REFACTOR(repo): migrate to Helm chart structure

- Add web-app Helm chart in charts/web-app/
- Replace individual deployment/service/ingress YAML with helm-values
- Update ArgoCD applications to use Helm chart with values files
- Reduces per-app files from 6 to 2 (argocd.yaml + helm-values.yaml)

Apps migrated: jaejadle, jaejadle-dev, joossam, joossam-dev,
jotion, jovies, portfolio, todo

charts/web-app/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: web-app
+description: A Helm chart for deploying web applications on K3S
+type: application
+version: 0.1.0
+appVersion: "1.0.0"

charts/web-app/templates/_helpers.tpl

@@ -0,0 +1,40 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "web-app.name" -}}
+{{- default .Chart.Name .Values.name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+*/}}
+{{- define "web-app.fullname" -}}
+{{- if .Values.name }}
+{{- .Values.name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "web-app.labels" -}}
+app: {{ include "web-app.fullname" . }}
+app.kubernetes.io/name: {{ include "web-app.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "web-app.selectorLabels" -}}
+app: {{ include "web-app.fullname" . }}
+{{- end }}
+
+{{/*
+Image name
+*/}}
+{{- define "web-app.image" -}}
+{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository .Values.image.tag }}
+{{- end }}

charts/web-app/templates/deployment.yaml

@@ -0,0 +1,76 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "web-app.fullname" . }}
+  labels:
+    {{- include "web-app.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "web-app.selectorLabels" . | nindent 6 }}
+  strategy:
+    type: {{ .Values.strategy.type }}
+    {{- if eq .Values.strategy.type "RollingUpdate" }}
+    rollingUpdate:
+      maxUnavailable: {{ .Values.strategy.rollingUpdate.maxUnavailable }}
+      maxSurge: {{ .Values.strategy.rollingUpdate.maxSurge }}
+    {{- end }}
+  revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
+  template:
+    metadata:
+      labels:
+        {{- include "web-app.selectorLabels" . | nindent 8 }}
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: {{ include "web-app.fullname" . }}
+          image: {{ include "web-app.image" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - containerPort: {{ .Values.containerPort }}
+              protocol: TCP
+          {{- with .Values.env }}
+          env:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.envFrom }}
+          envFrom:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          {{- if .Values.healthCheck.enabled }}
+          livenessProbe:
+            httpGet:
+              path: {{ .Values.healthCheck.path }}
+              port: {{ .Values.containerPort }}
+            initialDelaySeconds: {{ .Values.healthCheck.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.healthCheck.livenessProbe.periodSeconds }}
+          readinessProbe:
+            httpGet:
+              path: {{ .Values.healthCheck.path }}
+              port: {{ .Values.containerPort }}
+            initialDelaySeconds: {{ .Values.healthCheck.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.healthCheck.readinessProbe.periodSeconds }}
+          {{- end }}
+      restartPolicy: Always
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}

charts/web-app/templates/external-secret.yaml

@@ -0,0 +1,22 @@
+{{- if .Values.externalSecret.enabled }}
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: {{ include "web-app.fullname" . }}-secrets
+spec:
+  refreshInterval: {{ .Values.externalSecret.refreshInterval }}
+  secretStoreRef:
+    name: {{ .Values.externalSecret.secretStoreRef.name }}
+    kind: {{ .Values.externalSecret.secretStoreRef.kind }}
+  target:
+    name: {{ include "web-app.fullname" . }}-secrets
+    creationPolicy: {{ .Values.externalSecret.target.creationPolicy }}
+    deletionPolicy: {{ .Values.externalSecret.target.deletionPolicy }}
+  data:
+    {{- range .Values.externalSecret.data }}
+    - secretKey: {{ .secretKey }}
+      remoteRef:
+        key: {{ .remoteRef.key }}
+        property: {{ .remoteRef.property }}
+    {{- end }}
+{{- end }}

charts/web-app/templates/ingress.yaml

@@ -0,0 +1,37 @@
+{{- if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ include "web-app.fullname" . }}-ingress
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  ingressClassName: {{ .Values.ingress.className }}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ .path }}
+            pathType: {{ .pathType }}
+            backend:
+              service:
+                name: {{ include "web-app.fullname" $ }}
+                port:
+                  number: {{ $.Values.service.port }}
+          {{- end }}
+    {{- end }}
+{{- end }}

charts/web-app/templates/service.yaml

@@ -0,0 +1,17 @@
+{{- if .Values.service.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "web-app.fullname" . }}
+  labels:
+    {{- include "web-app.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - name: http
+      port: {{ .Values.service.port }}
+      targetPort: {{ .Values.containerPort }}
+      protocol: TCP
+  selector:
+    {{- include "web-app.selectorLabels" . | nindent 4 }}
+{{- end }}

charts/web-app/values.yaml

@@ -0,0 +1,110 @@
+# Web App Helm Chart Default Values
+
+# Application name (used for labels, selectors, service names)
+name: ""
+
+# Image configuration
+image:
+  registry: ghcr.io
+  repository: mayne0213/app
+  tag: latest
+  pullPolicy: Always
+
+# Image pull secrets
+imagePullSecrets:
+  - name: ghcr-secret
+
+# Replicas
+replicaCount: 1
+
+# Container port
+containerPort: 3000
+
+# Service configuration
+service:
+  enabled: true
+  type: ClusterIP
+  port: 80
+
+# Ingress configuration
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - host: app.example.com
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: app-tls
+      hosts:
+        - app.example.com
+
+# Resources
+resources:
+  requests:
+    memory: 80Mi
+    cpu: 20m
+  limits:
+    memory: 200Mi
+
+# Health checks
+healthCheck:
+  enabled: true
+  path: /
+  livenessProbe:
+    initialDelaySeconds: 30
+    periodSeconds: 10
+  readinessProbe:
+    initialDelaySeconds: 5
+    periodSeconds: 5
+
+# Environment variables (plain)
+env: []
+# - name: NODE_ENV
+#   value: production
+
+# Environment variables from secrets
+envFrom: []
+# - secretRef:
+#     name: app-secrets
+
+# External Secrets configuration
+externalSecret:
+  enabled: false
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-backend
+    kind: ClusterSecretStore
+  target:
+    creationPolicy: Owner
+    deletionPolicy: Retain
+  data: []
+  # - secretKey: DATABASE_URL
+  #   remoteRef:
+  #     key: myapp
+  #     property: DATABASE_URL
+
+# Deployment strategy
+strategy:
+  type: RollingUpdate
+  rollingUpdate:
+    maxUnavailable: 0
+    maxSurge: 1
+
+# Revision history
+revisionHistoryLimit: 3
+
+# Pod annotations
+podAnnotations: {}
+
+# Node selector
+nodeSelector: {}
+
+# Tolerations
+tolerations: []
+
+# Affinity
+affinity: {}

jaejadle-dev/argocd.yaml

@@ -10,7 +10,13 @@ spec:
   sources:
   - repoURL: https://github.com/K3S-HOME/web-apps.git
     targetRevision: main
-    path: jaejadle-dev
+    path: charts/web-app
+    helm:
+      valueFiles:
+      - $values/jaejadle-dev/helm-values.yaml
+  - repoURL: https://github.com/K3S-HOME/web-apps.git
+    targetRevision: main
+    ref: values
   destination:
     server: https://kubernetes.default.svc
     namespace: jaejadle-dev

jaejadle-dev/deployment.yaml

@@ -1,53 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: jaejadle-dev
-  labels:
-    app: jaejadle-dev
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: jaejadle-dev
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
-  revisionHistoryLimit: 3
-  template:
-    metadata:
-      labels:
-        app: jaejadle-dev
-    spec:
-      imagePullSecrets:
-      - name: ghcr-secret
-      containers:
-      - name: jaejadle-dev
-        image: ghcr.io/mayne0213/jaejadle:develop
-        imagePullPolicy: Always
-        ports:
-        - containerPort: 3000
-          protocol: TCP
-        envFrom:
-        - secretRef:
-            name: jaejadle-dev-secrets
-        resources:
-          requests:
-            memory: 80Mi
-            cpu: 20m
-          limits:
-            memory: 300Mi
-        livenessProbe:
-          httpGet:
-            path: /
-            port: 3000
-          initialDelaySeconds: 30
-          periodSeconds: 10
-        readinessProbe:
-          httpGet:
-            path: /
-            port: 3000
-          initialDelaySeconds: 5
-          periodSeconds: 5
-      restartPolicy: Always

jaejadle-dev/external-secret.yaml

@@ -1,46 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: jaejadle-dev-secrets
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    name: vault-backend
-    kind: ClusterSecretStore
-  target:
-    name: jaejadle-dev-secrets
-    creationPolicy: Owner
-    deletionPolicy: Retain
-  data:
-  - secretKey: DATABASE_URL
-    remoteRef:
-      key: jaejadle-dev
-      property: DATABASE_URL
-  - secretKey: JWT_SECRET
-    remoteRef:
-      key: jaejadle-dev
-      property: JWT_SECRET
-  - secretKey: AWS_ACCESS_KEY_ID
-    remoteRef:
-      key: jaejadle-dev
-      property: AWS_ACCESS_KEY_ID
-  - secretKey: AWS_SECRET_ACCESS_KEY
-    remoteRef:
-      key: jaejadle-dev
-      property: AWS_SECRET_ACCESS_KEY
-  - secretKey: AWS_S3_BUCKET_NAME
-    remoteRef:
-      key: jaejadle-dev
-      property: AWS_S3_BUCKET_NAME
-  - secretKey: AWS_S3_ENDPOINT
-    remoteRef:
-      key: jaejadle-dev
-      property: AWS_S3_ENDPOINT
-  - secretKey: AWS_REGION
-    remoteRef:
-      key: jaejadle-dev
-      property: AWS_REGION
-  - secretKey: CODE
-    remoteRef:
-      key: jaejadle-dev
-      property: CODE

jaejadle-dev/helm-values.yaml

@@ -0,0 +1,99 @@
+# Jaejadle Dev Web App Helm Values
+
+name: jaejadle-dev
+
+image:
+  registry: ghcr.io
+  repository: mayne0213/jaejadle
+  tag: develop
+  pullPolicy: Always
+
+imagePullSecrets:
+  - name: ghcr-secret
+
+replicaCount: 1
+containerPort: 3000
+
+service:
+  enabled: true
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - host: dev.jaejadle.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: jaejadle-dev-tls
+      hosts:
+        - dev.jaejadle.kro.kr
+
+resources:
+  requests:
+    memory: 80Mi
+    cpu: 20m
+  limits:
+    memory: 300Mi
+
+healthCheck:
+  enabled: true
+  path: /
+  livenessProbe:
+    initialDelaySeconds: 30
+    periodSeconds: 10
+  readinessProbe:
+    initialDelaySeconds: 5
+    periodSeconds: 5
+
+envFrom:
+  - secretRef:
+      name: jaejadle-dev-secrets
+
+externalSecret:
+  enabled: true
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-backend
+    kind: ClusterSecretStore
+  target:
+    creationPolicy: Owner
+    deletionPolicy: Retain
+  data:
+    - secretKey: DATABASE_URL
+      remoteRef:
+        key: jaejadle-dev
+        property: DATABASE_URL
+    - secretKey: JWT_SECRET
+      remoteRef:
+        key: jaejadle-dev
+        property: JWT_SECRET
+    - secretKey: AWS_ACCESS_KEY_ID
+      remoteRef:
+        key: jaejadle-dev
+        property: AWS_ACCESS_KEY_ID
+    - secretKey: AWS_SECRET_ACCESS_KEY
+      remoteRef:
+        key: jaejadle-dev
+        property: AWS_SECRET_ACCESS_KEY
+    - secretKey: AWS_S3_BUCKET_NAME
+      remoteRef:
+        key: jaejadle-dev
+        property: AWS_S3_BUCKET_NAME
+    - secretKey: AWS_S3_ENDPOINT
+      remoteRef:
+        key: jaejadle-dev
+        property: AWS_S3_ENDPOINT
+    - secretKey: AWS_REGION
+      remoteRef:
+        key: jaejadle-dev
+        property: AWS_REGION
+    - secretKey: CODE
+      remoteRef:
+        key: jaejadle-dev
+        property: CODE

jaejadle-dev/ingress.yaml

@@ -1,23 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: jaejadle-dev-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-spec:
-  ingressClassName: traefik
-  tls:
-  - hosts:
-    - dev.jaejadle.kro.kr
-    secretName: jaejadle-dev-tls
-  rules:
-  - host: dev.jaejadle.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: jaejadle-dev
-            port:
-              number: 80

jaejadle-dev/kustomization.yaml

@@ -1,8 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: jaejadle-dev
-resources:
-- deployment.yaml
-- service.yaml
-- ingress.yaml
-- external-secret.yaml

jaejadle-dev/service.yaml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: jaejadle-dev
-  labels:
-    app: jaejadle-dev
-spec:
-  type: ClusterIP
-  ports:
-  - name: http
-    port: 80
-    targetPort: 3000
-    protocol: TCP
-  selector:
-    app: jaejadle-dev

jaejadle/argocd.yaml

@@ -10,7 +10,13 @@ spec:
   sources:
   - repoURL: https://github.com/K3S-HOME/web-apps.git
     targetRevision: main
-    path: jaejadle
+    path: charts/web-app
+    helm:
+      valueFiles:
+      - $values/jaejadle/helm-values.yaml
+  - repoURL: https://github.com/K3S-HOME/web-apps.git
+    targetRevision: main
+    ref: values
   destination:
     server: https://kubernetes.default.svc
     namespace: jaejadle

jaejadle/deployment.yaml

@@ -1,53 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: jaejadle
-  labels:
-    app: jaejadle
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: jaejadle
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
-  revisionHistoryLimit: 3
-  template:
-    metadata:
-      labels:
-        app: jaejadle
-    spec:
-      imagePullSecrets:
-      - name: ghcr-secret
-      containers:
-      - name: jaejadle
-        image: ghcr.io/mayne0213/jaejadle:latest
-        imagePullPolicy: Always
-        ports:
-        - containerPort: 3000
-          protocol: TCP
-        envFrom:
-        - secretRef:
-            name: jaejadle-secrets
-        resources:
-          requests:
-            memory: 80Mi
-            cpu: 20m
-          limits:
-            memory: 300Mi
-        livenessProbe:
-          httpGet:
-            path: /
-            port: 3000
-          initialDelaySeconds: 30
-          periodSeconds: 10
-        readinessProbe:
-          httpGet:
-            path: /
-            port: 3000
-          initialDelaySeconds: 5
-          periodSeconds: 5
-      restartPolicy: Always

jaejadle/external-secret.yaml

@@ -1,46 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: jaejadle-secrets
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    name: vault-backend
-    kind: ClusterSecretStore
-  target:
-    name: jaejadle-secrets
-    creationPolicy: Owner
-    deletionPolicy: Retain
-  data:
-  - secretKey: DATABASE_URL
-    remoteRef:
-      key: jaejadle
-      property: DATABASE_URL
-  - secretKey: JWT_SECRET
-    remoteRef:
-      key: jaejadle
-      property: JWT_SECRET
-  - secretKey: AWS_ACCESS_KEY_ID
-    remoteRef:
-      key: jaejadle
-      property: AWS_ACCESS_KEY_ID
-  - secretKey: AWS_SECRET_ACCESS_KEY
-    remoteRef:
-      key: jaejadle
-      property: AWS_SECRET_ACCESS_KEY
-  - secretKey: AWS_S3_BUCKET_NAME
-    remoteRef:
-      key: jaejadle
-      property: AWS_S3_BUCKET_NAME
-  - secretKey: AWS_S3_ENDPOINT
-    remoteRef:
-      key: jaejadle
-      property: AWS_S3_ENDPOINT
-  - secretKey: AWS_REGION
-    remoteRef:
-      key: jaejadle
-      property: AWS_REGION
-  - secretKey: CODE
-    remoteRef:
-      key: jaejadle
-      property: CODE

jaejadle/helm-values.yaml

@@ -0,0 +1,99 @@
+# Jaejadle Web App Helm Values
+
+name: jaejadle
+
+image:
+  registry: ghcr.io
+  repository: mayne0213/jaejadle
+  tag: latest
+  pullPolicy: Always
+
+imagePullSecrets:
+  - name: ghcr-secret
+
+replicaCount: 1
+containerPort: 3000
+
+service:
+  enabled: true
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - host: jaejadle.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: jaejadle-tls
+      hosts:
+        - jaejadle.kro.kr
+
+resources:
+  requests:
+    memory: 80Mi
+    cpu: 20m
+  limits:
+    memory: 300Mi
+
+healthCheck:
+  enabled: true
+  path: /
+  livenessProbe:
+    initialDelaySeconds: 30
+    periodSeconds: 10
+  readinessProbe:
+    initialDelaySeconds: 5
+    periodSeconds: 5
+
+envFrom:
+  - secretRef:
+      name: jaejadle-secrets
+
+externalSecret:
+  enabled: true
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-backend
+    kind: ClusterSecretStore
+  target:
+    creationPolicy: Owner
+    deletionPolicy: Retain
+  data:
+    - secretKey: DATABASE_URL
+      remoteRef:
+        key: jaejadle
+        property: DATABASE_URL
+    - secretKey: JWT_SECRET
+      remoteRef:
+        key: jaejadle
+        property: JWT_SECRET
+    - secretKey: AWS_ACCESS_KEY_ID
+      remoteRef:
+        key: jaejadle
+        property: AWS_ACCESS_KEY_ID
+    - secretKey: AWS_SECRET_ACCESS_KEY
+      remoteRef:
+        key: jaejadle
+        property: AWS_SECRET_ACCESS_KEY
+    - secretKey: AWS_S3_BUCKET_NAME
+      remoteRef:
+        key: jaejadle
+        property: AWS_S3_BUCKET_NAME
+    - secretKey: AWS_S3_ENDPOINT
+      remoteRef:
+        key: jaejadle
+        property: AWS_S3_ENDPOINT
+    - secretKey: AWS_REGION
+      remoteRef:
+        key: jaejadle
+        property: AWS_REGION
+    - secretKey: CODE
+      remoteRef:
+        key: jaejadle
+        property: CODE

jaejadle/ingress.yaml

@@ -1,23 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: jaejadle-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-spec:
-  ingressClassName: traefik
-  tls:
-  - hosts:
-    - jaejadle.kro.kr
-    secretName: jaejadle-tls
-  rules:
-  - host: jaejadle.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: jaejadle
-            port:
-              number: 80

jaejadle/kustomization.yaml

@@ -1,8 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: jaejadle
-resources:
-- deployment.yaml
-- service.yaml
-- ingress.yaml
-- external-secret.yaml

jaejadle/service.yaml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: jaejadle
-  labels:
-    app: jaejadle
-spec:
-  type: ClusterIP
-  ports:
-  - name: http
-    port: 80
-    targetPort: 3000
-    protocol: TCP
-  selector:
-    app: jaejadle

joossam-dev/argocd.yaml

@@ -10,7 +10,13 @@ spec:
   sources:
   - repoURL: https://github.com/K3S-HOME/web-apps.git
     targetRevision: main
-    path: joossam-dev
+    path: charts/web-app
+    helm:
+      valueFiles:
+      - $values/joossam-dev/helm-values.yaml
+  - repoURL: https://github.com/K3S-HOME/web-apps.git
+    targetRevision: main
+    ref: values
   destination:
     server: https://kubernetes.default.svc
     namespace: joossam-dev

joossam-dev/deployment.yaml

@@ -1,50 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: joossam-dev
-  labels:
-    app: joossam-dev
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: joossam-dev
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
-  revisionHistoryLimit: 3
-  template:
-    metadata:
-      labels:
-        app: joossam-dev
-    spec:
-      imagePullSecrets:
-      - name: ghcr-secret
-      containers:
-      - name: joossam-dev
-        image: ghcr.io/mayne0213/joossam:develop
-        imagePullPolicy: Always
-        ports:
-        - containerPort: 8000
-          protocol: TCP
-        resources:
-          requests:
-            memory: 256Mi
-            cpu: 20m
-          limits:
-            memory: 512Mi
-        livenessProbe:
-          httpGet:
-            path: /
-            port: 8000
-          initialDelaySeconds: 10
-          periodSeconds: 10
-        readinessProbe:
-          httpGet:
-            path: /
-            port: 8000
-          initialDelaySeconds: 5
-          periodSeconds: 5
-      restartPolicy: Always

joossam-dev/helm-values.yaml

@@ -0,0 +1,55 @@
+# Joossam Dev Web App Helm Values
+
+name: joossam-dev
+
+image:
+  registry: ghcr.io
+  repository: mayne0213/joossam
+  tag: develop
+  pullPolicy: Always
+
+imagePullSecrets:
+  - name: ghcr-secret
+
+replicaCount: 1
+containerPort: 8000
+
+service:
+  enabled: true
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - host: dev.joossameng.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: joossam-dev-tls
+      hosts:
+        - dev.joossameng.kro.kr
+
+resources:
+  requests:
+    memory: 256Mi
+    cpu: 20m
+  limits:
+    memory: 512Mi
+
+healthCheck:
+  enabled: true
+  path: /
+  livenessProbe:
+    initialDelaySeconds: 10
+    periodSeconds: 10
+  readinessProbe:
+    initialDelaySeconds: 5
+    periodSeconds: 5
+
+externalSecret:
+  enabled: false

joossam-dev/ingress.yaml

@@ -1,23 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: joossam-dev-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-spec:
-  ingressClassName: traefik
-  tls:
-  - hosts:
-    - dev.joossameng.kro.kr
-    secretName: joossam-dev-tls
-  rules:
-  - host: dev.joossameng.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: joossam-dev
-            port:
-              number: 80

joossam-dev/kustomization.yaml

@@ -1,7 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: joossam-dev
-resources:
-- deployment.yaml
-- service.yaml
-- ingress.yaml

joossam-dev/service.yaml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: joossam-dev
-  labels:
-    app: joossam-dev
-spec:
-  type: ClusterIP
-  ports:
-  - name: http
-    port: 80
-    targetPort: 8000
-    protocol: TCP
-  selector:
-    app: joossam-dev

joossam/argocd.yaml

@@ -10,7 +10,13 @@ spec:
   sources:
   - repoURL: https://github.com/K3S-HOME/web-apps.git
     targetRevision: main
-    path: joossam
+    path: charts/web-app
+    helm:
+      valueFiles:
+      - $values/joossam/helm-values.yaml
+  - repoURL: https://github.com/K3S-HOME/web-apps.git
+    targetRevision: main
+    ref: values
   destination:
     server: https://kubernetes.default.svc
     namespace: joossam

joossam/deployment.yaml

@@ -1,50 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: joossam
-  labels:
-    app: joossam
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: joossam
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
-  revisionHistoryLimit: 3
-  template:
-    metadata:
-      labels:
-        app: joossam
-    spec:
-      imagePullSecrets:
-      - name: ghcr-secret
-      containers:
-      - name: joossam
-        image: ghcr.io/mayne0213/joossam:latest
-        imagePullPolicy: Always
-        ports:
-        - containerPort: 8000
-          protocol: TCP
-        resources:
-          requests:
-            memory: 256Mi
-            cpu: 20m
-          limits:
-            memory: 512Mi
-        livenessProbe:
-          httpGet:
-            path: /
-            port: 8000
-          initialDelaySeconds: 10
-          periodSeconds: 10
-        readinessProbe:
-          httpGet:
-            path: /
-            port: 8000
-          initialDelaySeconds: 5
-          periodSeconds: 5
-      restartPolicy: Always

joossam/helm-values.yaml

@@ -0,0 +1,55 @@
+# Joossam Web App Helm Values
+
+name: joossam
+
+image:
+  registry: ghcr.io
+  repository: mayne0213/joossam
+  tag: latest
+  pullPolicy: Always
+
+imagePullSecrets:
+  - name: ghcr-secret
+
+replicaCount: 1
+containerPort: 8000
+
+service:
+  enabled: true
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - host: joossameng.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: joossam-tls
+      hosts:
+        - joossameng.kro.kr
+
+resources:
+  requests:
+    memory: 256Mi
+    cpu: 20m
+  limits:
+    memory: 512Mi
+
+healthCheck:
+  enabled: true
+  path: /
+  livenessProbe:
+    initialDelaySeconds: 10
+    periodSeconds: 10
+  readinessProbe:
+    initialDelaySeconds: 5
+    periodSeconds: 5
+
+externalSecret:
+  enabled: false

joossam/ingress.yaml

@@ -1,23 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: joossam-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-spec:
-  ingressClassName: traefik
-  tls:
-  - hosts:
-    - joossameng.kro.kr
-    secretName: joossam-tls
-  rules:
-  - host: joossameng.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: joossam
-            port:
-              number: 80

joossam/kustomization.yaml

@@ -1,7 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: joossam
-resources:
-- deployment.yaml
-- service.yaml
-- ingress.yaml

joossam/service.yaml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: joossam
-  labels:
-    app: joossam
-spec:
-  type: ClusterIP
-  ports:
-  - name: http
-    port: 80
-    targetPort: 8000
-    protocol: TCP
-  selector:
-    app: joossam

jotion/argocd.yaml

@@ -10,7 +10,13 @@ spec:
   sources:
   - repoURL: https://github.com/K3S-HOME/web-apps.git
     targetRevision: main
-    path: jotion
+    path: charts/web-app
+    helm:
+      valueFiles:
+      - $values/jotion/helm-values.yaml
+  - repoURL: https://github.com/K3S-HOME/web-apps.git
+    targetRevision: main
+    ref: values
   destination:
     server: https://kubernetes.default.svc
     namespace: jotion

jotion/deployment.yaml

@@ -1,58 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: jotion
-  labels:
-    app: jotion
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: jotion
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
-  revisionHistoryLimit: 3
-  template:
-    metadata:
-      labels:
-        app: jotion
-    spec:
-      imagePullSecrets:
-      - name: ghcr-secret
-      containers:
-      - name: jotion
-        image: ghcr.io/mayne0213/jotion:latest
-        imagePullPolicy: Always
-        ports:
-        - containerPort: 3000
-          protocol: TCP
-        env:
-        - name: NODE_ENV
-          value: production
-        - name: DATABASE_URL
-          valueFrom:
-            secretKeyRef:
-              name: jotion-secrets
-              key: database-url
-        resources:
-          requests:
-            memory: 80Mi
-            cpu: 20m
-          limits:
-            memory: 200Mi
-        livenessProbe:
-          httpGet:
-            path: /api/health
-            port: 3000
-          initialDelaySeconds: 30
-          periodSeconds: 10
-        readinessProbe:
-          httpGet:
-            path: /api/health
-            port: 3000
-          initialDelaySeconds: 5
-          periodSeconds: 5
-      restartPolicy: Always

jotion/external-secret.yaml

@@ -1,18 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: jotion-secrets
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    name: vault-backend
-    kind: ClusterSecretStore
-  target:
-    name: jotion-secrets
-    creationPolicy: Owner
-    deletionPolicy: Retain
-  data:
-  - secretKey: database-url
-    remoteRef:
-      key: jotion
-      property: DATABASE_URL

jotion/helm-values.yaml

@@ -0,0 +1,81 @@
+# Jotion Web App Helm Values
+
+name: jotion
+
+image:
+  registry: ghcr.io
+  repository: mayne0213/jotion
+  tag: latest
+  pullPolicy: Always
+
+imagePullSecrets:
+  - name: ghcr-secret
+
+replicaCount: 1
+containerPort: 3000
+
+service:
+  enabled: true
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - host: jotion0213.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+    - host: www.jotion0213.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: jotion-tls
+      hosts:
+        - jotion0213.kro.kr
+        - www.jotion0213.kro.kr
+
+resources:
+  requests:
+    memory: 80Mi
+    cpu: 20m
+  limits:
+    memory: 200Mi
+
+healthCheck:
+  enabled: true
+  path: /api/health
+  livenessProbe:
+    initialDelaySeconds: 30
+    periodSeconds: 10
+  readinessProbe:
+    initialDelaySeconds: 5
+    periodSeconds: 5
+
+env:
+  - name: NODE_ENV
+    value: production
+  - name: DATABASE_URL
+    valueFrom:
+      secretKeyRef:
+        name: jotion-secrets
+        key: database-url
+
+externalSecret:
+  enabled: true
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-backend
+    kind: ClusterSecretStore
+  target:
+    creationPolicy: Owner
+    deletionPolicy: Retain
+  data:
+    - secretKey: database-url
+      remoteRef:
+        key: jotion
+        property: DATABASE_URL

jotion/ingress.yaml

@@ -1,34 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: jotion-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-spec:
-  ingressClassName: traefik
-  tls:
-  - hosts:
-    - jotion0213.kro.kr
-    - www.jotion0213.kro.kr
-    secretName: jotion-tls
-  rules:
-  - host: jotion0213.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: jotion
-            port:
-              number: 80
-  - host: www.jotion0213.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: jotion
-            port:
-              number: 80

jotion/kustomization.yaml

@@ -1,8 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: jotion
-resources:
-- deployment.yaml
-- service.yaml
-- ingress.yaml
-- external-secret.yaml

jotion/service.yaml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: jotion
-  labels:
-    app: jotion
-spec:
-  type: ClusterIP
-  ports:
-  - name: http
-    port: 80
-    targetPort: 3000
-    protocol: TCP
-  selector:
-    app: jotion

jovies/argocd.yaml

@@ -10,7 +10,13 @@ spec:
   sources:
   - repoURL: https://github.com/K3S-HOME/web-apps.git
     targetRevision: main
-    path: jovies
+    path: charts/web-app
+    helm:
+      valueFiles:
+      - $values/jovies/helm-values.yaml
+  - repoURL: https://github.com/K3S-HOME/web-apps.git
+    targetRevision: main
+    ref: values
   destination:
     server: https://kubernetes.default.svc
     namespace: jovies

jovies/deployment.yaml

@@ -1,51 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: jovies
-  labels:
-    app: jovies
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: jovies
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
-  revisionHistoryLimit: 3
-  template:
-    metadata:
-      labels:
-        app: jovies
-    spec:
-      containers:
-      - name: jovies
-        image: ghcr.io/mayne0213/jovies:latest
-        imagePullPolicy: Always
-        ports:
-        - containerPort: 3000
-          protocol: TCP
-        env:
-        - name: NODE_ENV
-          value: production
-        resources:
-          requests:
-            memory: 40Mi
-            cpu: 5m
-          limits:
-            memory: 100Mi
-        livenessProbe:
-          httpGet:
-            path: /
-            port: 3000
-          initialDelaySeconds: 30
-          periodSeconds: 10
-        readinessProbe:
-          httpGet:
-            path: /
-            port: 3000
-          initialDelaySeconds: 5
-          periodSeconds: 5
-      restartPolicy: Always

jovies/helm-values.yaml

@@ -0,0 +1,63 @@
+# Jovies Web App Helm Values
+
+name: jovies
+
+image:
+  registry: ghcr.io
+  repository: mayne0213/jovies
+  tag: latest
+  pullPolicy: Always
+
+imagePullSecrets: []
+
+replicaCount: 1
+containerPort: 3000
+
+service:
+  enabled: true
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - host: jovies.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+    - host: www.jovies.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: jovies-tls
+      hosts:
+        - jovies.kro.kr
+        - www.jovies.kro.kr
+
+resources:
+  requests:
+    memory: 40Mi
+    cpu: 5m
+  limits:
+    memory: 100Mi
+
+healthCheck:
+  enabled: true
+  path: /
+  livenessProbe:
+    initialDelaySeconds: 30
+    periodSeconds: 10
+  readinessProbe:
+    initialDelaySeconds: 5
+    periodSeconds: 5
+
+env:
+  - name: NODE_ENV
+    value: production
+
+externalSecret:
+  enabled: false

jovies/ingress.yaml

@@ -1,34 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: jovies-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-spec:
-  ingressClassName: traefik
-  tls:
-  - hosts:
-    - jovies.kro.kr
-    - www.jovies.kro.kr
-    secretName: jovies-tls
-  rules:
-  - host: jovies.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: jovies
-            port:
-              number: 80
-  - host: www.jovies.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: jovies
-            port:
-              number: 80

jovies/kustomization.yaml

@@ -1,7 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: jovies
-resources:
-- deployment.yaml
-- service.yaml
-- ingress.yaml

jovies/service.yaml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: jovies
-  labels:
-    app: jovies
-spec:
-  type: ClusterIP
-  ports:
-  - name: http
-    port: 80
-    targetPort: 3000
-    protocol: TCP
-  selector:
-    app: jovies

portfolio/argocd.yaml

@@ -10,7 +10,13 @@ spec:
   sources:
   - repoURL: https://github.com/K3S-HOME/web-apps.git
     targetRevision: main
-    path: portfolio
+    path: charts/web-app
+    helm:
+      valueFiles:
+      - $values/portfolio/helm-values.yaml
+  - repoURL: https://github.com/K3S-HOME/web-apps.git
+    targetRevision: main
+    ref: values
   destination:
     server: https://kubernetes.default.svc
     namespace: portfolio

portfolio/deployment.yaml

@@ -1,53 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: portfolio
-  labels:
-    app: portfolio
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: portfolio
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
-  revisionHistoryLimit: 3
-  template:
-    metadata:
-      labels:
-        app: portfolio
-    spec:
-      containers:
-      - name: portfolio
-        image: ghcr.io/mayne0213/portfolio:latest
-        imagePullPolicy: Always
-        ports:
-        - containerPort: 3000
-          protocol: TCP
-        env:
-        - name: NODE_ENV
-          value: production
-        - name: PROMETHEUS_URL
-          value: http://prometheus.prometheus.svc.cluster.local:9090
-        resources:
-          requests:
-            memory: 80Mi
-            cpu: 20m
-          limits:
-            memory: 150Mi
-        livenessProbe:
-          httpGet:
-            path: /
-            port: 3000
-          initialDelaySeconds: 30
-          periodSeconds: 10
-        readinessProbe:
-          httpGet:
-            path: /
-            port: 3000
-          initialDelaySeconds: 5
-          periodSeconds: 5
-      restartPolicy: Always

portfolio/helm-values.yaml

@@ -0,0 +1,65 @@
+# Portfolio Web App Helm Values
+
+name: portfolio
+
+image:
+  registry: ghcr.io
+  repository: mayne0213/portfolio
+  tag: latest
+  pullPolicy: Always
+
+imagePullSecrets: []
+
+replicaCount: 1
+containerPort: 3000
+
+service:
+  enabled: true
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - host: minjo0213.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+    - host: www.minjo0213.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: portfolio-tls
+      hosts:
+        - minjo0213.kro.kr
+        - www.minjo0213.kro.kr
+
+resources:
+  requests:
+    memory: 80Mi
+    cpu: 20m
+  limits:
+    memory: 150Mi
+
+healthCheck:
+  enabled: true
+  path: /
+  livenessProbe:
+    initialDelaySeconds: 30
+    periodSeconds: 10
+  readinessProbe:
+    initialDelaySeconds: 5
+    periodSeconds: 5
+
+env:
+  - name: NODE_ENV
+    value: production
+  - name: PROMETHEUS_URL
+    value: http://prometheus.prometheus.svc.cluster.local:9090
+
+externalSecret:
+  enabled: false

portfolio/ingress.yaml

@@ -1,34 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: portfolio-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-spec:
-  ingressClassName: traefik
-  tls:
-  - hosts:
-    - minjo0213.kro.kr
-    - www.minjo0213.kro.kr
-    secretName: portfolio-tls
-  rules:
-  - host: minjo0213.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: portfolio
-            port:
-              number: 80
-  - host: www.minjo0213.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: portfolio
-            port:
-              number: 80

portfolio/kustomization.yaml

@@ -1,7 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: portfolio
-resources:
-- deployment.yaml
-- service.yaml
-- ingress.yaml

portfolio/service.yaml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: portfolio
-  labels:
-    app: portfolio
-spec:
-  type: ClusterIP
-  ports:
-  - name: http
-    port: 80
-    targetPort: 3000
-    protocol: TCP
-  selector:
-    app: portfolio

todo/argocd.yaml

@@ -10,7 +10,13 @@ spec:
   sources:
   - repoURL: https://github.com/K3S-HOME/web-apps.git
     targetRevision: main
-    path: todo
+    path: charts/web-app
+    helm:
+      valueFiles:
+      - $values/todo/helm-values.yaml
+  - repoURL: https://github.com/K3S-HOME/web-apps.git
+    targetRevision: main
+    ref: values
   destination:
     server: https://kubernetes.default.svc
     namespace: todo

todo/deployment.yaml

@@ -1,56 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: todo
-  labels:
-    app: todo
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: todo
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 0
-      maxSurge: 1
-  revisionHistoryLimit: 3
-  template:
-    metadata:
-      labels:
-        app: todo
-    spec:
-      containers:
-      - name: todo
-        image: ghcr.io/mayne0213/todo:latest
-        imagePullPolicy: Always
-        ports:
-        - containerPort: 3000
-          protocol: TCP
-        env:
-        - name: NODE_ENV
-          value: production
-        - name: DATABASE_URL
-          valueFrom:
-            secretKeyRef:
-              name: todo-secrets
-              key: database-url
-        resources:
-          requests:
-            memory: 50Mi
-            cpu: 20m
-          limits:
-            memory: 120Mi
-        livenessProbe:
-          httpGet:
-            path: /api/health
-            port: 3000
-          initialDelaySeconds: 30
-          periodSeconds: 10
-        readinessProbe:
-          httpGet:
-            path: /api/health
-            port: 3000
-          initialDelaySeconds: 5
-          periodSeconds: 5
-      restartPolicy: Always

todo/external-secret.yaml

@@ -1,18 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: ExternalSecret
-metadata:
-  name: todo-secrets
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    name: vault-backend
-    kind: ClusterSecretStore
-  target:
-    name: todo-secrets
-    creationPolicy: Owner
-    deletionPolicy: Retain
-  data:
-  - secretKey: database-url
-    remoteRef:
-      key: todo/prod
-      property: DATABASE_URL

todo/helm-values.yaml

@@ -0,0 +1,81 @@
+# Todo Web App Helm Values
+
+name: todo
+
+image:
+  registry: ghcr.io
+  repository: mayne0213/todo
+  tag: latest
+  pullPolicy: Always
+
+# No imagePullSecrets needed (public or already configured)
+imagePullSecrets: []
+
+replicaCount: 1
+containerPort: 3000
+
+service:
+  enabled: true
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+  hosts:
+    - host: todo0213.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+    - host: www.todo0213.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: todo-tls
+      hosts:
+        - todo0213.kro.kr
+        - www.todo0213.kro.kr
+
+resources:
+  requests:
+    memory: 50Mi
+    cpu: 20m
+  limits:
+    memory: 120Mi
+
+healthCheck:
+  enabled: true
+  path: /api/health
+  livenessProbe:
+    initialDelaySeconds: 30
+    periodSeconds: 10
+  readinessProbe:
+    initialDelaySeconds: 5
+    periodSeconds: 5
+
+env:
+  - name: NODE_ENV
+    value: production
+  - name: DATABASE_URL
+    valueFrom:
+      secretKeyRef:
+        name: todo-secrets
+        key: database-url
+
+externalSecret:
+  enabled: true
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-backend
+    kind: ClusterSecretStore
+  target:
+    creationPolicy: Owner
+    deletionPolicy: Retain
+  data:
+    - secretKey: database-url
+      remoteRef:
+        key: todo/prod
+        property: DATABASE_URL

todo/ingress.yaml

@@ -1,34 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: todo-ingress
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-spec:
-  ingressClassName: traefik
-  tls:
-  - hosts:
-    - todo0213.kro.kr
-    - www.todo0213.kro.kr
-    secretName: todo-tls
-  rules:
-  - host: todo0213.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: todo
-            port:
-              number: 80
-  - host: www.todo0213.kro.kr
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: todo
-            port:
-              number: 80

todo/kustomization.yaml

@@ -1,8 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: todo
-resources:
-- deployment.yaml
-- service.yaml
-- ingress.yaml
-- external-secret.yaml

todo/service.yaml

@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: todo
-  labels:
-    app: todo
-spec:
-  type: ClusterIP
-  ports:
-  - name: http
-    port: 80
-    targetPort: 3000
-    protocol: TCP
-  selector:
-    app: todo