diff --git a/charts/tf-ocloud/.helmignore b/charts/tf-ocloud/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/tf-ocloud/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/tf-ocloud/Chart.lock b/charts/tf-ocloud/Chart.lock
new file mode 100644
index 0000000..6a00e4e
--- /dev/null
+++ b/charts/tf-ocloud/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: helm-library
+  repository: oci://ghcr.io/allanger/allangers-helm-library
+  version: 0.1.3
+digest: sha256:36d2e0194646a69b0c4849f0dbd1edb0956ebdcf6879d1828ebc96305293ccea
+generated: "2024-09-08T14:15:19.029199+02:00"
diff --git a/charts/tf-ocloud/Chart.yaml b/charts/tf-ocloud/Chart.yaml
new file mode 100644
index 0000000..260d567
--- /dev/null
+++ b/charts/tf-ocloud/Chart.yaml
@@ -0,0 +1,15 @@
+apiVersion: v2
+name: tf-ocloud
+type: application
+version: 0.1.0
+appVersion: 0.1.5
+maintainers:
+  - name: allanger
+    email: allanger@zohomail.com
+    url: https://badhouseplants.net
+dependencies:
+  - name: helm-library
+    version: 0.1.3
+    repository: oci://ghcr.io/allanger/allangers-helm-library
+annotations:
+  allowed_workload_kinds: "Deployment"
diff --git a/charts/tf-ocloud/charts/helm-library-0.1.3.tgz b/charts/tf-ocloud/charts/helm-library-0.1.3.tgz
new file mode 100644
index 0000000..cbf8959
Binary files /dev/null and b/charts/tf-ocloud/charts/helm-library-0.1.3.tgz differ
diff --git a/charts/tf-ocloud/templates/install.yaml b/charts/tf-ocloud/templates/install.yaml
new file mode 100644
index 0000000..e56fe0a
--- /dev/null
+++ b/charts/tf-ocloud/templates/install.yaml
@@ -0,0 +1,2 @@
+{{ include "lib.component.workload" . }}
+{{ include "lib.component.files" . }}
diff --git a/charts/tf-ocloud/values.yaml b/charts/tf-ocloud/values.yaml
new file mode 100644
index 0000000..af9b595
--- /dev/null
+++ b/charts/tf-ocloud/values.yaml
@@ -0,0 +1,67 @@
+---
+workload:
+  kind: Deployment
+  strategy:
+    type: RollingUpdate
+  securityContext:
+    runAsUser: 1000
+    runAsGroup: 1000
+    fsGroup: 1000
+  containers:
+    tf:
+      image:
+        registry: zot.badhouseplants.net
+        repository: badhouseplants/terraform-ocloud
+        tag: cfbd98343cf9e40690ab9ac0c4a455309a6dbeff
+        pullPolicy: Always
+      mounts:
+        files:
+          ocloudkey:
+            path: /src/key.pem
+            subPath: key.pem
+          publickey:
+            path: /src/public_key
+            subPath: public-key
+          privatekey:
+            path: /src/ssh_key
+            subPath: ssh-key
+          tfvars:
+            path: /src/terraform.tfvars
+            subPath: terraform.tfvars
+        extraVolumes:
+          dottf:
+            path: /src/.terraform
+
+extraVolumes:
+  dottf:
+    emptyDir: {}
+
+files:
+  ocloudkey:
+    enabled: true
+    sensitive: false
+    remove: []
+    entries:
+      key.pem:
+        data: dummy
+  publickey:
+    enabled: true
+    sensitive: false
+    remove: []
+    entries:
+      public-key:
+        data: dummy
+  privatekey:
+    enabled: true
+    sensitive: false
+    remove: []
+    entries:
+      ssh-key:
+        data: dummy
+  tfvars:
+    enabled: true
+    sensitive: false
+    remove: []
+    entries:
+      terraform.tfvars:
+        data: dummy
diff --git a/installations/pipelines/helmfile.yaml b/installations/pipelines/helmfile.yaml
index c2dc809..785d80f 100644
--- a/installations/pipelines/helmfile.yaml
+++ b/installations/pipelines/helmfile.yaml
@@ -38,3 +38,8 @@ releases:
     inherit:
       - template: default-env-values
       - template: default-env-secrets
+  - name: tf-ocloud
+    chart: ../../charts/tf-ocloud
+    namespace: pipelines
+    inherit:
+      - template: default-env-secrets
diff --git a/values/badhouseplants/secrets.tf-ocloud.yaml b/values/badhouseplants/secrets.tf-ocloud.yaml
new file mode 100644
index 0000000..e29b170
--- /dev/null
+++ b/values/badhouseplants/secrets.tf-ocloud.yaml
@@ -0,0 +1,37 @@
+files:
+  ocloudkey:
+    entries:
+      key.pem:
+        data: ENC[AES256_GCM,data:RpthOt8o+sr3tgn583fJo6sA7A30e5qw5N5lEx7eB4QjMAifGPNN//QIOZ4ivh2537ozo+Ka0YBSuHwcqFf50C5P6aVLY76fHOiSymZj6fwgRfXlUQL83kwvJpb+pKi2+ckiAcdGZSIEY+RdlTmZwBUKs+fk9prWDODdEbJE5Tw4yeA70vxWU9LeiKOV9aQSGikrZxXTwXw9f136EoZd/cw9lxBcDufl4TOjfSoGF1bg+0rOWd+6OovEz8qEFScfzJY70J62RxS5aPt2bFcHlw8nDFXJsm7LcTH4W6+i3ZEJ4aJbM6fopl9E/2LVBMim2BgYwTqXcOiUSmfxiHPT0k6POJ9kchywq0ZyKGd+RXo4nY7n9Isx2x69ejIxDk5/bvvQROjqVB7AOSckyaJaJafSSnoSFy9bGPnVLY3L4veUoImdmZQWEU0kOuTBrZFZCw9PBspdAxmBKRN6WeJtdISOQ4F5tCh6yGgFBKWoz4rWf49vWgh5gVtxpbF8c3NovCdzQ03Ojlh24+vkRz3JdvU8Ivg7PvE59FDrzV7P5xxy5iPqmq62yLAKEcnRCrBsq9nhU1FDQEQVbXXbCLmQbd+DjzXdb/EGFo9n7xB5kb9ttdbGMAWJWz441al/ttRUzj1m7+1uPZ2tOa0KZ9ar7TNQ9gGRp0Qw5gDEVx1TIdO9z582e/NoIBE2mlkV3OndYO3lNxJR5kZX+12tpd1ezld6fFWxCSrDWjazR2lX0i0A3EPvbQ59LRK7qG+8IaJdK+RUoD5dYwlU6FvTTo6iNYVGM3G6/If3kOsdVpBf1nGK9SXnpWkuo3J/chLTzEOOx2X3tfGQ7XeMW7oQODeFPnHole0DRG8iJ17MRSobys3zzZAcvnjUFrgGDoxin+nbqby/w89url5ACsaon1hvJWUV1+g2jocIergW6z+cQfmI6bvYjAawP2IxtmfsNhhdgJbElI9Nkzumzgfq7oRkv10ygfBTBuFEVgME4sBzNbuykOSxqPtbBLkis5fXCHUMmQiYJvGH40cqy63z2HmbHu9qo6aC30zNAH49Jv5tsxFJju63ceUCi6pi1a/biQIa8Lt+yAB+cjAyZYz+jmt9TPgMtIhLerfNXiOVrD82zZFICgoJGWugqdHwiLMpQz4y12vYKW9VdJZHSAOInz6kK0rBBBXXHZ7RBuXjqSCIgv06eZVSZq/GMoXT5BE2VpT+MbzR2a7B3S+96FvdAdwn6EtpLo2hIYlR5rpsm767WlofVG6y77VG2zdj0V/dQ+AqQiGJ3lcQwNko0vd+4Ud7w0sGERWbM49kBLH0rPzbQLycSFa5pGAEZAPPnaKZ0kDg/gJpNcIzSBmLO4vcmBxMfI5NkKOiqRHQfUOQn/KqrUPra+Ko0Eqmk2OT0QlrVoUudr3pNecWfzDltn/3CFBoNFbJ4QUYHVKWq9SDQ98V/2yPMXzyLnf79gKb/8hfKdLoHs5H2odM98JyZygCnJzWhegt7NysJz4EFzx4qMidCyNNNW0vyMJKsOAlyru+qF/qVyS8zk9E92LEOsa+7ceniTEI32r/3qGbdXGQGQ2TF6MVnAFcn7i9TAqit4QTg9PdQt++VKbv+3VmOpcj213ZVTT6GaD3KVUCO9WZLKvs6oc0mZL4Zt3EKVEKotrLpYGBRGRHSSvzN/wKA50s9sRWz4q9h7QdWNwQ2nEdzVvzj3Jtaal9XGxkmmC2jiw3N5N0JPVmZUnQvVIRfCRNz+mnG7oYv4OUgpVAaFTs1mJakvnwxKzJYM9PhZ7qc5dEG7NJT2xFJfRZeOaT240rSj4qkR/vmyGUDnQFzh1ZenqotNaO0vdOUR+2tZ6jDx5UvqYUb+QP78vMUucRM1cyQuktpqwXzdoKrau37W93ngyczQH1nw7F0RMgp2EQcdik9wjW5AQphOq3Z1XCb1CmVanQgY0HWWxOGkmw/Ta3MMfzjZjg/TWSf9qVIuiA/K0OjSl4TLrJ+uJAuvbqgWTZ+KRxsgbWu4f8jEom6eFmYGrK9v9yGCCo277PPwTswfTOWevSpvjDhJExeWAzsVGGXCg53Jyrp2N3rzdnEpExjcjUOd6ELQmyC8JsGDsdLlhenwt4wReULDDCjaXgY0qsJFIaGW3SBru5/D1FYV6yL7tJAlOdMYGzGOUnBHp3/cSoZN8QLjvlJ0IwkKJJJZriCdDolKxtClY18xkcYOt/5tu7Z41YKJpC3yl2lbIhYUX6xIN/tjgFyOV4dc4cBh5l3YkNhUTz8kc/GG8y/oWT3OFdpNYS9LRV3FHbCg==,iv:4wN33I+dU4O4t7RkqnWiEKG71ezTeKKInBixXpLdQVo=,tag:g6FhBPGWJhsAjnJGHkk8Eg==,type:str]
+  publickey:
+    entries:
+      public-key:
+        data: ENC[AES256_GCM,data:a/8FucxDk43YliowmM8AY4UsOeRfjpVmCYZM/0GZVcJ0sod2ZTp1v2eH5guR6yU1jOLBhR9TkdtIIOl9mHLsga1EQRc/j8Yx4kgS1aRFjV+VFAgqlvunyOIPtq3d5e1TbCaEhnP6,iv:RZlgn83M8vq5vBTB4rZOPrQpmbJTqnt9i5Jd6jlJ3/c=,tag:2sBkAt5XuEr8HtivrKxqqQ==,type:str]
+  privatekey:
+    entries:
+      ssh-key:
+        data: ENC[AES256_GCM,data:/oFq/1941c1BeGGwS0FIukYR73/EHGTjV7d6two2uEIn0WVjG9rgzlaGRdWjS4Fxb6j35ObgArGlX7pA2CE/FJ85Hv1uUGhBetwGVeVOmjRM4cMDMRsBZRmd4O8OZUUMiGS95LdaQVVjHYXfZicV3X8Tv0s3T11cM+pFHFFSgiVS534uC5g/N13ilDpDsGlEpVQRD4pLiamNCWm6QXSfmJ/I2W1PG4ketI98Nl0VPbI9h1VFLisXd4CYL/aTUUyoacykkGYUaYnzDTTwFtlbR8tD9/hnPlKiUPcI5o5ITxa+E6UHaMtwKoMB9ZNkqARX3NQXtnSCxRzWIlUu+vtZoG6KqPjFKQ/TySgFG5cNG/FwgQNqFq2wBxn8MrsEUOVpARWqEmAkkbJsbeqLArJeepSy/PBIpv1VhkH/B1rIuModr9f2xp/ikBimZsFDhcyUTFf/r9wCvdzTigwQIZ6IH7HwLQZtdfiotg+GxPIS0gUspQQxzutzSgtlOHAblL80IUWJVO54c5GakkXTTaNGt3Gjv4rph9Vbw60Jfp3roQw0JVsOtUImXJGe8OxOQvZJvl2GhKy2rTGCBItKEtgWWGYirhTrfRQWqC2leAUFvmk=,iv:QYhmClW5uM7TT5GUUSdtmdQApB8915vDqXZAA+XenxM=,tag:TUWWasMDGzcTGdkMGyq+cQ==,type:str]
+  tfvars:
+    entries:
+      terraform.tfvars:
+        data: ENC[AES256_GCM,data:s70INVEwohF8FdFGYnW5eVs7SHeytWVZ5kIrylfRl1jlsHjKnWKq5GTpYi8Id9t98BpTaZ3+vw4FG4A3wV+ZAMojAeXqm+9Zgsfz5xfLcGpPptiRPZvf3PJQMte4iprNz846gmppRgerhCPjxwkAxbp14zFlJ5CI3jjcZR/P0EPZkUVCQyzZ8evSUwrWWTbxyERLaJZtrbz1H+lSh6FyzUidGAp4J/qAhehE4F04T2Sv5SMYZ+m3k7nr3e7ieurOAHRw/T9Rr7r+y9mfBjco597ly47TkdIFwy2CuHbaDP07F4cKRFtooxvhECT/VvwNJKLmjQNNp5PBQdDDlbBrHaDQzi1wXW2u29Hxiq4/S3xLW6yBX6IaS2S/kHsZYFY/0Bo44bpZR/atEuX/RH3DnEO5WXd4uQ24kHtSgEdlwtezxFpoB8SWN8ZRa6OO8EgQkdr9Wt9qRtSll75pOGO7AJEcq86e42Wz+CD1n8c+OTVpOraprvACa6Givx5cp2c+SA3DaYs2tWH1YakhDFHAzF9tx3XAPrn/SLukKwy+D0LeUa2WUJmO0B7EbjCzdKz7NKuybf89djgkvQT8gJmXynXwmNH4g18gc66OhZtYtMEeUB9nlEXY+5cA+y8SSSeMVikTZ98OdNyPklXNZYHPn4QqRkAKBVI3M1cAAg==,iv:1/xdPv8SuKlHJGp99Ibtg7y9s8pC+evWC6l8H2hMato=,tag:Iki2ssTEF/Lt0dcAq3JsnQ==,type:str]
+sops:
+  kms: []
+  gcp_kms: []
+  azure_kv: []
+  hc_vault: []
+  age:
+    - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
+      enc: |
+        -----BEGIN AGE ENCRYPTED FILE-----
+        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTUWxNYUlROCtQWVl1MXph
+        SSsvSnhTZVA1MWYxZEdmeEUyenVBblQ2djJnClBxWDRDMlM5SEIwM2dyZ3EyaDBk
+        Nk5pVkQxNE9kVDdEU3FiYlZ1VXBJajQKLS0tIGFSWEpUemlaQUFiOWhlYU9NRXdi
+        ODc5b2hUSVVVTkNuSURlK09yeCsyY2cK23y2SNeRjfNLj9OZN9qQBolT8mWgLqQn
+        2ubEVTAkJBn9L9T2TJTElhQBzhWQZe/GvBo8Oj3XuQaNG/kR1bOEeA==
+        -----END AGE ENCRYPTED FILE-----
+  lastmodified: "2024-10-14T19:50:58Z"
+  mac: ENC[AES256_GCM,data:FhUw/Qx4vkk26e6iQahXKCJLO9umnZPW1bzcRwNKDIwd6eNHXzr/9hgHJkVJTNEStT+5nGoc2eFSlNTfalM2sL8RDrA0o4qv6RWR2UnGfHq1SxpGRRHey114feVpa9bfITssURjKZtUjaI24WFTpCOK3Miiuq1sKVPgwEC4fuZg=,iv:3nmQ7MHzBUUEpzHnc8gikyNP9KOOtS9CkyFBc8cxz7w=,tag:z6PGial7T0eyk3CAYNozyw==,type:str]
+  pgp: []
+  unencrypted_suffix: _unencrypted
+  version: 3.9.1