LerianStudio · prymax10 · Apr 28, 2026 · Apr 28, 2026 · Apr 28, 2026 · Apr 28, 2026
@@ -0,0 +1,21 @@
+apiVersion: v2
+name: go-boilerplate-ddd-helm
+description: A Helm chart for Go Boilerplate DDD - Lerian reference service template
+type: application
+home: https://github.com/LerianStudio/go-boilerplate-ddd
+sources:
+  - https://github.com/LerianStudio/helm/tree/main/charts/go-boilerplate-ddd
+  - https://github.com/LerianStudio/go-boilerplate-ddd
+maintainers:
+  - name: "Lerian Studio"
+    email: "support@lerian.studio"
+version: 1.0.0
+appVersion: "1.0.0"
+keywords:
+  - boilerplate
+  - reference
+  - template
+  - lerian
+  - ddd
+  - hexagonal
+icon: https://avatars.githubusercontent.com/u/148895005?s=200&v=4
@@ -0,0 +1,75 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "boilerplate.name" -}}
+{{- default (default "go-boilerplate-ddd" .Values.nameOverride) | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name for boilerplate.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "boilerplate.fullname" -}}
+{{- default (include "boilerplate.name" .) .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "boilerplate.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create boilerplate app version
+*/}}
+{{- define "boilerplate.defaultTag" -}}
+{{- default .Chart.AppVersion .Values.boilerplate.image.tag }}
+{{- end -}}
+
+{{/*
+Return valid boilerplate version label
+*/}}
+{{- define "boilerplate.versionLabelValue" -}}
+{{ regexReplaceAll "[^-A-Za-z0-9_.]" (include "boilerplate.defaultTag" .) "-" | trunc 63 | trimAll "-" | trimAll "_" | trimAll "." | quote }}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "boilerplate.labels" -}}
+helm.sh/chart: {{ include "boilerplate.chart" .context }}
+{{ include "boilerplate.selectorLabels" (dict "context" .context "component" .component "name" .name) }}
+app.kubernetes.io/version: {{ include "boilerplate.versionLabelValue" .context }}
+app.kubernetes.io/managed-by: {{ .context.Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "boilerplate.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "boilerplate.name" .context }}
+app.kubernetes.io/instance: {{ .context.Release.Name }}
+{{- if .component }}
+app.kubernetes.io/component: {{ .component }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "boilerplate.serviceAccountName" -}}
+{{- if .Values.boilerplate.serviceAccount.create }}
+{{- default (include "boilerplate.fullname" .) .Values.boilerplate.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.boilerplate.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Expand the namespace of the release.
+Allows overriding it for multi-namespace deployments in combined charts.
+*/}}
+{{- define "global.namespace" -}}
+{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}}
+{{- end }}
@@ -0,0 +1,131 @@
+{{- if .Values.global.externalPostgresDefinitions.enabled }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ include "boilerplate.fullname" . }}-bootstrap-postgres
+  namespace: {{ include "global.namespace" . }}
+  labels:
+    {{- include "boilerplate.labels" (dict "context" . "component" "bootstrap" "name" "postgres") | nindent 4 }}
+spec:
+  ttlSecondsAfterFinished: 300
+  completions: 1
+  parallelism: 1
+  backoffLimit: 3
+  template:
+    spec:
+      restartPolicy: Never
+      initContainers:
+      - name: wait-for-dependencies
+        image: busybox:1.37
+        env:
+        - name: DB_HOST
+          value: {{ .Values.global.externalPostgresDefinitions.connection.host | quote }}
+        - name: DB_PORT
+          value: {{ .Values.global.externalPostgresDefinitions.connection.port | quote }}
+        command:
+        - /bin/sh
+        - -c
+        - >
+          TIMEOUT=300;
+          ELAPSED=0;
+          echo "Checking $DB_HOST:$DB_PORT...";
+          while ! nc -z "$DB_HOST" "$DB_PORT"; do
+            if [ $ELAPSED -ge $TIMEOUT ]; then
+              echo "Timeout waiting for $DB_HOST:$DB_PORT after ${TIMEOUT}s";
+              exit 1;
+            fi;
+            echo "$DB_HOST:$DB_PORT is not ready yet, waiting... (${ELAPSED}s/${TIMEOUT}s)";
+            sleep 5;
+            ELAPSED=$((ELAPSED + 5));
+          done;
+          echo "$DB_HOST:$DB_PORT is ready!";
+      containers:
+      - name: psql
+        image: postgres:17
+        env:
+        - name: DB_HOST
+          value: {{ .Values.global.externalPostgresDefinitions.connection.host | quote }}
+        - name: DB_PORT
+          value: {{ .Values.global.externalPostgresDefinitions.connection.port | quote }}
+        - name: DB_USER_ADMIN
+          {{- if .Values.global.externalPostgresDefinitions.postgresAdminLogin.useExistingSecret.name }}
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.global.externalPostgresDefinitions.postgresAdminLogin.useExistingSecret.name | quote }}
+              key: DB_USER_ADMIN
+          {{- else }}
+          value: {{ .Values.global.externalPostgresDefinitions.postgresAdminLogin.username | quote }}
+          {{- end }}
+        - name: DB_ADMIN_PASSWORD
+          {{- if .Values.global.externalPostgresDefinitions.postgresAdminLogin.useExistingSecret.name }}
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.global.externalPostgresDefinitions.postgresAdminLogin.useExistingSecret.name | quote }}
+              key: DB_ADMIN_PASSWORD
+          {{- else }}
+          value: {{ .Values.global.externalPostgresDefinitions.postgresAdminLogin.password | quote }}
+          {{- end }}
+        - name: DB_PASSWORD_BOILERPLATE
+          {{- if .Values.global.externalPostgresDefinitions.boilerplateCredentials.useExistingSecret.name }}
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.global.externalPostgresDefinitions.boilerplateCredentials.useExistingSecret.name | quote }}
+              key: DB_PASSWORD_BOILERPLATE
+          {{- else }}
+          value: {{ .Values.global.externalPostgresDefinitions.boilerplateCredentials.password | quote }}
+          {{- end }}
+        - name: DB_DATABASE
+          value: postgres
+        command:
+        - /bin/sh
+        - -c
+        - |
+          set -euo pipefail
+          echo "=== Go Boilerplate DDD PostgreSQL Bootstrap ==="
+          echo "Host: $DB_HOST:$DB_PORT"
+          echo ""
+
+          echo "Checking existing PostgreSQL objects..."
+          DB_EXISTS=0
+          ROLE_EXISTS=0
+
+          if PGPASSWORD="$DB_ADMIN_PASSWORD" psql -At -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "$DB_DATABASE" -c "SELECT 1 FROM pg_database WHERE datname='go-boilerplate-ddd'" | grep -q 1; then
+            DB_EXISTS=1
+          fi
+          if PGPASSWORD="$DB_ADMIN_PASSWORD" psql -At -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "$DB_DATABASE" -c "SELECT 1 FROM pg_roles WHERE rolname='go-boilerplate-ddd'" | grep -q 1; then
+            ROLE_EXISTS=1
+          fi
+
+          if [ "$DB_EXISTS" = "1" ] && [ "$ROLE_EXISTS" = "1" ]; then
+            echo "PostgreSQL bootstrap already complete (database 'go-boilerplate-ddd' and role 'go-boilerplate-ddd' exist). Skipping creation."
+          else
+            # Create role if not exists
+            if [ "$ROLE_EXISTS" = "1" ]; then
+              echo "Role 'go-boilerplate-ddd' already exists. Skipping creation."
+            else
+              echo "Creating role 'go-boilerplate-ddd'..."
+              PGPASSWORD="$DB_ADMIN_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "$DB_DATABASE" -c "CREATE ROLE \"go-boilerplate-ddd\" LOGIN PASSWORD '$DB_PASSWORD_BOILERPLATE'"
+            fi
+
+            # Create database if not exists
+            if [ "$DB_EXISTS" = "1" ]; then
+              echo "Database 'go-boilerplate-ddd' already exists. Skipping creation."
+            else
+              echo "Creating database 'go-boilerplate-ddd'..."
+              PGPASSWORD="$DB_ADMIN_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "$DB_DATABASE" -c "CREATE DATABASE \"go-boilerplate-ddd\" OWNER \"go-boilerplate-ddd\""
+            fi
+          fi
+
+          # Privileges (safe to run repeatedly)
+          echo "Ensuring privileges and schema permissions..."
+          PGPASSWORD="$DB_ADMIN_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "$DB_DATABASE" -c "ALTER USER \"go-boilerplate-ddd\" CREATEDB" || true
+          PGPASSWORD="$DB_ADMIN_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "$DB_DATABASE" -c "GRANT ALL PRIVILEGES ON DATABASE \"go-boilerplate-ddd\" TO \"go-boilerplate-ddd\""
+          PGPASSWORD="$DB_ADMIN_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "go-boilerplate-ddd" -c "GRANT ALL ON SCHEMA public TO \"go-boilerplate-ddd\""
+          PGPASSWORD="$DB_ADMIN_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "go-boilerplate-ddd" -c "GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO \"go-boilerplate-ddd\""
+          PGPASSWORD="$DB_ADMIN_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "go-boilerplate-ddd" -c "GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO \"go-boilerplate-ddd\""
+          PGPASSWORD="$DB_ADMIN_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "go-boilerplate-ddd" -c "ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO \"go-boilerplate-ddd\""
+          PGPASSWORD="$DB_ADMIN_PASSWORD" psql -v ON_ERROR_STOP=1 -h "$DB_HOST" -p "$DB_PORT" -U "$DB_USER_ADMIN" -d "go-boilerplate-ddd" -c "ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO \"go-boilerplate-ddd\""
+
+          echo ""
+          echo "=== Go Boilerplate DDD PostgreSQL Bootstrap completed successfully ==="
+{{- end }}
@@ -0,0 +1,108 @@
+{{- if .Values.boilerplate.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "boilerplate.fullname" . }}
+  namespace: {{ include "global.namespace" . }}
+  labels:
+    {{- include "boilerplate.labels" (dict "context" . "component" .Values.boilerplate.name "name" .Values.boilerplate.name) | nindent 4 }}
+data:
+  # Application
+  ENV_NAME: {{ .Values.boilerplate.configmap.ENV_NAME | default "production" | quote }}
+  LOG_LEVEL: {{ .Values.boilerplate.configmap.LOG_LEVEL | default "info" | quote }}
+  SERVER_ADDRESS: {{ .Values.boilerplate.configmap.SERVER_ADDRESS | default ":8080" | quote }}
+  HTTP_BODY_LIMIT_BYTES: {{ .Values.boilerplate.configmap.HTTP_BODY_LIMIT_BYTES | default "104857600" | quote }}
+
+  # CORS Configuration
+  CORS_ALLOWED_ORIGINS: {{ .Values.boilerplate.configmap.CORS_ALLOWED_ORIGINS | default "*" | quote }}
+  CORS_ALLOWED_METHODS: {{ .Values.boilerplate.configmap.CORS_ALLOWED_METHODS | default "GET,POST,PUT,PATCH,DELETE,OPTIONS" | quote }}
+  CORS_ALLOWED_HEADERS: {{ .Values.boilerplate.configmap.CORS_ALLOWED_HEADERS | default "Origin,Content-Type,Accept,Authorization,X-Request-ID" | quote }}
+
+  # TLS Configuration
+  TLS_TERMINATED_UPSTREAM: {{ .Values.boilerplate.configmap.TLS_TERMINATED_UPSTREAM | default "true" | quote }}
+
+  # Tenancy
+  DEFAULT_TENANT_ID: {{ .Values.boilerplate.configmap.DEFAULT_TENANT_ID | default "11111111-1111-1111-1111-111111111111" | quote }}
+
+  # PostgreSQL Database
+  POSTGRES_HOST: {{ .Values.boilerplate.configmap.POSTGRES_HOST | default "localhost" | quote }}
+  POSTGRES_PORT: {{ .Values.boilerplate.configmap.POSTGRES_PORT | default "5432" | quote }}
+  POSTGRES_USER: {{ .Values.boilerplate.configmap.POSTGRES_USER | default "go-boilerplate-ddd" | quote }}
+  POSTGRES_NAME: {{ .Values.boilerplate.configmap.POSTGRES_NAME | default "go-boilerplate-ddd" | quote }}
+  POSTGRES_SSLMODE: {{ .Values.boilerplate.configmap.POSTGRES_SSLMODE | default "disable" | quote }}
+  MIGRATIONS_PATH: {{ .Values.boilerplate.configmap.MIGRATIONS_PATH | default "migrations" | quote }}
+
+  # PostgreSQL Connection Pool
+  POSTGRES_MAX_OPEN_CONNS: {{ .Values.boilerplate.configmap.POSTGRES_MAX_OPEN_CONNS | default "25" | quote }}
+  POSTGRES_MAX_IDLE_CONNS: {{ .Values.boilerplate.configmap.POSTGRES_MAX_IDLE_CONNS | default "5" | quote }}
+  POSTGRES_CONN_MAX_LIFETIME_MINS: {{ .Values.boilerplate.configmap.POSTGRES_CONN_MAX_LIFETIME_MINS | default "30" | quote }}
+  POSTGRES_CONN_MAX_IDLE_TIME_MINS: {{ .Values.boilerplate.configmap.POSTGRES_CONN_MAX_IDLE_TIME_MINS | default "5" | quote }}
+  POSTGRES_CONNECT_TIMEOUT_SEC: {{ .Values.boilerplate.configmap.POSTGRES_CONNECT_TIMEOUT_SEC | default "10" | quote }}
+
+  # Redis
+  REDIS_HOST: {{ .Values.boilerplate.configmap.REDIS_HOST | default "localhost:6379" | quote }}
+  REDIS_DB: {{ .Values.boilerplate.configmap.REDIS_DB | default "0" | quote }}
+  REDIS_PROTOCOL: {{ .Values.boilerplate.configmap.REDIS_PROTOCOL | default "3" | quote }}
+  REDIS_POOL_SIZE: {{ .Values.boilerplate.configmap.REDIS_POOL_SIZE | default "10" | quote }}
+  REDIS_MIN_IDLE_CONNS: {{ .Values.boilerplate.configmap.REDIS_MIN_IDLE_CONNS | default "2" | quote }}
+  REDIS_READ_TIMEOUT_MS: {{ .Values.boilerplate.configmap.REDIS_READ_TIMEOUT_MS | default "3000" | quote }}
+  REDIS_WRITE_TIMEOUT_MS: {{ .Values.boilerplate.configmap.REDIS_WRITE_TIMEOUT_MS | default "3000" | quote }}
+  REDIS_DIAL_TIMEOUT_MS: {{ .Values.boilerplate.configmap.REDIS_DIAL_TIMEOUT_MS | default "5000" | quote }}
+
+  # Authentication
+  PLUGIN_AUTH_ENABLED: {{ .Values.boilerplate.configmap.PLUGIN_AUTH_ENABLED | default "false" | quote }}
+  PLUGIN_AUTH_HOST: {{ .Values.boilerplate.configmap.PLUGIN_AUTH_HOST | default "http://plugin-access-manager-auth:4000" | quote }}
+
+  # Infrastructure Boot Timeout
+  INFRA_CONNECT_TIMEOUT_SEC: {{ .Values.boilerplate.configmap.INFRA_CONNECT_TIMEOUT_SEC | default "30" | quote }}
+
+  # OpenTelemetry (Observability)
+  ENABLE_TELEMETRY: {{ .Values.boilerplate.configmap.ENABLE_TELEMETRY | default "false" | quote }}
+  OTEL_LIBRARY_NAME: {{ .Values.boilerplate.configmap.OTEL_LIBRARY_NAME | default "github.com/LerianStudio/go-boilerplate-ddd" | quote }}
+  OTEL_RESOURCE_SERVICE_NAME: {{ .Values.boilerplate.configmap.OTEL_RESOURCE_SERVICE_NAME | default "go-boilerplate-ddd" | quote }}
+  OTEL_RESOURCE_SERVICE_VERSION: {{ .Values.boilerplate.image.tag | default .Chart.AppVersion | quote }}
+  OTEL_EXPORTER_OTLP_ENDPOINT: {{ .Values.boilerplate.configmap.OTEL_EXPORTER_OTLP_ENDPOINT | default "" | quote }}
+  OTEL_RESOURCE_DEPLOYMENT_ENVIRONMENT: {{ .Values.boilerplate.configmap.OTEL_RESOURCE_DEPLOYMENT_ENVIRONMENT | default "production" | quote }}
+
+  # Rate Limiting
+  RATE_LIMIT_ENABLED: {{ .Values.boilerplate.configmap.RATE_LIMIT_ENABLED | default "true" | quote }}
+  RATE_LIMIT_MAX: {{ .Values.boilerplate.configmap.RATE_LIMIT_MAX | default "500" | quote }}
+  RATE_LIMIT_WINDOW_SEC: {{ .Values.boilerplate.configmap.RATE_LIMIT_WINDOW_SEC | default "60" | quote }}
+
+  # Swagger Documentation
+  SWAGGER_ENABLED: {{ .Values.boilerplate.configmap.SWAGGER_ENABLED | default "true" | quote }}
+  SWAGGER_TITLE: {{ .Values.boilerplate.configmap.SWAGGER_TITLE | default "Go Boilerplate DDD" | quote }}
+
+  # Observability & Metrics
+  DB_METRICS_INTERVAL_SEC: {{ .Values.boilerplate.configmap.DB_METRICS_INTERVAL_SEC | default "15" | quote }}
+
+  # Idempotency
+  IDEMPOTENCY_RETRY_WINDOW_SEC: {{ .Values.boilerplate.configmap.IDEMPOTENCY_RETRY_WINDOW_SEC | default "300" | quote }}
+
+  # Auto-generated version
+  VERSION: {{ .Values.boilerplate.image.tag | default .Chart.AppVersion | quote }}
+
+  # Multi-Tenant
+  MULTI_TENANT_ENABLED: {{ .Values.boilerplate.configmap.MULTI_TENANT_ENABLED | default "false" | quote }}
+  {{- if eq (.Values.boilerplate.configmap.MULTI_TENANT_ENABLED | default "false" | toString) "true" }}
+  MULTI_TENANT_URL: {{ required "boilerplate.configmap.MULTI_TENANT_URL is required when MULTI_TENANT_ENABLED=true" .Values.boilerplate.configmap.MULTI_TENANT_URL | quote }}
+  MULTI_TENANT_REDIS_HOST: {{ required "boilerplate.configmap.MULTI_TENANT_REDIS_HOST is required when MULTI_TENANT_ENABLED=true" .Values.boilerplate.configmap.MULTI_TENANT_REDIS_HOST | quote }}
+  MULTI_TENANT_REDIS_PORT: {{ .Values.boilerplate.configmap.MULTI_TENANT_REDIS_PORT | default "6379" | quote }}
+  MULTI_TENANT_REDIS_TLS: {{ .Values.boilerplate.configmap.MULTI_TENANT_REDIS_TLS | default "false" | quote }}
+  MULTI_TENANT_REDIS_PASSWORD: {{ .Values.boilerplate.configmap.MULTI_TENANT_REDIS_PASSWORD | default "" | quote }}
+  MULTI_TENANT_MAX_TENANT_POOLS: {{ .Values.boilerplate.configmap.MULTI_TENANT_MAX_TENANT_POOLS | default "100" | quote }}
+  MULTI_TENANT_IDLE_TIMEOUT_SEC: {{ .Values.boilerplate.configmap.MULTI_TENANT_IDLE_TIMEOUT_SEC | default "300" | quote }}
+  MULTI_TENANT_TIMEOUT: {{ .Values.boilerplate.configmap.MULTI_TENANT_TIMEOUT | default "30" | quote }}
+  MULTI_TENANT_CIRCUIT_BREAKER_THRESHOLD: {{ .Values.boilerplate.configmap.MULTI_TENANT_CIRCUIT_BREAKER_THRESHOLD | default "5" | quote }}
+  MULTI_TENANT_CIRCUIT_BREAKER_TIMEOUT_SEC: {{ .Values.boilerplate.configmap.MULTI_TENANT_CIRCUIT_BREAKER_TIMEOUT_SEC | default "30" | quote }}
+  MULTI_TENANT_CACHE_TTL_SEC: {{ .Values.boilerplate.configmap.MULTI_TENANT_CACHE_TTL_SEC | default "120" | quote }}
+  MULTI_TENANT_CONNECTIONS_CHECK_INTERVAL_SEC: {{ .Values.boilerplate.configmap.MULTI_TENANT_CONNECTIONS_CHECK_INTERVAL_SEC | default "30" | quote }}
+  {{- end }}
+
+  # Extra Env Vars
+  {{- with .Values.boilerplate.extraEnvVars }}
+  {{- range . }}
+  {{ .name }}: {{ .value | quote }}
+  {{- end }}
+  {{- end }}
+{{- end }}