Merge branch 'main' of gitlab.com:oceanbox/manifests
This commit is contained in:
@@ -4,7 +4,7 @@ description: A Helm chart for Kubernetes
|
|||||||
type: application
|
type: application
|
||||||
# This is the chart version. This version number should be incremented each time you make changes
|
# This is the chart version. This version number should be incremented each time you make changes
|
||||||
# to the chart and its templates, including the app version.
|
# to the chart and its templates, including the app version.
|
||||||
version: v1.1.2
|
version: v1.1.6
|
||||||
# This is the version number of the application being deployed. This version number should be
|
# This is the version number of the application being deployed. This version number should be
|
||||||
# incremented each time you make changes to the application.
|
# incremented each time you make changes to the application.
|
||||||
appVersion: v1.1.2
|
appVersion: v1.1.6
|
||||||
|
|||||||
@@ -52,6 +52,10 @@ spec:
|
|||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: data
|
- name: data
|
||||||
mountPath: /data
|
mountPath: /data
|
||||||
|
- name: appsettings
|
||||||
|
mountPath: /app/appsettings.json
|
||||||
|
subPath: appsettings.json
|
||||||
|
readOnly: true
|
||||||
{{- if .Values.service.https }}
|
{{- if .Values.service.https }}
|
||||||
- name: tls-certificates
|
- name: tls-certificates
|
||||||
mountPath: /app/tls
|
mountPath: /app/tls
|
||||||
@@ -65,6 +69,10 @@ spec:
|
|||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: data
|
- name: data
|
||||||
mountPath: /data
|
mountPath: /data
|
||||||
|
- name: appsettings
|
||||||
|
mountPath: /app/appsettings.json
|
||||||
|
subPath: appsettings.json
|
||||||
|
readOnly: true
|
||||||
{{- end }}
|
{{- end }}
|
||||||
volumes:
|
volumes:
|
||||||
- name: data
|
- name: data
|
||||||
@@ -74,6 +82,9 @@ spec:
|
|||||||
{{- else }}
|
{{- else }}
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
- name: appsettings
|
||||||
|
configMap:
|
||||||
|
name: {{ template "Plume.fullname" . }}-appsettings
|
||||||
{{- with .Values.nodeSelector }}
|
{{- with .Values.nodeSelector }}
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
|
|||||||
@@ -4,7 +4,7 @@
|
|||||||
replicaCount: 1
|
replicaCount: 1
|
||||||
image:
|
image:
|
||||||
repository: registry.gitlab.com/oceanbox/plume/plume
|
repository: registry.gitlab.com/oceanbox/plume/plume
|
||||||
tag: v1.1.2
|
tag: v1.1.6
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
init:
|
init:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|||||||
@@ -0,0 +1,4 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
resources:
|
||||||
|
- _manifest.yaml
|
||||||
@@ -0,0 +1,8 @@
|
|||||||
|
{
|
||||||
|
"archmaesterUrl": "https://atlantis.src.oceanbox.io",
|
||||||
|
"appName": "plume",
|
||||||
|
"appEnv": "staging",
|
||||||
|
"appNamespace": "staging-plume",
|
||||||
|
"appVersion": "0.0.0",
|
||||||
|
"cacheDir": "/data/archives/cache"
|
||||||
|
}
|
||||||
@@ -0,0 +1,8 @@
|
|||||||
|
generatorOptions:
|
||||||
|
disableNameSuffixHash: true
|
||||||
|
configMapGenerator:
|
||||||
|
- name: plume-appsettings
|
||||||
|
files:
|
||||||
|
- appsettings.json
|
||||||
|
resources:
|
||||||
|
- ../base
|
||||||
@@ -18,7 +18,7 @@ spec:
|
|||||||
namespace: sorcerer
|
namespace: sorcerer
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: azure-keyvault
|
name: azure-keyvault
|
||||||
namespace: '{{request.object.metadata.namespace}}'
|
namespace: '{{`{{request.object.metadata.namespace}}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
match:
|
match:
|
||||||
any:
|
any:
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ spec:
|
|||||||
kind: Secret
|
kind: Secret
|
||||||
# name: oceanbox-regcred
|
# name: oceanbox-regcred
|
||||||
name: gitlab-pull-secret
|
name: gitlab-pull-secret
|
||||||
namespace: '{{request.object.metadata.name}}'
|
namespace: '{{`{{request.object.metadata.name}}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
exclude:
|
exclude:
|
||||||
any:
|
any:
|
||||||
|
|||||||
@@ -10,8 +10,8 @@ spec:
|
|||||||
generate:
|
generate:
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: '{{ request.object.metadata.name }}'
|
name: '{{`{{ request.object.metadata.name }}`}}'
|
||||||
namespace: '{{ request.object.metadata.namespace }}'
|
namespace: '{{`{{ request.object.metadata.namespace }}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
clone:
|
clone:
|
||||||
name: staging-sorcerer-env
|
name: staging-sorcerer-env
|
||||||
@@ -34,8 +34,8 @@ spec:
|
|||||||
generate:
|
generate:
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: '{{ request.object.metadata.name }}'
|
name: '{{`{{ request.object.metadata.name }}`}}'
|
||||||
namespace: '{{ request.object.metadata.namespace }}'
|
namespace: '{{`{{ request.object.metadata.namespace }}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
clone:
|
clone:
|
||||||
name: dapr-api-token
|
name: dapr-api-token
|
||||||
|
|||||||
@@ -22,11 +22,11 @@ spec:
|
|||||||
targets:
|
targets:
|
||||||
- apiVersion: v1
|
- apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: "{{ request.object.metadata.name }}"
|
name: '{{`{{ request.object.metadata.name }}`}}'
|
||||||
patchStrategicMerge:
|
patchStrategicMerge:
|
||||||
stringData:
|
stringData:
|
||||||
postgres-password: '{{ request.object.data.password | base64_decode(@) }}'
|
postgres-password: '{{`{{ request.object.data.password | base64_decode(@) }}`}}'
|
||||||
uri: 'postgres://{{ request.object.data.username | base64_decode(@) }}:{{ request.object.data.password | base64_decode(@) }}@{{ request.object.metadata.labels."cnpg.io/cluster" }}-rw/app?sslmode=disable'
|
uri: '{{`postgres://{{ request.object.data.username | base64_decode(@) }}:{{ request.object.data.password | base64_decode(@) }}@{{ request.object.metadata.labels."cnpg.io/cluster" }}-rw/app?sslmode=disable`}}'
|
||||||
skipBackgroundRequests: true
|
skipBackgroundRequests: true
|
||||||
validationFailureAction: Audit
|
validationFailureAction: Audit
|
||||||
|
|
||||||
|
|||||||
@@ -10,8 +10,8 @@ spec:
|
|||||||
generate:
|
generate:
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: '{{ request.object.metadata.name }}'
|
name: '{{`{{ request.object.metadata.name }}`}}'
|
||||||
namespace: '{{ request.object.metadata.namespace }}'
|
namespace: '{{`{{ request.object.metadata.namespace }}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
clone:
|
clone:
|
||||||
name: prod-rabbitmq
|
name: prod-rabbitmq
|
||||||
@@ -35,8 +35,8 @@ spec:
|
|||||||
generate:
|
generate:
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: '{{ request.object.metadata.name }}'
|
name: '{{`{{ request.object.metadata.name }}`}}'
|
||||||
namespace: '{{ request.object.metadata.namespace }}'
|
namespace: '{{`{{ request.object.metadata.namespace }}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
clone:
|
clone:
|
||||||
name: staging-rabbitmq
|
name: staging-rabbitmq
|
||||||
@@ -60,8 +60,8 @@ spec:
|
|||||||
generate:
|
generate:
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: '{{ request.object.metadata.name }}'
|
name: '{{`{{ request.object.metadata.name }}`}}'
|
||||||
namespace: '{{ request.object.metadata.namespace }}'
|
namespace: '{{`{{ request.object.metadata.namespace }}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
clone:
|
clone:
|
||||||
name: staging-atlantis-env
|
name: staging-atlantis-env
|
||||||
@@ -84,8 +84,8 @@ spec:
|
|||||||
generate:
|
generate:
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: '{{ request.object.metadata.name }}'
|
name: '{{`{{ request.object.metadata.name }}`}}'
|
||||||
namespace: '{{ request.object.metadata.namespace }}'
|
namespace: '{{`{{ request.object.metadata.namespace }}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
clone:
|
clone:
|
||||||
name: azure-keyvault
|
name: azure-keyvault
|
||||||
@@ -108,8 +108,8 @@ spec:
|
|||||||
generate:
|
generate:
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: '{{ request.object.metadata.name }}'
|
name: '{{`{{ request.object.metadata.name }}`}}'
|
||||||
namespace: '{{ request.object.metadata.namespace }}'
|
namespace: '{{`{{ request.object.metadata.namespace }}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
clone:
|
clone:
|
||||||
name: dapr-api-token
|
name: dapr-api-token
|
||||||
@@ -133,7 +133,7 @@ spec:
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: prod-atlantis-db-ca
|
name: prod-atlantis-db-ca
|
||||||
namespace: '{{ request.object.metadata.namespace }}'
|
namespace: '{{`{{ request.object.metadata.namespace }}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
clone:
|
clone:
|
||||||
namespace: prod-atlantis
|
namespace: prod-atlantis
|
||||||
@@ -152,7 +152,7 @@ spec:
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: prod-atlantis-db-replication
|
name: prod-atlantis-db-replication
|
||||||
namespace: '{{ request.object.metadata.namespace }}'
|
namespace: '{{`{{ request.object.metadata.namespace }}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
clone:
|
clone:
|
||||||
namespace: prod-atlantis
|
namespace: prod-atlantis
|
||||||
|
|||||||
@@ -18,7 +18,7 @@ spec:
|
|||||||
namespace: atlantis
|
namespace: atlantis
|
||||||
kind: Secret
|
kind: Secret
|
||||||
name: azure-keyvault
|
name: azure-keyvault
|
||||||
namespace: '{{request.object.metadata.name}}'
|
namespace: '{{`{{request.object.metadata.name}}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
match:
|
match:
|
||||||
any:
|
any:
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ spec:
|
|||||||
kind: Secret
|
kind: Secret
|
||||||
# name: oceanbox-regcred
|
# name: oceanbox-regcred
|
||||||
name: gitlab-pull-secret
|
name: gitlab-pull-secret
|
||||||
namespace: '{{request.object.metadata.name}}'
|
namespace: '{{`{{request.object.metadata.name}}`}}'
|
||||||
synchronize: true
|
synchronize: true
|
||||||
exclude:
|
exclude:
|
||||||
any:
|
any:
|
||||||
|
|||||||
@@ -10,17 +10,16 @@ spec:
|
|||||||
k8s:io.kubernetes.pod.namespace: dapr-system
|
k8s:io.kubernetes.pod.namespace: dapr-system
|
||||||
- toEndpoints:
|
- toEndpoints:
|
||||||
- matchLabels:
|
- matchLabels:
|
||||||
k8s:io.kubernetes.pod.namespace: {{ .Values.rabbitmq.namespace | default "rabbitmq" }}
|
k8s:io.kubernetes.pod.namespace: rabbitmq
|
||||||
- toEndpoints:
|
- toEndpoints:
|
||||||
- matchLabels:
|
- matchLabels:
|
||||||
k8s:io.kubernetes.pod.namespace: {{ .Values.tracing.namespace | default "otel" }}
|
k8s:io.kubernetes.pod.namespace: otel
|
||||||
- toFQDNs:
|
- toFQDNs:
|
||||||
- matchName: dapr.github.io
|
- matchName: dapr.github.io
|
||||||
- matchName: analytics.loft.rocks
|
- matchName: analytics.loft.rocks
|
||||||
|
- matchPattern: '*.oceanbox.io'
|
||||||
# - matchName: gitlab.com
|
# - matchName: gitlab.com
|
||||||
# - matchName: api.github.com
|
# - matchName: api.github.com
|
||||||
- matchPattern: "*.k1.itpartner.no"
|
|
||||||
- matchPattern: '*.oceanbox.io'
|
|
||||||
# - matchPattern: '*.gitlab.com'
|
# - matchPattern: '*.gitlab.com'
|
||||||
endpointSelector:
|
endpointSelector:
|
||||||
matchLabels: {}
|
matchLabels: {}
|
||||||
|
|||||||
Reference in New Issue
Block a user