following command:

helm upgrade --install my-ocean-integration port-labs/port-ocean \
  --create-namespace --namespace port-ocean \
  --set integration.secrets.<sensitiveConfigKeyName>="INTEGRATION_SECRET" \
  --set integration.config.<notSensitiveConfigKeyName>="RAW_STRING" \
  --set integration.identifier="my-integration-identifier" \
  --set eventListener.type="KAFKA" \
  --set integration.type="integration type (i.e pagerduty, gitlab)" \
  --set port.clientId="PORT_CLIENT_ID" \
  --set port.clientSecret="PORT_CLIENT_SECRET"

To uninstall the chart use:

helm uninstall my-ocean-integration --namespace port-ocean

The command removes all the Kubernetes components associated with the chart and deletes the release.

Configuration

The following table lists the configuration parameters of the port-ocean chart and default values.

Parameter Description Default
nameOverride Chart name override. ""
fullnameOverride Fully qualified app name override. ""
port.clientId Client ID for Port API authentication (irrelevant if secret.create=false).
port.clientSecret Client secret for Port API authentication (irrelevant if secret.create=false).
port.baseUrl Base URL for the Port API. https://api.getport.io/v1
initializePortResources When set to true, creates a default JQ mapping and the relevant blueprints true
scheduledResyncInterval The number in minutes to reschedule and poll data from the 3rd party system. When workload.kind is set to CronJob this parameter is required and should be in a format of a cron string null
allowEnvironmentVariablesJqAccess When set to true, The jq mapping will be able to include environment variables. true
scheduledResyncInterval The number in minutes to reschedule and poll data from the 3rd party system. When workload.kind is set to CronJob this parameter is required and should be in a format of a cron string null
sendRawDataExamples Enable sending raw data examples from the third party API to port for testing and managing the integration mapping true
podAnnotations Annotations to be added to the pod. {}
podServiceAccount.name Service account to attach to the pod. null
podSecurityContext Security context applied to the pod. {}
containerSecurityContext Security context applied to the container. {}
extraInitContainers Additional init containers to be added to the pod. []
workload.kind Kind of the workload. Can be either Deployment or CronJob Deployment
workload.deployment.rolloutStrategy Deployment rollout strategy. Recreate
workload.cron.resyncTimeoutMinutes Timeout in minutes for the resync cron job. When set to 0 or null, the cron job will not have a timeout. 60
workload.cron.resyncOnInstall Should the first installation trigger a resync job. true
workload.cron.resyncOnUpgrade Should the upgrade trigger a resync job. true
workload.cron.suspend Should the cron scheduling be enabled true
securityContext Security context applied to the container. {}
resources Container resource requests and limits. {}
nodeSelector NodeSelector applied to the pod. {}
tolerations Tolerations applied to the pod. []
affinity Affinity applied to the pod. {}
imageRegistry Image registry override. ""
imagePullSecrets Image pull secrets []
secret.name Secret object name. Can also be a list of strings when useExistingSecret is set to true, allowing the deployment to pull multiple secrets into the environment variables ""
secret.create Enable this if you wish the chart to create a secret with the sensitive configurations. true
secret.useExistingSecret Enable this if you wish to create your own secret with credentials.
You must provide the following secrets:
OCEAN__PORT__CLIENT_ID
OCEAN__PORT__CLIENT_SECRET
Moreover, you need to provide sensitive configurations (required ones are MUST) for the selected integration:
Secret key format:OCEAN__INTEGRATION__CONFIG__{{ $configName | snakecase | upper }}
Example (if config name is clusterConfMapping): OCEAN__INTEGRATION__CONFIG__CLUSTER_CONF_MAPPING
false
service.enabled Specifies whether the service is enabled or not. true
service.type Service type for the Port application. ClusterIP
service.port Port number for the service. 8000
ingress.enabled Specifies whether the ingress is enabled or not. false
ingress.className Specifies the ingress ClassName. ""
ingress.annotations Annotations for the ingress object. {}
ingress.host Hostname for the ingress. null
ingress.path Path for the ingress. /
ingress.pathType Path type for the ingress. Prefix
integration.identifier Identifier for the integration. ""
integration.version Version of the integration. ""
integration.type Type of the integration. i.e (pagerduty) ""
integration.config Configuration for the integration. {}
integration.secrets Secrets for the integration (irrelevant if secret.create=false). {}
selfSignedCertificate Self Signed certificate for the integration {}
selfSignedCertificate.enabled Enable self-signed certificate trust for the integration. false
selfSignedCertificate.certificate The value of the self-signed certificate (only when selfSignedCertificate.enabled=true) ""
selfSignedCertificate.secret Secret with self-signed certificate {}
selfSignedCertificate.secret.useExistingSecret Enable this if you wish to use your own secret with the self-signed certificate false
selfSignedCertificate.secret.key The key in the existing self-signed certificate secret crt
selfSignedCertificate.secret.name The name of an existing secret containing the self-signed certificate ""
eventListener.type Type of the event listener for the integration, one of the following "WEBHOOK" / "KAFKA" / "SAMPLE" "KAFKA"

To override values in helm install, use either the --set flag.

Alternatively, you can use a YAML file that specifies the values while installing the chart. For example:

helm install my-ocean-integration port-labs/port-ocean \
   --create-namespace --namespace port-ocean \
   -f custom_values.yaml

Self-signed certificate trust

For self-hosted 3rd-party applications with self-signed certificates, you will need to add your CA to the integration's configuration. To do so, you will need to run the helm install command with the following flags:

helm install my-ocean-integration port-labs/port-ocean \
   --create-namespace --namespace port-ocean \
   -f custom_values.yaml \ 
   # Flag for enabling self signed certificates
   --set selfSignedCertificate.enabled=true \ 
   # Flag for passing the certificate file
   --set-file selfSignedCertificate.certificate=/PATH/TO/CERTIFICATE.crt