feat(pocket-id): Add Pocket ID
This commit is contained in:
@@ -0,0 +1,45 @@
|
||||
# yaml-language-server: $schema=https://www.schemastore.org/helmfile.json
|
||||
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
repositories:
|
||||
- name: anza-labs
|
||||
url: https://anza-labs.github.io/charts
|
||||
|
||||
commonLabels:
|
||||
tier: system
|
||||
|
||||
releases:
|
||||
- name: pocket-id
|
||||
namespace: pocket-id
|
||||
chart: anza-labs/pocket-id
|
||||
version: 1.7.6
|
||||
condition: pocket_id.enabled
|
||||
values:
|
||||
- ../values/pocket-id/values/values.yaml
|
||||
- ../values/pocket-id/values/values-{{ .Environment.Name }}.yaml
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/pocket-id/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: manifests
|
||||
namespace: pocket-id
|
||||
chart: manifests
|
||||
condition: pocket_id.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/env.yaml
|
||||
- ../values/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml
|
||||
- ../values/pocket-id/env.yaml.gotmpl
|
||||
- ../values/pocket-id/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/pocket-id/manifests
|
||||
- manifests
|
||||
@@ -1,3 +1,4 @@
|
||||
_:
|
||||
/*
|
||||
This file is provided under the MIT licence:
|
||||
|
||||
|
||||
@@ -35,12 +35,15 @@ pkgs.mkShellNoCC {
|
||||
# pkgs.renovate
|
||||
# pkgs.graphviz
|
||||
# pkgs.hubble
|
||||
# pkgs.dapr-cli
|
||||
pkgs.cilium-cli
|
||||
pkgs.dapr-cli
|
||||
];
|
||||
|
||||
# Environment variables
|
||||
ARGOCD_ENV_CLUSTER_NAME = "ekman";
|
||||
ARGOCD_ENV_CLUSTER_NAME = "hel1";
|
||||
HELM_GIT_ACCESS_TOKEN = "glpat-xxx";
|
||||
API_SERVER_IP = "localhost";
|
||||
API_SERVER_PORT = "7445";
|
||||
|
||||
# Alternative shells
|
||||
passthru = pkgs.lib.mapAttrs (name: value: pkgs.mkShellNoCC (value // { inherit name; })) {
|
||||
|
||||
@@ -0,0 +1,2 @@
|
||||
pocket_id:
|
||||
enabled: true
|
||||
@@ -0,0 +1,4 @@
|
||||
pocket_id:
|
||||
enabled: false
|
||||
autosync: {{ if eq .Environment.Name "prod" }} false {{ else }} true {{ end }}
|
||||
env: {{ .Environment.Name }}
|
||||
@@ -0,0 +1,42 @@
|
||||
{{- if .Values.clusterConfig.argo.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: {{ .Values.pocket_id.env }}-pocket-id
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: pocket-id
|
||||
server: https://kubernetes.default.svc
|
||||
project: aux
|
||||
sources:
|
||||
- repoURL: {{ .Values.clusterConfig.manifests }}
|
||||
targetRevision: HEAD
|
||||
path: helmfile.d
|
||||
plugin:
|
||||
name: helmfile-cmp
|
||||
env:
|
||||
- name: CLUSTER_NAME
|
||||
value: {{ .Values.clusterConfig.cluster }}
|
||||
- name: HELMFILE_ENVIRONMENT
|
||||
value: {{ .Values.pocket_id.env }}
|
||||
- name: HELMFILE_FILE_PATH
|
||||
value: pocket-id.yaml.gotmpl
|
||||
syncPolicy:
|
||||
managedNamespaceMetadata:
|
||||
labels:
|
||||
component: aux
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
# - ServerSideApply=true
|
||||
{{- if .Values.pocket_id.autosync }}
|
||||
automated:
|
||||
prune: true
|
||||
# selfHeal: false
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,29 @@
|
||||
ingress:
|
||||
enabled: true
|
||||
className: nginx
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: ca-issuer
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/backend-protocol: HTTP
|
||||
host: auth.adm.hel1.obx
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: auth.adm.hel1.obx-tls
|
||||
hosts:
|
||||
- auth.adm.hel1.obx
|
||||
|
||||
persistence:
|
||||
data:
|
||||
enabled: true
|
||||
accessMode: ReadWriteOnce
|
||||
size: 5Gi
|
||||
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 512Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
@@ -0,0 +1,2 @@
|
||||
ingress:
|
||||
enabled: false
|
||||
Reference in New Issue
Block a user