Port Ocean chart allow you to deploy Port intergations that were developed with Port Ocean Framewok .
This chart installs any Port ocean integration and it's dependencies.
Helm must be installed to use the charts. Please refer to Helm's documentation to get started.
Once Helm has been set up correctly, add the repo as follows:
helm repo add port-labs https://port-labs.github.io/helm-charts
If you had already added this repo earlier, run helm repo update
to retrieve
the latest versions of the packages. You can then run helm search repo port-labs
to see the charts.
Use your PORT_CLIENT_ID
& PORT_CLIENT_SECRET
to install the chart, with the following command:
helm upgrade --install my-ocean-integration port-labs/port-ocean \
--create-namespace --namespace port-ocean \
--set integration.secrets.<sensitiveConfigKeyName>="INTEGRATION_SECRET" \
--set integration.config.<notSensitiveConfigKeyName>="RAW_STRING" \
--set integration.identifier="my-integration-identifier" \
--set eventListener.type="KAFKA" \
--set integration.type="integration type (i.e pagerduty, gitlab)" \
--set port.clientId="PORT_CLIENT_ID" \
--set port.clientSecret="PORT_CLIENT_SECRET"
To uninstall the chart use:
helm uninstall my-ocean-integration --namespace port-ocean
The command removes all the Kubernetes components associated with the chart and deletes the release.
The following table lists the configuration parameters of the port-ocean
chart and default values.
Parameter | Description | Default |
---|---|---|
nameOverride |
Chart name override. | "" |
fullnameOverride |
Fully qualified app name override. | "" |
port.clientId |
Client ID for Port API authentication (irrelevant if secret.create=false). | |
port.clientSecret |
Client secret for Port API authentication (irrelevant if secret.create=false). | |
port.baseUrl |
Base URL for the Port API. | https://api.getport.io/v1 |
initializePortResources |
When set to true, creates a default JQ mapping and the relevant blueprints | true |
scheduledResyncInterval |
The number in minutes to reschedule and poll data from the 3rd party system. When workload.kind is set to CronJob this parameter is required and should be in a format of a cron string | null |
allowEnvironmentVariablesJqAccess |
When set to true, The jq mapping will be able to include environment variables. | true |
scheduledResyncInterval |
The number in minutes to reschedule and poll data from the 3rd party system. When workload.kind is set to CronJob this parameter is required and should be in a format of a cron string | null |
sendRawDataExamples |
Enable sending raw data examples from the third party API to port for testing and managing the integration mapping | true |
podAnnotations |
Annotations to be added to the pod. | {} |
podServiceAccount.name |
Service account to attach to the pod. | null |
podSecurityContext |
Security context applied to the pod. | {} |
containerSecurityContext |
Security context applied to the container. | {} |
extraInitContainers |
Additional init containers to be added to the pod. | [] |
workload.kind |
Kind of the workload. Can be either Deployment or CronJob | Deployment |
workload.deployment.rolloutStrategy |
Deployment rollout strategy. | Recreate |
workload.cron.resyncTimeoutMinutes |
Timeout in minutes for the resync cron job. When set to 0 or null, the cron job will not have a timeout. | 60 |
workload.cron.resyncOnInstall |
Should the first installation trigger a resync job. | true |
workload.cron.resyncOnUpgrade |
Should the upgrade trigger a resync job. | true |
workload.cron.suspend |
Should the cron scheduling be enabled | true |
securityContext |
Security context applied to the container. | {} |
resources |
Container resource requests and limits. | {} |
nodeSelector |
NodeSelector applied to the pod. | {} |
tolerations |
Tolerations applied to the pod. | [] |
affinity |
Affinity applied to the pod. | {} |
imageRegistry |
Image registry override. | "" |
imagePullSecrets |
Image pull secrets | [] |
secret.name |
Secret object name. Can also be a list of strings when useExistingSecret is set to true, allowing the deployment to pull multiple secrets into the environment variables | "" |
secret.create |
Enable this if you wish the chart to create a secret with the sensitive configurations. | true |
secret.useExistingSecret |
Enable this if you wish to create your own secret with credentials. You must provide the following secrets: OCEAN__PORT__CLIENT_ID OCEAN__PORT__CLIENT_SECRET Moreover, you need to provide sensitive configurations (required ones are MUST) for the selected integration: Secret key format: OCEAN__INTEGRATION__CONFIG__{{ $configName | snakecase | upper }} Example (if config name is clusterConfMapping ): OCEAN__INTEGRATION__CONFIG__CLUSTER_CONF_MAPPING |
false |
service.enabled |
Specifies whether the service is enabled or not. | true |
service.type |
Service type for the Port application. | ClusterIP |
service.port |
Port number for the service. | 8000 |
ingress.enabled |
Specifies whether the ingress is enabled or not. | false |
ingress.className |
Specifies the ingress ClassName. | "" |
ingress.annotations |
Annotations for the ingress object. | {} |
ingress.host |
Hostname for the ingress. | null |
ingress.path |
Path for the ingress. | / |
ingress.pathType |
Path type for the ingress. | Prefix |
integration.identifier |
Identifier for the integration. | "" |
integration.version |
Version of the integration. | "" |
integration.type |
Type of the integration. i.e (pagerduty ) |
"" |
integration.config |
Configuration for the integration. | {} |
integration.secrets |
Secrets for the integration (irrelevant if secret.create=false). | {} |
selfSignedCertificate |
Self Signed certificate for the integration | {} |
selfSignedCertificate.enabled |
Enable self-signed certificate trust for the integration. | false |
selfSignedCertificate.certificate |
The value of the self-signed certificate (only when selfSignedCertificate.enabled=true ) |
"" |
selfSignedCertificate.secret |
Secret with self-signed certificate | {} |
selfSignedCertificate.secret.useExistingSecret |
Enable this if you wish to use your own secret with the self-signed certificate | false |
selfSignedCertificate.secret.key |
The key in the existing self-signed certificate secret | crt |
selfSignedCertificate.secret.name |
The name of an existing secret containing the self-signed certificate | "" |
eventListener.type |
Type of the event listener for the integration, one of the following "WEBHOOK" / "KAFKA" / "SAMPLE" | "KAFKA" |
To override values in helm install
, use either the --set
flag.
Alternatively, you can use a YAML file that specifies the values while installing the chart. For example:
helm install my-ocean-integration port-labs/port-ocean \
--create-namespace --namespace port-ocean \
-f custom_values.yaml
For self-hosted 3rd-party applications with self-signed certificates, you will need to add your CA to the integration's configuration.
To do so, you will need to run the helm install
command with the following flags:
helm install my-ocean-integration port-labs/port-ocean \
--create-namespace --namespace port-ocean \
-f custom_values.yaml \
# Flag for enabling self signed certificates
--set selfSignedCertificate.enabled=true \
# Flag for passing the certificate file
--set-file selfSignedCertificate.certificate=/PATH/TO/CERTIFICATE.crt