platform/manifests
1
1
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

fix: use multiple sources for cerbos, redis and rabbitmq

Browse Source
This commit is contained in:
Jonas Juselius
2024-01-30 19:46:26 +01:00
parent 8756df58b6
commit ff5b2ba640
4 changed files with 110 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cerbos/application.yaml
+54 -52
View File
@@ -5,59 +5,61 @@ metadata:
namespace: argocd
spec:
project: atlantis
source:
repoURL: https://download.cerbos.dev/helm-charts
targetRevision: 0.33.0
chart: cerbos
helm:
values: |
replicaCount: 1
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
# Spec of the cert-manager certificate to create for the Cerbos deployment.
# If certSpec is not empty, a cert-manager.io/v1/Certificate resource will be created with its spec populated with values from certSpec.
# The certSpec value must be a valid Certificate spec. This Helm chart does not provide any defaults or inject any values into it.
# If cerbos.tlsSecretName is defined, it takes precedence over the generated certificate.
certManager:
certSpec: {}
# Cerbos service settings.
service:
type: ClusterIP
httpPort: 3592
grpcPort: 3593
httpNodePort: 13592
grpcNodePort: 13593
annotations: {}
envFrom:
- secretRef:
name: cerbos-gitlab-token
cerbos:
httpPort: 3592
grpcPort: 3593
tlsSecretName: ""
logLevel: INFO
config:
storage:
driver: "git"
git:
protocol: https
url: https://gitlab.com/oceanbox/cerbos
branch: main
subDir: policies
checkoutDir: /work
updatePollInterval: 60s
https:
username: cerbos
password: ${GITLAB_TOKEN}
destination:
server: https://kubernetes.default.svc
namespace: atlantis
sources:
- repoURL: https://download.cerbos.dev/helm-charts
targetRevision: 0.33.0
chart: cerbos
helm:
values: |
replicaCount: 1
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
# Spec of the cert-manager certificate to create for the Cerbos deployment.
# If certSpec is not empty, a cert-manager.io/v1/Certificate resource will be created with its spec populated with values from certSpec.
# The certSpec value must be a valid Certificate spec. This Helm chart does not provide any defaults or inject any values into it.
# If cerbos.tlsSecretName is defined, it takes precedence over the generated certificate.
certManager:
certSpec: {}
# Cerbos service settings.
service:
type: ClusterIP
httpPort: 3592
grpcPort: 3593
httpNodePort: 13592
grpcNodePort: 13593
annotations: {}
envFrom:
- secretRef:
name: cerbos-gitlab-token
cerbos:
httpPort: 3592
grpcPort: 3593
tlsSecretName: ""
logLevel: INFO
config:
storage:
driver: "git"
git:
protocol: https
url: https://gitlab.com/oceanbox/cerbos
branch: main
subDir: policies
checkoutDir: /work
updatePollInterval: 60s
https:
username: cerbos
password: ${GITLAB_TOKEN}
- repoURL: https://gitlab.com/oceanbox/manifests
targetRevision: HEAD
path: cerbos/manifests
cerbos/cerbos-gitlab-token.yaml → cerbos/manifests/cerbos-gitlab-token.yaml
View File
rabbitmq/application.yaml
+39 -36
View File
@@ -8,39 +8,42 @@ spec:
destination:
server: https://kubernetes.default.svc
namespace: atlantis
source:
repoURL: https://charts.bitnami.com/bitnami
targetRevision: 12.9.0
chart: rabbitmq
helm:
values: |
auth:
erlangCookie: ""
existingErlangSecret: ""
existingPasswordSecret: ""
password: hunny-bunny
username: user
clusterDomain: cluster.local
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
enabled: true
extraHosts: []
extraPaths: []
extraRules: []
hostname: rabbitmq.svc.oceanbox.io
ingressClassName: ""
path: /
pathType: ImplementationSpecific
secrets: []
selfSigned: false
tls: true
persistence:
accessModes:
- ReadWriteOnce
enabled: true
existingClaim: ""
size: 8Gi
storageClass: ""
sources:
- repoURL: https://charts.bitnami.com/bitnami
targetRevision: 12.9.0
chart: rabbitmq
helm:
values: |
auth:
erlangCookie: ""
existingErlangSecret: ""
existingPasswordSecret: ""
password: hunny-bunny
username: user
clusterDomain: cluster.local
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
enabled: true
extraHosts: []
extraPaths: []
extraRules: []
hostname: rabbitmq.svc.oceanbox.io
ingressClassName: ""
path: /
pathType: ImplementationSpecific
secrets: []
selfSigned: false
tls: true
persistence:
accessModes:
- ReadWriteOnce
enabled: true
existingClaim: ""
size: 8Gi
storageClass: ""
- repoURL: https://gitlab.com/oceanbox/manifests
targetRevision: HEAD
path: rabbitmq/manifests
redis/application.yaml
+17 -15
View File
@@ -8,18 +8,20 @@ spec:
destination:
server: https://kubernetes.default.svc
namespace: atlantis
source:
repoURL: https://charts.bitnami.com/bitnami
targetRevision: 18.9.1
chart: redis
helm:
values: |
architecture: replication
auth:
enabled: true
sentinel: true
password: ""
existingSecret: ""
existingSecretPasswordKey: ""
usePasswordFiles: false
sources:
- repoURL: https://charts.bitnami.com/bitnami
targetRevision: 18.9.1
chart: redis
helm:
values: |
architecture: replication
auth:
enabled: true
sentinel: true
password: ""
existingSecret: ""
existingSecretPasswordKey: ""
usePasswordFiles: false
- repoURL: https://gitlab.com/oceanbox/manifests
targetRevision: HEAD
path: redis/manifests