platform/manifests
1
0
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

fix: fix preprod wankery

Browse Source
This commit is contained in:
Jonas Juselius
2025-01-10 13:50:16 +01:00
parent e3c174a995
commit 089096f936
11 changed files with 40 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files
policies/oceanbox/kyverno/sync-atlantis-secrets.yaml
+4 -4
View File
@@ -38,8 +38,8 @@ spec:
namespace: '{{ request.object.metadata.namespace }}' namespace: '{{ request.object.metadata.namespace }}'
synchronize: true synchronize: true
clone: clone:
name: staging-atlantis-env name: prod-atlantis-env
namespace: staging-atlantis namespace: prod-atlantis
match: match:
any: any:
- resources: - resources:
@@ -63,7 +63,7 @@ spec:
synchronize: true synchronize: true
clone: clone:
name: azure-keyvault name: azure-keyvault
namespace: atlantis namespace: prod-atlantis
match: match:
any: any:
- resources: - resources:
@@ -87,7 +87,7 @@ spec:
synchronize: true synchronize: true
clone: clone:
name: dapr-api-token name: dapr-api-token
namespace: staging-atlantis namespace: prod-atlantis
match: match:
any: any:
- resources: - resources:
values/atlantis/prod/appsettings.json
+1 -1
View File
@@ -46,7 +46,7 @@
"roles": [ "admin" ] "roles": [ "admin" ]
} }
], ],
"redis": "prod-atlantis-redis-master:6379", "redis": "preprod-atlantis-redis-master:6379",
"objectStore": "https://atlantis.blob.core.windows.net", "objectStore": "https://atlantis.blob.core.windows.net",
"connString": "Username=postgres;Password=secret;Host=localhost;Port=5432;Database=app;Pooling=true;", "connString": "Username=postgres;Password=secret;Host=localhost;Port=5432;Database=app;Pooling=true;",
"sorcerer" : "https://sorcerer.ekman.oceanbox.io", "sorcerer" : "https://sorcerer.ekman.oceanbox.io",
values/atlantis/prod/bindings.yaml
+2 -2
View File
@@ -8,10 +8,10 @@ spec:
metadata: metadata:
- name: host - name: host
secretKeyRef: secretKeyRef:
name: prod-atlantis-rabbitmq name: preprod-atlantis-rabbitmq
key: connString key: connString
- name: queueName - name: queueName
value: rc-slurm-job-events value: preprod-slurm-job-events
- name: durable - name: durable
value: true value: true
- name: contentType - name: contentType
values/atlantis/prod/configurations.yaml
+2 -2
View File
@@ -7,12 +7,12 @@ spec:
version: v1 version: v1
metadata: metadata:
- name: redisHost - name: redisHost
value: prod-atlantis-redis-master:6379 value: preprod-atlantis-redis-master:6379
- name: redisUsername - name: redisUsername
value: default value: default
- name: redisPassword - name: redisPassword
secretKeyRef: secretKeyRef:
name: prod-atlantis-redis name: preprod-atlantis-redis
key: redis-password key: redis-password
- name: redisDB - name: redisDB
value: "1" value: "1"
values/atlantis/prod/kustomization.yaml
-1
View File
@@ -13,7 +13,6 @@ patches:
resources: resources:
- ../base - ../base
- rbac.yaml - rbac.yaml
- secrets.yaml
- tracing.yaml - tracing.yaml
- bindings.yaml - bindings.yaml
- pubsub.yaml - pubsub.yaml
values/atlantis/prod/pubsub.yaml
+2 -2
View File
@@ -7,12 +7,12 @@ spec:
type: pubsub.rabbitmq type: pubsub.rabbitmq
metadata: metadata:
- name: hostname - name: hostname
value: prod-rabbitmq.rabbitmq value: preprod-rabbitmq.rabbitmq
- name: username - name: username
value: user value: user
- name: password - name: password
secretKeyRef: secretKeyRef:
name: prod-atlantis-rabbitmq name: preprod-atlantis-rabbitmq
key: rabbitmq-password key: rabbitmq-password
- name: protocol - name: protocol
value: amqp value: amqp
values/atlantis/prod/rbac.yaml
+5 -5
View File
@@ -1,7 +1,7 @@
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
name: prod-atlantis name: preprod-atlantis
namespace: prod-atlantis namespace: prod-atlantis
rules: rules:
- apiGroups: - apiGroups:
@@ -17,7 +17,7 @@ rules:
- "" - ""
resourceNames: resourceNames:
- azure-keyvault - azure-keyvault
- prod-atlantis-redis - preprod-atlantis-redis
resources: resources:
- secrets - secrets
verbs: verbs:
@@ -27,13 +27,13 @@ rules:
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
name: prod-atlantis name: preprod-atlantis
namespace: prod-atlantis namespace: prod-atlantis
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: Role kind: Role
name: prod-atlantis name: preprod-atlantis
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: prod-atlantis name: preprod-atlantis
namespace: prod-atlantis namespace: prod-atlantis
values/atlantis/prod/secrets.yaml
-17
View File
@@ -1,17 +0,0 @@
# apiVersion: v1
# kind: Secret
# metadata:
# annotations:
# kyverno/clone: "true"
# name: prod-atlantis-env
# type: Opaque
# data:
---
apiVersion: v1
kind: Secret
metadata:
annotations:
kyverno/clone: "true"
name: azure-keyvault
type: Opaque
data:
values/atlantis/prod/statestore.yaml
+2 -2
View File
@@ -7,12 +7,12 @@ spec:
version: v1 version: v1
metadata: metadata:
- name: redisHost - name: redisHost
value: prod-atlantis-redis-master:6379 value: preprod-atlantis-redis-master:6379
- name: redisUsername - name: redisUsername
value: default value: default
- name: redisPassword - name: redisPassword
secretKeyRef: secretKeyRef:
name: prod-atlantis-redis name: preprod-atlantis-redis
key: redis-password key: redis-password
- name: actorStateStore - name: actorStateStore
value: "true" value: "true"
values/atlantis/staging/secrets.yaml
+18 -8
View File
@@ -1,11 +1,11 @@
# apiVersion: v1 apiVersion: v1
# kind: Secret kind: Secret
# metadata: metadata:
# annotations: annotations:
# kyverno/clone: "true" kyverno/clone: "true"
# name: staging-atlantis-env name: staging-atlantis-env
# type: Opaque type: Opaque
# data: data:
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
@@ -15,3 +15,13 @@ metadata:
name: azure-keyvault name: azure-keyvault
type: Opaque type: Opaque
data: data:
---
apiVersion: v1
kind: Secret
metadata:
annotations:
kyverno/clone: "true"
name: dapr-api-token
type: Opaque
data:
values/atlantis/values-prod.yaml
+4 -4
View File
@@ -18,21 +18,21 @@ env:
- name: REDIS_PASSWORD - name: REDIS_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: prod-atlantis-redis name: preprod-atlantis-redis
key: redis-password key: redis-password
- name: DB_HOST - name: DB_HOST
value: prod-atlantis-db-rw value: preprod-atlantis-db-rw
- name: DB_PORT - name: DB_PORT
value: "5432" value: "5432"
- name: DB_USER - name: DB_USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: prod-atlantis-db-superuser name: preprod-atlantis-db-superuser
key: username key: username
- name: DB_PASSWORD - name: DB_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: prod-atlantis-db-superuser name: preprod-atlantis-db-superuser
key: password key: password
- name: DAPR_API_TOKEN - name: DAPR_API_TOKEN
valueFrom: valueFrom: