Reusable Helm library charts for Kubernetes deployments with GitOps best practices
Everything you need for production Kubernetes deployments
Pre-configured deployment templates following Kubernetes best practices and GitOps workflows.
External Secrets integration with support for multiple secret stores and automatic rotation.
Built-in support for private container registries with automated pull secret management.
Nginx ingress configuration with TLS, custom timeouts, and body size limits out of the box.
Built-in DDoS protection with configurable request limits per IP. Enabled by default for production safety.
HSTS, XSS protection, clickjacking prevention, and more. Production-ready security headers enabled by default.
Complete application bundles combining deployment, service, ingress, and secrets in one template.
Published to GitHub Container Registry for easy consumption and version management.
Real-world setup from the s3-mirror-sample-app
apiVersion: v2
name: s3-mirror-sample-app
description: A Helm chart for S3 Mirror Sample Application
type: application
version: 0.0.0
appVersion: "0.0.0"
dependencies:
- name: common
version: ">=0.0.0"
repository: "oci://ghcr.io/starburst997/charts"{{- include "common.web" . -}}namespace: s3-mirror-sample
replicaCount: 1
image:
repository: ghcr.io/starburst997/s3-mirror-sample-app
service:
targetPort: 3000
resources:
requests:
cpu: "10m"
memory: "32Mi"
limits:
cpu: "250m"
memory: "128Mi"
ingress:
host: s3-mirror-sample.jd.boiv.in
proxyBodySize: "250m"
rateLimit:
enabled: true # DDoS protection (default)
rps: 30 # Requests per second per IP
connections: 50 # Concurrent connections per IP
securityHeaders:
enabled: true # Security headers (default)
env:
ENV: "production"
S3_ENDPOINT: "https://xxxxxxxxxxxxx.r2.cloudflarestorage.com"
S3_BUCKET: "s3-mirror"
secrets:
AWS_ACCESS_KEY_ID: s3-mirror-sample-app/AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY: s3-mirror-sample-app/AWS_SECRET_ACCESS_KEY