platform/manifests
1
0
Fork 0
Code Issues 8 Pull Requests 4 Actions Packages Projects Releases Wiki Activity

wip: reworking manifests

Browse Source
This commit is contained in:
Jonas Juselius
2024-01-31 18:19:05 +01:00
parent 7506c8b373
commit 326c3a8993
13 changed files with 263 additions and 153 deletions
Download Patch File Download Diff File Expand all files Collapse all files
archmeister/applicationset.yaml
+1 -1
View File
@@ -19,7 +19,7 @@ spec:
spec: spec:
project: atlantis project: atlantis
destination: destination:
namespace: oceanbox namespace: atlantis
server: '{{ cluster }}' server: '{{ cluster }}'
source: source:
path: archmeister path: archmeister
argo/kustomize-helm-with-rewrite/generate.sh
+16 -10
View File
@@ -2,24 +2,30 @@
export HOME=/tmp export HOME=/tmp
echo $ARGOCD_APP_PARAMETERS | jq '.[] | select(.name == "helm-parameters") | .map' | yq -P -oy > parameters.yaml env > /tmp/$ARGOCD_APP_NAME.env
echo "$ARGOCD_APP_PARAMETERS" | jq '.[] | select(.name == "helm-parameters") | .map' | yq -P -oy > parameters.yaml
cp parameters.yaml /tmp/$ARGOCD_APP_NAME-parameters.yaml cp parameters.yaml /tmp/$ARGOCD_APP_NAME-parameters.yaml
if [ -f chart -a $PARAM_CHART = "." ]; then if [ -d chart ]; then
CHART=chart
elif [ -f chart -a "$PARAM_CHART" = "." ]; then
CHART=$(cat chart) CHART=$(cat chart)
else else
CHART=$PARAM_CHART CHART=$PARAM_CHART
fi fi
helm template $PARAM_FLAGS \ [ -f chart/values.yaml ] && VALUES="-f chart/values.yaml"
-f values.yaml \ [ -f values.yaml ] && VALUES="$VALUES -f values.yaml"
-f parameters.yaml \ [ -f $PARAM_ENV-values.yaml ] && VALUES="$VALUES -f $PARAM_ENV-values.yaml"
-f $PARAM_ENV/values.yaml \ VALUES="$VALUES -f parameters.yaml"
$ARGOCD_APP_NAME $CHART > ./base/_manifest.yaml
mkdir -p base
helm template $PARAM_FLAGS $VALUES $ARGOCD_APP_NAME $CHART > ./base/_manifest.yaml
cp ./base/_manifest.yaml /tmp/$ARGOCD_APP_NAME-manifest.yaml
sed -i "$PARAM_REWRITE" ./base/_manifest.yaml sed -i "$PARAM_REWRITE" ./base/_manifest.yaml
cp ./base/_manifest.yaml /tmp/$ARGOCD_APP_NAME-manifest-rw.yaml cp ./base/_manifest.yaml /tmp/$ARGOCD_APP_NAME-manifest.yaml
[ -d "$PARAM_ENV" ] && kubectl kustomize $PARAM_ENV > /tmp/$ARGOCD_APP_NAME-manifest.yaml
kubectl kustomize $PARAM_ENV > /tmp/$ARGOCD_APP_NAME-manifest.yaml
cat /tmp/$ARGOCD_APP_NAME-manifest.yaml cat /tmp/$ARGOCD_APP_NAME-manifest.yaml
argo/kustomize-helm-with-rewrite/get-values.sh
+16 -9
View File
@@ -1,15 +1,22 @@
#!/bin/sh #!/bin/sh
# cat << EOF if [ -f values.yaml ]; then
# [{ VALUES="values.yaml"
# "name": "values", elif [ -f chart/values.yaml ]; then
# "title": "Values", VALUES="chart/values.yaml"
# "collectionType": "map", else
# "map": { "replicaCount": "1" } cat << EOF
# }] [{
# EOF "name": "helm-parameters",
"title": "Helm Parameters",
"collectionType": "map",
"map": { "replicaCount": "1" }
}]
EOF
exit 0
fi
yq e -o=p values.yaml | jq --slurp --raw-input ' yq e -o=p $VALUES | jq --slurp --raw-input '
[{ [{
name: "helm-parameters", name: "helm-parameters",
title: "Helm Parameters", title: "Helm Parameters",
cerbos/applicationset.yaml
+1 -1
View File
@@ -13,7 +13,7 @@ spec:
env: staging env: staging
template: template:
metadata: metadata:
name: '{{ env }}-cerbox' name: '{{ env }}-cerbos'
spec: spec:
project: atlantis project: atlantis
destination: destination:
dex/application.yaml
+29 -65
View File
@@ -1,70 +1,34 @@
apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
kind: Application kind: ApplicationSet
metadata: metadata:
name: dex name: dex
namespace: argocd namespace: argocd
spec: spec:
project: atlantis generators:
destination: - list:
server: https://kubernetes.default.svc elements:
namespace: atlantis - cluster: https://kubernetes.default.svc
source: env: prod
repoURL: https://charts.dexidp.io hostanme: idp.srv.oceanbox.io
targetRevision: 0.16.0 - cluster: https://kubernetes.default.svc
chart: dex env: staging
helm: hostanme: idp.beta.oceanbox.io
values: | template:
replicaCount: 1 metadata:
https: name: '{{ env }}-dex'
enabled: false spec:
grpc: project: atlantis
enabled: false destination:
server: https://kubernetes.default.svc
configSecret: namespace: atlantis
create: true source:
name: "" - repoURL: https://charts.dexidp.io
config: {} targetRevision: 0.16.0
chart: dex
volumes: helm:
- name: web valueFiles:
persistentVolumeClaim: - $values/dex/values.yaml
claimName: oceanbox-dex - repoURL: https://gitlab.com/oceanbox/manifests.git
volumeMounts: targetRevision: HEAD
- name: web path: cerbos/manifests
mountPath: /srv/dex/web ref: values
envVars: []
service:
annotations: {}
type: ClusterIP
clusterIP: ""
ports:
http:
port: 5556
nodePort:
https:
port: 5554
nodePort:
grpc:
port: 5557
nodePort:
ingress:
enabled: true
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging
nginx.ingress.kubernetes.io/ssl-redirect: "true"
hosts:
- host: idp.beta.oceanbox.io
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: dex-tls
hosts:
- idp.beta.oceanbox.io
serviceMonitor:
enabled: true
dex/values.yaml
+53
View File
@@ -0,0 +1,53 @@
replicaCount: 1
https:
enabled: false
grpc:
enabled: false
configSecret:
create: true
name: ""
config: {}
volumes:
- name: web
persistentVolumeClaim:
claimName: oceanbox-dex
volumeMounts:
- name: web
mountPath: /srv/dex/web
envVars: []
service:
annotations: {}
type: ClusterIP
clusterIP: ""
ports:
http:
port: 5556
nodePort:
https:
port: 5554
nodePort:
grpc:
port: 5557
nodePort:
ingress:
enabled: true
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging
nginx.ingress.kubernetes.io/ssl-redirect: "true"
hosts:
- host: idp.srv.oceanbox.io
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: dex-tls
hosts:
- idp.srv.oceanbox.io
serviceMonitor:
enabled: true
geoserver/applicationset.yaml
+37 -20
View File
@@ -1,25 +1,42 @@
apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
kind: Application kind: ApplicationSet
metadata: metadata:
name: geoserver name: geoserver
namespace: argocd namespace: argocd
spec: spec:
project: gis generators:
destination: - list:
server: https://kubernetes.default.svc elements:
namespace: geoserver - cluster: https://kubernetes.default.svc
source: env: prod
repoURL: https://gitlab.com/oceanbox/charts.git hostname: geoserver.srv.oceanbox.io
targetRevision: HEAD - cluster: https://kubernetes.default.svc
path: geoserver env: staging
plugin: hostname: geoserver.beta.oceanbox.io
name: kustomize-helm-with-rewrite template:
parameters: metadata:
- name: env name: '{{ env }}-geoserver'
string: prod spec:
- name: hostname project: atlantis
string: geoserver.srv.oceanbox.io destination:
- name: flags server: https://kubernetes.default.svc
string: "--skip-tests" namespace: geoserver
- name: chart sources:
string: ncsa/geoserver - repoURL: https://gitlab.com/oceanbox/charts.git
targetRevision: HEAD
path: geoserver
plugin:
name: kustomize-helm-with-rewrite
parameters:
- name: env
string: prod
- name: hostname
string: geoserver.srv.oceanbox.io
- name: flags
string: "--skip-tests"
- name: chart
string: ncsa/geoserver
# - repoURL: https://gitlab.com/oceanbox/manifests.git
# targetRevision: HEAD
# # path: /{{ env }}
# ref: values
rabbitmq/applicationset.yaml
+20 -35
View File
@@ -1,49 +1,34 @@
apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
kind: Application kind: ApplicationSet
metadata: metadata:
name: rabbitmq name: rabbitmq
namespace: argocd namespace: argocd
spec:
generators:
- list:
elements:
- cluster: https://kubernetes.default.svc
env: prod
hostname: rabbitmq.srv.oceanbox.io
- cluster: https://kubernetes.default.svc
env: staging
hostname: rabbitmq.beta.oceanbox.io
template:
metadata:
name: '{{ env }}-rabbitmq'
spec: spec:
project: atlantis project: atlantis
destination: destination:
server: https://kubernetes.default.svc server: https://kubernetes.default.svc
namespace: atlantis namespace: rabbitmq
sources: sources:
- repoURL: https://charts.bitnami.com/bitnami - repoURL: https://charts.bitnami.com/bitnami
targetRevision: 12.9.0 targetRevision: 12.9.0
chart: rabbitmq chart: rabbitmq
helm: helm:
values: | valuesFiles:
auth: - $values/rabbitmq/{{ env }}/-values.yaml
erlangCookie: "" - repoURL: https://gitlab.com/oceanbox/manifests.git
existingErlangSecret: ""
existingPasswordSecret: ""
password: hunny-bunny
username: user
clusterDomain: cluster.local
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
enabled: true
extraHosts: []
extraPaths: []
extraRules: []
hostname: rabbitmq.svc.oceanbox.io
ingressClassName: ""
path: /
pathType: ImplementationSpecific
secrets: []
selfSigned: false
tls: true
persistence:
accessModes:
- ReadWriteOnce
enabled: true
existingClaim: ""
size: 8Gi
storageClass: ""
- repoURL: https://gitlab.com/oceanbox/manifests
targetRevision: HEAD targetRevision: HEAD
path: rabbitmq/manifests path: rabbitmq/{{ env }}
ref: values
rabbitmq/prod/nodeport.yaml
+4 -10
View File
@@ -1,14 +1,9 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: rabbitmq-nodeport name: prod-rabbitmq-nodeport
namespace: atlantis namespace: rabbitmq
spec: spec:
externalTrafficPolicy: Cluster
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports: ports:
- name: amqp - name: amqp
nodePort: 30672 nodePort: 30672
@@ -21,8 +16,7 @@ spec:
protocol: TCP protocol: TCP
targetPort: 15672 targetPort: 15672
selector: selector:
app.kubernetes.io/instance: rabbitmq app.kubernetes.io/instance: prod-rabbitmq
app.kubernetes.io/name: rabbitmq app.kubernetes.io/name: prod-rabbitmq
sessionAffinity: None
type: NodePort type: NodePort
rabbitmq/prod/values.yaml
+31
View File
@@ -0,0 +1,31 @@
auth:
erlangCookie: ""
existingErlangSecret: ""
existingPasswordSecret: ""
password: hunny-bunny
username: user
clusterDomain: cluster.local
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
enabled: true
extraHosts: []
extraPaths: []
extraRules: []
hostname: rabbitmq.srv.oceanbox.io
ingressClassName: ""
path: /
pathType: ImplementationSpecific
secrets: []
selfSigned: false
tls: true
persistence:
accessModes:
- ReadWriteOnce
enabled: true
existingClaim: ""
size: 8Gi
storageClass: ""
rabbitmq/staging/nodeport.yaml
+22
View File
@@ -0,0 +1,22 @@
apiVersion: v1
kind: Service
metadata:
name: staging-rabbitmq-nodeport
namespace: rabbitmq
spec:
ports:
- name: amqp
nodePort: 31672
port: 5672
protocol: TCP
targetPort: 5672
- name: amqp-http
nodePort: 31673
port: 15672
protocol: TCP
targetPort: 15672
selector:
app.kubernetes.io/instance: staging-rabbitmq
app.kubernetes.io/name: staging-rabbitmq
type: NodePort
rabbitmq/staging/values.yaml
+31
View File
@@ -0,0 +1,31 @@
auth:
erlangCookie: ""
existingErlangSecret: ""
existingPasswordSecret: ""
password: hunny-bunny
username: user
clusterDomain: cluster.local
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
enabled: true
extraHosts: []
extraPaths: []
extraRules: []
hostname: rabbitmq.beta.oceanbox.io
ingressClassName: ""
path: /
pathType: ImplementationSpecific
secrets: []
selfSigned: false
tls: true
persistence:
accessModes:
- ReadWriteOnce
enabled: true
existingClaim: ""
size: 8Gi
storageClass: ""
seq/application.yaml
+2 -2
View File
@@ -7,13 +7,13 @@ spec:
project: atlantis project: atlantis
destination: destination:
server: https://kubernetes.default.svc server: https://kubernetes.default.svc
namespace: atlantis namespace: seq
source: source:
repoURL: https://helm.datalust.co repoURL: https://helm.datalust.co
targetRevision: 2024.1.0 targetRevision: 2024.1.0
chart: seq chart: seq
helm: helm:
values: | valuesObject:
acceptEULA: "Y" acceptEULA: "Y"
# Set this URL if you enable ingress and/or AAD authentication. # Set this URL if you enable ingress and/or AAD authentication.