diff --git a/archmeister/applicationset.yaml b/archmeister/applicationset.yaml index 1653dea6..d858ca28 100644 --- a/archmeister/applicationset.yaml +++ b/archmeister/applicationset.yaml @@ -19,7 +19,7 @@ spec: spec: project: atlantis destination: - namespace: oceanbox + namespace: atlantis server: '{{ cluster }}' source: path: archmeister diff --git a/argo/kustomize-helm-with-rewrite/generate.sh b/argo/kustomize-helm-with-rewrite/generate.sh index e6500aa9..d7635571 100644 --- a/argo/kustomize-helm-with-rewrite/generate.sh +++ b/argo/kustomize-helm-with-rewrite/generate.sh @@ -2,24 +2,30 @@ export HOME=/tmp -echo $ARGOCD_APP_PARAMETERS | jq '.[] | select(.name == "helm-parameters") | .map' | yq -P -oy > parameters.yaml +env > /tmp/$ARGOCD_APP_NAME.env + +echo "$ARGOCD_APP_PARAMETERS" | jq '.[] | select(.name == "helm-parameters") | .map' | yq -P -oy > parameters.yaml cp parameters.yaml /tmp/$ARGOCD_APP_NAME-parameters.yaml -if [ -f chart -a $PARAM_CHART = "." ]; then +if [ -d chart ]; then + CHART=chart +elif [ -f chart -a "$PARAM_CHART" = "." ]; then CHART=$(cat chart) else CHART=$PARAM_CHART fi -helm template $PARAM_FLAGS \ - -f values.yaml \ - -f parameters.yaml \ - -f $PARAM_ENV/values.yaml \ - $ARGOCD_APP_NAME $CHART > ./base/_manifest.yaml +[ -f chart/values.yaml ] && VALUES="-f chart/values.yaml" +[ -f values.yaml ] && VALUES="$VALUES -f values.yaml" +[ -f $PARAM_ENV-values.yaml ] && VALUES="$VALUES -f $PARAM_ENV-values.yaml" +VALUES="$VALUES -f parameters.yaml" + +mkdir -p base +helm template $PARAM_FLAGS $VALUES $ARGOCD_APP_NAME $CHART > ./base/_manifest.yaml -cp ./base/_manifest.yaml /tmp/$ARGOCD_APP_NAME-manifest.yaml sed -i "$PARAM_REWRITE" ./base/_manifest.yaml -cp ./base/_manifest.yaml /tmp/$ARGOCD_APP_NAME-manifest-rw.yaml +cp ./base/_manifest.yaml /tmp/$ARGOCD_APP_NAME-manifest.yaml + +[ -d "$PARAM_ENV" ] && kubectl kustomize $PARAM_ENV > /tmp/$ARGOCD_APP_NAME-manifest.yaml -kubectl kustomize $PARAM_ENV > /tmp/$ARGOCD_APP_NAME-manifest.yaml cat /tmp/$ARGOCD_APP_NAME-manifest.yaml diff --git a/argo/kustomize-helm-with-rewrite/get-values.sh b/argo/kustomize-helm-with-rewrite/get-values.sh index ec4fbe92..33338063 100644 --- a/argo/kustomize-helm-with-rewrite/get-values.sh +++ b/argo/kustomize-helm-with-rewrite/get-values.sh @@ -1,15 +1,22 @@ #!/bin/sh -# cat << EOF -# [{ -# "name": "values", -# "title": "Values", -# "collectionType": "map", -# "map": { "replicaCount": "1" } -# }] -# EOF +if [ -f values.yaml ]; then + VALUES="values.yaml" +elif [ -f chart/values.yaml ]; then + VALUES="chart/values.yaml" +else + cat << EOF +[{ + "name": "helm-parameters", + "title": "Helm Parameters", + "collectionType": "map", + "map": { "replicaCount": "1" } +}] +EOF + exit 0 +fi -yq e -o=p values.yaml | jq --slurp --raw-input ' +yq e -o=p $VALUES | jq --slurp --raw-input ' [{ name: "helm-parameters", title: "Helm Parameters", diff --git a/cerbos/applicationset.yaml b/cerbos/applicationset.yaml index 9393ba18..e7b693b4 100644 --- a/cerbos/applicationset.yaml +++ b/cerbos/applicationset.yaml @@ -13,7 +13,7 @@ spec: env: staging template: metadata: - name: '{{ env }}-cerbox' + name: '{{ env }}-cerbos' spec: project: atlantis destination: diff --git a/dex/application.yaml b/dex/application.yaml index 3ebdeb89..3dc94cc9 100644 --- a/dex/application.yaml +++ b/dex/application.yaml @@ -1,70 +1,34 @@ apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: dex namespace: argocd spec: - project: atlantis - destination: - server: https://kubernetes.default.svc - namespace: atlantis - source: - repoURL: https://charts.dexidp.io - targetRevision: 0.16.0 - chart: dex - helm: - values: | - replicaCount: 1 - https: - enabled: false - grpc: - enabled: false - - configSecret: - create: true - name: "" - config: {} - - volumes: - - name: web - persistentVolumeClaim: - claimName: oceanbox-dex - volumeMounts: - - name: web - mountPath: /srv/dex/web - envVars: [] - - service: - annotations: {} - type: ClusterIP - clusterIP: "" - ports: - http: - port: 5556 - nodePort: - https: - port: 5554 - nodePort: - grpc: - port: 5557 - nodePort: - - ingress: - enabled: true - className: nginx - annotations: - cert-manager.io/cluster-issuer: letsencrypt-staging - nginx.ingress.kubernetes.io/ssl-redirect: "true" - hosts: - - host: idp.beta.oceanbox.io - paths: - - path: / - pathType: ImplementationSpecific - tls: - - secretName: dex-tls - hosts: - - idp.beta.oceanbox.io - - serviceMonitor: - enabled: true - + generators: + - list: + elements: + - cluster: https://kubernetes.default.svc + env: prod + hostanme: idp.srv.oceanbox.io + - cluster: https://kubernetes.default.svc + env: staging + hostanme: idp.beta.oceanbox.io + template: + metadata: + name: '{{ env }}-dex' + spec: + project: atlantis + destination: + server: https://kubernetes.default.svc + namespace: atlantis + source: + - repoURL: https://charts.dexidp.io + targetRevision: 0.16.0 + chart: dex + helm: + valueFiles: + - $values/dex/values.yaml + - repoURL: https://gitlab.com/oceanbox/manifests.git + targetRevision: HEAD + path: cerbos/manifests + ref: values diff --git a/dex/values.yaml b/dex/values.yaml new file mode 100644 index 00000000..db4be576 --- /dev/null +++ b/dex/values.yaml @@ -0,0 +1,53 @@ +replicaCount: 1 +https: + enabled: false +grpc: + enabled: false + +configSecret: + create: true + name: "" +config: {} + +volumes: + - name: web + persistentVolumeClaim: + claimName: oceanbox-dex +volumeMounts: + - name: web + mountPath: /srv/dex/web +envVars: [] + +service: + annotations: {} + type: ClusterIP + clusterIP: "" + ports: + http: + port: 5556 + nodePort: + https: + port: 5554 + nodePort: + grpc: + port: 5557 + nodePort: + +ingress: + enabled: true + className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-staging + nginx.ingress.kubernetes.io/ssl-redirect: "true" + hosts: + - host: idp.srv.oceanbox.io + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: dex-tls + hosts: + - idp.srv.oceanbox.io + +serviceMonitor: + enabled: true diff --git a/geoserver/applicationset.yaml b/geoserver/applicationset.yaml index 448a2b26..5242782c 100644 --- a/geoserver/applicationset.yaml +++ b/geoserver/applicationset.yaml @@ -1,25 +1,42 @@ apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: geoserver namespace: argocd spec: - project: gis - destination: - server: https://kubernetes.default.svc - namespace: geoserver - source: - repoURL: https://gitlab.com/oceanbox/charts.git - targetRevision: HEAD - path: geoserver - plugin: - name: kustomize-helm-with-rewrite - parameters: - - name: env - string: prod - - name: hostname - string: geoserver.srv.oceanbox.io - - name: flags - string: "--skip-tests" - - name: chart - string: ncsa/geoserver + generators: + - list: + elements: + - cluster: https://kubernetes.default.svc + env: prod + hostname: geoserver.srv.oceanbox.io + - cluster: https://kubernetes.default.svc + env: staging + hostname: geoserver.beta.oceanbox.io + template: + metadata: + name: '{{ env }}-geoserver' + spec: + project: atlantis + destination: + server: https://kubernetes.default.svc + namespace: geoserver + sources: + - repoURL: https://gitlab.com/oceanbox/charts.git + targetRevision: HEAD + path: geoserver + plugin: + name: kustomize-helm-with-rewrite + parameters: + - name: env + string: prod + - name: hostname + string: geoserver.srv.oceanbox.io + - name: flags + string: "--skip-tests" + - name: chart + string: ncsa/geoserver + # - repoURL: https://gitlab.com/oceanbox/manifests.git + # targetRevision: HEAD + # # path: /{{ env }} + # ref: values diff --git a/rabbitmq/applicationset.yaml b/rabbitmq/applicationset.yaml index 505530e8..6437aad3 100644 --- a/rabbitmq/applicationset.yaml +++ b/rabbitmq/applicationset.yaml @@ -1,49 +1,34 @@ apiVersion: argoproj.io/v1alpha1 -kind: Application +kind: ApplicationSet metadata: name: rabbitmq namespace: argocd +spec: + generators: + - list: + elements: + - cluster: https://kubernetes.default.svc + env: prod + hostname: rabbitmq.srv.oceanbox.io + - cluster: https://kubernetes.default.svc + env: staging + hostname: rabbitmq.beta.oceanbox.io + template: + metadata: + name: '{{ env }}-rabbitmq' spec: project: atlantis destination: server: https://kubernetes.default.svc - namespace: atlantis + namespace: rabbitmq sources: - repoURL: https://charts.bitnami.com/bitnami targetRevision: 12.9.0 chart: rabbitmq helm: - values: | - auth: - erlangCookie: "" - existingErlangSecret: "" - existingPasswordSecret: "" - password: hunny-bunny - username: user - clusterDomain: cluster.local - ingress: - annotations: - cert-manager.io/cluster-issuer: letsencrypt-production - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 - enabled: true - extraHosts: [] - extraPaths: [] - extraRules: [] - hostname: rabbitmq.svc.oceanbox.io - ingressClassName: "" - path: / - pathType: ImplementationSpecific - secrets: [] - selfSigned: false - tls: true - persistence: - accessModes: - - ReadWriteOnce - enabled: true - existingClaim: "" - size: 8Gi - storageClass: "" - - repoURL: https://gitlab.com/oceanbox/manifests + valuesFiles: + - $values/rabbitmq/{{ env }}/-values.yaml + - repoURL: https://gitlab.com/oceanbox/manifests.git targetRevision: HEAD - path: rabbitmq/manifests + path: rabbitmq/{{ env }} + ref: values diff --git a/rabbitmq/prod/nodeport.yaml b/rabbitmq/prod/nodeport.yaml index e07357ab..83a7ca7e 100644 --- a/rabbitmq/prod/nodeport.yaml +++ b/rabbitmq/prod/nodeport.yaml @@ -1,14 +1,9 @@ apiVersion: v1 kind: Service metadata: - name: rabbitmq-nodeport - namespace: atlantis + name: prod-rabbitmq-nodeport + namespace: rabbitmq spec: - externalTrafficPolicy: Cluster - internalTrafficPolicy: Cluster - ipFamilies: - - IPv4 - ipFamilyPolicy: SingleStack ports: - name: amqp nodePort: 30672 @@ -21,8 +16,7 @@ spec: protocol: TCP targetPort: 15672 selector: - app.kubernetes.io/instance: rabbitmq - app.kubernetes.io/name: rabbitmq - sessionAffinity: None + app.kubernetes.io/instance: prod-rabbitmq + app.kubernetes.io/name: prod-rabbitmq type: NodePort diff --git a/rabbitmq/prod/values.yaml b/rabbitmq/prod/values.yaml new file mode 100644 index 00000000..6cab2bc2 --- /dev/null +++ b/rabbitmq/prod/values.yaml @@ -0,0 +1,31 @@ +auth: + erlangCookie: "" + existingErlangSecret: "" + existingPasswordSecret: "" + password: hunny-bunny + username: user +clusterDomain: cluster.local +ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 + enabled: true + extraHosts: [] + extraPaths: [] + extraRules: [] + hostname: rabbitmq.srv.oceanbox.io + ingressClassName: "" + path: / + pathType: ImplementationSpecific + secrets: [] + selfSigned: false + tls: true +persistence: + accessModes: + - ReadWriteOnce + enabled: true + existingClaim: "" + size: 8Gi + storageClass: "" + diff --git a/rabbitmq/staging/nodeport.yaml b/rabbitmq/staging/nodeport.yaml new file mode 100644 index 00000000..639ac3f7 --- /dev/null +++ b/rabbitmq/staging/nodeport.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: staging-rabbitmq-nodeport + namespace: rabbitmq +spec: + ports: + - name: amqp + nodePort: 31672 + port: 5672 + protocol: TCP + targetPort: 5672 + - name: amqp-http + nodePort: 31673 + port: 15672 + protocol: TCP + targetPort: 15672 + selector: + app.kubernetes.io/instance: staging-rabbitmq + app.kubernetes.io/name: staging-rabbitmq + type: NodePort + diff --git a/rabbitmq/staging/values.yaml b/rabbitmq/staging/values.yaml new file mode 100644 index 00000000..5d962f65 --- /dev/null +++ b/rabbitmq/staging/values.yaml @@ -0,0 +1,31 @@ +auth: + erlangCookie: "" + existingErlangSecret: "" + existingPasswordSecret: "" + password: hunny-bunny + username: user +clusterDomain: cluster.local +ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-staging + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 + enabled: true + extraHosts: [] + extraPaths: [] + extraRules: [] + hostname: rabbitmq.beta.oceanbox.io + ingressClassName: "" + path: / + pathType: ImplementationSpecific + secrets: [] + selfSigned: false + tls: true +persistence: + accessModes: + - ReadWriteOnce + enabled: true + existingClaim: "" + size: 8Gi + storageClass: "" + diff --git a/seq/application.yaml b/seq/application.yaml index 1b84ea03..81227081 100644 --- a/seq/application.yaml +++ b/seq/application.yaml @@ -7,13 +7,13 @@ spec: project: atlantis destination: server: https://kubernetes.default.svc - namespace: atlantis + namespace: seq source: repoURL: https://helm.datalust.co targetRevision: 2024.1.0 chart: seq helm: - values: | + valuesObject: acceptEULA: "Y" # Set this URL if you enable ingress and/or AAD authentication.