Release (#60)

* AUTOMATION: SSF Prod Chart Update for stigatron-ui

* AUTOMATION: SSF Prod Chart Update for stigatron-ui

* AUTOMATION: SSF Prod Chart Update for stigatron

* Scan profile update1 (#48)

* updating 1.24 profile

* updating 1.23 profile

* updating 1.23 profile

* updating DISA_Preview

* updating DISA_Preview

* updating DISA_Preview

* update

---------

Co-authored-by: brooksphilip <brooksphilip@mac.com>

* AUTOMATION: SSF Prod Chart Update for stigatron

* AUTOMATION: SSF Prod Chart Update for stigatron

* Add heimdall EV (#51)

* NV Docs Fix (#53)

* NV Docs Fix

* Clean

* Update stigatron benchmarks (#50) (#57)

* AUTOMATION: SSF Prod Chart Update for stigatron-ui

* AUTOMATION: SSF Prod Chart Update for stigatron-ui

* AUTOMATION: SSF Prod Chart Update for stigatron

* Scan profile update1 (#48)

* updating 1.24 profile

* updating 1.23 profile

* updating 1.23 profile

* updating DISA_Preview

* updating DISA_Preview

* updating DISA_Preview

* update

---------



---------

Co-authored-by: Carbide SSF <carbide@rancherfederal.com>
Co-authored-by: brooksphilip <brooksphilip@mac.com>

* RCIDF registry ref (#59)

Co-authored-by: Adam Toy <adam.toy@rancherfederal.com>

* Updated Helm Charts (#55)

* added initial helm readmes

* removed short descs

* updated readme

* added chart catalog instructions

* fixed version and appVersion

* fixed merge conflicts

* added icons

* merge conflights

* merge conflict fix

---------

Co-authored-by: Adam Toy <atoy3731@gmail.com>

---------

Co-authored-by: Carbide SSF <carbide@rancherfederal.com>
Co-authored-by: brooksphilip <brooksphilip@mac.com>
Co-authored-by: Adam Toy <adam.toy@rancherfederal.com>
Co-authored-by: Zack Brady <zackbrady123@gmail.com>

.gitignore

@@ -15,4 +15,5 @@
 
 # Chart dependencies
 **/charts/*.tgz
-Chart.lock
+Chart.lock
+.frigate

README.md

@@ -2,7 +2,7 @@
 
 Still a WIP!
 
-## How To Use (Internet)
+## How To Use (Connected Environments)
 
 ```
 helm repo add carbide-charts https://rancherfederal.github.io/carbide-charts
@@ -11,9 +11,15 @@ helm search repo carbide-charts
 helm install example-release carbide-charts/<chart>
 ```
 
-## How to Use (Airgap)
+If you would like to do add the carbide-charts to the Rancher Manager Chart Catalog, please follow the steps in the [Rancher Manager Docs](https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/helm-charts-in-rancher/create-apps#docusaurus_skipToContent_fallback) and use the following chart catalog Git Repo URL with the branch name of main:
 
-### On Connected Device
+```
+https://github.com/rancherfederal/carbide-charts.git
+```
+
+## How to Use (Airgaped Environments)
+
+### On Connected Environment
 
 ```
 helm repo add carbide-charts https://rancherfederal.github.io/carbide-charts
@@ -24,8 +30,8 @@ helm pull carbide-charts/<chart>
 
 Take the resulting `tgz` file over the airgap.
 
-### On Airgapped Device
+### On Airgapped Environment
 
 ```
-helm install example-release <chart-x.y.z>.tgz
+helm install example-release <chart-example>.tgz
 ```

charts/airgapped-docs/Chart.yaml

@@ -1,6 +1,7 @@
 apiVersion: v2
 name: airgapped-docs
 description: Rancher Government Airgapped Docs
+icon: https://raw.githubusercontent.com/rancherfederal/carbide-docs/main/static/img/carbide-logo.svg
 type: application
-version: 0.1.40
+version: 0.1.41
 appVersion: "0.1.0"

charts/airgapped-docs/README.md

@@ -1,17 +1,79 @@
-# carbide-offline-docs
+Airgapped-Docs Chart
+----------------------------------------------
 
-![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square)
 
-A Helm chart for Kubernetes
+| Type | Chart Version | App Version |
+| ---- | ------------- | ----------- |
+| application | `0.1.41` | `0.1.0` |
 
-## Values
+## Installing the Chart
+```bash
+helm install -n carbide-docs-system --create-namespace airgapped-docs carbide-charts/airgapped-docs
+```
+```bash
+helm status -n carbide-docs-system airgapped-docs
+```
 
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| image.name | string | `"carbide"` |  |
-| image.registry | string | `"rgcrprod.azurecr.us"` |  |
-| image.tag | string | `"1.0.0"` |  |
-| namespace | string | `"carbide-system"` |  |
+## Uninstalling the Chart
+```bash
+helm uninstall -n carbide-docs-system airgapped-docs
+```
+
+## Configuration
+
+The following table lists the configurable parameters of the Airgapped-docs chart and their default values.
+
+| Parameter | Default | Description |
+| --------- | ------- | ----------- |
+| `global.cattle.systemDefaultRegistry` | `"rgcrprod.azurecr.us"` |  |
+| `images.carbide.name` | `"carbide/carbide-docs"` |  |
+| `images.carbide.tag` | `"0.1.0"` |  |
+| `docs.kubernetes.enabled` | `true` |  |
+| `docs.kubernetes.uid` | `65532` |  |
+| `docs.kubernetes.image.name` | `"carbide/kubernetes-cncf-docs"` |  |
+| `docs.kubernetes.image.tag` | `"0.1.0"` |  |
+| `docs.rancher.enabled` | `true` |  |
+| `docs.rancher.uid` | `65532` |  |
+| `docs.rancher.image.name` | `"carbide/rancher-docs"` |  |
+| `docs.rancher.image.tag` | `"0.1.0"` |  |
+| `docs.rke2.enabled` | `true` |  |
+| `docs.rke2.uid` | `65532` |  |
+| `docs.rke2.image.name` | `"carbide/rke2-docs"` |  |
+| `docs.rke2.image.tag` | `"0.1.0"` |  |
+| `docs.k3s.enabled` | `true` |  |
+| `docs.k3s.uid` | `65532` |  |
+| `docs.k3s.image.name` | `"carbide/k3s-docs"` |  |
+| `docs.k3s.image.tag` | `"0.1.0"` |  |
+| `docs.neuvector.enabled` | `true` |  |
+| `docs.neuvector.uid` | `100` |  |
+| `docs.neuvector.image.name` | `"carbide/neuvector-docs"` |  |
+| `docs.neuvector.image.tag` | `"0.1.0"` |  |
+| `docs.fleet.enabled` | `true` |  |
+| `docs.fleet.uid` | `65532` |  |
+| `docs.fleet.image.name` | `"carbide/fleet-docs"` |  |
+| `docs.fleet.image.tag` | `"0.1.0"` |  |
+| `docs.longhorn.enabled` | `true` |  |
+| `docs.longhorn.uid` | `65532` |  |
+| `docs.longhorn.image.name` | `"carbide/longhorn-docs"` |  |
+| `docs.longhorn.image.tag` | `"0.1.0"` |  |
+| `docs.kubewarden.enabled` | `true` |  |
+| `docs.kubewarden.uid` | `65532` |  |
+| `docs.kubewarden.image.name` | `"carbide/kubewarden-docs"` |  |
+| `docs.kubewarden.image.tag` | `"0.1.0"` |  |
+| `docs.carbide.enabled` | `true` |  |
+| `docs.carbide.uid` | `65532` |  |
+| `docs.carbide.image.name` | `"carbide/carbide-docs"` |  |
+| `docs.carbide.image.tag` | `"0.1.0"` |  |
+| `docs.elemental.enabled` | `true` |  |
+| `docs.elemental.uid` | `65532` |  |
+| `docs.elemental.image.name` | `"carbide/elemental-docs"` |  |
+| `docs.elemental.image.tag` | `"0.1.0"` |  |
+| `docs.harvester.enabled` | `true` |  |
+| `docs.harvester.uid` | `65532` |  |
+| `docs.harvester.image.name` | `"carbide/harvester-docs"` |  |
+| `docs.harvester.image.tag` | `"0.1.0"` |  |
+| `docs.rancherdesktop.enabled` | `true` |  |
+| `docs.rancherdesktop.uid` | `65532` |  |
+| `docs.rancherdesktop.image.name` | `"carbide/rancher-desktop-docs"` |  |
+| `docs.rancherdesktop.image.tag` | `"0.1.0"` |  |
 
-----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)

charts/heimdall2/Chart.yaml

@@ -1,6 +1,7 @@
 apiVersion: v2
-appVersion: "0.1.0"
-description: Rancher Government Heimdall2 Tool
 name: heimdall2
+description: Rancher Government Heimdall2 Tool
+icon: https://raw.githubusercontent.com/rancherfederal/carbide-docs/main/static/img/carbide-logo.svg
 type: application
-version: 0.1.21
+version: 0.1.22
+appVersion: "0.1.0"

charts/heimdall2/README.md

@@ -0,0 +1,12 @@
+Heimdall2 Chart
+----------------------------------------------
+
+
+Rancher Government Heimdall2 Tool
+
+| Type | Chart Version | App Version |
+| ---- | ------------- | ----------- |
+| application | `0.1.22` | `0.1.0` |
+
+
+This chart is a dependency and typically does not require any installation and configuration.

charts/heimdall2/templates/heimdall-deployment.yaml

@@ -123,7 +123,7 @@ spec:
             name: rcidf
       initContainers:
         - name: rancher-cluster-id-finder
-          image: {{ .Values.heimdall.rcidf.registry }}/{{ .Values.heimdall.rcidf.name }}:{{ .Values.heimdall.rcidf.tag }}
+          image: {{ template "system_default_registry" . }}{{ .Values.heimdall.rcidf.name }}:{{ .Values.heimdall.rcidf.tag }}
           command: ['./rcidf', '--write-file', '/rancher/id', 'id']
           volumeMounts:
           - mountPath: /rancher

charts/heimdall2/values.yaml

@@ -48,7 +48,6 @@ heimdall:
     router: ""
     axios: ""
   rcidf: # rancher-cluster-id-finder
-    registry: rgcrprod.azurecr.us
     name: carbide/rcidf
     tag: "0.1.0"
   databaseName: "heimdall"

charts/stigatron-ui/Chart.yaml

@@ -1,6 +1,7 @@
 apiVersion: v2
 name: stigatron-ui
 description: Rancher Government Stigatron UI Extension
+icon: https://raw.githubusercontent.com/rancherfederal/carbide-docs/main/static/img/carbide-logo.svg
 type: application
-version: 0.1.17
+version: 0.1.18
 appVersion: "0.3.0"

charts/stigatron-ui/README.md

@@ -0,0 +1,48 @@
+STIGATRON-UI Chart
+----------------------------------------------
+
+
+| Type | Chart Version | App Version |
+| ---- | ------------- | ----------- |
+| application | `0.1.18` | `0.3.0` |
+
+## Installing the Chart
+```bash
+helm install -n carbide-stigatron-system --create-namespace stigatron-ui carbide-charts/stigatron-ui
+```
+```bash
+helm status -n carbide-stigatron-system stigatron-ui
+```
+
+## Uninstalling the Chart
+```bash
+helm uninstall -n carbide-stigatron-system stigatron-ui carbide-charts/stigatron-ui
+```
+
+## Configuration
+
+The following table lists the configurable parameters of the Stigatron-ui chart and their default values.
+
+| Parameter | Default | Description |
+| --------- | ------- | ----------- |
+| `replicaCount` | `1` |  |
+| `UIPluginNamespace` | `"cattle-ui-plugin-system"` |  |
+| `image.pullPolicy` | `"Always"` |  |
+| `image.tag` | `"0.1.0"` |  |
+| `image.name` | `"carbide/stigatron-ui"` |  |
+| `imagePullSecrets` | `[]` |  |
+| `nameOverride` | `""` |  |
+| `fullnameOverride` | `""` |  |
+| `serviceAccount.create` | `true` |  |
+| `serviceAccount.annotations` | `{}` |  |
+| `serviceAccount.name` | `""` |  |
+| `podAnnotations` | `{}` |  |
+| `podSecurityContext` | `{}` |  |
+| `service.type` | `"ClusterIP"` |  |
+| `service.port` | `80` |  |
+| `resources` | `{}` |  |
+| `nodeSelector` | `{}` |  |
+| `tolerations` | `[]` |  |
+| `affinity` | `{}` |  |
+| `global.cattle.systemDefaultRegistry` | `"rgcrprod.azurecr.us"` |  |
+

charts/stigatron/Chart.yaml

@@ -1,8 +1,9 @@
 apiVersion: v2
 name: stigatron
 description: Rancher Government Stigatron Extension
+icon: https://raw.githubusercontent.com/rancherfederal/carbide-docs/main/static/img/carbide-logo.svg
 type: application
-version: 0.1.34
+version: 0.1.35
 appVersion: "0.1.0"
 dependencies:
   - name: heimdall2

charts/stigatron/README.md

@@ -0,0 +1,110 @@
+STIGATRON Chart
+----------------------------------------------
+
+
+| Type | Chart Version | App Version |
+| ---- | ------------- | ----------- |
+| application | `0.1.35` | `0.1.0` |
+
+## Installing the Chart
+```bash
+helm install -n carbide-stigatron-system stigatron carbide-charts/stigatron
+```
+```bash
+helm status -n carbide-stigatron-system stigatron
+```
+
+## Uninstalling the Chart
+```bash
+helm uninstall -n carbide-stigatron-system stigatron
+```
+
+## Configuration
+
+The following table lists the configurable parameters of the Stigatron chart and their default values.
+
+| Parameter | Default | Description |
+| --------- | ------- | ----------- |
+| `complianceOperator.image.name` | `"carbide/compliance-operator"` |  |
+| `complianceOperator.image.tag` | `"0.1.0"` |  |
+| `complianceOperator.imagePullPolicy` | `"Always"` |  |
+| `complianceOperator.serviceAccountName` | `"stigatron"` |  |
+| `heimdallOperator.image.name` | `"carbide/heimdall-operator"` |  |
+| `heimdallOperator.image.tag` | `"0.1.0"` |  |
+| `heimdallOperator.imagePullPolicy` | `"Always"` |  |
+| `heimdallOperator.serviceAccountName` | `"stigatron"` |  |
+| `heimdallOperator.database.port` | `"5432"` |  |
+| `heimdallOperator.database.name` | `"heimdall"` |  |
+| `heimdallOperator.database.user` | `"postgres"` |  |
+| `heimdallOperator.database.password` | `"password"` |  |
+| `heimdallOperator.database.sslMode` | `false` |  |
+| `hook.image.name` | `"carbide/stigatron-hook"` |  |
+| `hook.image.tag` | `"0.1.0"` |  |
+| `hook.imagePullPolicy` | `"Always"` |  |
+| `rbac.roleName` | `"compliance-operator"` |  |
+| `rbac.roleBindingName` | `"compliance-operator"` |  |
+| `alert.enabled` | `false` |  |
+| `heimdall2.databasePort` | `5432` |  |
+| `heimdall2.databaseName` | `"heimdall"` |  |
+| `heimdall2.jwtSecret` | `"abcde12345"` |  |
+| `heimdall2.heimdall.image.name` | `"carbide/heimdall2"` |  |
+| `heimdall2.heimdall.image.tag` | `"0.1.0"` |  |
+| `heimdall2.postgres.enabled` | `true` |  |
+| `heimdall2.postgres.user` | `"postgres"` |  |
+| `heimdall2.postgres.password` | `"password"` |  |
+| `heimdall2.postgres.persistence.enabled` | `false` |  |
+| `global.cattle.systemDefaultRegistry` | `"rgcrprod.azurecr.us"` |  |
+| `heimdall2.proxy.imagePullPolicy` | `"IfNotPresent"` |  |
+| `heimdall2.proxy.image.name` | `"carbide/heimdall-proxy"` |  |
+| `heimdall2.proxy.image.tag` | `"0.1.0"` |  |
+| `heimdall2.proxy.port` | `8080` |  |
+| `heimdall2.proxy.service.type` | `"ClusterIP"` |  |
+| `heimdall2.proxy.service.port` | `80` |  |
+| `heimdall2.postgres.image.name` | `"carbide/postgres"` |  |
+| `heimdall2.postgres.image.tag` | `"13"` |  |
+| `heimdall2.postgres.imagePullPolicy` | `"IfNotPresent"` |  |
+| `heimdall2.postgres.port` | `5432` |  |
+| `heimdall2.postgres.service.type` | `"ClusterIP"` |  |
+| `heimdall2.postgres.service.port` | `5432` |  |
+| `heimdall2.postgres.persistence.persistentVolumeClaim` | `""` |  |
+| `heimdall2.postgres.persistence.storageClassName` | `""` |  |
+| `heimdall2.postgres.persistence.storageRequest` | `"10Gi"` |  |
+| `heimdall2.postgres.persistence.accessMode` | `"ReadWriteOnce"` |  |
+| `heimdall2.postgres.podAnnotations` | `{}` |  |
+| `heimdall2.postgres.securityContext` | `{}` |  |
+| `heimdall2.postgres.resources` | `{}` |  |
+| `heimdall2.postgres.nodeSelector` | `{}` |  |
+| `heimdall2.postgres.affinity` | `{}` |  |
+| `heimdall2.postgres.tolrations` | `{}` |  |
+| `heimdall2.heimdall.kubernetesRequiredPermissions` | `["compliance.cattle.io,scans,,list"]` |  |
+| `heimdall2.heimdall.paths.public` | `""` |  |
+| `heimdall2.heimdall.paths.vue` | `""` |  |
+| `heimdall2.heimdall.paths.router` | `""` |  |
+| `heimdall2.heimdall.paths.axios` | `""` |  |
+| `heimdall2.heimdall.rcidf.registry` | `"rgcrprod.azurecr.us"` |  |
+| `heimdall2.heimdall.rcidf.name` | `"carbide/rcidf"` |  |
+| `heimdall2.heimdall.rcidf.tag` | `"0.1.0"` |  |
+| `heimdall2.heimdall.databaseName` | `"heimdall"` |  |
+| `heimdall2.heimdall.image.path` | `"0.1.0"` |  |
+| `heimdall2.heimdall.port` | `8080` |  |
+| `heimdall2.heimdall.service.type` | `"ClusterIP"` |  |
+| `heimdall2.heimdall.service.port` | `80` |  |
+| `heimdall2.heimdall.jwtExpireTime` | `"1d"` |  |
+| `heimdall2.heimdall.fleetNamespace` | `"cattle-fleet-system"` |  |
+| `heimdall2.heimdall.rancherNamespace` | `"cattle-system"` |  |
+| `heimdall2.heimdall.localLoginDisabled` | `true` |  |
+| `heimdall2.heimdall.apiKeySecret` | `""` |  |
+| `heimdall2.heimdall.jwtSecret` | `""` |  |
+| `heimdall2.heimdall.nodeEnv` | `"production"` | leave it to this |
+| `heimdall2.heimdall.adminEmail` | `"admin@heimdall.local"` |  |
+| `heimdall2.heimdall.adminPassword` | `""` |  |
+| `heimdall2.heimdall.podAnnotations` | `{}` |  |
+| `heimdall2.heimdall.selectorLabels` | `{}` |  |
+| `heimdall2.heimdall.podSecurityContext` | `{}` |  |
+| `heimdall2.heimdall.securityContext` | `{}` |  |
+| `heimdall2.heimdall.resources` | `{}` |  |
+| `heimdall2.heimdall.nodeSelector` | `{}` |  |
+| `heimdall2.heimdall.tolerations` | `[]` |  |
+| `heimdall2.heimdall.affinity` | `{}` |  |
+| `heimdall2.global.cattle.systemDefaultRegistry` | `"rgcrprod.azurecr.us"` |  |
+