adding hackazon and vampi apps

charts/hackazon/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/hackazon/Chart.yaml

@@ -0,0 +1,26 @@
+apiVersion: v2
+name: hackazon
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+keywords:
+- hackazon
+version: 1.0.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.0.0"

charts/hackazon/templates/deployment.yaml

@@ -0,0 +1,46 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Release.Name }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+spec:
+  selector:
+    matchLabels:
+      app: {{ .Release.Name }}
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        app: {{ .Release.Name }}
+    spec:
+      containers:
+        - name: {{ .Chart.Name }}
+          image: mutzel/all-in-one-hackazon:postinstall2
+          lifecycle:
+            postStart:
+              exec:
+                command:
+                  - "sh"
+                  - "-c"
+                  - |
+                    sleep 10 # Optional delay before executing the command
+                    a2enmod rewrite && /etc/init.d/apache2 restart 
+          resources:
+            requests:
+              cpu: 50m
+              memory: 128Mi
+            limits:
+              cpu: 250m
+              memory: 512Mi
+          livenessProbe:
+            httpGet:
+              path: /
+              port: 80
+              scheme: HTTP
+            initialDelaySeconds: 120
+            periodSeconds: 30

charts/hackazon/templates/ingress.yaml

@@ -0,0 +1,29 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/proxy-ssl-protocols: "TLSv1.1 TLSv1.2"
+    nginx.ingress.kubernetes.io/ssl-redirect: "false"
+    {{ if eq .Values.ingress.cert "" }}
+    cert-manager.io/cluster-issuer: letsencrypt-cf-prod
+    {{ end }}
+spec:
+  tls:
+    - hosts:
+        - {{ .Values.ingress.url }}
+      secretName: {{ if eq .Values.ingress.cert "" }}distributorwildcard{{ else }}{{ .Values.ingress.cert }}{{ end }}
+  rules:
+    - host: {{ .Values.ingress.url }}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ .Release.Name }}
+                port:
+                  number: 80

charts/hackazon/templates/service.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  ports:
+    - port: 80
+  selector:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app: {{ .Release.Name }}

charts/hackazon/values.yaml

@@ -0,0 +1,4 @@
+ingress:
+  url: dev.vuln.nexploit.app
+  cert: ""
+  authlevel: "."

charts/vampi/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: simple-service
+  repository: file://../../simple-service
+  version: 0.0.1
+digest: sha256:cc5b753b300f605ca017b0e32b87aff020e5d5e7314cffb558aef587885d0a81
+generated: "2024-02-17T17:53:02.38528787+01:00"

charts/vampi/Chart.yaml

@@ -0,0 +1,11 @@
+apiVersion: v2
+name: vampi
+description: Vampi app
+type: application
+keywords:
+- vampi
+version: 0.0.1
+dependencies:
+- name: simple-service
+  version: 0.0.1
+  repository: "file://../../simple-service"

charts/vampi/values.yaml

@@ -0,0 +1,21 @@
+simple-service:
+  application:
+    image: neuralegion/vampi
+    port: 5000
+    env:
+      - name: vulnerable
+        value: "1"
+    resources:
+      requests:
+        cpu: 25m
+        memory: 50Mi
+      limits:
+        cpu: 100m
+        memory: 126Mi
+    livenessProbe:
+      httpGet:
+        path: /
+        port: 5000
+        scheme: HTTP
+      initialDelaySeconds: 120
+      periodSeconds: 30