platform/manifests
1
0
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

fix: use multiple sources for cerbos, redis and rabbitmq

Browse Source
This commit is contained in:
Jonas Juselius
2024-01-30 19:46:26 +01:00
parent 8756df58b6
commit ff5b2ba640
4 changed files with 110 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cerbos/application.yaml
+54 -52
View File
@@ -5,59 +5,61 @@ metadata:
namespace: argocd namespace: argocd
spec: spec:
project: atlantis project: atlantis
source:
repoURL: https://download.cerbos.dev/helm-charts
targetRevision: 0.33.0
chart: cerbos
helm:
values: |
replicaCount: 1
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
# Spec of the cert-manager certificate to create for the Cerbos deployment.
# If certSpec is not empty, a cert-manager.io/v1/Certificate resource will be created with its spec populated with values from certSpec.
# The certSpec value must be a valid Certificate spec. This Helm chart does not provide any defaults or inject any values into it.
# If cerbos.tlsSecretName is defined, it takes precedence over the generated certificate.
certManager:
certSpec: {}
# Cerbos service settings.
service:
type: ClusterIP
httpPort: 3592
grpcPort: 3593
httpNodePort: 13592
grpcNodePort: 13593
annotations: {}
envFrom:
- secretRef:
name: cerbos-gitlab-token
cerbos:
httpPort: 3592
grpcPort: 3593
tlsSecretName: ""
logLevel: INFO
config:
storage:
driver: "git"
git:
protocol: https
url: https://gitlab.com/oceanbox/cerbos
branch: main
subDir: policies
checkoutDir: /work
updatePollInterval: 60s
https:
username: cerbos
password: ${GITLAB_TOKEN}
destination: destination:
server: https://kubernetes.default.svc server: https://kubernetes.default.svc
namespace: atlantis namespace: atlantis
sources:
- repoURL: https://download.cerbos.dev/helm-charts
targetRevision: 0.33.0
chart: cerbos
helm:
values: |
replicaCount: 1
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
# Spec of the cert-manager certificate to create for the Cerbos deployment.
# If certSpec is not empty, a cert-manager.io/v1/Certificate resource will be created with its spec populated with values from certSpec.
# The certSpec value must be a valid Certificate spec. This Helm chart does not provide any defaults or inject any values into it.
# If cerbos.tlsSecretName is defined, it takes precedence over the generated certificate.
certManager:
certSpec: {}
# Cerbos service settings.
service:
type: ClusterIP
httpPort: 3592
grpcPort: 3593
httpNodePort: 13592
grpcNodePort: 13593
annotations: {}
envFrom:
- secretRef:
name: cerbos-gitlab-token
cerbos:
httpPort: 3592
grpcPort: 3593
tlsSecretName: ""
logLevel: INFO
config:
storage:
driver: "git"
git:
protocol: https
url: https://gitlab.com/oceanbox/cerbos
branch: main
subDir: policies
checkoutDir: /work
updatePollInterval: 60s
https:
username: cerbos
password: ${GITLAB_TOKEN}
- repoURL: https://gitlab.com/oceanbox/manifests
targetRevision: HEAD
path: cerbos/manifests
cerbos/cerbos-gitlab-token.yaml → cerbos/manifests/cerbos-gitlab-token.yaml
View File
rabbitmq/application.yaml
+39 -36
View File
@@ -8,39 +8,42 @@ spec:
destination: destination:
server: https://kubernetes.default.svc server: https://kubernetes.default.svc
namespace: atlantis namespace: atlantis
source: sources:
repoURL: https://charts.bitnami.com/bitnami - repoURL: https://charts.bitnami.com/bitnami
targetRevision: 12.9.0 targetRevision: 12.9.0
chart: rabbitmq chart: rabbitmq
helm: helm:
values: | values: |
auth: auth:
erlangCookie: "" erlangCookie: ""
existingErlangSecret: "" existingErlangSecret: ""
existingPasswordSecret: "" existingPasswordSecret: ""
password: hunny-bunny password: hunny-bunny
username: user username: user
clusterDomain: cluster.local clusterDomain: cluster.local
ingress: ingress:
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-production cert-manager.io/cluster-issuer: letsencrypt-production
nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
enabled: true enabled: true
extraHosts: [] extraHosts: []
extraPaths: [] extraPaths: []
extraRules: [] extraRules: []
hostname: rabbitmq.svc.oceanbox.io hostname: rabbitmq.svc.oceanbox.io
ingressClassName: "" ingressClassName: ""
path: / path: /
pathType: ImplementationSpecific pathType: ImplementationSpecific
secrets: [] secrets: []
selfSigned: false selfSigned: false
tls: true tls: true
persistence: persistence:
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
enabled: true enabled: true
existingClaim: "" existingClaim: ""
size: 8Gi size: 8Gi
storageClass: "" storageClass: ""
- repoURL: https://gitlab.com/oceanbox/manifests
targetRevision: HEAD
path: rabbitmq/manifests
redis/application.yaml
+17 -15
View File
@@ -8,18 +8,20 @@ spec:
destination: destination:
server: https://kubernetes.default.svc server: https://kubernetes.default.svc
namespace: atlantis namespace: atlantis
source: sources:
repoURL: https://charts.bitnami.com/bitnami - repoURL: https://charts.bitnami.com/bitnami
targetRevision: 18.9.1 targetRevision: 18.9.1
chart: redis chart: redis
helm: helm:
values: | values: |
architecture: replication architecture: replication
auth: auth:
enabled: true enabled: true
sentinel: true sentinel: true
password: "" password: ""
existingSecret: "" existingSecret: ""
existingSecretPasswordKey: "" existingSecretPasswordKey: ""
usePasswordFiles: false usePasswordFiles: false
- repoURL: https://gitlab.com/oceanbox/manifests
targetRevision: HEAD
path: redis/manifests