diff --git a/apps/archmeister.yaml b/apps/archmeister.yaml index a28ec46a..7555b1c8 100644 --- a/apps/archmeister.yaml +++ b/apps/archmeister.yaml @@ -13,11 +13,11 @@ spec: hostname: archmeister.srv.oceanbox.io autoSync: false prune: true - - cluster: https://staging-vcluster.staging-vcluster - env: staging - hostname: archmeister.beta.oceanbox.io - autoSync: true - prune: true + # - cluster: https://staging-vcluster.staging-vcluster + # env: staging + # hostname: archmeister.beta.oceanbox.io + # autoSync: true + # prune: true template: metadata: name: "{{ .env }}-archmeister" diff --git a/apps/atlantis.yaml b/apps/atlantis.yaml index 8537f130..e76ea605 100644 --- a/apps/atlantis.yaml +++ b/apps/atlantis.yaml @@ -13,11 +13,11 @@ spec: hostname: atlantis.srv.oceanbox.io autoSync: false prune: true - - cluster: https://staging-vcluster.staging-vcluster - env: staging - hostname: atlantis.beta.oceanbox.io - autoSync: true - prune: true + # - cluster: https://staging-vcluster.staging-vcluster + # env: staging + # hostname: atlantis.beta.oceanbox.io + # autoSync: true + # prune: true template: metadata: name: '{{ .env }}-atlantis' diff --git a/apps/dapr.yaml b/apps/dapr.yaml new file mode 100644 index 00000000..6d244677 --- /dev/null +++ b/apps/dapr.yaml @@ -0,0 +1,33 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: dapr + namespace: argocd + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + destination: + namespace: dapr-system + server: https://kubernetes.default.svc + project: default + syncPolicy: + # managedNamespaceMetadata: + # labels: + # component: aux + syncOptions: + - CreateNamespace=true + - ApplyOutOfSyncOnly=true + automated: + prune: true + selfHeal: true + sources: + - repoURL: https://dapr.github.io/helm-charts/ + targetRevision: 1.14.4 + chart: dapr + helm: + values: | + global: + ha: + enabled: true diff --git a/apps/hipster.yaml b/apps/hipster.yaml index fe2a257c..05b799d4 100644 --- a/apps/hipster.yaml +++ b/apps/hipster.yaml @@ -13,11 +13,11 @@ spec: hostname: hipster.srv.oceanbox.io autoSync: false prune: true - - cluster: https://staging-vcluster.staging-vcluster - env: staging - hostname: hipster.beta.oceanbox.io - autoSync: true - prune: true + # - cluster: https://staging-vcluster.staging-vcluster + # env: staging + # hostname: hipster.beta.oceanbox.io + # autoSync: true + # prune: true template: metadata: name: '{{ .env }}-hipster' diff --git a/apps/opentelemetry-collector.yaml b/apps/opentelemetry-collector.yaml index b919a36d..2eec055d 100644 --- a/apps/opentelemetry-collector.yaml +++ b/apps/opentelemetry-collector.yaml @@ -31,6 +31,9 @@ spec: mode: deployment image: repository: otel/opentelemetry-collector-k8s + service: + type: LoadBalancer + loadBalancerIP: 10.255.241.12 config: receivers: prometheus/collector: @@ -88,7 +91,7 @@ spec: # logsCollection: # enabled: true ingress: - enabled: true + enabled: false annotations: cert-manager.io/cluster-issuer: letsencrypt-production nginx.ingress.kubernetes.io/ssl-redirect: "true" diff --git a/apps/petimeter.yaml b/apps/petimeter.yaml index 76db8b6f..ad389599 100644 --- a/apps/petimeter.yaml +++ b/apps/petimeter.yaml @@ -13,11 +13,11 @@ spec: hostname: petimeter.srv.oceanbox.io autoSync: false prune: true - - cluster: https://staging-vcluster.staging-vcluster - env: staging - hostname: petimeter.beta.oceanbox.io - autoSync: true - prune: true + # - cluster: https://staging-vcluster.staging-vcluster + # env: staging + # hostname: petimeter.beta.oceanbox.io + # autoSync: true + # prune: true template: metadata: name: '{{ .env }}-petimeter' diff --git a/apps/sorcerer.yaml b/apps/sorcerer.yaml index b5153a99..b781d0c6 100644 --- a/apps/sorcerer.yaml +++ b/apps/sorcerer.yaml @@ -13,11 +13,11 @@ spec: hostname: sorcerer.data.oceanbox.io autoSync: false prune: true - - cluster: https://10.255.241.99:4443 - env: staging - hostname: sorcerer.ekman.oceanbox.io - autoSync: true - prune: true + # - cluster: https://10.255.241.99:4443 + # env: staging + # hostname: sorcerer.ekman.oceanbox.io + # autoSync: true + # prune: true template: metadata: name: '{{ .env }}-sorcerer' diff --git a/apps/staging-atlantis.yaml b/apps/staging-atlantis.yaml index bc66fdf5..61e3c587 100644 --- a/apps/staging-atlantis.yaml +++ b/apps/staging-atlantis.yaml @@ -3,29 +3,37 @@ kind: Application metadata: name: staging-atlantis namespace: argocd + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + finalizers: + - resources-finalizer.argocd.argoproj.io spec: - template: - metadata: - name: staging-atlantis - spec: - project: atlantis - destination: - namespace: staging-atlantis - server: https://kubernetes.default.svc - sources: - - repoURL: https://gitlab.com/oceanbox/manifests.git - targetRevision: nixidy - path: values/atlantis - plugin: - name: kustomize-helm-with-rewrite - parameters: - - name: env - string: staging - - name: hostname - string: atlantis.beta.oceanbox.io - templatePatch: | - spec: - syncPolicy: - automated: - prune: true - selfHeal: true + destination: + namespace: staging-atlantis + server: https://kubernetes.default.svc + project: atlantis + sources: + - repoURL: https://gitlab.com/oceanbox/manifests.git + targetRevision: nixidy + path: values/atlantis + plugin: + name: kustomize-helm-with-rewrite + parameters: + - name: env + string: staging + - name: hostname + string: atlantis.beta.oceanbox.io + ignoreDifferences: + - kind: Secret + name: azure-keyvault + jqPathExpressions: + - '.data' + - '.metadata.labels' + - '.metadata.annotations' + syncPolicy: + syncOptions: + - CreateNamespace=true + - ApplyOutOfSyncOnly=true + automated: + prune: true + selfHeal: false diff --git a/apps/staging-sorcerer.yaml b/apps/staging-sorcerer.yaml index 4da68275..e133bc40 100644 --- a/apps/staging-sorcerer.yaml +++ b/apps/staging-sorcerer.yaml @@ -3,29 +3,37 @@ kind: Application metadata: name: staging-sorcerer namespace: argocd + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + finalizers: + - resources-finalizer.argocd.argoproj.io spec: - template: - metadata: - name: staging-sorcerer - spec: - project: atlantis - destination: - namespace: staging-sorcerer - server: https://10.255.241.99:4443 - sources: - - repoURL: https://gitlab.com/oceanbox/manifests.git - targetRevision: main - path: values/sorcerer - plugin: - name: kustomize-helm-with-rewrite - parameters: - - name: env - string: staging - - name: hostname - string: sorcerer.ekman.oceanbox.io - templatePatch: | - spec: - syncPolicy: - automated: - prune: true - selfHeal: false + destination: + namespace: staging-sorcerer + server: https://10.255.241.99:4443 + project: atlantis + sources: + - repoURL: https://gitlab.com/oceanbox/manifests.git + targetRevision: nixidy + path: values/sorcerer + plugin: + name: kustomize-helm-with-rewrite + parameters: + - name: env + string: staging + - name: hostname + string: sorcerer.ekman.oceanbox.io + ignoreDifferences: + - kind: Secret + name: azure-keyvault + jqPathExpressions: + - '.data' + - '.metadata.labels' + - '.metadata.annotations' + syncPolicy: + syncOptions: + - CreateNamespace=true + - ApplyOutOfSyncOnly=true + automated: + prune: true + selfHeal: false diff --git a/values/atlantis/chart b/values/atlantis/chart new file mode 120000 index 00000000..f0d03fc1 --- /dev/null +++ b/values/atlantis/chart @@ -0,0 +1 @@ +../../charts/atlantis \ No newline at end of file diff --git a/values/atlantis/prod/appsettings.json b/values/atlantis/prod/appsettings.json index 7532cc02..d32d4bf9 100644 --- a/values/atlantis/prod/appsettings.json +++ b/values/atlantis/prod/appsettings.json @@ -39,7 +39,7 @@ "roles": [ "admin" ] } ], - "redis": "prod-redis-master:6379", + "redis": "prod-atlantis-redis-master:6379", "objectStore": "https://atlantis.blob.core.windows.net", "connString": "Username=postgres;Password=secret;Host=localhost;Port=5432;Database=app;Pooling=true;", "sorcerer" : "https://sorcerer.ekman.oceanbox.io", diff --git a/values/atlantis/prod/configurations.yaml b/values/atlantis/prod/configurations.yaml index b6294dcd..fb401e66 100644 --- a/values/atlantis/prod/configurations.yaml +++ b/values/atlantis/prod/configurations.yaml @@ -7,12 +7,12 @@ spec: version: v1 metadata: - name: redisHost - value: prod-redis-master:6379 + value: prod-atlantis-redis-master:6379 - name: redisUsername value: default - name: redisPassword secretKeyRef: - name: prod-redis + name: prod-atlantis-redis key: redis-password - name: redisDB value: "2" diff --git a/values/atlantis/prod/rbac.yaml b/values/atlantis/prod/rbac.yaml index 90516fa7..772c7a95 100644 --- a/values/atlantis/prod/rbac.yaml +++ b/values/atlantis/prod/rbac.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: prod-atlantis - namespace: prod + namespace: prod-atlantis rules: - apiGroups: - "" @@ -17,7 +17,7 @@ rules: - "" resourceNames: - azure-keyvault - - prod-redis + - prod-atlantis-redis resources: - secrets verbs: @@ -28,7 +28,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: prod-atlantis - namespace: prod + namespace: prod-atlantis roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -36,4 +36,4 @@ roleRef: subjects: - kind: ServiceAccount name: prod-atlantis - namespace: prod \ No newline at end of file + namespace: prod-atlantis diff --git a/values/atlantis/prod/statestore.yaml b/values/atlantis/prod/statestore.yaml index fa865fda..f57ac2de 100644 --- a/values/atlantis/prod/statestore.yaml +++ b/values/atlantis/prod/statestore.yaml @@ -7,12 +7,12 @@ spec: version: v1 metadata: - name: redisHost - value: prod-redis-master:6379 + value: prod-atlantis-redis-master:6379 - name: redisUsername value: default - name: redisPassword secretKeyRef: - name: prod-redis + name: prod-atlantis-redis key: redis-password - name: actorStateStore value: "true" diff --git a/values/atlantis/staging/appsettings.json b/values/atlantis/staging/appsettings.json index 5bdc9c1c..215d603e 100644 --- a/values/atlantis/staging/appsettings.json +++ b/values/atlantis/staging/appsettings.json @@ -39,7 +39,7 @@ "roles": [ "admin" ] } ], - "redis": "staging-redis-master:6379", + "redis": "staging-atlantis-redis-master:6379", "objectStore": "https://atlantis.blob.core.windows.net", "connString": "Username=postgres;Password=secret;Host=localhost;Port=5432;Database=app;Pooling=true;", "sorcerer" : "https://sorcerer.ekman.oceanbox.io", diff --git a/values/atlantis/staging/configuration.yaml b/values/atlantis/staging/configuration.yaml index 8fd07221..87acbf75 100644 --- a/values/atlantis/staging/configuration.yaml +++ b/values/atlantis/staging/configuration.yaml @@ -7,12 +7,12 @@ spec: version: v1 metadata: - name: redisHost - value: staging-redis-master:6379 + value: staging-atlantis-redis-master:6379 - name: redisUsername value: default - name: redisPassword secretKeyRef: - name: staging-redis + name: staging-atlantis-redis key: redis-password - name: redisDB value: "2" diff --git a/values/atlantis/staging/configurations.yaml b/values/atlantis/staging/configurations.yaml index 6aa3d301..080065ad 100644 --- a/values/atlantis/staging/configurations.yaml +++ b/values/atlantis/staging/configurations.yaml @@ -7,12 +7,12 @@ spec: version: v1 metadata: - name: redisHost - value: staging-redis-master:6379 + value: staging-atlantis-redis-master:6379 - name: redisUsername value: default - name: redisPassword secretKeyRef: - name: staging-redis + name: staging-atlantis-redis key: redis-password - name: redisDB value: "2" diff --git a/values/atlantis/staging/rbac.yaml b/values/atlantis/staging/rbac.yaml index 691cbfa1..665b0a7e 100644 --- a/values/atlantis/staging/rbac.yaml +++ b/values/atlantis/staging/rbac.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: staging-atlantis - namespace: staging + namespace: staging-atlantis rules: - apiGroups: - "" @@ -17,7 +17,7 @@ rules: - "" resourceNames: - azure-keyvault - - staging-redis + - staging-atlantis-redis resources: - secrets verbs: @@ -28,7 +28,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: staging-atlantis - namespace: staging + namespace: staging-atlantis roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -36,4 +36,5 @@ roleRef: subjects: - kind: ServiceAccount name: staging-atlantis - namespace: staging \ No newline at end of file + namespace: staging-atlantis + diff --git a/values/atlantis/staging/statestore.yaml b/values/atlantis/staging/statestore.yaml index 5f1c20cb..0055a2b6 100644 --- a/values/atlantis/staging/statestore.yaml +++ b/values/atlantis/staging/statestore.yaml @@ -7,12 +7,12 @@ spec: version: v1 metadata: - name: redisHost - value: staging-redis-master:6379 + value: staging-atlantis-redis-master:6379 - name: redisUsername value: default - name: redisPassword secretKeyRef: - name: staging-redis + name: staging-atlantis-redis key: redis-password - name: actorStateStore value: "true" diff --git a/values/atlantis/values-prod.yaml b/values/atlantis/values-prod.yaml index 4080101a..8b7b2fcb 100644 --- a/values/atlantis/values-prod.yaml +++ b/values/atlantis/values-prod.yaml @@ -12,7 +12,7 @@ env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: - name: prod-redis + name: prod-atlantis-redis key: redis-password - name: DB_HOST value: prod-atlantis-db-rw diff --git a/values/atlantis/values-staging.yaml b/values/atlantis/values-staging.yaml index 7d29018c..043c7ef4 100644 --- a/values/atlantis/values-staging.yaml +++ b/values/atlantis/values-staging.yaml @@ -15,7 +15,7 @@ env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: - name: staging-redis + name: staging-atlantis-redis key: redis-password - name: DB_HOST value: staging-atlantis-db-rw