platform/manifests
1
1
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

Merge branch 'nixidy' of gitlab.com:oceanbox/manifests into nixidy

Browse Source
This commit is contained in:
Jonas Juselius
2024-10-15 08:02:36 +02:00
parent 474d04862c ea929b7dc4
commit 7ca0a2d397
10 changed files with 100 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/atlantis.nix
+42 -97
View File
@@ -1,106 +1,51 @@
{ lib, config, ... }: { lib, config, ... }:
let let
cfg = config.apps.atlantis; cfg = config.apps.atlantis;
in env = config.apps.env;
{
options.apps.atlantis = { values = lib.apps.appValues {
enable = lib.mkOption { inherit env;
type = lib.types.bool; base = ../values/atlantis;
default = true; extraValues = {};
description = "Enable";
};
autoSync = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Auto sync";
};
prune = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Prune";
};
}; };
config = lib.mkIf cfg.enable { kustomize = r:
applications.atlantis.resources = { if r.kind == "Deployment" then
applicationSets = { lib.attrsets.recursiveUpdate r {
atlantis.spec = { spec.template.spec.containers =
goTemplate = true; builtins.map (x:
generators = [ x // {
{ livenessProbe.httpGet.path = "/healthz";
list = { readinessProble.httpGet.path = "/healthz";
elements = [ env = x.env ++ [ { name = "INERNAL_PORT"; value = 8000; } ];
{ }) r.spec.template.spec.containers;
env = "prod"; }
namespace = "atlantis"; else if r.kind == "Service" then
project = "atlantis"; {}
cluster = "https://kubernetes.default.svc"; else r;
hostname = "atlantis.srv.oceanbox.io"; in
revision = "main"; {
autoSync = cfg.autoSync; options.apps.atlantis = lib.apps.appOptions {
prune = cfg.prune; revision = lib.mkOption {
} type = lib.types.str;
{ default = "main";
env = "staging"; description = "Revision";
namespace = "atlantis";
project = "atlantis";
cluster = "https://staging-vcluster.staging-vcluster";
hostname = "atlantis.beta.oceanbox.io";
revision = "main";
autoSync = cfg.autoSync;
prune = cfg.prune;
}
];
};
}
];
template = {
metadata = {
name = "{{ .env }}-atlantis";
annotations = {
"argocd.argoproj.io/compare-options" = "ServerSideDiff=true";
};
};
spec = {
destination = {
namespace = "{{`{{.namespace}}`}}";
server = "{{ .cluster }}";
};
project = "{{`{{.project}}`}}";
sources = [
{
repoURL = "https://gitlab.com/oceanbox/manifests.git";
targetRevision = "{{`{{.revision}}`}}";
path = "values/atlantis";
plugin = {
name = "kustomize-helm-with-rewrite";
parameters = [
{
name = "env";
string = "{{ .env }}";
}
{
name = "hostname";
string = "{{ .hostname }}";
}
];
};
}
];
syncPolicy = {
syncOptions = [
"CreateNamespace=true"
"ApplyOutOfSyncOnly=true"
];
automated = lib.mkIf cfg.autoSync {
prune = cfg.prune;
selfHeal = false;
};
};
};
};
};
}; };
hostname = lib.mkOption {
type = lib.types.str;
default = if env == "prod"
then "maps.oceanbox.io"
else "atlantis.beta.oceanbox.io";
description = "Revision";
};
};
config = lib.apps.appConfig cfg "${env}-atlantis" {
helm.releases."${env}-atlantis" = {
inherit values;
chart = ../charts/atlantis;
transformer = rs: builtins.map (x: kustomize x) rs;
}; };
}; };
} }
apps/openfga.nix
+1 -1
View File
@@ -18,7 +18,7 @@ in
{ {
options.apps.openfga = lib.apps.appOptions {}; options.apps.openfga = lib.apps.appOptions {};
config = lib.apps.appConfig cfg "openfga" { config = lib.apps.appConfig cfg "${env}-openfga" {
helm.releases."${env}-openfga" = { helm.releases."${env}-openfga" = {
inherit values; inherit values;
chart = lib.helm.downloadHelmChart { chart = lib.helm.downloadHelmChart {
charts/atlantis/charts/redis-20.1.7.tgz
BIN
View File
Binary file not shown.
charts/atlantis/values.yaml
-1
View File
@@ -112,7 +112,6 @@ redis:
master: master:
resources: resources:
limits: limits:
cpu: null
ephemeral-storage: 1024Mi ephemeral-storage: 1024Mi
memory: 192Mi memory: 192Mi
requests: requests:
flake.lock
Generated
+31 -15
View File
@@ -4,7 +4,7 @@
"inputs": { "inputs": {
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_5", "flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_3",
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
@@ -322,30 +322,30 @@
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_4",
"kubenix": "kubenix", "kubenix": "kubenix",
"nix-kube-generators": "nix-kube-generators_3", "nix-kube-generators": "nix-kube-generators_3",
"nixpkgs": [ "nixpkgs": "nixpkgs"
"nixpkgs"
]
}, },
"locked": { "locked": {
"dirtyRev": "6e20193c95a0aaca444289d7c69f4eb329d25234-dirty", "lastModified": 1728908720,
"dirtyShortRev": "6e20193-dirty",
"lastModified": 1728815994,
"narHash": "sha256-0fNVuZdg7vNn47NBcStHzVzWfpSM2cdh7k2kiTcUal8=", "narHash": "sha256-0fNVuZdg7vNn47NBcStHzVzWfpSM2cdh7k2kiTcUal8=",
"type": "git", "owner": "juselius",
"url": "file:///home/jonas/src/OceanBox/nixidy" "repo": "nixidy",
"rev": "21cee93f73c29eff44c37dbc90ba68d217258b9d",
"type": "github"
}, },
"original": { "original": {
"type": "git", "owner": "juselius",
"url": "file:///home/jonas/src/OceanBox/nixidy" "ref": "special-args",
"repo": "nixidy",
"type": "github"
} }
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1728492678, "lastModified": 1702151865,
"narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=", "narHash": "sha256-9VAt19t6yQa7pHZLDbil/QctAgVsA66DLnzdRGqDisg=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7", "rev": "666fc80e7b2afb570462423cb0e1cf1a3a34fedd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -372,6 +372,22 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1728492678,
"narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1697382362, "lastModified": 1697382362,
"narHash": "sha256-PvFjWFmSYOF6TjNZ/WjOeqa+sgaWm+83Fz37vEuATHA=", "narHash": "sha256-PvFjWFmSYOF6TjNZ/WjOeqa+sgaWm+83Fz37vEuATHA=",
@@ -441,7 +457,7 @@
"nix-kube-generators": "nix-kube-generators", "nix-kube-generators": "nix-kube-generators",
"nixhelm": "nixhelm", "nixhelm": "nixhelm",
"nixidy": "nixidy", "nixidy": "nixidy",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs_2",
"pre-commit-hooks": "pre-commit-hooks", "pre-commit-hooks": "pre-commit-hooks",
"yaml2nix": "yaml2nix" "yaml2nix": "yaml2nix"
} }
flake.nix
+3 -3
View File
@@ -6,9 +6,9 @@
flake-utils.url = "github:numtide/flake-utils"; flake-utils.url = "github:numtide/flake-utils";
nixidy = { nixidy = {
# url = "github:juselius/nixidy"; url = "github:juselius/nixidy?ref=special-args";
url = "/home/jonas/src/OceanBox/nixidy"; # url = "/home/jonas/src/OceanBox/nixidy";
inputs.nixpkgs.follows = "nixpkgs"; # inputs.nixpkgs.follows = "nixpkgs";
}; };
nixhelm = { nixhelm = {
modules/lib.nix
+6 -6
View File
@@ -60,18 +60,18 @@
with pkgs.lib; with pkgs.lib;
let let
app = conf // { app = conf // {
name = if builtins.isNull cfg.name then "${cfg.env}-${name}" else cfg.name; name = if builtins.isNull cfg.name then name else cfg.name;
project = cfg.project; project = cfg.project;
destination.server = cfg.cluster; destination.server = cfg.cluster;
createNamespace = true; createNamespace = true;
compareOptions = { compareOptions = {
serverSideDiff = cfg.serverSideDiff; serverSideDiff = cfg.serverSideDiff;
}; };
syncPolicy = { syncPolicy = {
syncOptions = { syncOptions = {
applyOutOfSyncOnly = true; applyOutOfSyncOnly = true;
}; };
@@ -80,7 +80,7 @@
prune = cfg.prune; prune = cfg.prune;
selfHeal = false; selfHeal = false;
}; };
}; };
} // (if builtins.isNull cfg.namespace then {} else { namespace = cfg.namespace; }); } // (if builtins.isNull cfg.namespace then {} else { namespace = cfg.namespace; });
in mkIf cfg.enable { applications.${name} = app; }; in mkIf cfg.enable { applications.${name} = app; };
values/atlantis/values-prod.yaml
-14
View File
@@ -2,20 +2,6 @@ replicaCount: 2
podAnnotations: podAnnotations:
dapr.io/app-id: "prod-atlantis" dapr.io/app-id: "prod-atlantis"
dapr.io/enabled: "true"
dapr.io/app-port: "8000"
dapr.io/config: "tracing"
dapr.io/app-protocol: "http"
dapr.io/enable-app-health-check: "true"
dapr.io/app-health-check-path: "/healthz"
dapr.io/app-health-probe-interval: "3"
dapr.io/app-health-probe-timeout: "200"
dapr.io/app-health-threshold: "2"
dapr.io/sidecar-cpu-request: "100m"
dapr.io/sidecar-memory-request: "250Mi"
dapr.io/sidecar-cpu-limit: "300m"
dapr.io/sidecar-memory-limit: "1000Mi"
dapr.io/log-as-json: "true"
ingress: ingress:
annotations: annotations:
values/atlantis/values-staging.yaml
+1 -14
View File
@@ -1,20 +1,7 @@
replicaCount: 2 replicaCount: 2
podAnnotations: podAnnotations:
dapr.io/app-id: "staging-atlantis" dapr.io/app-id: "staging-atlantis"
dapr.io/enabled: "true"
dapr.io/app-port: "8000"
dapr.io/config: "tracing"
dapr.io/app-protocol: "http"
dapr.io/enable-app-health-check: "true"
dapr.io/app-health-check-path: "/healthz"
dapr.io/app-health-probe-interval: "3"
dapr.io/app-health-probe-timeout: "200"
dapr.io/app-health-threshold: "2"
dapr.io/sidecar-cpu-request: "100m"
dapr.io/sidecar-memory-request: "250Mi"
dapr.io/sidecar-cpu-limit: "300m"
dapr.io/sidecar-memory-limit: "1000Mi"
dapr.io/log-as-json: "true"
image: image:
tag: 7f3512e0-debug tag: 7f3512e0-debug
ingress: ingress:
values/atlantis/values.yaml
+16
View File
@@ -0,0 +1,16 @@
podAnnotations:
dapr.io/enabled: "true"
dapr.io/app-port: "8000"
dapr.io/config: "tracing"
dapr.io/app-protocol: "http"
dapr.io/enable-app-health-check: "true"
dapr.io/app-health-check-path: "/healthz"
dapr.io/app-health-probe-interval: "3"
dapr.io/app-health-probe-timeout: "200"
dapr.io/app-health-threshold: "2"
dapr.io/sidecar-cpu-request: "100m"
dapr.io/sidecar-memory-request: "250Mi"
dapr.io/sidecar-cpu-limit: "300m"
dapr.io/sidecar-memory-limit: "1000Mi"
dapr.io/log-as-json: "true"