Skip to content

Helm chart for Kubernetes deployment #886

Open
Open
Helm chart for Kubernetes deployment#886
Labels
enhancementNew feature or request
Milestone
Sprint B · DevOps & Cloud-Native
@Manuthor

Description

@Manuthor
Manuthor
opened on Apr 1, 2026

Summary

A Helm chart enables one-command installation and upgrade of Cosmian KMS on Kubernetes clusters, configured via values.yaml. Without it, K8s deployments require manual manifest authoring and maintenance.

Impact

  • Platform teams cannot install Cosmian KMS through standard Kubernetes tooling (Helm, ArgoCD, Flux)
  • No support for common deployment patterns: resource limits, liveness/readiness probes, horizontalPodAutoscaler, PodDisruptionBudget, NetworkPolicy
  • Blocks integration with GitOps workflows

Implementation plan

New chart charts/cosmian-kms/ (published to ghcr.io OCI registry):

  • Deployment with configurable replica count and resource requests/limits
  • Service + optional Ingress with TLS termination
  • Secret for KMS credentials (or ExternalSecret reference)
  • PersistentVolumeClaim for SQLite mode (optional; prefer PostgreSQL for HA)
  • HorizontalPodAutoscaler template
  • NetworkPolicy template
  • Integration with existing values.yaml config structure

Effort: Small (1-2 weeks) | No prerequisites

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions