platform/manifests
1
1
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

major: cleanup before merge back to

Browse Source
This commit is contained in:
Jonas Juselius
2025-02-07 07:27:39 +01:00
parent e3b1ef76da
commit 253ed4eeba
21 changed files with 80 additions and 670 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/archmeister.yaml
-47
View File
@@ -1,47 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: archmeister
namespace: argocd
spec:
goTemplate: true
generators:
- list:
elements:
- cluster: https://kubernetes.default.svc
env: prod
hostname: archmeister.srv.oceanbox.io
autoSync: false
prune: true
# - cluster: https://staging-vcluster.staging-vcluster
# env: staging
# hostname: archmeister.beta.oceanbox.io
# autoSync: true
# prune: true
template:
metadata:
name: "{{ .env }}-archmeister"
spec:
project: atlantis
destination:
namespace: atlantis
server: "{{ .cluster }}"
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/archmeister
plugin:
name: kustomize-helm-with-rewrite
parameters:
- name: env
string: "{{ .env }}"
- name: hostname
string: "{{ .hostname }}"
templatePatch: |
{{- if .autoSync }}
spec:
syncPolicy:
automated:
prune: {{ .prune }}
selfHeal: false
{{- end }}
apps/atlantis-host-resources.yaml
-27
View File
@@ -1,27 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: atlantis-cluster-resources
namespace: argocd
# annotations: # close, but no cigar
# argocd.argoproj.io/compare-options: ServerSideDiff=true,IncludeMutationWebhook=true
spec:
project: atlantis
destination:
server: https://kubernetes.default.svc
syncPolicy:
automated:
prune: false
selfHeal: false
# ignoreDifferences:
# - kind: Secret
# name: prod-rabbitmq
# jqPathExpressions:
# - '.data'
# - '.metadata.annotations.clone'
# - '.metadata.labels'
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: resources/atlantis
apps/atlantis-resources.yaml
-41
View File
@@ -1,41 +0,0 @@
# Currently not in use. Configured via the create-vcluster script.
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: atlantis-resources
namespace: argocd
spec:
goTemplate: true
generators:
- list:
elements:
- cluster: https://kubernetes.default.svc
env: prod
autoSync: false
prune: false
# - cluster: https://staging-vcluster.staging-vcluster
# env: staging
# autoSync: false
# prune: false
template:
metadata:
name: "{{ .env }}-atlantis-resources"
spec:
project: aux
syncPolicy:
automated: {}
destination:
server: "{{ .cluster }}"
namespace: atlantis
sources: {}
# - repoURL: https://gitlab.com/oceanbox/manifests.git
# targetRevision: main
# path: 'resources/atlantis/manifests/{{ env }}'
templatePatch: |
{{- if .autoSync }}
spec:
syncPolicy:
automated:
prune: {{ .prune }}
selfHeal: false
{{- end }}
apps/atlantis.yaml
-47
View File
@@ -1,47 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: atlantis
namespace: argocd
spec:
goTemplate: true
generators:
- list:
elements:
- cluster: https://kubernetes.default.svc
env: prod
hostname: atlantis.srv.oceanbox.io
autoSync: false
prune: true
# - cluster: https://staging-vcluster.staging-vcluster
# env: staging
# hostname: atlantis.beta.oceanbox.io
# autoSync: true
# prune: true
template:
metadata:
name: '{{ .env }}-atlantis'
spec:
project: atlantis
destination:
namespace: atlantis
server: '{{ .cluster }}'
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/atlantis
plugin:
name: kustomize-helm-with-rewrite
parameters:
- name: env
string: '{{ .env }}'
- name: hostname
string: '{{ .hostname }}'
templatePatch: |
{{- if .autoSync }}
spec:
syncPolicy:
automated:
prune: {{ .prune }}
selfHeal: false
{{- end }}
apps/busynix.yaml
+16 -29
View File
@@ -1,34 +1,21 @@
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
kind: Application
metadata:
name: busynix
namespace: argocd
spec:
generators:
- list:
elements:
# - cluster: https://kubernetes.default.svc
# env: prod
# hostname: busynix.srv.oceanbox.io
- cluster: https://staging-vcluster.staging-vcluster
env: staging
hostname: busynix.beta.oceanbox.io
template:
metadata:
name: '{{ env }}-busynix'
spec:
project: aux
destination:
namespace: default
server: '{{ cluster }}'
source:
repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/busynix
plugin:
name: kustomize-helm-with-rewrite
parameters:
- name: env
string: '{{ env }}'
- name: hostname
string: '{{ hostname }}'
project: aux
destination:
namespace: default
server: https://kubernetes.default.svc
source:
repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/busynix
plugin:
name: kustomize-helm-with-rewrite
parameters:
- name: env
string: staging
- name: hostname
string: busynix.beta.oceanbox.io
apps/dex.yaml
+18 -5
View File
@@ -1,15 +1,28 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: dex
name: prod-dex
namespace: argocd
spec:
project: aux
destination:
server: https://kubernetes.default.svc
namespace: idp
source:
repoURL: https://gitlab.com/oceanbox/manifests.git
namespace: dex
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: nixidy
path: values/dex/manifests
path: 'values/dex/prod'
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: nixidy
path: values/dex/resources
- repoURL: https://charts.dexidp.io
targetRevision: 0.19.1
chart: dex
helm:
valueFiles:
- $values/values/dex/values.yaml
- $values/values/dex/values-prod.yaml
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: nixidy
ref: values
apps/geoserver.yaml
+21 -34
View File
@@ -1,38 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
kind: Application
metadata:
name: geoserver
name: prod-geoserver
namespace: argocd
spec:
generators:
- list:
elements:
- cluster: https://kubernetes.default.svc
env: prod
hostname: geoserver.srv.oceanbox.io
# - cluster: https://kubernetes.default.svc
# env: staging
# hostname: geoserver.beta.oceanbox.io
template:
metadata:
name: '{{ env }}-geoserver'
spec:
project: aux
destination:
server: https://kubernetes.default.svc
namespace: geoserver
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/geoserver
plugin:
name: kustomize-helm-with-rewrite
parameters:
- name: env
string: '{{ env }}'
- name: hostname
string: geoserver.srv.oceanbox.io
- name: flags
string: "--skip-tests"
- name: chart
string: ncsa/geoserver
project: aux
destination:
server: https://kubernetes.default.svc
namespace: geoserver
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/geoserver
plugin:
name: kustomize-helm-with-rewrite
parameters:
- name: env
string: prod
- name: hostname
string: geoserver.srv.oceanbox.io
- name: flags
string: "--skip-tests"
- name: chart
string: ncsa/geoserver
apps/hipster.yaml
-47
View File
@@ -1,47 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: hipster
namespace: argocd
spec:
goTemplate: true
generators:
- list:
elements:
- cluster: https://kubernetes.default.svc
env: prod
hostname: hipster.srv.oceanbox.io
autoSync: false
prune: true
# - cluster: https://staging-vcluster.staging-vcluster
# env: staging
# hostname: hipster.beta.oceanbox.io
# autoSync: true
# prune: true
template:
metadata:
name: '{{ .env }}-hipster'
spec:
project: atlantis
destination:
namespace: atlantis
server: '{{ .cluster }}'
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/hipster
plugin:
name: kustomize-helm-with-rewrite
parameters:
- name: env
string: '{{ .env }}'
- name: hostname
string: '{{ .hostname }}'
templatePatch: |
{{- if .autoSync }}
spec:
syncPolicy:
automated:
prune: {{ .prune }}
selfHeal: false
{{- end }}
apps/petimeter.yaml
-50
View File
@@ -1,50 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: petimeter
namespace: argocd
spec:
goTemplate: true
generators:
- list:
elements:
- cluster: https://kubernetes.default.svc
env: prod
hostname: petimeter.srv.oceanbox.io
autoSync: false
prune: true
# - cluster: https://staging-vcluster.staging-vcluster
# env: staging
# hostname: petimeter.beta.oceanbox.io
# autoSync: true
# prune: true
template:
metadata:
name: '{{ .env }}-petimeter'
spec:
project: atlantis
destination:
namespace: atlantis
server: '{{ .cluster }}'
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/petimeter
plugin:
name: kustomize-helm-with-rewrite
parameters:
- name: env
string: '{{ .env }}'
- name: hostname
string: '{{ .hostname }}'
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/petimeter/manifests
templatePatch: |
{{- if .autoSync }}
spec:
syncPolicy:
automated:
prune: {{ .prune }}
selfHeal: false
{{- end }}
apps/redis.yaml
+24 -35
View File
@@ -1,39 +1,28 @@
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
kind: Application
metadata:
name: redis
name: prod-redis
namespace: argocd
spec:
generators:
- list:
elements:
- cluster: https://kubernetes.default.svc
env: prod
- cluster: https://kubernetes.default.svc
env: staging
template:
metadata:
name: '{{ env }}-redis'
spec:
project: aux
destination:
server: https://kubernetes.default.svc
namespace: redis
sources:
- repoURL: https://charts.bitnami.com/bitnami
targetRevision: 19.5.2
chart: redis
helm:
valueFiles:
- $values/values/redis/values-{{ env }}.yaml
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: HEAD
ref: values
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/redis/{{ env }}
ignoreDifferences:
- group: apps
kind: StatefulSet
jqPathExpressions:
- '.spec.template.spec.containers[].resources.limits.cpu'
project: aux
destination:
server: https://kubernetes.default.svc
namespace: redis
sources:
- repoURL: https://charts.bitnami.com/bitnami
targetRevision: 19.5.2
chart: redis
helm:
valueFiles:
- $values/values/redis/values-prod.yaml
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: HEAD
ref: values
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/redis/prod
ignoreDifferences:
- group: apps
kind: StatefulSet
jqPathExpressions:
- '.spec.template.spec.containers[].resources.limits.cpu'
apps/sorcerer.yaml
-47
View File
@@ -1,47 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: sorcerer
namespace: argocd
spec:
goTemplate: true
generators:
- list:
elements:
- cluster: https://10.255.241.99:4443
env: prod
hostname: sorcerer.data.oceanbox.io
autoSync: false
prune: true
# - cluster: https://10.255.241.99:4443
# env: staging
# hostname: sorcerer.ekman.oceanbox.io
# autoSync: true
# prune: true
template:
metadata:
name: '{{ .env }}-sorcerer'
spec:
project: atlantis
destination:
namespace: sorcerer
server: '{{ .cluster }}'
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: main
path: values/sorcerer
plugin:
name: kustomize-helm-with-rewrite
parameters:
- name: env
string: '{{ .env }}'
- name: hostname
string: '{{ .hostname }}'
templatePatch: |
{{- if .autoSync }}
spec:
syncPolicy:
automated:
prune: {{ .prune }}
selfHeal: false
{{- end }}
apps/wordpress.yaml
+1 -1
View File
@@ -14,7 +14,7 @@ spec:
chart: wordpress
helm:
valueFiles:
- $values/wordpress/values.yaml
- $values/values/wordpress/values.yaml
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: HEAD
ref: values
kustomizations/dex/templates
-1
Submodule kustomizations/dex/templates deleted from 1fd8cd005f
values/dex/base/cluster.yaml
-19
View File
@@ -1,19 +0,0 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: dexdb
spec:
enableSuperuserAccess: true
instances: 2
logLevel: info
storage:
pvcTemplate:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: managed-nfs-storage
volumeMode: Filesystem
resizeInUseVolumes: true
size: 1Gi
values/dex/base/config.yaml
-165
View File
@@ -1,165 +0,0 @@
issuer: https://idp.oceanbox.io/dex
storage:
type: postgres
config:
host: staging-dexdb-rw
port: 5432
database: app
user: app
password: epq4dGyf5sheJ7fp9f0NgYtPwlhS2Gvtb5FXl6tddcNGyIhwN9DchExTUD7nxFMH
ssl:
mode: disable
web:
http: 127.0.0.1:5556
telemetry:
http: 127.0.0.1:5558
grpc:
addr: 127.0.0.1:5557
frontend:
dir: /srv/dex/web
issuer: oceanbox
extra:
client_logo_url: "../theme/client-logo.png"
# enablePasswordDB: true
# staticPasswords:
# - email: "admin@oceanbox.io"
# hash: "$2y$12$2AUaWnDEpHxsfFyRzTwx8e8WtJtnhGJOujPjP3BXVVCJe3c.k2PjC"
# username: "admin"
# userID: "9a15441c-4d66-4b26-a0f6-4e619535ee8f"
oauth2:
responseTypes: [ "code" ]
skipApprovalScreen: true
alwaysShowLoginScreen: false
connectors:
- type: microsoft
id: oceanbox
name: oceanbox.io
config:
clientID: 43667ac0-37e1-422f-99fc-50a699bb255c
clientSecret: 5kA8Q~N1Gq~YBgJyKg8xNONZbvf4bM0Qwp_AUbM8
redirectURI: https://idp.oceanbox.io/dex/callback
tenant: organizations
- type: microsoft
id: itp
name: itpartner.no
config:
clientID: 43667ac0-37e1-422f-99fc-50a699bb255c
clientSecret: 5kA8Q~N1Gq~YBgJyKg8xNONZbvf4bM0Qwp_AUbM8
redirectURI: https://idp.oceanbox.io/dex/callback
tenant: organizations
# - type: microsoft
# id: oceanbox
# name: oceanbox.io
# config:
# clientID: 43667ac0-37e1-422f-99fc-50a699bb255c
# clientSecret: 5kA8Q~N1Gq~YBgJyKg8xNONZbvf4bM0Qwp_AUbM8
# tenant: 3f737008-e9a0-4485-9d27-40329d288089
# redirectURI: https://idp.oceanbox.io/dex/callback
# onlySecurityGroups: true
# groups:
# - atlantis
- type: microsoft
id: salmar
name: salmar.no
config:
clientID: 3f6f1153-e5da-40eb-a2dd-ede6c7bf6058
clientSecret: jR48Q~b6CyZrPclp0B8OCdET1B5TuiSfz1ygDc3C
tenant: de10159d-2c09-4762-966c-e841d3391feb
redirectURI: https://idp.oceanbox.io/dex/callback
onlySecurityGroups: true
groups:
- Azure-Grp-App-Cloud-Oceanbox
- type: microsoft
id: aqua-kompetanse
name: aqua-kompetanse.no
config:
clientID: 9fd83910-1a21-4869-8a30-19fc32722ee2
clientSecret: WnG8Q~DBcmUuTWsb-N0PVFXaBjeqI1XfiW.cYbZY
tenant: 6cd538cc-6cba-463f-9d22-1e0eda9695e3
redirectURI: https://idp.oceanbox.io/dex/callback
onlySecurityGroups: true
groups:
- Oceanbox
- type: oidc
id: keycloak
name: default
config:
issuer: https://auth.oceanbox.io/realms/oceanbox
clientID: dex
clientSecret: 4T7oMYLeShuIvrF3wvg4A24gcZWzdcrC
redirectURI: https://idp.oceanbox.io/dex/callback
promptType: login
staticClients:
- id: atlantis
redirectURIs:
- 'https://maps.oceanbox.io/signin-oidc'
- 'https://maps.srv.oceanbox.io/signin-oidc'
- 'https://atlantis.srv.oceanbox.io/signin-oidc'
- 'https://maps.relic.oceanbox.io/signin-oidc'
name: 'Atlantis'
secret: KOJ6bDHzE5vdyfSrzgwLjtM5PzA809Zm
- id: atlantis_dev
redirectURIs:
- 'https://atlantis.beta.oceanbox.io/signin-oidc'
- 'https://beta.oceanbox.io/signin-oidc'
- 'https://atlas.oceanbox.io/signin-oidc'
- 'https://jonas-atlantis.dev.oceanbox.io/signin-oidc'
- 'https://stig-atlantis.dev.oceanbox.io/signin-oidc'
- 'https://simkir-atlantis.dev.oceanbox.io/signin-oidc'
- 'https://atlantis.local.oceanbox.io:8080/signin-oidc'
- 'https://atlantis.local.oceanbox.io:8085/signin-oidc'
name: 'Atlantis dev'
secret: 3QjfSPmAemjn34XVA2o1fvoS7I4gKvOR
- id: petimeter
redirectURIs:
- 'https://petimeter.srv.oceanbox.io/signin-oidc'
name: 'Petimeter dev'
secret: kkrKo3mmmseMnorf9qw3eklefkoOKFNs
- id: petimeter_dev
redirectURIs:
- 'https://petimeter.beta.oceanbox.io/signin-oidc'
- 'https://jonas-petimeter.dev.oceanbox.io/signin-oidc'
- 'https://stig-petimeter.dev.oceanbox.io/signin-oidc'
- 'https://simkir-petimeter.dev.oceanbox.io/signin-oidc'
- 'https://local.oceanbox.io:8080/signin-oidc'
name: 'Petimeter dev'
secret: kfngKJF9EKVBnnvgkdmPfs0qw3rmjslk
- id: sorcerer
redirectURIs:
- 'https://sorcerer.data.oceanbox.io/signin-oidc'
- 'https://sorcerer.ekman.oceanbox.io/signin-oidc'
name: 'Sorcerer'
secret: sIUXxSQLaTJiLCQ9AqBhmEbAL9lubHGB
- id: sorcerer_dev
redirectURIs:
- 'https://sorcerer.ekman.oceanbox.io/signin-oidc'
- 'https://jonas-sorcerer.ekman.oceanbox.io/signin-oidc'
- 'https://stig-sorcerer.ekman.oceanbox.io/signin-oidc'
- 'https://simkir-sorcerer.ekman.oceanbox.io/signin-oidc'
- 'https://sorcerer.local.oceanbox.io:8080/signin-oidc'
- 'https://sorcerer.local.oceanbox.io:8085/signin-oidc'
name: 'Sorcerer dev'
secret: cyrgDr1UzhQrJn8nRVqEt9BJ9mLk3OBy
- id: archmeister
redirectURIs:
- 'https://archmeister.srv.oceanbox.io/signin-oidc'
name: 'Archmeister'
secret: ieK3yak9zoh3yeewee8quahY6seiv7Ro
- id: archmeister_dev
redirectURIs:
- 'https://archmeister.beta.oceanbox.io/signin-oidc'
- 'https://jonas-archmeister.dev.oceanbox.io/signin-oidc'
- 'https://stig-archmeister.dev.oceanbox.io/signin-oidc'
- 'https://simkir-archmeister.dev.oceanbox.io/signin-oidc'
- 'https://local.oceanbox.io:9080/signin-oidc'
name: 'Archmeister dev'
secret: Dae1eekeedeuKaoCiesh1Jei6aishe8I
- id: test
redirectURIs:
- 'http://localhost:8080/signin-oidc'
- 'https://localhost:8080/signin-oidc'
- 'http://localhost:8085/signin-oidc'
- 'https://localhost:8085/signin-oidc'
name: 'Local development'
secret: jkdjrKKkfkrkieurbd743jdrrrJdnRqR
values/dex/base/kustomization.yaml
-8
View File
@@ -1,8 +0,0 @@
generatorOptions:
disableNameSuffixHash: true
secretGenerator:
- name: dex-config
files:
- config.yaml
resources:
- cluster.yaml
values/dex/manifests/dex.yaml
-37
View File
@@ -1,37 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: dex
namespace: argocd
spec:
generators:
- list:
elements:
- cluster: https://kubernetes.default.svc
env: prod
hostanme: idp.srv.oceanbox.io
- cluster: https://kubernetes.default.svc
env: staging
hostanme: idp.beta.oceanbox.io
template:
metadata:
name: '{{ env }}-dex'
spec:
project: atlantis
destination:
server: https://kubernetes.default.svc
namespace: idp
sources:
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: nixidy
path: 'values/dex/{{ env }}'
- repoURL: https://charts.dexidp.io
targetRevision: 0.19.1
chart: dex
helm:
valueFiles:
- $values/values/dex/values.yaml
- $values/values/dex/values-{{ env }}.yaml
- repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: nixidy
ref: values
values/dex/manifests/resources.yaml
-15
View File
@@ -1,15 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: dex-resources
namespace: argocd
spec:
project: atlantis
destination:
server: https://kubernetes.default.svc
namespace: idp
source:
repoURL: https://gitlab.com/oceanbox/manifests.git
targetRevision: nixidy
path: values/dex/resources
values/dex/prod/kustomization.yaml
-3
View File
@@ -1,3 +0,0 @@
namePrefix: prod-
resources:
- ../base
values/dex/staging/cluster_patch.yaml
-3
View File
@@ -1,3 +0,0 @@
- op: replace
path: /spec/instances
value: 1
values/dex/staging/kustomization.yaml
-9
View File
@@ -1,9 +0,0 @@
namePrefix: staging-
patches:
- target:
group: postgresql.cnpg.io
version: v1
kind: Cluster
path: cluster_patch.yaml
resources:
- ../base