switching

.gitignore

@@ -16,7 +16,13 @@ staging.sh
 bin
 openapi.yaml
 .idea
+
+
 vendor
+**/*.env
+**/node_modules
+porter
+zarf/helm/charts
 
 # Local docs directories
 /docs/.obsidian

Tiltfile

@@ -0,0 +1,126 @@
+load('ext://restart_process', 'docker_build_with_restart')
+
+secret_settings(disable_scrub=True)
+
+if not os.path.exists("vendor"):
+    local(command="go mod vendor")
+
+if config.tilt_subcommand == "down":
+    local(command="rm -rf vendor")
+
+## Build binary locally for faster devexp
+local_resource(
+  'porter',
+  '''GOWORK=off CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -mod vendor -gcflags '-N -l' -o ./porter ./cmd/app/main.go''',
+  deps=[
+    "api",
+    "build",
+    "cli",
+    "ee",
+    "internal",
+    "pkg",
+  ],
+  resource_deps=["postgresql"],
+  labels=["porter"]
+)
+
+docker_build_with_restart(
+    ref="porter1/porter-server",
+    context=".",
+    dockerfile="zarf/docker/Dockerfile.server.tilt",
+    # entrypoint='dlv --listen=:40000 --api-version=2 --headless=true --log=true exec /porter/bin/app',
+    entrypoint='/app/porter',
+    build_args={},
+    only=[
+        "porter",
+    ],
+    live_update=[
+        sync('./porter', '/app/'),
+    ]
+) 
+
+# Frontend
+# docker_build(
+#     ref='porter1/porter-dashboard', 
+#     context='.',
+#     dockerfile="zarf/docker/Dockerfile.dashboard.tilt",
+#     build_args={'node_env': 'development'},
+#     entrypoint='npm start',
+#     live_update=[
+#         fall_back_on(['dashboard/package.json', 'dashboard/package-lock.json']),
+#         sync('dashboard', '/app/'),
+#     ]
+# )
+# local_resource(
+#   'porter-dashboard',
+#   '''cd dashboard && NODE_ENV=production webpack --config webpack.config.js''',
+#   deps=[
+#     "dashboard"
+#   ],
+#   ignore=[
+#     "dashboard/node_modules"
+#   ],
+#   resource_deps=["postgresql"],
+#   labels=["porter"]
+# )
+
+# docker_build_with_restart(
+#     ref="porter1/porter-dashboard",
+#     context=".",
+#     dockerfile="zarf/docker/Dockerfile.dashboard.tilt",
+#     entrypoint='serve -s /app/build -p 8081',
+#     build_args={},
+#     only=[
+#         "dashboard/build",
+#     ],
+#     live_update=[
+#         sync('./dashboard/build', '/app/build/'),
+#     ]
+# ) 
+# docker_build_with_restart(
+#     ref="porter1/porter-dashboard",
+#     context=".",
+#     dockerfile="zarf/docker/Dockerfile.dashboard.tilt",
+#     entrypoint='webpack-dev-server --config webpack.config.js',
+#     build_args={},
+#     only=[
+#         "dashboard",
+#     ],
+#     live_update=[
+#         sync('./dashboard', '/app/'),
+#     ]
+# ) 
+docker_build(
+    ref="porter1/porter-dashboard",
+    context=".",
+    dockerfile="zarf/docker/Dockerfile.dashboard.tilt",
+    entrypoint='webpack-dev-server --config webpack.config.js',
+    live_update=[
+        # when package.json changes, we need to do a full build
+        fall_back_on(['dashboard/package.json', 'dashboard/package-lock.json']),
+        # Map the local source code into the container under /src
+        sync('dashboard', '/app/'),
+    ]
+)
+
+allow_k8s_contexts('kind-porter')
+
+cluster = str(local('kubectl config current-context')).strip()
+if (cluster.startswith("kind-")):
+    install = kustomize('zarf/helm', flags=["--enable-helm"])
+    decoded = decode_yaml_stream(install)
+    for d in decoded:
+        if d.get('kind') == 'Deployment':
+            if "securityContext" in d['spec']['template']['spec']:
+                d['spec']['template']['spec'].pop('securityContext')
+            for c in d['spec']['template']['spec']['containers']:
+                if "securityContext" in c:
+                    c.pop('securityContext')
+
+    updated_install = encode_yaml_stream(decoded)
+    k8s_yaml(updated_install)
+    k8s_resource(workload='porter-server-web', port_forwards="8080:8080", labels=["porter"])
+    k8s_resource(workload='porter-dashboard-web', port_forwards="8081:8081", labels=["porter"], resource_deps=["postgresql"])
+else:
+    local("echo 'Be careful that you aren't connected to a staging or prod cluster' && exit 1")
+    exit()

dashboard/webpack.config.js

@@ -3,7 +3,7 @@ const HtmlWebpackPlugin = require("html-webpack-plugin");
 const webpack = require("webpack");
 const ReactRefreshWebpackPlugin = require("@pmmmwh/react-refresh-webpack-plugin");
 
-const dotenv = require("dotenv");
+// const dotenv = require("dotenv");
 
 const BundleAnalyzerPlugin = require("webpack-bundle-analyzer")
   .BundleAnalyzerPlugin;
@@ -11,11 +11,13 @@ const BundleAnalyzerPlugin = require("webpack-bundle-analyzer")
 const TerserPlugin = require("terser-webpack-plugin");
 
 module.exports = () => {
-  let env = dotenv.config().parsed;
+  // let env = dotenv.config().parsed;
+
+  // if (!env) {
+  //   env = process.env;
+  // }
+  const env = process.env;
 
-  if (!env) {
-    env = process.env;
-  }
   const envKeys = Object.keys(env).reduce((prev, next) => {
     const varName = `process.env.${next}`;
     if (typeof env[next] !== "string") return prev;

docker-compose.dev-secure.yaml

@@ -1,76 +0,0 @@
-version: "3"
-services:
-  webpack:
-    build:
-      context: ./dashboard
-      dockerfile: ./docker/dev.Dockerfile
-    env_file:
-      - ./dashboard/.env
-    restart: on-failure
-    volumes:
-      - ./dashboard/src:/webpack/src:rw,cached
-      - ./dashboard/package.json:/webpack/package.json
-  porter:
-    build:
-      context: .
-      dockerfile: ./docker/dev.Dockerfile
-    depends_on:
-      - postgres
-    env_file:
-      - ./docker/.env
-    command:  air -c .air.toml
-    restart: on-failure
-    volumes:
-      - ./cmd:/porter/cmd
-      - ./internal:/porter/internal
-      - ./server:/porter/server
-      - ./api:/porter/api
-      - ./docker/kubeconfig.yaml:/porter/kubeconfig.yaml
-      - ./docker/github_app_private_key.pem:/porter/docker/github_app_private_key.pem
-  postgres:
-    image: postgres:latest
-    container_name: postgres
-    environment:
-      - POSTGRES_USER=porter
-      - POSTGRES_PASSWORD=porter
-      - POSTGRES_DB=porter
-    ports:
-      - 5400:5432
-    volumes:
-      - database:/var/lib/postgresql/data
-  redis:
-    image: redis:latest
-    container_name: redis
-    ports:
-      - 6379:6379
-    volumes:
-      - database:/var/lib/postgresql/data
-  chartmuseum:
-    image: docker.io/bitnami/chartmuseum:0-debian-10
-    container_name: chartmuseum
-    ports:
-      - 5000:8080
-    volumes:
-      - chartmuseum:/bitnami/data
-  nginx:
-    image: nginx:mainline-alpine
-    container_name: nginx
-    restart: unless-stopped
-    ports:
-      - 443:443
-    volumes:
-      - type: bind
-        source: ./docker/localhost.crt
-        target: /etc/ssl/localhost.crt
-      - type: bind
-        source: ./docker/localhost.key
-        target: /etc/ssl/localhost.key
-      - ./docker/nginx_local_secure.conf:/etc/nginx/nginx.conf:ro
-    depends_on:
-      - porter
-      - webpack
-
-volumes:
-  database:
-  metabase:
-  chartmuseum:

docker-compose.dev.yaml

@@ -1,70 +0,0 @@
-version: "3"
-services:
-  webpack:
-    build:
-      context: ./dashboard
-      dockerfile: ./docker/dev.Dockerfile
-    env_file:
-      - ./dashboard/.env
-    restart: on-failure
-    volumes:
-      - ./dashboard/src:/webpack/src:rw,cached
-      - ./dashboard/package.json:/webpack/package.json
-  porter:
-    build:
-      context: .
-      dockerfile: ./docker/dev.Dockerfile
-    depends_on:
-      - postgres
-    env_file:
-      - ./docker/.env
-    command: air -c .air.toml
-    restart: on-failure
-    volumes:
-      - ./cmd:/porter/cmd
-      - ./internal:/porter/internal
-      - ./server:/porter/server
-      - ./api:/porter/api
-      - ./docker/kubeconfig.yaml:/porter/kubeconfig.yaml
-      - ./docker/github_app_private_key.pem:/porter/docker/github_app_private_key.pem
-  postgres:
-    image: postgres:latest
-    container_name: postgres
-    environment:
-      - POSTGRES_USER=porter
-      - POSTGRES_PASSWORD=porter
-      - POSTGRES_DB=porter
-    ports:
-      - 5400:5432
-    volumes:
-      - database:/var/lib/postgresql/data
-  redis:
-    image: redis:latest
-    container_name: redis
-    ports:
-      - 6379:6379
-    volumes:
-      - database:/var/lib/postgresql/data
-  # chartmuseum:
-  #   image: docker.io/bitnami/chartmuseum:0-debian-10
-  #   container_name: chartmuseum
-  #   ports:
-  #     - 5000:8080
-  #   volumes:
-  #     - chartmuseum:/bitnami/data
-  nginx:
-    image: nginx:mainline-alpine
-    container_name: nginx
-    restart: unless-stopped
-    ports:
-      - "8080:8080"
-    volumes:
-      - ./docker/nginx_local.conf:/etc/nginx/nginx.conf:ro
-    depends_on:
-      - porter
-      - webpack
-
-volumes:
-  database:
-  metabase:
-  chartmuseum:

docker/localhost.crt

@@ -1,18 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC5TCCAc2gAwIBAgIJAKEosQgL78XIMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
-BAMMCWxvY2FsaG9zdDAeFw0yMTA4MTExMjI4MTNaFw0yMTA5MTAxMjI4MTNaMBQx
-EjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBANxNCy8bMzcr6eWWiaUzOFrrOoxae6WrWIa2Xr7dfXRv5kADv8cOSB9Rz9Of
-iZtXI3H/2RJYrkSE8FhwLrYy7+t3AEquWyylKbyoDj/1mpVD5/HLARtFrFYkqzDr
-AGNUmnRUoI0Y9dxk8ucoiuYRTJtKojYwg2RXBhQx0bKmX2g82kifbjBGCxSzx6nH
-707WCip7OalNT9ic4pFPXfJO8iLOyNkzuvQyItXlfyX2j8R3xlLUrmzPG2ndJIMh
-DFrsUCyBrP0GwgBnpSZFfkbcgPLHLTaLF6ihdPRYBQgiea3oPYdHJ29ZNMEFYFsp
-xxhGXvxee+NYZMyezY4wyz3VxT8CAwEAAaM6MDgwFAYDVR0RBA0wC4IJbG9jYWxo
-b3N0MAsGA1UdDwQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0B
-AQsFAAOCAQEAXoxpPcSkS0hYzut1FtitFY/AbSDxe+nOIPRMMV/BFUGLjmozMu5D
-/V8fVZAu8LC6EF4Lq3ek0odNmVzoMiVCoWiTwEruFt6FUKpjxTashUlHgBpVuLOV
-cA2kl2ZolCpiBJjPhnyZePrbSknG0nLxIggfiK8uAiwEWvwPJZQ+6vT/yzOXD1tM
-dFAnI6W++uQ7xwdDB0jTf8GY98K+Az6D2SI/O9occPnoJjltXXjuDxmaOaqNRhd+
-uQTECQb+HEMKTKqVqRGj8ahl7307ljG8xOEHklstGicqJWiVVpHGAhy8KCZcJlO4
-muetI6b28OCvgcWeriazDDgZrERuihg2NQ==
------END CERTIFICATE-----

docker/localhost.key

@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDcTQsvGzM3K+nl
-lomlMzha6zqMWnulq1iGtl6+3X10b+ZAA7/HDkgfUc/Tn4mbVyNx/9kSWK5EhPBY
-cC62Mu/rdwBKrlsspSm8qA4/9ZqVQ+fxywEbRaxWJKsw6wBjVJp0VKCNGPXcZPLn
-KIrmEUybSqI2MINkVwYUMdGypl9oPNpIn24wRgsUs8epx+9O1goqezmpTU/YnOKR
-T13yTvIizsjZM7r0MiLV5X8l9o/Ed8ZS1K5szxtp3SSDIQxa7FAsgaz9BsIAZ6Um
-RX5G3IDyxy02ixeooXT0WAUIInmt6D2HRydvWTTBBWBbKccYRl78XnvjWGTMns2O
-MMs91cU/AgMBAAECggEBAKeX0PdQKQFC3hh0EljkA25fX1YhC8m39YveN2vaUjN/
-YVm3wHCtc76n3YQv7V6IxwVVzwy+/CxSOgn9pfuj+pNWH5mw1Nm8+Gh2LQkJTkVZ
-uJ1gg4H82iNamAWJ8eyfEzWGn/FXWMsG3Sdv12M5K99Dwu2YsIxoC87XK6FOImzH
-3Ldym/Iiv2hVwj7xKNysZD9ttGroKx44YrK7MmiRYPPCWlGxCDjxTQ/F0r/pdeSt
-QN9b7mxTDL5Snp2sOekUj7hIbAvqGgfShhP7naoZjdFA926yLxip0kUguCKCGHA+
-2f0pQHB6WUC+Os9/Impwl+o8rwKqXtsXwDqOqIbzt1kCgYEA+eAEx9eYRQoXKuq/
-dwZOvkFHaQoYmTnNF8BGJxVA9VmGeJt/Om7NPQE9CF5Mq3K2UXcwp++/shuIvpLh
-M6KF5Zr3Xt2l/j5mmCcK72VnPktKa1eEljj5EVgqHz+Uec6kKazGhiL533NmYrUq
-PBDzF2MxBc9QmaJGJzdJqcBO0X0CgYEA4bNyEtATxCV1znY3TehZcwckm1YMjgtI
-0oSaAv/OqfFKVgsCL2SnFsd+SkYaq80ZsCZxnofGG7VtWmOZ1YUTkwU2tfb3neu0
-hiByU+e4o1ylMH6dB6xLL0RxZuYnq66dAQOpLkRyDj+8AQs6k7arbMzNw8zYqjAm
-h0iGvKhK7msCgYAW3HQThJod1up/trKFxUH3DinmZlIR0sP85E6GzN8Ak4xGBJQD
-WJfWeQKIfXguR3R+x5TgCINVXEeKiA2ql7gAZck0GLtTI4pnaUsK1BA6FtFcOMmc
-pOHEwHg6G6sN6eYDGheftht+YiR/62tNy48yGJUnnuwU4k/gzqIiscGEUQKBgDn6
-QaxpfRpe0RNXNL+zlv7Ab/vjL9hxN6S0YWex1KG9FO5jZ41LGsz0NBHaTlGhnx6r
-0XX6xL4rbcrRWRwLUkrrBPHbXiJYAQiPXy8EkF6OlvSNIcNt0+Zxe3wGVVx5v2Ua
-TqRO+smEP8Q44TQ+sWyCc7z/awzUz6Di1ZGy3YS/AoGACbHtC3I3mRDpwG8q9OPM
-MPin17x6KSXPsEKf/9G6r5a+EBD+mVgrBScYgnJf+9+7wnQLiJF6IDAt2Z6GZZ8U
-G/NhTeDNCoOTf1NtIZENv2qYOULDwAaifiSMueROa1di2aqM5IwAYaBjGFe+2fxv
-2ydGieACr530RY3Sh6iXMrg=
------END PRIVATE KEY-----

docker/nginx_local.conf

@@ -1,42 +0,0 @@
-events {}
-http {
-    upstream api {
-        server porter:8080;
-    }
-
-    upstream webpack {
-        server webpack:8080;
-    }
-
-    server {
-        listen 8080;
-        server_name localhost;
-
-        location /api/ {
-            proxy_pass http://api;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection 'upgrade';
-            proxy_set_header Host $host;
-            proxy_cache_bypass $http_upgrade;
-            proxy_set_header   X-Forwarded-Host $server_name;
-            proxy_read_timeout 86400s;
-            proxy_send_timeout 86400s;
-        }
-
-        location / {
-            proxy_pass http://webpack;
-            proxy_pass_header Content-Security-Policy;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection 'upgrade';
-            proxy_set_header Host $host;
-            proxy_cache_bypass $http_upgrade;
-            proxy_set_header   X-Forwarded-Host $server_name;
-            proxy_read_timeout 86400s;
-            proxy_send_timeout 86400s;
-        }
-    }
-
-    client_max_body_size 10M;
-}

docker/nginx_local_secure.conf

@@ -1,46 +0,0 @@
-events {}
-http {
-    upstream api {
-        server porter:8080;
-    }
-
-    upstream webpack {
-        server webpack:8080;
-    }
-
-    server {
-        listen               443 ssl;
-        ssl_certificate      /etc/ssl/localhost.crt;
-        ssl_certificate_key  /etc/ssl/localhost.key;
-        ssl_ciphers          HIGH:!aNULL:!MD5;
-
-        server_name localhost;
-
-        location /api/ {
-            proxy_pass http://api;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection 'upgrade';
-            proxy_set_header Host $host;
-            proxy_cache_bypass $http_upgrade;
-            proxy_set_header   X-Forwarded-Host $server_name;
-            proxy_read_timeout 86400s;
-            proxy_send_timeout 86400s;
-        }
-
-        location / {
-            proxy_pass http://webpack;
-            proxy_pass_header Content-Security-Policy;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection 'upgrade';
-            proxy_set_header Host $host;
-            proxy_cache_bypass $http_upgrade;
-            proxy_set_header   X-Forwarded-Host $server_name;
-            proxy_read_timeout 86400s;
-            proxy_send_timeout 86400s;
-        }
-    }
-
-    client_max_body_size 10M;
-}

docker/nginx_remote.conf

@@ -1,38 +0,0 @@
-events {}
-http {
-    upstream api {
-        server localhost:8081;
-    }
-
-    upstream webpack {
-        server localhost:8082;
-    }
-
-    server {
-        listen 8080;
-        server_name localhost;
-
-        location /api/ {
-            proxy_pass http://api;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection 'upgrade';
-            proxy_set_header Host $host;
-            proxy_cache_bypass $http_upgrade;
-            proxy_set_header   X-Forwarded-Host $server_name;
-        }
-
-        location / {
-            proxy_pass http://webpack;
-            proxy_pass_header Content-Security-Policy;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection 'upgrade';
-            proxy_set_header Host $host;
-            proxy_cache_bypass $http_upgrade;
-            proxy_set_header   X-Forwarded-Host $server_name;
-        }
-    }
-
-    client_max_body_size 10M;
-}

zarf/docker/Dockerfile.dashboard.tilt

@@ -0,0 +1,9 @@
+FROM node:16
+WORKDIR /app
+
+COPY dashboard /app/
+
+ENV NODE_ENV=development
+
+RUN npm ci --legacy-peer-deps
+RUN npm i -g webpack-dev-server@3.11.0

zarf/docker/Dockerfile.server.tilt

@@ -0,0 +1,10 @@
+FROM golang:1.20.1 as installer
+RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates
+RUN go install github.com/go-delve/delve/cmd/dlv@latest
+RUN chmod +x /go/bin/dlv
+
+FROM debian:bullseye-slim as runner
+WORKDIR /app
+COPY --from=installer /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+COPY --from=installer /go/bin/dlv /
+COPY ./porter /app

zarf/helm/.dashboardenv

@@ -0,0 +1,12 @@
+# Fill out this file, and renamed to '.dashboard.env' in order to run this with Tilt
+NODE_ENV=development
+
+# Tell the webpack dev server in wich port we wanna run, it defaults to 8080 but we have to be carefull this is not the same port as the backend
+DEV_SERVER_PORT=8081
+
+# Usually we would use nginx, but for this environment we're going to enable webpack-dev-server proxy 
+ENABLE_PROXY=true 
+
+# API server url, this url will be used for the proxy to redirect all /api calls
+API_SERVER=http://localhost:8080 
+

zarf/helm/.serverenv

@@ -0,0 +1,8 @@
+# Fill out this file, and renamed to '.server.env' in order to run this with Tilt
+SQL_LITE=false
+DB_NAME=porter
+DB_USER=porter
+DB_PASSWORD=porter
+DB_HOST=postgresql
+DB_PORT=5432
+CLUSTER_CONTROL_PLANE_ADDRESS=http://ccp-web:7833

zarf/helm/dashboard.yaml

@@ -0,0 +1,104 @@
+# Default values for docker-template.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+auto_deploy: true
+
+replicaCount: 1
+
+terminationGracePeriodSeconds: 30
+
+image:
+  repository: porter1/porter-dashboard
+  pullPolicy: Always
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: latest
+
+service:
+  port: 8081
+
+ingress:
+  enabled: false
+  hosts: []
+  porter_hosts: []
+  provider: aws
+  custom_domain: false
+  custom_paths: []
+  rewriteCustomPathsEnabled: true
+  annotations: {}
+  wildcard: false
+  tls: true
+  useDefaultIngressTLSSecret: false
+
+container:
+  port: 8081
+  command: npm
+  args: "start"
+  env:
+    normal:
+  lifecycle:
+    postStart:
+    preStop:
+
+resources:
+  requests:
+    cpu: 1000m
+    memory: 1024Mi
+
+health:
+  livenessProbe:
+    enabled: false
+    path: "/livez"
+    scheme: "HTTP"
+    initialDelaySeconds: 0
+    periodSeconds: 5
+    timeoutSeconds: 1
+    successThreshold: 1
+    failureThreshold: 3
+    auth:
+      enabled: false
+      username: ""
+      password: ""
+
+  livenessCommand:
+    enabled: false
+    command: "ls -l"
+    initialDelaySeconds: 5
+    periodSeconds: 5
+    timeoutSeconds: 1
+    successThreshold: 1
+    failureThreshold: 3
+
+  readinessProbe:
+    enabled: false
+    path: "/readyz"
+    scheme: "HTTP"
+    initialDelaySeconds: 0
+    periodSeconds: 5
+    timeoutSeconds: 1
+    successThreshold: 1
+    failureThreshold: 3
+    auth:
+      enabled: false
+      username: ""
+      password: ""
+
+  startupProbe:
+    enabled: false
+    path: "/startupz"
+    scheme: "HTTP"
+    failureThreshold: 3
+    periodSeconds: 5
+    timeoutSeconds: 1
+    auth:
+      enabled: false
+      username: ""
+      password: ""
+      
+emptyDir:
+  enabled: false
+  mountPath: /local
+
+podSecurityContext: 
+  runAsNonRoot: false
+  runAsUser: 0

zarf/helm/kustomization.yaml

@@ -0,0 +1,48 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+helmCharts:
+- name: web
+  repo: https://charts.getporter.dev
+  releaseName: porter-server
+  valuesFile: server.yaml
+- name: web
+  repo: https://charts.getporter.dev
+  releaseName: porter-dashboard
+  valuesFile: dashboard.yaml
+
+configMapGenerator:
+- name: porter-server-env
+  env: .server.env
+- name: porter-dashboard-env
+  env: .dashboard.env
+generatorOptions:
+  disableNameSuffixHash: true
+
+patchesStrategicMerge:
+- |-
+  apiVersion: apps/v1
+  kind: Deployment
+  metadata:
+    name: porter-server-web
+  spec:
+    template:
+      spec:
+        containers:
+        - name: web
+          envFrom:
+          - configMapRef: 
+              name: porter-server-env
+- |-
+  apiVersion: apps/v1
+  kind: Deployment
+  metadata:
+    name: porter-dashboard-web
+  spec:
+    template:
+      spec:
+        containers:
+        - name: web
+          envFrom:
+          - configMapRef: 
+              name: porter-dashboard-env

zarf/helm/server.yaml

@@ -0,0 +1,104 @@
+# Default values for docker-template.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+auto_deploy: true
+
+replicaCount: 1
+
+terminationGracePeriodSeconds: 30
+
+image:
+  repository: porter1/porter-server
+  pullPolicy: Always
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: latest
+
+service:
+  port: 8080
+
+ingress:
+  enabled: false
+  hosts: []
+  porter_hosts: []
+  provider: aws
+  custom_domain: false
+  custom_paths: []
+  rewriteCustomPathsEnabled: true
+  annotations: {}
+  wildcard: false
+  tls: true
+  useDefaultIngressTLSSecret: false
+
+container:
+  port: 8080
+  command: porter
+  args: ""
+  env:
+    normal:
+  lifecycle:
+    postStart:
+    preStop:
+
+resources:
+  requests:
+    cpu: 500m
+    memory: 512Mi
+
+health:
+  livenessProbe:
+    enabled: false
+    path: "/livez"
+    scheme: "HTTP"
+    initialDelaySeconds: 0
+    periodSeconds: 5
+    timeoutSeconds: 1
+    successThreshold: 1
+    failureThreshold: 3
+    auth:
+      enabled: false
+      username: ""
+      password: ""
+
+  livenessCommand:
+    enabled: false
+    command: "ls -l"
+    initialDelaySeconds: 5
+    periodSeconds: 5
+    timeoutSeconds: 1
+    successThreshold: 1
+    failureThreshold: 3
+
+  readinessProbe:
+    enabled: false
+    path: "/readyz"
+    scheme: "HTTP"
+    initialDelaySeconds: 0
+    periodSeconds: 5
+    timeoutSeconds: 1
+    successThreshold: 1
+    failureThreshold: 3
+    auth:
+      enabled: false
+      username: ""
+      password: ""
+
+  startupProbe:
+    enabled: false
+    path: "/startupz"
+    scheme: "HTTP"
+    failureThreshold: 3
+    periodSeconds: 5
+    timeoutSeconds: 1
+    auth:
+      enabled: false
+      username: ""
+      password: ""
+      
+emptyDir:
+  enabled: false
+  mountPath: /local
+
+podSecurityContext: 
+  runAsNonRoot: false
+  runAsUser: 0