platform/manifests
1
0
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

fix: update atlantis manifests and argo apps

Browse Source
This commit is contained in:
Jonas Juselius
2024-12-12 14:38:26 +01:00
parent b12146c054
commit 9d9836bffb
21 changed files with 152 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/archmeister.yaml
+5 -5
View File
@@ -13,11 +13,11 @@ spec:
hostname: archmeister.srv.oceanbox.io hostname: archmeister.srv.oceanbox.io
autoSync: false autoSync: false
prune: true prune: true
- cluster: https://staging-vcluster.staging-vcluster # - cluster: https://staging-vcluster.staging-vcluster
env: staging # env: staging
hostname: archmeister.beta.oceanbox.io # hostname: archmeister.beta.oceanbox.io
autoSync: true # autoSync: true
prune: true # prune: true
template: template:
metadata: metadata:
name: "{{ .env }}-archmeister" name: "{{ .env }}-archmeister"
apps/atlantis.yaml
+5 -5
View File
@@ -13,11 +13,11 @@ spec:
hostname: atlantis.srv.oceanbox.io hostname: atlantis.srv.oceanbox.io
autoSync: false autoSync: false
prune: true prune: true
- cluster: https://staging-vcluster.staging-vcluster # - cluster: https://staging-vcluster.staging-vcluster
env: staging # env: staging
hostname: atlantis.beta.oceanbox.io # hostname: atlantis.beta.oceanbox.io
autoSync: true # autoSync: true
prune: true # prune: true
template: template:
metadata: metadata:
name: '{{ .env }}-atlantis' name: '{{ .env }}-atlantis'
apps/dapr.yaml
+33
View File
@@ -0,0 +1,33 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: dapr
namespace: argocd
annotations:
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
namespace: dapr-system
server: https://kubernetes.default.svc
project: default
syncPolicy:
# managedNamespaceMetadata:
# labels:
# component: aux
syncOptions:
- CreateNamespace=true
- ApplyOutOfSyncOnly=true
automated:
prune: true
selfHeal: true
sources:
- repoURL: https://dapr.github.io/helm-charts/
targetRevision: 1.14.4
chart: dapr
helm:
values: |
global:
ha:
enabled: true
apps/hipster.yaml
+5 -5
View File
@@ -13,11 +13,11 @@ spec:
hostname: hipster.srv.oceanbox.io hostname: hipster.srv.oceanbox.io
autoSync: false autoSync: false
prune: true prune: true
- cluster: https://staging-vcluster.staging-vcluster # - cluster: https://staging-vcluster.staging-vcluster
env: staging # env: staging
hostname: hipster.beta.oceanbox.io # hostname: hipster.beta.oceanbox.io
autoSync: true # autoSync: true
prune: true # prune: true
template: template:
metadata: metadata:
name: '{{ .env }}-hipster' name: '{{ .env }}-hipster'
apps/opentelemetry-collector.yaml
+4 -1
View File
@@ -31,6 +31,9 @@ spec:
mode: deployment mode: deployment
image: image:
repository: otel/opentelemetry-collector-k8s repository: otel/opentelemetry-collector-k8s
service:
type: LoadBalancer
loadBalancerIP: 10.255.241.12
config: config:
receivers: receivers:
prometheus/collector: prometheus/collector:
@@ -88,7 +91,7 @@ spec:
# logsCollection: # logsCollection:
# enabled: true # enabled: true
ingress: ingress:
enabled: true enabled: false
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-production cert-manager.io/cluster-issuer: letsencrypt-production
nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-redirect: "true"
apps/petimeter.yaml
+5 -5
View File
@@ -13,11 +13,11 @@ spec:
hostname: petimeter.srv.oceanbox.io hostname: petimeter.srv.oceanbox.io
autoSync: false autoSync: false
prune: true prune: true
- cluster: https://staging-vcluster.staging-vcluster # - cluster: https://staging-vcluster.staging-vcluster
env: staging # env: staging
hostname: petimeter.beta.oceanbox.io # hostname: petimeter.beta.oceanbox.io
autoSync: true # autoSync: true
prune: true # prune: true
template: template:
metadata: metadata:
name: '{{ .env }}-petimeter' name: '{{ .env }}-petimeter'
apps/sorcerer.yaml
+5 -5
View File
@@ -13,11 +13,11 @@ spec:
hostname: sorcerer.data.oceanbox.io hostname: sorcerer.data.oceanbox.io
autoSync: false autoSync: false
prune: true prune: true
- cluster: https://10.255.241.99:4443 # - cluster: https://10.255.241.99:4443
env: staging # env: staging
hostname: sorcerer.ekman.oceanbox.io # hostname: sorcerer.ekman.oceanbox.io
autoSync: true # autoSync: true
prune: true # prune: true
template: template:
metadata: metadata:
name: '{{ .env }}-sorcerer' name: '{{ .env }}-sorcerer'
apps/staging-atlantis.yaml
+33 -25
View File
@@ -3,29 +3,37 @@ kind: Application
metadata: metadata:
name: staging-atlantis name: staging-atlantis
namespace: argocd namespace: argocd
annotations:
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
finalizers:
- resources-finalizer.argocd.argoproj.io
spec: spec:
template: destination:
metadata: namespace: staging-atlantis
name: staging-atlantis server: https://kubernetes.default.svc
spec: project: atlantis
project: atlantis sources:
destination: - repoURL: https://gitlab.com/oceanbox/manifests.git
namespace: staging-atlantis targetRevision: nixidy
server: https://kubernetes.default.svc path: values/atlantis
sources: plugin:
- repoURL: https://gitlab.com/oceanbox/manifests.git name: kustomize-helm-with-rewrite
targetRevision: nixidy parameters:
path: values/atlantis - name: env
plugin: string: staging
name: kustomize-helm-with-rewrite - name: hostname
parameters: string: atlantis.beta.oceanbox.io
- name: env ignoreDifferences:
string: staging - kind: Secret
- name: hostname name: azure-keyvault
string: atlantis.beta.oceanbox.io jqPathExpressions:
templatePatch: | - '.data'
spec: - '.metadata.labels'
syncPolicy: - '.metadata.annotations'
automated: syncPolicy:
prune: true syncOptions:
selfHeal: true - CreateNamespace=true
- ApplyOutOfSyncOnly=true
automated:
prune: true
selfHeal: false
apps/staging-sorcerer.yaml
+33 -25
View File
@@ -3,29 +3,37 @@ kind: Application
metadata: metadata:
name: staging-sorcerer name: staging-sorcerer
namespace: argocd namespace: argocd
annotations:
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
finalizers:
- resources-finalizer.argocd.argoproj.io
spec: spec:
template: destination:
metadata: namespace: staging-sorcerer
name: staging-sorcerer server: https://10.255.241.99:4443
spec: project: atlantis
project: atlantis sources:
destination: - repoURL: https://gitlab.com/oceanbox/manifests.git
namespace: staging-sorcerer targetRevision: nixidy
server: https://10.255.241.99:4443 path: values/sorcerer
sources: plugin:
- repoURL: https://gitlab.com/oceanbox/manifests.git name: kustomize-helm-with-rewrite
targetRevision: main parameters:
path: values/sorcerer - name: env
plugin: string: staging
name: kustomize-helm-with-rewrite - name: hostname
parameters: string: sorcerer.ekman.oceanbox.io
- name: env ignoreDifferences:
string: staging - kind: Secret
- name: hostname name: azure-keyvault
string: sorcerer.ekman.oceanbox.io jqPathExpressions:
templatePatch: | - '.data'
spec: - '.metadata.labels'
syncPolicy: - '.metadata.annotations'
automated: syncPolicy:
prune: true syncOptions:
selfHeal: false - CreateNamespace=true
- ApplyOutOfSyncOnly=true
automated:
prune: true
selfHeal: false
values/atlantis/chart
Symlink
+1
View File
@@ -0,0 +1 @@
../../charts/atlantis
values/atlantis/prod/appsettings.json
+1 -1
View File
@@ -39,7 +39,7 @@
"roles": [ "admin" ] "roles": [ "admin" ]
} }
], ],
"redis": "prod-redis-master:6379", "redis": "prod-atlantis-redis-master:6379",
"objectStore": "https://atlantis.blob.core.windows.net", "objectStore": "https://atlantis.blob.core.windows.net",
"connString": "Username=postgres;Password=secret;Host=localhost;Port=5432;Database=app;Pooling=true;", "connString": "Username=postgres;Password=secret;Host=localhost;Port=5432;Database=app;Pooling=true;",
"sorcerer" : "https://sorcerer.ekman.oceanbox.io", "sorcerer" : "https://sorcerer.ekman.oceanbox.io",
values/atlantis/prod/configurations.yaml
+2 -2
View File
@@ -7,12 +7,12 @@ spec:
version: v1 version: v1
metadata: metadata:
- name: redisHost - name: redisHost
value: prod-redis-master:6379 value: prod-atlantis-redis-master:6379
- name: redisUsername - name: redisUsername
value: default value: default
- name: redisPassword - name: redisPassword
secretKeyRef: secretKeyRef:
name: prod-redis name: prod-atlantis-redis
key: redis-password key: redis-password
- name: redisDB - name: redisDB
value: "2" value: "2"
values/atlantis/prod/rbac.yaml
+4 -4
View File
@@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
name: prod-atlantis name: prod-atlantis
namespace: prod namespace: prod-atlantis
rules: rules:
- apiGroups: - apiGroups:
- "" - ""
@@ -17,7 +17,7 @@ rules:
- "" - ""
resourceNames: resourceNames:
- azure-keyvault - azure-keyvault
- prod-redis - prod-atlantis-redis
resources: resources:
- secrets - secrets
verbs: verbs:
@@ -28,7 +28,7 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
name: prod-atlantis name: prod-atlantis
namespace: prod namespace: prod-atlantis
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: Role kind: Role
@@ -36,4 +36,4 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: prod-atlantis name: prod-atlantis
namespace: prod namespace: prod-atlantis
values/atlantis/prod/statestore.yaml
+2 -2
View File
@@ -7,12 +7,12 @@ spec:
version: v1 version: v1
metadata: metadata:
- name: redisHost - name: redisHost
value: prod-redis-master:6379 value: prod-atlantis-redis-master:6379
- name: redisUsername - name: redisUsername
value: default value: default
- name: redisPassword - name: redisPassword
secretKeyRef: secretKeyRef:
name: prod-redis name: prod-atlantis-redis
key: redis-password key: redis-password
- name: actorStateStore - name: actorStateStore
value: "true" value: "true"
values/atlantis/staging/appsettings.json
+1 -1
View File
@@ -39,7 +39,7 @@
"roles": [ "admin" ] "roles": [ "admin" ]
} }
], ],
"redis": "staging-redis-master:6379", "redis": "staging-atlantis-redis-master:6379",
"objectStore": "https://atlantis.blob.core.windows.net", "objectStore": "https://atlantis.blob.core.windows.net",
"connString": "Username=postgres;Password=secret;Host=localhost;Port=5432;Database=app;Pooling=true;", "connString": "Username=postgres;Password=secret;Host=localhost;Port=5432;Database=app;Pooling=true;",
"sorcerer" : "https://sorcerer.ekman.oceanbox.io", "sorcerer" : "https://sorcerer.ekman.oceanbox.io",
values/atlantis/staging/configuration.yaml
+2 -2
View File
@@ -7,12 +7,12 @@ spec:
version: v1 version: v1
metadata: metadata:
- name: redisHost - name: redisHost
value: staging-redis-master:6379 value: staging-atlantis-redis-master:6379
- name: redisUsername - name: redisUsername
value: default value: default
- name: redisPassword - name: redisPassword
secretKeyRef: secretKeyRef:
name: staging-redis name: staging-atlantis-redis
key: redis-password key: redis-password
- name: redisDB - name: redisDB
value: "2" value: "2"
values/atlantis/staging/configurations.yaml
+2 -2
View File
@@ -7,12 +7,12 @@ spec:
version: v1 version: v1
metadata: metadata:
- name: redisHost - name: redisHost
value: staging-redis-master:6379 value: staging-atlantis-redis-master:6379
- name: redisUsername - name: redisUsername
value: default value: default
- name: redisPassword - name: redisPassword
secretKeyRef: secretKeyRef:
name: staging-redis name: staging-atlantis-redis
key: redis-password key: redis-password
- name: redisDB - name: redisDB
value: "2" value: "2"
values/atlantis/staging/rbac.yaml
+5 -4
View File
@@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
name: staging-atlantis name: staging-atlantis
namespace: staging namespace: staging-atlantis
rules: rules:
- apiGroups: - apiGroups:
- "" - ""
@@ -17,7 +17,7 @@ rules:
- "" - ""
resourceNames: resourceNames:
- azure-keyvault - azure-keyvault
- staging-redis - staging-atlantis-redis
resources: resources:
- secrets - secrets
verbs: verbs:
@@ -28,7 +28,7 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
name: staging-atlantis name: staging-atlantis
namespace: staging namespace: staging-atlantis
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: Role kind: Role
@@ -36,4 +36,5 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: staging-atlantis name: staging-atlantis
namespace: staging namespace: staging-atlantis
values/atlantis/staging/statestore.yaml
+2 -2
View File
@@ -7,12 +7,12 @@ spec:
version: v1 version: v1
metadata: metadata:
- name: redisHost - name: redisHost
value: staging-redis-master:6379 value: staging-atlantis-redis-master:6379
- name: redisUsername - name: redisUsername
value: default value: default
- name: redisPassword - name: redisPassword
secretKeyRef: secretKeyRef:
name: staging-redis name: staging-atlantis-redis
key: redis-password key: redis-password
- name: actorStateStore - name: actorStateStore
value: "true" value: "true"
values/atlantis/values-prod.yaml
+1 -1
View File
@@ -12,7 +12,7 @@ env:
- name: REDIS_PASSWORD - name: REDIS_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: prod-redis name: prod-atlantis-redis
key: redis-password key: redis-password
- name: DB_HOST - name: DB_HOST
value: prod-atlantis-db-rw value: prod-atlantis-db-rw
values/atlantis/values-staging.yaml
+1 -1
View File
@@ -15,7 +15,7 @@ env:
- name: REDIS_PASSWORD - name: REDIS_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: staging-redis name: staging-atlantis-redis
key: redis-password key: redis-password
- name: DB_HOST - name: DB_HOST
value: staging-atlantis-db-rw value: staging-atlantis-db-rw