tithely · loyal2thesea · Feb 20, 2026 · Feb 20, 2026 · Feb 20, 2026 · Feb 20, 2026
@@ -1,28 +1,22 @@
 repos:
-- repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v2.3.0
-  hooks:
-    - id: end-of-file-fixer
-    - id: trailing-whitespace
-- repo: https://github.com/norwoodj/helm-docs
-  rev: v1.11.1
-  hooks:
-    - id: helm-docs
-- repo: https://github.com/psf/black
-  rev: 23.7.0
-  hooks:
-    - id: black
-- repo: https://github.com/Yelp/detect-secrets
-  rev: v1.4.0
-  hooks:
-    - id: detect-secrets
-- repo: https://github.com/bridgecrewio/checkov.git
-  rev: 2.3.351
-  hooks:
-  - id: checkov
-    args: [-d .]
-# - repo: https://github.com/Agilicus/pre-commit-hook-k8svalidate.git
-#   rev: v0.1.0
-#   hooks:
-#   - id: k8svalidate
-#     files: .yaml$
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v6.0.0
+    hooks:
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+  - repo: https://github.com/norwoodj/helm-docs
+    rev: v1.14.2
+    hooks:
+      - id: helm-docs
+        args:
+          # Make the tool search for charts only under the `charts` directory
+          - --chart-search-root=charts
+  - repo: https://github.com/bridgecrewio/checkov
+    rev: 3.2.504
+    hooks:
+      - id: checkov_secrets
+  - repo: https://github.com/bridgecrewio/checkov
+    rev: 3.2.504
+    hooks:
+      - id: checkov_diff
+        verbose: false # Switch to true for more detailed output, including the diff of the files being checked.
@@ -1,2 +1,34 @@
-Image update automation looks to be supported:
-https://github.com/fluxcd/flux2/tree/main/rfcs/0002-helm-oci
+# helm-charts
+
+Helm charts for Tithely Kubernetes deployments.
+
+Charts are published automatically to the GitHub Pages Helm repository on every merge to `main` via [chart-releaser](https://github.com/helm/chart-releaser-action).
+
+## Charts
+
+| Chart | Version | Description | Docs |
+|-------|---------|-------------|------|
+| [argocd-app](charts/argocd-apps/) | 1.0.1 | Deployments managed by ArgoCD | [README](charts/argocd-apps/README.md) · [CHANGELOG](charts/argocd-apps/CHANGELOG.md) |
+| [generic-service](charts/generic-service/) | 2.0.0-alpha | General-purpose service deployments | [README](charts/generic-service/README.md) · [CHANGELOG](charts/generic-service/CHANGELOG.md) · [CONTRIBUTING](charts/generic-service/CONTRIBUTING.md) |
+
+## Development
+
+[pre-commit](https://pre-commit.com) is used to enforce consistency. Install it and set up the hooks:
+
+```bash
+pip install pre-commit OR brew install pre-commit
+pre-commit install
+```
+
+
+The following hooks run on every commit:
+
+| Hook | Purpose |
+|------|---------|
+| `helm-docs` | Regenerates `README.md` for each chart from `Chart.yaml` and `Values.yaml` |
+| `checkov_secrets` | Scans for hardcoded secrets and credentials |
+| `checkov_diff` | Static analysis for Kubernetes misconfigurations on changed files |
+| `end-of-file-fixer` | Ensures files end with a newline |
+| `trailing-whitespace` | Removes trailing whitespace |
+
+After changing a chart's `Values.yaml` or `Chart.yaml`, run `pre-commit run helm-docs` to regenerate the chart README before committing.
@@ -0,0 +1,90 @@
+# Changelog — argocd-app
+
+All notable changes to this chart will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html) beginning after 1.0.1.
+
+> **Note on version suffixes:** The 1.0.0 pre-release series used Greek letter suffixes (alpha < beta < charlie < delta) as a stand-in for pre-release versioning during rapid iteration. `1.0.1-delta` was a pre-release of `1.0.1`.
+
+## [Unreleased]
+
+### Added
+
+- `README.md` documentation generated by helm-docs.
+
+## [1.0.1] - 2025-10-13
+
+### Added
+
+- `migrations` top-level value block as a single named object with `name`, `enabled`, `image`, `command`, `pullPolicy`, `restartPolicy`, and `envFrom` fields.
+
+### Changed
+
+- **Breaking:** `migrations-job.yaml` refactored from map iteration (`range $key, $value := .Values.migrations`) to a single object reference (`.Values.migrations`). Existing migrations values must be changed from a keyed map to a flat single-object structure.
+- Migration container definition corrected for ArgoCD deployment context.
+
+## [1.0.1-delta] - 2025-07-30
+
+### Fixed
+
+- Removed duplicate `annotations` block that was incorrectly placed at the top level of the `TargetGroupBinding` resource (outside `metadata`).
+
+## [1.0.0-delta] - 2025-07-29
+
+### Fixed
+
+- Autoscaler template now guards against nil-map panics when the `autoscaling` key is absent entirely from `main` or `worker` values. Previously, omitting the `autoscaling` block would cause a template rendering error.
+
+## [1.0.0-charlie] - 2025-07-29
+
+### Changed
+
+- `resources` block is now optional for both `main` and `worker` deployments. The template renders the `resources` section only when `.Values.main.resources` or `.Values.worker.resources` is defined, allowing deployments without explicit resource constraints.
+
+## [1.0.0-beta] - 2025-07-28
+
+### Added
+
+- `targetType: instance` added to the `TargetGroupBinding` spec in `preexisting-lb.yaml`.
+
+## [1.0.0-alpha] - 2025-07-25
+
+### Added
+
+- HorizontalPodAutoscaler (HPA) support for `main` and `worker` deployments (`autoscaler.yaml`), configurable via `autoscaling.enabled`, `autoscaling.minReplicaCount`, `autoscaling.maxReplicaCount`, `autoscaling.cpuUtilizationPercentage`, and `autoscaling.memoryUtilizationPercentage`.
+- `autoscaling.minReplicaCount` falls back to `replicaCount` when HPA is enabled.
+- `envFrom` support on the `main` deployment.
+
+### Changed
+
+- **Breaking:** Resource values for `main` and `worker` are now specified as unitless integers. The template appends `m` (millicores) and `Mi` (mebibytes) automatically. Values previously set as `cpu: "100m"` must be changed to `cpu: 100`; `memory: "512Mi"` must be changed to `memory: 512`.
+- `resources` values restructured to explicit `requests.cpu`, `requests.memory`, `limits.cpu`, and `limits.memory` fields instead of a free-form `toYaml` block.
+
+## [0.9.1] - 2025-06-09
+
+### Added
+
+- Karpenter node selector support on `TargetGroupBinding` via `spec.nodeSelector.matchLabels` using `cluster: {{ project }}-{{ environment }}`.
+- AWS load balancer target node labels annotation added to `TargetGroupBinding` metadata.
+
+## [0.9.0] - 2025-04-08
+
+### Added
+
+- Initial chart release with frontend deployment (`frontend-deployment.yaml`), worker deployment (`worker-deployment.yaml`), migrations job (`migrations-job.yaml`), CronJob (`cronjob.yaml`), 1Password secret integration (`1password.yaml`), and preexisting AWS load balancer support via `TargetGroupBinding` (`preexisting-lb.yaml`).
+- `project` and `environment` top-level values used for resource naming and Datadog tagging.
+- `onepassworditems` array for provisioning `OnePasswordItem` CRD resources.
+- `main` and `worker` deployment values with image, port, resource limits, load balancer, and `envFrom` configuration.
+- Datadog unified service tagging labels on pod template specs.
+
+---
+
+[Unreleased]: https://github.com/tithely/helm-charts/compare/argocd-app-1.0.1...HEAD
+[1.0.1]: https://github.com/tithely/helm-charts/compare/argocd-app-1.0.1-delta...argocd-app-1.0.1
+[1.0.1-delta]: https://github.com/tithely/helm-charts/compare/argocd-app-1.0.0-delta...argocd-app-1.0.1-delta
+[1.0.0-delta]: https://github.com/tithely/helm-charts/compare/argocd-app-1.0.0-charlie...argocd-app-1.0.0-delta
+[1.0.0-charlie]: https://github.com/tithely/helm-charts/compare/argocd-app-1.0.0-beta...argocd-app-1.0.0-charlie
+[1.0.0-beta]: https://github.com/tithely/helm-charts/compare/argocd-app-1.0.0-alpha...argocd-app-1.0.0-beta
+[1.0.0-alpha]: https://github.com/tithely/helm-charts/compare/argocd-app-0.9.1...argocd-app-1.0.0-alpha
+[0.9.1]: https://github.com/tithely/helm-charts/compare/argocd-app-0.9.0...argocd-app-0.9.1
+[0.9.0]: https://github.com/tithely/helm-charts/releases/tag/argocd-app-0.9.0
@@ -0,0 +1,60 @@
+# argocd-app
+
+![Version: 1.0.1](https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square)
+
+A Helm chart for applications using ArgoCD
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| environment | string | `nil` |  |
+| main.autoscaling.cpuUtilizationPercentage | string | `nil` |  |
+| main.autoscaling.enabled | string | `nil` |  |
+| main.autoscaling.maxReplicaCount | string | `nil` |  |
+| main.autoscaling.memoryUtilizationPercentage | string | `nil` |  |
+| main.autoscaling.minReplicaCount | string | `nil` |  |
+| main.enabled | string | `nil` |  |
+| main.envFrom[0].secretRef.name | string | `nil` |  |
+| main.image | string | `nil` |  |
+| main.loadBalancer.name | string | `nil` |  |
+| main.loadBalancer.securityGroupID | string | `nil` |  |
+| main.loadBalancer.targetGroupARN | string | `nil` |  |
+| main.name | string | `nil` |  |
+| main.port | string | `nil` |  |
+| main.resources.limits.cpu | string | `nil` |  |
+| main.resources.limits.memory | string | `nil` |  |
+| main.resources.requests.cpu | string | `nil` |  |
+| main.resources.requests.memory | string | `nil` |  |
+| main.type | string | `nil` |  |
+| migrations.command | string | `nil` |  |
+| migrations.enabled | string | `nil` |  |
+| migrations.envFrom[0].secretRef.name | string | `nil` |  |
+| migrations.image | string | `nil` |  |
+| migrations.name | string | `nil` |  |
+| migrations.pullPolicy | string | `nil` |  |
+| migrations.restartPolicy | string | `nil` |  |
+| onepassworditems[0].itemPath | string | `nil` |  |
+| onepassworditems[0].name | string | `nil` |  |
+| onepassworditems[0].secretType | string | `nil` |  |
+| onepassworditems[1].itemPath | string | `nil` |  |
+| onepassworditems[1].name | string | `nil` |  |
+| project | string | `nil` |  |
+| worker.autoscaling.cpuUtilizationPercentage | string | `nil` |  |
+| worker.autoscaling.enabled | string | `nil` |  |
+| worker.autoscaling.maxReplicaCount | string | `nil` |  |
+| worker.autoscaling.memoryUtilizationPercentage | string | `nil` |  |
+| worker.autoscaling.minReplicaCount | string | `nil` |  |
+| worker.command | string | `nil` |  |
+| worker.enabled | string | `nil` |  |
+| worker.image | string | `nil` |  |
+| worker.name | string | `nil` |  |
+| worker.pullPolicy | string | `nil` |  |
+| worker.resources.limits.cpu | string | `nil` |  |
+| worker.resources.limits.memory | string | `nil` |  |
+| worker.resources.requests.cpu | string | `nil` |  |
+| worker.resources.requests.memory | string | `nil` |  |
+| worker.type | string | `nil` |  |
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)