[P1BIGROCKS-1548](https://jira.il2.dso.mil/browse/P1BIGROCKS-1548) # Feature Request ## Why Feature request from "red-carpet" customers. ## Proposed Solution A nexus helm chart has already been contributed [here](https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/nexus), thanks @grant.duncklee! This epic is to use the above helm chart as the starting ground for a Big Bang engineer to ensure that: * The chart meets the necessary big bang standards * The chart is incorporated into big bang umbrella ## Definition of Done Checklist **Package:** - [x] Do you have a 'main' branch that is default and protected? - [x] Are all other branches merged or deleted? For master and dev branches, tag the branch commit before deleting the branch so we can retrieve it if necessary. Exception: branches labeled release - [x] Does the repo contain only the following directories: chart, docs, tests? All other directories should be deleted. - [x] Is there a CODEOWNERS file containing some code owners? - [x] Is there a CHANGELOG.md file with initial changes? - [x] Is there a README.md file documenting basic use? - [x] Is there a CONTRIBUTING.md file outlining how a new person can contribute? - [x] Is there a .gitlab-ci.yml pipeline setup pointing to a pipeline template? - [x] Is there a tests/test-values.yaml file setup to provide default values for the pipeline? This must include image pull secret references. - [x] Is there a chart/Kptfile that points to the upstream chart used in the repo? Exception: Not needed if upstream chart is not used. - [x] Does the upstream chart version deploy the application version used in Iron Bank (or as close as possible)? This will help avoid incompatible configuration settings. - [x] Have you run helm dep up and added all .tgz file dependencies in chart/charts to the repo? - [x] Have you updated chart/requirements.yaml or chart/Chart.yaml to point to the file://./charts/<file>.tgz dependencies? - [x] If the chart has a web interface, have you added a VirtualService using hostname that is conditionally added if istio.enabled is true? Verify this works using the web address. - [x] If the chart integrates with Prometheus monitoring, have you added a Service and ServiceMonitor that are conditionally added if monitoring.enabled is true? Verify this using Prometheus to check targets. - [x] Does your package have resource requests and limits set and equal to each other? - [x] Do you have a tag on your main branch for the Big Bang release version of the package? - [x] Have all of your images been updated to pull from registry1.dso.mil. Exception: If there is no Iron Bank image, are you pulling from registry.dso.mil? - [x] If the package supports SSO, have you integrated SSO settings? Needs clarification - [ ] If the package requires a database, have you integrated external database settings? Needs clarification - [x] If the package requires storage, have you integrated external storage (e.g. MinIO) settings? Needs clarification - [x] Are all secrets and certificates removed from the repo? All secrets should be references or randomly generated during deployment. **Big Bang:** - [x] Have you added a namespace.yaml in chart/templates that sets up the package's namespace - [x] Have you added pull secret creation to a resource? This may be in the namespace.yaml file. - [x] Have you added a gitrepository.yaml in chart/templates that sets up a flux GitRepository resource pointing to the package's git repository? - [x] Have you added a helmrelease.yaml in chart/templates that sets up a flux HelmRelease resource pointing to the package's helm chart? - [x] Have you added default values to the HelmRelease that need to be passed downstream to the package? For example: hostname, istio.enabled, monitoring.enabled. - [x] Have you added image pull secret references to the HelmRelease to be passed downstream to the package? - [x] Have you added other package dependencies to the HelmRelease to insure deployment order? - [x] Have you added a key for <package>.yaml into chart/templates/values.yaml so override values can be passed downstream to the package? - [x] Have you added a valuesFrom configuration in the HelmRelease pointing to the values secret with a valuesKey equal to <package>.yaml? - [x] Have you added the package into chart/values.yaml under addons? Exception: core apps do not go under addons. - [x] Have you added enabled: false to your chart/values.yaml and conditional statements on enabled: true for your namespace, pull secret, git repository, and helm release? - [x] Have you added git repo configuration to chart/values.yaml pointing to the package's git repo, helm chart path, and tag. - [x] Have you added a values: {} placeholder for you package in chart/values.yaml? - [x] Have you added any applicable default values from Fences and Party Bus to the package? Exception: Infrastructure specific implementations (e.g. AWS) - [x] Have you verified that Additional details on definition of done need to be added for: - Database integration - Storage (minio) integration - Certificates? - SSO integration **Testing:** - [x] Have you verified the CI/CD pipeline passes? - [x] Have you verified the application is available via web URL (if applicable)? - [x] Have you verified you can login via SSO with your Platform One account (if applicable)? - [x] Have you verified you Prometheus is scraping data from monitoring endpoints on the application (if applicable)? - [x] Have you verified the application has database connectivity to the external database (if applicable)? - [x] Have you verified the application has storage connectivity to the external storage (if applicable)? ## Future Work (as separate issues) - [x] SSO is integrated as Big Bang values Related MR: ~~https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/nexus/-/merge_requests/1~~ https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/nexus/-/merge_requests/1