Merge pull request #18 from NeuraLegion/add-webhooks-receiver

added webhooks-receiver charts

charts/webhooks-receiver/Chart.yaml

@@ -0,0 +1,6 @@
+# webhooks-receiver/Chart.yaml
+apiVersion: v2
+name: webhooks-receiver
+description: A Helm chart for Kubernetes deployment with self-signed certificate
+version: 0.0.1
+appVersion: "1.0"

charts/webhooks-receiver/templates/_helpers.tpl

@@ -0,0 +1,8 @@
+# webhooks-receiver/templates/_helpers.tpl
+{{- define "webhooks-receiver.name" -}}
+webhooks-receiver
+{{- end -}}
+
+{{- define "webhooks-receiver.fullname" -}}
+{{- .Release.Name }}-webhooks-receiver
+{{- end -}}

charts/webhooks-receiver/templates/deployment.yaml

@@ -0,0 +1,62 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "webhooks-receiver.fullname" . }}
+  labels:
+    app: {{ include "webhooks-receiver.name" . }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: {{ include "webhooks-receiver.name" . }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "webhooks-receiver.name" . }}
+    spec:
+      hostAliases:
+        - ip: "127.0.0.1"
+          hostnames:
+            - "target.local"
+      containers:
+        - name: webhooks-receiver-app
+          image: "{{ .Values.webhooksReceiverApp.image }}"
+          ports:
+            - containerPort: 80
+          resources:
+            requests:
+              cpu: 50m
+              memory: 128Mi
+            limits:
+              cpu: 250m
+              memory: 512Mi
+          livenessProbe:
+            httpGet:
+              path: /events
+              port: 8080
+              scheme: HTTP
+
+        {{- if and .Values.repeaterID .Values.token .Values.cluster }}
+        - name: repeater
+          image: brightsec/cli{{ if .Values.repeaterImageTag }}:{{ .Values.repeaterImageTag }}{{ else }}:latest{{ end }}
+          command: ["bright-cli", "repeater"]
+          args:
+            - "--token=$(TOKEN)"
+            - "--id=$(REPEATER_ID)"
+            - "--cluster=$(CLUSTER)"
+            - "--timeout=$(TIMEOUT)"
+            - "--log-level=verbose"
+          resources:
+            requests:
+              cpu: 200m
+              memory: 100Mi
+          env:
+            - name: REPEATER_ID
+              value: "{{ .Values.repeaterID }}"
+            - name: TOKEN
+              value: "{{ .Values.token }}"
+            - name: CLUSTER
+              value: "{{ .Values.cluster }}"
+            - name: TIMEOUT
+              value: "{{ .Values.timeout | default "30000" }}"
+        {{- end }}

charts/webhooks-receiver/templates/ingress.yaml

@@ -0,0 +1,29 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    nginx.ingress.kubernetes.io/proxy-ssl-protocols: "TLSv1.1 TLSv1.2"
+    nginx.ingress.kubernetes.io/ssl-redirect: "false"
+    {{ if eq .Values.ingress.cert "" }}
+    cert-manager.io/cluster-issuer: letsencrypt-cf-prod
+    {{ end }}
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+        - {{ .Values.ingress.url }}
+      secretName: {{ if eq .Values.ingress.cert "" }}distributorwildcard{{ else }}{{ .Values.ingress.cert }}{{ end }}
+  rules:
+    - host: {{ .Values.ingress.url }}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ include "webhooks-receiver.fullname" . }}
+                port:
+                  number: 80

charts/webhooks-receiver/templates/service.yaml

@@ -0,0 +1,14 @@
+# webhooks-receiver/templates/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "webhooks-receiver.fullname" . }}
+spec:
+  type: ClusterIP
+  ports:
+    - name: http
+      port: 80
+      targetPort: 8080
+      protocol: TCP
+  selector:
+    app: {{ include "webhooks-receiver.name" . }}

charts/webhooks-receiver/values.yaml

@@ -0,0 +1,11 @@
+ingress:
+  url: dev.vuln.nexploit.app
+  cert: ""
+  authlevel: "."
+webhooksReceiverApp:
+  image: "454884832027.dkr.ecr.us-east-1.amazonaws.com/webhooks-receiver:latest" # Replace with your app image if different
+repeaterID: ""
+token: ""
+cluster: ""
+timeout: "30000"
+repeaterImageTag: ""