From 089096f936d18001db22413de01ee9eb4abe4e06 Mon Sep 17 00:00:00 2001 From: Jonas Juselius Date: Fri, 10 Jan 2025 13:50:16 +0100 Subject: [PATCH] fix: fix preprod wankery --- .../kyverno/sync-atlantis-secrets.yaml | 8 +++--- values/atlantis/prod/appsettings.json | 2 +- values/atlantis/prod/bindings.yaml | 4 +-- values/atlantis/prod/configurations.yaml | 4 +-- values/atlantis/prod/kustomization.yaml | 1 - values/atlantis/prod/pubsub.yaml | 4 +-- values/atlantis/prod/rbac.yaml | 10 +++---- values/atlantis/prod/secrets.yaml | 17 ------------ values/atlantis/prod/statestore.yaml | 4 +-- values/atlantis/staging/secrets.yaml | 26 +++++++++++++------ values/atlantis/values-prod.yaml | 8 +++--- 11 files changed, 40 insertions(+), 48 deletions(-) delete mode 100644 values/atlantis/prod/secrets.yaml diff --git a/policies/oceanbox/kyverno/sync-atlantis-secrets.yaml b/policies/oceanbox/kyverno/sync-atlantis-secrets.yaml index 13b1b1d4..6ff609ec 100644 --- a/policies/oceanbox/kyverno/sync-atlantis-secrets.yaml +++ b/policies/oceanbox/kyverno/sync-atlantis-secrets.yaml @@ -38,8 +38,8 @@ spec: namespace: '{{ request.object.metadata.namespace }}' synchronize: true clone: - name: staging-atlantis-env - namespace: staging-atlantis + name: prod-atlantis-env + namespace: prod-atlantis match: any: - resources: @@ -63,7 +63,7 @@ spec: synchronize: true clone: name: azure-keyvault - namespace: atlantis + namespace: prod-atlantis match: any: - resources: @@ -87,7 +87,7 @@ spec: synchronize: true clone: name: dapr-api-token - namespace: staging-atlantis + namespace: prod-atlantis match: any: - resources: diff --git a/values/atlantis/prod/appsettings.json b/values/atlantis/prod/appsettings.json index a19f4616..5a7d66e0 100644 --- a/values/atlantis/prod/appsettings.json +++ b/values/atlantis/prod/appsettings.json @@ -46,7 +46,7 @@ "roles": [ "admin" ] } ], - "redis": "prod-atlantis-redis-master:6379", + "redis": "preprod-atlantis-redis-master:6379", "objectStore": "https://atlantis.blob.core.windows.net", "connString": "Username=postgres;Password=secret;Host=localhost;Port=5432;Database=app;Pooling=true;", "sorcerer" : "https://sorcerer.ekman.oceanbox.io", diff --git a/values/atlantis/prod/bindings.yaml b/values/atlantis/prod/bindings.yaml index 993d23f5..be8d0355 100644 --- a/values/atlantis/prod/bindings.yaml +++ b/values/atlantis/prod/bindings.yaml @@ -8,10 +8,10 @@ spec: metadata: - name: host secretKeyRef: - name: prod-atlantis-rabbitmq + name: preprod-atlantis-rabbitmq key: connString - name: queueName - value: rc-slurm-job-events + value: preprod-slurm-job-events - name: durable value: true - name: contentType diff --git a/values/atlantis/prod/configurations.yaml b/values/atlantis/prod/configurations.yaml index 20affb92..b5ffeb47 100644 --- a/values/atlantis/prod/configurations.yaml +++ b/values/atlantis/prod/configurations.yaml @@ -7,12 +7,12 @@ spec: version: v1 metadata: - name: redisHost - value: prod-atlantis-redis-master:6379 + value: preprod-atlantis-redis-master:6379 - name: redisUsername value: default - name: redisPassword secretKeyRef: - name: prod-atlantis-redis + name: preprod-atlantis-redis key: redis-password - name: redisDB value: "1" diff --git a/values/atlantis/prod/kustomization.yaml b/values/atlantis/prod/kustomization.yaml index 6b5841a1..0f08417b 100644 --- a/values/atlantis/prod/kustomization.yaml +++ b/values/atlantis/prod/kustomization.yaml @@ -13,7 +13,6 @@ patches: resources: - ../base - rbac.yaml - - secrets.yaml - tracing.yaml - bindings.yaml - pubsub.yaml diff --git a/values/atlantis/prod/pubsub.yaml b/values/atlantis/prod/pubsub.yaml index b7aeda01..db108eac 100644 --- a/values/atlantis/prod/pubsub.yaml +++ b/values/atlantis/prod/pubsub.yaml @@ -7,12 +7,12 @@ spec: type: pubsub.rabbitmq metadata: - name: hostname - value: prod-rabbitmq.rabbitmq + value: preprod-rabbitmq.rabbitmq - name: username value: user - name: password secretKeyRef: - name: prod-atlantis-rabbitmq + name: preprod-atlantis-rabbitmq key: rabbitmq-password - name: protocol value: amqp diff --git a/values/atlantis/prod/rbac.yaml b/values/atlantis/prod/rbac.yaml index 558f8a1c..47492b73 100644 --- a/values/atlantis/prod/rbac.yaml +++ b/values/atlantis/prod/rbac.yaml @@ -1,7 +1,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: prod-atlantis + name: preprod-atlantis namespace: prod-atlantis rules: - apiGroups: @@ -17,7 +17,7 @@ rules: - "" resourceNames: - azure-keyvault - - prod-atlantis-redis + - preprod-atlantis-redis resources: - secrets verbs: @@ -27,13 +27,13 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: prod-atlantis + name: preprod-atlantis namespace: prod-atlantis roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: prod-atlantis + name: preprod-atlantis subjects: - kind: ServiceAccount - name: prod-atlantis + name: preprod-atlantis namespace: prod-atlantis diff --git a/values/atlantis/prod/secrets.yaml b/values/atlantis/prod/secrets.yaml deleted file mode 100644 index dd84716e..00000000 --- a/values/atlantis/prod/secrets.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# apiVersion: v1 -# kind: Secret -# metadata: -# annotations: -# kyverno/clone: "true" -# name: prod-atlantis-env -# type: Opaque -# data: ---- -apiVersion: v1 -kind: Secret -metadata: - annotations: - kyverno/clone: "true" - name: azure-keyvault -type: Opaque -data: diff --git a/values/atlantis/prod/statestore.yaml b/values/atlantis/prod/statestore.yaml index be1030ab..34145fe5 100644 --- a/values/atlantis/prod/statestore.yaml +++ b/values/atlantis/prod/statestore.yaml @@ -7,12 +7,12 @@ spec: version: v1 metadata: - name: redisHost - value: prod-atlantis-redis-master:6379 + value: preprod-atlantis-redis-master:6379 - name: redisUsername value: default - name: redisPassword secretKeyRef: - name: prod-atlantis-redis + name: preprod-atlantis-redis key: redis-password - name: actorStateStore value: "true" diff --git a/values/atlantis/staging/secrets.yaml b/values/atlantis/staging/secrets.yaml index 5cdf5fe6..7f10efdd 100644 --- a/values/atlantis/staging/secrets.yaml +++ b/values/atlantis/staging/secrets.yaml @@ -1,11 +1,11 @@ -# apiVersion: v1 -# kind: Secret -# metadata: -# annotations: -# kyverno/clone: "true" -# name: staging-atlantis-env -# type: Opaque -# data: +apiVersion: v1 +kind: Secret +metadata: + annotations: + kyverno/clone: "true" + name: staging-atlantis-env +type: Opaque +data: --- apiVersion: v1 kind: Secret @@ -15,3 +15,13 @@ metadata: name: azure-keyvault type: Opaque data: +--- +apiVersion: v1 +kind: Secret +metadata: + annotations: + kyverno/clone: "true" + name: dapr-api-token +type: Opaque +data: + diff --git a/values/atlantis/values-prod.yaml b/values/atlantis/values-prod.yaml index bfbc057a..10bbcf14 100644 --- a/values/atlantis/values-prod.yaml +++ b/values/atlantis/values-prod.yaml @@ -18,21 +18,21 @@ env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: - name: prod-atlantis-redis + name: preprod-atlantis-redis key: redis-password - name: DB_HOST - value: prod-atlantis-db-rw + value: preprod-atlantis-db-rw - name: DB_PORT value: "5432" - name: DB_USER valueFrom: secretKeyRef: - name: prod-atlantis-db-superuser + name: preprod-atlantis-db-superuser key: username - name: DB_PASSWORD valueFrom: secretKeyRef: - name: prod-atlantis-db-superuser + name: preprod-atlantis-db-superuser key: password - name: DAPR_API_TOKEN valueFrom: