HELM application chart on 2025

Stéphane Brunner — Wed, 19 Feb 2025 11:17:37 +0000

Application Helm Chart

A universal Helm chart for streamlined Kubernetes deployments with simplified configuration.
Creates standard resources like Deployments, Ingress, PodMonitors (Prometheus), and more.

Introduction

Writing a Helm chart for even a small application can get really tedious, as it involves a lot of repetitive tasks and templating is not very user-friendly. However, with the Helm application, you can make the task much easier and fun to use!

We developed this unified chart because our applications share common deployment patterns. Managing multiple similar charts became time-consuming and maintenance-heavy.

This chart manages extended standard Kubernetes objects to simplify application deployment using only YAML configuration. While staying close to native Kubernetes syntax, it allows all settings to be overridden in sub-values YAML files using dictionaries with meaningful keys.

Features

Support for multiple workloads (Deployment, CronJob, Job, or StatefulSet)
Internal resource linking (Secret, ConfigMap, and ExternalSecret to env and volume, ...)
Environment variable management from various sources (values, ConfigMap, Secret, ExternalSecret)

Kubernetes Adaptations

While staying close to standard Kubernetes manifests, this chart implements these enhancements:

Converts lists to dictionaries for easier value overrides
Provides flexible environment variable definitions
Implements image configuration with hash pinning and metadata storage
Adds standard Kubernetes labels to all components:
- app.kubernetes.io/name
- app.kubernetes.io/instance
- app.kubernetes.io/component
- helm.sh/chart
- app.kubernetes.io/version
- app.kubernetes.io/managed-by
Links components using standard labels:
- app.kubernetes.io/name
- app.kubernetes.io/instance
- app.kubernetes.io/component
Supports special selectors (self, self-metadata, self-external) for internal resources
Handles Docker registry secret configuration automatically
Supports metadata ConfigMap generation

Supported Resources

Kubernetes standard objects:

Common third-party objects:

Planned additions:

Examples

An example showing how to deploy a Deployment with an ExternalSecret and Docker registry configuration.

The example below demonstrates how to set up a simple deployment that:

Uses an external Docker registry (GitHub Container Registry)
Configures an ExternalSecret to manage sensitive data
Creates a basic deployment with service and ingress

application:
  dockerregistry:
    external: true
    content:
      ghcr_io:
        externalEmail: ghcr-email
        externalUsername: ghcr-username
        externalPassword: ghcr-password
        externalUrl: ghcr-url

  externalSecrets:
    app:
      enabled: true
      refreshInterval: 1h
      secretStoreRef:
        name: my-secret-store
        kind: SecretStore
      data:
        my-secret:
          remoteRef:
            key: my-secret

  services:
    my-deployment:
      enabled: true

      pdb:
        enabled: false

      ingress:
        enabled: true
        path: /

      service:
        type: ClusterIP
        servicePort: 8080
        ports:
          - name: http
            port: 8080
            protocol: TCP
            targetPort: http

      containers:
        my-container:
          image:
            repository: camptocamp/my-image
            tag: latest

          command:
            - sleep
            - '3600'

          env:
            SECRET:
              type: secret
              name: self-external-secret-app
              key: my-secret

Additional Resources

Main Project Repository - Source code, issues, and releases
Documentation Wiki - Detailed guides and configuration examples

Conclusion

This chart is not perfect, but it can be used for major simple cases and some big applications.

Prospector on Visual Studio Code

Stéphane Brunner — Wed, 29 Jan 2025 16:15:06 +0000

Visual Studio Code plugin for Prospector

As part of my efforts to improve Prospector's integration with popular IDEs, I created a Visual Studio Code plugin based on the Linter plugin. While this plugin is not actively maintained, it was a valuable tool for quickly building a new plugin that integrates Prospector with VS Code.

The plugin provides a seamless experience for users to run Prospector directly from within VS Code and see linting results instantly in the editor.

Result:

Available in the Visual Studio Code Marketplace.

What is Prospector

Prospector is a powerful bundler of various linting tools for Python, designed to improve code quality by running multiple linters and static analysis tools in a single pass. It integrates a collection of popular tools, which can be easily configured and customized to fit your project’s needs. You can explore the full list of Supported Tools.

Over the past few years at Camptocamp, we have contributed several improvements to Prospector, including:

Python 3.12 compatibility: Ensuring Prospector works seamlessly with the latest version of Python.
Adding Ruff support: Integrating Ruff, a fast linter for Python, to improve linting performance.
Improved Bandit and Mypy integration: Enhancing the integration of Bandit (security-focused static analysis) and Mypy (static type checking).
Support for profiles in PyPI packages: Allowing users to publish Prospector profiles as PyPI packages.
Bug fixes: Addressing various issues to make the tool more reliable.

Latest Prospector version

In the most recent release of Prospector, I focused on improving the integration with IDEs, particularly by enhancing the JSON output generated by Prospector. These improvements allow for better interaction with code editors and IDEs like Visual Studio Code:

Line and character end information: This change allows the IDE to highlight the entire element (e.g., a function or variable) that has an issue, rather than just the first character. This provides a more intuitive user experience when reviewing linting errors.
Documentation URL: A new addition that provides a direct link to the relevant documentation for each linting rule. This allows developers to quickly understand and resolve issues without having to search for the documentation manually.

Useful related packages I maintain

Base Prospector profiles A set of basic profiles to help configure Prospector for your project.
Prospector profiles used to avoid duplicated messages A collection of profiles designed to prevent duplicate linting messages, making the output more concise and easier to understand.

DEV Community: Stéphane Brunner