feat: Migrate sys applications to helmfile #24
+5
-24
@@ -2,10 +2,10 @@
|
||||
|
||||
helmfile () {
|
||||
|
||||
tier=$2
|
||||
name=$1
|
||||
tier=$2
|
||||
|
||||
cat << EOF
|
||||
cat <<EOF
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
@@ -38,30 +38,11 @@ releases:
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- '{{\`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}\`}}'
|
||||
- '{{\`{{ .Release.Chart }}\`}}'
|
||||
- '{{\`{{ .Environment.Name }}\`}}'
|
||||
- ../values/$name/manifests
|
||||
- _$name-manifests
|
||||
- name: $name-app
|
||||
namespace: argocd
|
||||
chart: _$name-app
|
||||
condition: $name.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/$name/values.yaml.gotmpl
|
||||
- ../values/$name/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/$name/app.yaml
|
||||
- _$name-app
|
||||
EOF
|
||||
}
|
||||
|
||||
|
||||
@@ -47,11 +47,11 @@ releases:
|
||||
namespace: argocd
|
||||
chart: _argo
|
||||
condition: argo.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/argo/values.yaml.gotmpl
|
||||
- ../values/argo/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
missingFileHandler: Info
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
|
||||
@@ -0,0 +1,37 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
commonLabels:
|
||||
tier: sys
|
||||
|
||||
releases:
|
||||
- name: cert-manager
|
||||
namespace: {{ .Environment.Name }}-cert-manager
|
||||
chart: ../charts/cert-manager
|
||||
condition: cert-manager.enabled
|
||||
values:
|
||||
- ../values/cert-manager/values/cert-manager.yaml.gotmpl
|
||||
- ../values/cert-manager/values/cert-manager-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/cert-manager/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: cert-manager-manifests
|
||||
namespace: {{ .Environment.Name }}-cert-manager
|
||||
chart: _cert-manager-manifests
|
||||
condition: cert-manager.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/cert-manager/values.yaml.gotmpl
|
||||
- ../values/cert-manager/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/cert-manager/manifests
|
||||
- _cert-manager-manifests
|
||||
@@ -39,6 +39,7 @@ releases:
|
||||
namespace: cilium
|
||||
chart: _cilium-manifests
|
||||
condition: cilium.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/cilium/values.yaml.gotmpl
|
||||
|
||||
@@ -0,0 +1,42 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
repositories:
|
||||
- name: dapr
|
||||
url: 'https://dapr.github.io/helm-charts/'
|
||||
|
||||
commonLabels:
|
||||
tier: aux
|
||||
|
||||
releases:
|
||||
- name: dapr
|
||||
namespace: dapr-system
|
||||
chart: dapr/dapr
|
||||
version: 1.14.4
|
||||
condition: dapr.enabled
|
||||
values:
|
||||
- ../values/dapr/values/dapr.yaml.gotmpl
|
||||
- ../values/dapr/values/dapr-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/dapr/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: dapr-manifests
|
||||
namespace: dapr
|
||||
chart: _dapr-manifests
|
||||
condition: dapr.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/dapr/values.yaml.gotmpl
|
||||
- ../values/dapr/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/dapr/manifests
|
||||
- _dapr-manifests
|
||||
@@ -0,0 +1,37 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
commonLabels:
|
||||
tier: aux
|
||||
|
||||
releases:
|
||||
- name: geoserver
|
||||
namespace: {{ .Environment.Name }}-geoserver
|
||||
chart: ../charts/geoserver
|
||||
condition: geoserver.enabled
|
||||
values:
|
||||
- ../values/geoserver/values/geoserver.yaml.gotmpl
|
||||
- ../values/geoserver/values/geoserver-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/geoserver/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: geoserver-manifests
|
||||
namespace: {{ .Environment.Name }}-geoserver
|
||||
chart: _geoserver-manifests
|
||||
condition: geoserver.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/geoserver/values.yaml.gotmpl
|
||||
- ../values/geoserver/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/geoserver/manifests
|
||||
- _geoserver-manifests
|
||||
@@ -0,0 +1,37 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
commonLabels:
|
||||
tier: aux
|
||||
|
||||
releases:
|
||||
- name: headscale
|
||||
namespace: {{ .Environment.Name }}-headscale
|
||||
chart: ../charts/headscale
|
||||
condition: headscale.enabled
|
||||
values:
|
||||
- ../values/headscale/values/headscale.yaml.gotmpl
|
||||
- ../values/headscale/values/headscale-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/headscale/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: headscale-manifests
|
||||
namespace: {{ .Environment.Name }}-headscale
|
||||
chart: _headscale-manifests
|
||||
condition: headscale.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/headscale/values.yaml.gotmpl
|
||||
- ../values/headscale/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/headscale/manifests
|
||||
- _headscale-manifests
|
||||
@@ -0,0 +1,42 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
repositories:
|
||||
- name: ingress-nginx
|
||||
url: 'https://kubernetes.github.io/ingress-nginx'
|
||||
|
||||
commonLabels:
|
||||
tier: sys
|
||||
|
||||
releases:
|
||||
- name: ingress-nginx
|
||||
namespace: ingress-nginx
|
||||
chart: ingress-nginx/ingress-nginx
|
||||
version: 4.8.3
|
||||
condition: nginx.enabled
|
||||
values:
|
||||
- ../values/ingress-nginx/values/ingress-nginx.yaml.gotmpl
|
||||
- ../values/ingress-nginx/values/ingress-nginx-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/ingress-nginx/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: ingress-nginx-manifests
|
||||
namespace: ingress-nginx
|
||||
chart: _ingress-nginx-manifests
|
||||
condition: nginx.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/ingress-nginx/values.yaml.gotmpl
|
||||
- ../values/ingress-nginx/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/ingress-nginx/manifests
|
||||
- _ingress-nginx-manifests
|
||||
@@ -0,0 +1,42 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
repositories:
|
||||
- name: keycloak
|
||||
url: 'https://charts.bitnami.com/bitnami'
|
||||
|
||||
commonLabels:
|
||||
tier: aux
|
||||
|
||||
releases:
|
||||
- name: keycloak
|
||||
namespace: keycloak
|
||||
chart: keycloak/keycloak
|
||||
version: 24.0.2
|
||||
condition: keycloak.enabled
|
||||
values:
|
||||
- ../values/keycloak/values/keycloak.yaml.gotmpl
|
||||
- ../values/keycloak/values/keycloak-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/keycloak/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: keycloak-manifests
|
||||
namespace: keycloak
|
||||
chart: _keycloak-manifests
|
||||
condition: keycloak.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/keycloak/values.yaml.gotmpl
|
||||
- ../values/keycloak/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/keycloak/manifests
|
||||
- _keycloak-manifests
|
||||
@@ -28,11 +28,11 @@ releases:
|
||||
namespace: kyverno
|
||||
chart: _kyverno-manifests
|
||||
condition: kyverno.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/kyverno/values.yaml.gotmpl
|
||||
- ../values/kyverno/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
missingFileHandler: Info
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
|
||||
@@ -0,0 +1,42 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
repositories:
|
||||
- name: loki
|
||||
url: 'https://grafana.github.io/helm-charts'
|
||||
|
||||
commonLabels:
|
||||
tier: sys
|
||||
|
||||
releases:
|
||||
- name: loki
|
||||
namespace: loki
|
||||
chart: loki/loki
|
||||
version: 6.12.0
|
||||
condition: loki.enabled
|
||||
values:
|
||||
- ../values/loki/values/loki.yaml.gotmpl
|
||||
- ../values/loki/values/loki-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/loki/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: loki-manifests
|
||||
namespace: loki
|
||||
chart: _loki-manifests
|
||||
condition: loki.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/loki/values.yaml.gotmpl
|
||||
- ../values/loki/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/loki/manifests
|
||||
- _loki-manifests
|
||||
@@ -0,0 +1,37 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
commonLabels:
|
||||
tier: sys
|
||||
|
||||
releases:
|
||||
- name: metricsserver
|
||||
namespace: {{ .Environment.Name }}-metricsserver
|
||||
chart: ../charts/metricsserver
|
||||
condition: metricsserver.enabled
|
||||
values:
|
||||
- ../values/metricsserver/values/metricsserver.yaml.gotmpl
|
||||
- ../values/metricsserver/values/metricsserver-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/metricsserver/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: metricsserver-manifests
|
||||
namespace: {{ .Environment.Name }}-metricsserver
|
||||
chart: _metricsserver-manifests
|
||||
condition: metricsserver.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/metricsserver/values.yaml.gotmpl
|
||||
- ../values/metricsserver/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/metricsserver/manifests
|
||||
- _metricsserver-manifests
|
||||
@@ -0,0 +1,41 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
repositories:
|
||||
- name: openfga
|
||||
url: 'https://openfga.github.io/helm-charts'
|
||||
|
||||
commonLabels:
|
||||
tier: aux
|
||||
|
||||
releases:
|
||||
- name: openfga
|
||||
namespace: {{ .Environment.Name }}-openfga
|
||||
chart: openfga/openfga
|
||||
condition: openfga.enabled
|
||||
values:
|
||||
- ../values/openfga/values/openfga.yaml.gotmpl
|
||||
- ../values/openfga/values/openfga-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/openfga/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: openfga-manifests
|
||||
namespace: {{ .Environment.Name }}-openfga
|
||||
chart: _openfga-manifests
|
||||
condition: openfga.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/openfga/values.yaml.gotmpl
|
||||
- ../values/openfga/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/openfga/manifests
|
||||
- _openfga-manifests
|
||||
@@ -0,0 +1,37 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
commonLabels:
|
||||
tier: sys
|
||||
|
||||
releases:
|
||||
- name: otel-collector
|
||||
namespace: {{ .Environment.Name }}-otel-collector
|
||||
chart: ../charts/otel-collector
|
||||
condition: otel-collector.enabled
|
||||
values:
|
||||
- ../values/otel-collector/values/otel-collector.yaml.gotmpl
|
||||
- ../values/otel-collector/values/otel-collector-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/otel-collector/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: otel-collector-manifests
|
||||
namespace: {{ .Environment.Name }}-otel-collector
|
||||
chart: _otel-collector-manifests
|
||||
condition: otel-collector.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/otel-collector/values.yaml.gotmpl
|
||||
- ../values/otel-collector/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/otel-collector/manifests
|
||||
- _otel-collector-manifests
|
||||
@@ -0,0 +1,37 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
commonLabels:
|
||||
tier: aux
|
||||
|
||||
releases:
|
||||
- name: plausible
|
||||
namespace: {{ .Environment.Name }}-plausible
|
||||
chart: ../charts/plausible
|
||||
condition: plausible.enabled
|
||||
values:
|
||||
- ../values/plausible/values/plausible.yaml.gotmpl
|
||||
- ../values/plausible/values/plausible-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/plausible/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: plausible-manifests
|
||||
namespace: {{ .Environment.Name }}-plausible
|
||||
chart: _plausible-manifests
|
||||
condition: plausible.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/plausible/values.yaml.gotmpl
|
||||
- ../values/plausible/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/plausible/manifests
|
||||
- _plausible-manifests
|
||||
@@ -28,11 +28,11 @@ releases:
|
||||
namespace: cnpg
|
||||
chart: _postgres-operator-manifests
|
||||
condition: postgres_operator.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/postgres-operator/values.yaml.gotmpl
|
||||
- ../values/postgres-operator/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
missingFileHandler: Info
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
|
||||
@@ -25,6 +25,7 @@ releases:
|
||||
namespace: prometheus
|
||||
chart: _prometheus-manifests
|
||||
condition: prometheus.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/prometheus/values.yaml.gotmpl
|
||||
@@ -37,6 +38,6 @@ releases:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/prometheus/prometheus-manifests
|
||||
- ../values/prometheus/manifests
|
||||
- _prometheus-manifests
|
||||
|
||||
|
||||
@@ -0,0 +1,42 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
repositories:
|
||||
- name: rabbitmq
|
||||
url: 'https://charts.bitnami.com/bitnami'
|
||||
|
||||
commonLabels:
|
||||
tier: aux
|
||||
|
||||
releases:
|
||||
- name: rabbitmq
|
||||
namespace: {{ .Environment.Name }}-rabbitmq
|
||||
chart: rabbitmq/rabbitmq
|
||||
version: 12.9.0
|
||||
condition: rabbitmq.enabled
|
||||
values:
|
||||
- ../values/rabbitmq/values/rabbitmq.yaml.gotmpl
|
||||
- ../values/rabbitmq/values/rabbitmq-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/rabbitmq/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: rabbitmq-manifests
|
||||
namespace: {{ .Environment.Name }}-rabbitmq
|
||||
chart: _rabbitmq-manifests
|
||||
condition: rabbitmq.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/rabbitmq/values.yaml.gotmpl
|
||||
- ../values/rabbitmq/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/rabbitmq/manifests
|
||||
- _rabbitmq-manifests
|
||||
@@ -0,0 +1,42 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
repositories:
|
||||
- name: redis
|
||||
url: 'https://charts.bitnami.com/bitnami'
|
||||
|
||||
commonLabels:
|
||||
tier: aux
|
||||
|
||||
releases:
|
||||
- name: redis
|
||||
namespace: {{ .Environment.Name }}-redis
|
||||
chart: redis/redis
|
||||
condition: redis.enabled
|
||||
version: 19.5.2
|
||||
values:
|
||||
- ../values/redis/values/redis.yaml.gotmpl
|
||||
- ../values/redis/values/redis-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/redis/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: redis-manifests
|
||||
namespace: {{ .Environment.Name }}-redis
|
||||
chart: _redis-manifests
|
||||
condition: redis.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/redis/values.yaml.gotmpl
|
||||
- ../values/redis/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/redis/manifests
|
||||
- _redis-manifests
|
||||
@@ -0,0 +1,43 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
repositories:
|
||||
- name: tempo
|
||||
url: 'https://grafana.github.io/helm-charts'
|
||||
|
||||
commonLabels:
|
||||
tier: sys
|
||||
|
||||
releases:
|
||||
- name: tempo
|
||||
namespace: tempo
|
||||
chart: tempo/tempo
|
||||
version: 0.14.0
|
||||
condition: tempo.enabled
|
||||
values:
|
||||
- ../values/tempo/values/tempo.yaml.gotmpl
|
||||
- ../values/tempo/values/tempo-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/tempo/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: tempo-manifests
|
||||
namespace: tempo
|
||||
chart: _tempo-manifests
|
||||
condition: tempo.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/tempo/values.yaml.gotmpl
|
||||
- ../values/tempo/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/tempo/manifests
|
||||
- _tempo-manifests
|
||||
|
||||
@@ -25,11 +25,11 @@ releases:
|
||||
namespace: velero
|
||||
chart: _velero-manifests
|
||||
condition: velero.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/velero/values.yaml.gotmpl
|
||||
- ../values/velero/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
missingFileHandler: Info
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
|
||||
@@ -0,0 +1,37 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
commonLabels:
|
||||
tier: sys
|
||||
|
||||
releases:
|
||||
- name: wordpress
|
||||
namespace: {{ .Environment.Name }}-wordpress
|
||||
chart: ../charts/wordpress
|
||||
condition: wordpress.enabled
|
||||
values:
|
||||
- ../values/wordpress/values/wordpress.yaml.gotmpl
|
||||
- ../values/wordpress/values/wordpress-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/wordpress/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: wordpress-manifests
|
||||
namespace: {{ .Environment.Name }}-wordpress
|
||||
chart: _wordpress-manifests
|
||||
condition: wordpress.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/wordpress/values.yaml.gotmpl
|
||||
- ../values/wordpress/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/wordpress/manifests
|
||||
- _wordpress-manifests
|
||||
@@ -0,0 +1,37 @@
|
||||
bases:
|
||||
- ../envs/environments.yaml.gotmpl
|
||||
|
||||
commonLabels:
|
||||
tier: sys
|
||||
|
||||
releases:
|
||||
- name: x509-exporter
|
||||
namespace: {{ .Environment.Name }}-x509-exporter
|
||||
chart: ../charts/x509-exporter
|
||||
condition: x509-exporter.enabled
|
||||
values:
|
||||
- ../values/x509-exporter/values/x509-exporter.yaml.gotmpl
|
||||
- ../values/x509-exporter/values/x509-exporter-{{ .Environment.Name }}.yaml.gotmpl
|
||||
postRenderer: ../bin/kustomizer
|
||||
postRendererArgs:
|
||||
- ../values/x509-exporter/kustomize/{{ .Environment.Name }}
|
||||
missingFileHandler: Info
|
||||
- name: x509-exporter-manifests
|
||||
namespace: {{ .Environment.Name }}-x509-exporter
|
||||
chart: _x509-exporter-manifests
|
||||
condition: x509-exporter.enabled
|
||||
missingFileHandler: Info
|
||||
values:
|
||||
- ../values/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml
|
||||
- ../values/x509-exporter/values.yaml.gotmpl
|
||||
- ../values/x509-exporter/values-{{ requiredEnv "CLUSTER_NAME" }}.yaml.gotmpl
|
||||
hooks:
|
||||
- events: [ prepare, cleanup ]
|
||||
showlogs: true
|
||||
command: ../bin/helmify
|
||||
args:
|
||||
- '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
|
||||
- '{{`{{ .Release.Chart }}`}}'
|
||||
- '{{`{{ .Environment.Name }}`}}'
|
||||
- ../values/x509-exporter/manifests
|
||||
- _x509-exporter-manifests
|
||||
@@ -2,11 +2,12 @@
|
||||
default:
|
||||
just --list -u
|
||||
|
||||
# NOTE: Render a specifc helm chart
|
||||
r HELMFILE ENV:
|
||||
# Lint a specifc helm chart
|
||||
l HELMFILE ENV="default":
|
||||
# helmfile --environment={{ENV}} lint --args --quiet --skip-deps --skip-refresh -f helmfile.d/{{HELMFILE}}.yaml.gotmpl
|
||||
helmfile --environment={{ENV}} lint --args --quiet -f helmfile.d/{{HELMFILE}}.yaml.gotmpl
|
||||
#
|
||||
# NOTE: Render charts for one environment
|
||||
# render ENV="staging":
|
||||
|
||||
|
||||
# NOTE: Render a specifc helm chart
|
||||
r HELMFILE ENV="default":
|
||||
helmfile --environment={{ENV}} template -q -f helmfile.d/{{HELMFILE}}.yaml.gotmpl --output-dir-template="../_manifests/{{HELMFILE}}/{{ENV}}/{{{{.Release.Name }}"
|
||||
|
||||
|
||||
@@ -0,0 +1,38 @@
|
||||
{{- if .Values.clusterConfig.argo.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: dapr
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: dapr-system
|
||||
server: 'https://kubernetes.default.svc'
|
||||
sources:
|
||||
- repoURL: {{ .Values.clusterConfig.manifests }}
|
||||
targetRevision: HEAD
|
||||
path: helmfiles/dapr
|
||||
plugin:
|
||||
name: helmfile
|
||||
env:
|
||||
- name: CLUSTER_NAME
|
||||
value: {{ .Values.clusterConfig.cluster }}
|
||||
project: default
|
||||
syncPolicy:
|
||||
managedNamespaceMetadata:
|
||||
labels:
|
||||
component: aux
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
# - ServerSideApply=true
|
||||
{{- if .Values.dapr.autosync }}
|
||||
automated:
|
||||
prune: true
|
||||
# selfHeal: false
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,2 @@
|
||||
dapr:
|
||||
enabled: true
|
||||
@@ -0,0 +1,3 @@
|
||||
global:
|
||||
ha:
|
||||
enabled: true
|
||||
@@ -0,0 +1,31 @@
|
||||
{{- if .Values.clusterConfig.argo.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: ingress-nginx
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
spec:
|
||||
destination:
|
||||
namespace: ingress-nginx
|
||||
server: 'https://kubernetes.default.svc'
|
||||
sources:
|
||||
- repoURL: {{ .Values.clusterConfig.manifests }}
|
||||
targetRevision: HEAD
|
||||
path: helmfiles/ingress-nginx
|
||||
plugin:
|
||||
name: helmfile
|
||||
env:
|
||||
- name: CLUSTER_NAME
|
||||
value: {{ .Values.clusterConfig.cluster }}
|
||||
project: sys
|
||||
syncPolicy:
|
||||
syncOptions:
|
||||
- ServerSideApply=true
|
||||
{{- if .Values.nginx.autosync }}
|
||||
automated:
|
||||
prune: true
|
||||
# selfHeal: false
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,9 @@
|
||||
nginx:
|
||||
enabled: true
|
||||
autosync: true
|
||||
pdb:
|
||||
minAvailable: 1
|
||||
resources:
|
||||
controller:
|
||||
cpu: "100m"
|
||||
memory: "100Mi"
|
||||
@@ -0,0 +1,98 @@
|
||||
## nginx configuration
|
||||
## Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/index.md
|
||||
##
|
||||
## Overrides for generated resource names
|
||||
# See templates/_helpers.tpl
|
||||
# nameOverride:
|
||||
fullnameOverride: main-ingress-nginx
|
||||
controller:
|
||||
resources:
|
||||
limits:
|
||||
memory: {{ .Values.nginx.resources.controller.memory }}
|
||||
requests:
|
||||
cpu: {{ .Values.nginx.resources.controller.cpu }}
|
||||
memory: {{ .Values.nginx.resources.controller.memory }}
|
||||
|
||||
ingressClassResource:
|
||||
default: true
|
||||
|
||||
tolerations:
|
||||
- key: unschedulable
|
||||
operator: Exists
|
||||
effect: NoSchedule
|
||||
- key: node-role.kubernetes.io/control-plane
|
||||
operator: Exists
|
||||
effect: NoSchedule
|
||||
|
||||
affinity:
|
||||
nodeAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
nodeSelectorTerms:
|
||||
- matchExpressions:
|
||||
- key: kubernetes.io/hostname
|
||||
operator: In
|
||||
values: {{ .Values.clusterConfig.ingress_nodes }}
|
||||
|
||||
podAntiAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
- labelSelector:
|
||||
matchExpressions:
|
||||
- key: app.kubernetes.io/instance
|
||||
operator: In
|
||||
values:
|
||||
- ingress-nginx
|
||||
- key: app.kubernetes.io/component
|
||||
operator: In
|
||||
values:
|
||||
- controller
|
||||
topologyKey: "kubernetes.io/hostname"
|
||||
|
||||
podAnnotations:
|
||||
config.linkerd.io/skip-inbound-ports: 80,443
|
||||
|
||||
replicaCount: {{ .Values.clusterConfig.ingress_replica_count }}
|
||||
|
||||
minAvailable: {{ .Values.nginx.pdb.minAvailable }}
|
||||
|
||||
service:
|
||||
externalTrafficPolicy: Local
|
||||
# type: ClusterIP
|
||||
type: NodePort
|
||||
# nodePorts:
|
||||
# http: 32080
|
||||
# https: 32443
|
||||
# tcp:
|
||||
# 8080: 32808
|
||||
nodePorts:
|
||||
http: 30080
|
||||
https: 30443
|
||||
tcp: {}
|
||||
udp: {}
|
||||
|
||||
metrics:
|
||||
enabled: true
|
||||
|
||||
service:
|
||||
annotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/port: "10254"
|
||||
|
||||
servicePort: 9913
|
||||
type: ClusterIP
|
||||
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
|
||||
## Default 404 backend
|
||||
##
|
||||
defaultBackend:
|
||||
enabled: true
|
||||
|
||||
tolerations:
|
||||
- key: unschedulable
|
||||
operator: Exists
|
||||
effect: NoSchedule
|
||||
|
||||
@@ -0,0 +1,40 @@
|
||||
{{- if .Values.clusterConfig.argo.enabled }}
|
||||
{{- range .Values.keycloak.envs }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: {{ . }}-keycloak
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: keycloak
|
||||
server: 'https://kubernetes.default.svc'
|
||||
sources:
|
||||
- repoURL: {{ .Values.clusterConfig.manifests }}
|
||||
targetRevision: HEAD
|
||||
path: helmfiles/keycloak
|
||||
plugin:
|
||||
name: helmfile
|
||||
env:
|
||||
- name: CLUSTER_NAME
|
||||
value: {{ .Values.clusterConfig.cluster }}
|
||||
project: aux
|
||||
syncPolicy:
|
||||
managedNamespaceMetadata:
|
||||
labels:
|
||||
component: aux
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
# - ServerSideApply=true
|
||||
{{- if .Values.keycloak.autosync }}
|
||||
automated:
|
||||
prune: true
|
||||
# selfHeal: false
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,2 @@
|
||||
keycloak:
|
||||
enabled: true
|
||||
@@ -0,0 +1,38 @@
|
||||
{{- if .Values.clusterConfig.argo.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: loki
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: loki
|
||||
server: 'https://kubernetes.default.svc'
|
||||
sources:
|
||||
- repoURL: {{ .Values.clusterConfig.manifests }}
|
||||
targetRevision: HEAD
|
||||
path: helmfiles/loki
|
||||
plugin:
|
||||
name: helmfile
|
||||
env:
|
||||
- name: CLUSTER_NAME
|
||||
value: {{ .Values.clusterConfig.cluster }}
|
||||
project: sys
|
||||
syncPolicy:
|
||||
managedNamespaceMetadata:
|
||||
labels:
|
||||
component: sys
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
# - ServerSideApply=true
|
||||
{{- if .Values.loki.autosync }}
|
||||
automated:
|
||||
prune: true
|
||||
# selfHeal: false
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,16 @@
|
||||
loki:
|
||||
enabled: true
|
||||
autosync: true
|
||||
compactor: false
|
||||
s3:
|
||||
endpoint: ""
|
||||
region: ""
|
||||
insecure_skip_verify: false
|
||||
secret:
|
||||
name: ""
|
||||
access_key: ""
|
||||
access_secret: ""
|
||||
buckets:
|
||||
chunks: ""
|
||||
ruler: ""
|
||||
admin: ""
|
||||
@@ -0,0 +1,103 @@
|
||||
loki:
|
||||
auth_enabled: false
|
||||
storage:
|
||||
bucketNames:
|
||||
chunks: {{ .Values.loki.buckets.chunks }}
|
||||
ruler: {{ .Values.loki.buckets.ruler }}
|
||||
admin: {{ .Values.loki.buckets.admin }}
|
||||
s3:
|
||||
endpoint: {{ .Values.loki.s3.endpoint | default "https://s3.production.itpartner.no" }}
|
||||
region: {{ .Values.loki.s3.region | default "us-east-1" }}
|
||||
secretAccessKey: ${S3SECRET}
|
||||
accessKeyId: ${S3KEY}
|
||||
s3ForcePathStyle: true
|
||||
{{- if .Values.loki.s3.insecure_skip_verify }}
|
||||
http_config:
|
||||
insecure_skip_verify: true
|
||||
{{- end }}
|
||||
schemaConfig:
|
||||
configs:
|
||||
- from: "2022-09-28"
|
||||
index:
|
||||
period: 24h
|
||||
prefix: loki_index_
|
||||
object_store: s3
|
||||
schema: v13
|
||||
store: tsdb
|
||||
{{- if .Values.loki.compactor }}
|
||||
compactor:
|
||||
compaction_interval: 10m
|
||||
working_directory: /tmp/loki/compactor
|
||||
retention_enabled: true
|
||||
retention_delete_delay: 2h
|
||||
retention_delete_worker_count: 150
|
||||
delete_request_store: s3
|
||||
{{- end }}
|
||||
write:
|
||||
extraArgs:
|
||||
- -config.expand-env=true
|
||||
extraEnv:
|
||||
- name: S3KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.loki.secret.name | default "s3-credentials"}}
|
||||
key: {{ .Values.loki.secret.access_key | default "access_key" }}
|
||||
- name: S3SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.loki.secret.name | default "s3-credentials"}}
|
||||
key: {{ .Values.loki.secret.access_key | default "access_secret" }}
|
||||
tolerations:
|
||||
- effect: "NoSchedule"
|
||||
operator: "Equal"
|
||||
key: "unschedulable"
|
||||
value: "true"
|
||||
read:
|
||||
extraArgs:
|
||||
- -config.expand-env=true
|
||||
extraEnv:
|
||||
- name: S3KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.loki.secret.name | default "s3-credentials"}}
|
||||
key: {{ .Values.loki.secret.access_key | default "access_key" }}
|
||||
- name: S3SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.loki.secret.name | default "s3-credentials"}}
|
||||
key: {{ .Values.loki.secret.access_key | default "access_secret" }}
|
||||
tolerations:
|
||||
- effect: "NoSchedule"
|
||||
operator: "Equal"
|
||||
key: "unschedulable"
|
||||
value: "true"
|
||||
{{- if .Values.loki.compactor }}
|
||||
compactor:
|
||||
extraArgs:
|
||||
- -config.expand-env=true
|
||||
extraEnv:
|
||||
- name: S3KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.loki.secret.name | default "s3-credentials"}}
|
||||
key: {{ .Values.loki.secret.access_key | default "access_key" }}
|
||||
- name: S3SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.loki.secret.name | default "s3-credentials"}}
|
||||
key: {{ .Values.loki.secret.access_key | default "access_secret" }}
|
||||
{{- end }}
|
||||
backend:
|
||||
extraArgs:
|
||||
- -config.expand-env=true
|
||||
extraEnv:
|
||||
- name: S3KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.loki.secret.name | default "s3-credentials"}}
|
||||
key: {{ .Values.loki.secret.access_key | default "access_key" }}
|
||||
- name: S3SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.loki.secret.name | default "s3-credentials"}}
|
||||
key: {{ .Values.loki.secret.access_key | default "access_secret" }}
|
||||
@@ -0,0 +1,4 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- _manifest.yaml
|
||||
@@ -0,0 +1,40 @@
|
||||
{{- if .Values.clusterConfig.argo.enabled }}
|
||||
{{- range .Values.openfga.envs }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: {{ . }}-openfga
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: openfga
|
||||
server: 'https://kubernetes.default.svc'
|
||||
sources:
|
||||
- repoURL: {{ .Values.clusterConfig.manifests }}
|
||||
targetRevision: HEAD
|
||||
path: helmfiles/openfga
|
||||
plugin:
|
||||
name: helmfile
|
||||
env:
|
||||
- name: CLUSTER_NAME
|
||||
value: {{ .Values.clusterConfig.cluster }}
|
||||
project: sys
|
||||
syncPolicy:
|
||||
managedNamespaceMetadata:
|
||||
labels:
|
||||
component: aux
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
# - ServerSideApply=true
|
||||
{{- if .Values.openfga.autosync }}
|
||||
automated:
|
||||
prune: true
|
||||
# selfHeal: false
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,5 @@
|
||||
openfga:
|
||||
enabled: true
|
||||
envs:
|
||||
- prod
|
||||
- staging
|
||||
@@ -5,23 +5,23 @@ datastore:
|
||||
uriSecret: prod-openfga-db-superuser
|
||||
migrationType: initContainer
|
||||
|
||||
postgresql:
|
||||
enabled: false
|
||||
|
||||
playground:
|
||||
enabled: false
|
||||
|
||||
telemetry:
|
||||
metrics:
|
||||
enabled: true
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
enableRPCHistograms: true
|
||||
trace:
|
||||
enabled: true
|
||||
otlp:
|
||||
endpoint: opentelemetry-collector.otel.svc.cluster.local:4317
|
||||
sampleRatio: 0.1
|
||||
#postgresql:
|
||||
# enabled: false
|
||||
#
|
||||
#playground:
|
||||
# enabled: false
|
||||
#
|
||||
#telemetry:
|
||||
# metrics:
|
||||
# enabled: true
|
||||
# serviceMonitor:
|
||||
# enabled: true
|
||||
# enableRPCHistograms: true
|
||||
# trace:
|
||||
# enabled: true
|
||||
# otlp:
|
||||
# endpoint: opentelemetry-collector.otel.svc.cluster.local:4317
|
||||
# sampleRatio: 0.1
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
@@ -55,3 +55,4 @@ extraObjects:
|
||||
backup:
|
||||
retentionPolicy: 60d
|
||||
target: prefer-standby
|
||||
|
||||
+18
-17
@@ -5,23 +5,23 @@ datastore:
|
||||
uriSecret: staging-openfga-db-superuser
|
||||
migrationType: initContainer
|
||||
|
||||
postgresql:
|
||||
enabled: false
|
||||
|
||||
playground:
|
||||
enabled: false
|
||||
|
||||
telemetry:
|
||||
metrics:
|
||||
enabled: true
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
enableRPCHistograms: true
|
||||
trace:
|
||||
enabled: true
|
||||
otlp:
|
||||
endpoint: opentelemetry-collector.otel.svc.cluster.local:4317
|
||||
sampleRatio: 0.1
|
||||
#postgresql:
|
||||
# enabled: false
|
||||
#
|
||||
#playground:
|
||||
# enabled: false
|
||||
#
|
||||
#telemetry:
|
||||
# metrics:
|
||||
# enabled: true
|
||||
# serviceMonitor:
|
||||
# enabled: true
|
||||
# enableRPCHistograms: true
|
||||
# trace:
|
||||
# enabled: true
|
||||
# otlp:
|
||||
# endpoint: opentelemetry-collector.otel.svc.cluster.local:4317
|
||||
# sampleRatio: 0.1
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
@@ -76,3 +76,4 @@ extraObjects:
|
||||
sslRootCert:
|
||||
key: ca.crt
|
||||
name: prod-openfga-db-ca
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
postgresql:
|
||||
enabled: false
|
||||
|
||||
playground:
|
||||
enabled: false
|
||||
|
||||
telemetry:
|
||||
metrics:
|
||||
enabled: true
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
enableRPCHistograms: true
|
||||
trace:
|
||||
enabled: true
|
||||
otlp:
|
||||
endpoint: opentelemetry-collector.otel.svc.cluster.local:4317
|
||||
sampleRatio: 0.1
|
||||
@@ -0,0 +1,40 @@
|
||||
{{- if .Values.clusterConfig.argo.enabled }}
|
||||
{{- range .Values.rabbitmq.envs }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: {{ . }}-rabbitmq
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: {{ . }}-rabbitmq
|
||||
server: 'https://kubernetes.default.svc'
|
||||
sources:
|
||||
- repoURL: {{ .Values.clusterConfig.manifests }}
|
||||
targetRevision: HEAD
|
||||
path: helmfiles/rabbitmq
|
||||
plugin:
|
||||
name: helmfile
|
||||
env:
|
||||
- name: CLUSTER_NAME
|
||||
value: {{ .Values.clusterConfig.cluster }}
|
||||
project: aux
|
||||
syncPolicy:
|
||||
managedNamespaceMetadata:
|
||||
labels:
|
||||
component: aux
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
# - ServerSideApply=true
|
||||
{{- if .Values.rabbitmq.autosync }}
|
||||
automated:
|
||||
prune: true
|
||||
# selfHeal: false
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,2 @@
|
||||
rabbitmq:
|
||||
enabled: true
|
||||
@@ -5,7 +5,7 @@ auth:
|
||||
existingPasswordSecret: prod-rabbitmq
|
||||
password: ""
|
||||
username: user
|
||||
clusterDomain: cluster.local
|
||||
#clusterDomain: cluster.local
|
||||
ingress:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
@@ -22,11 +22,10 @@ ingress:
|
||||
secrets: []
|
||||
selfSigned: false
|
||||
tls: true
|
||||
persistence:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
enabled: true
|
||||
existingClaim: ""
|
||||
size: 8Gi
|
||||
storageClass: ""
|
||||
|
||||
#persistence:
|
||||
# accessModes:
|
||||
# - ReadWriteOnce
|
||||
# enabled: true
|
||||
# existingClaim: ""
|
||||
# size: 8Gi
|
||||
# storageClass: ""
|
||||
+8
-8
@@ -5,7 +5,7 @@ auth:
|
||||
existingPasswordSecret: staging-rabbitmq
|
||||
password: ""
|
||||
username: user
|
||||
clusterDomain: cluster.local
|
||||
#clusterDomain: cluster.local
|
||||
ingress:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-staging
|
||||
@@ -28,11 +28,11 @@ ingress:
|
||||
secrets: []
|
||||
selfSigned: false
|
||||
tls: true
|
||||
persistence:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
enabled: true
|
||||
existingClaim: ""
|
||||
size: 8Gi
|
||||
storageClass: ""
|
||||
#persistence:
|
||||
# accessModes:
|
||||
# - ReadWriteOnce
|
||||
# enabled: true
|
||||
# existingClaim: ""
|
||||
# size: 8Gi
|
||||
# storageClass: ""
|
||||
|
||||
@@ -0,0 +1,8 @@
|
||||
clusterDomain: cluster.local
|
||||
persistence:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
enabled: true
|
||||
existingClaim: ""
|
||||
size: 8Gi
|
||||
storageClass: ""
|
||||
@@ -0,0 +1,4 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- _manifest.yaml
|
||||
@@ -0,0 +1,5 @@
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
||||
resources:
|
||||
- ../base
|
||||
- nodeport.yaml
|
||||
@@ -0,0 +1,6 @@
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
||||
resources:
|
||||
- ../base
|
||||
- nodeport.yaml
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: stagin-redis-nodeport
|
||||
name: staging-redis-nodeport
|
||||
spec:
|
||||
externalTrafficPolicy: Cluster
|
||||
ports:
|
||||
@@ -0,0 +1,45 @@
|
||||
{{- if .Values.clusterConfig.argo.enabled }}
|
||||
{{- range .Values.redis.envs }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: {{ . }}-redis
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: {{ . }}-redis
|
||||
server: 'https://kubernetes.default.svc'
|
||||
sources:
|
||||
- repoURL: {{ .Values.clusterConfig.manifests }}
|
||||
targetRevision: HEAD
|
||||
path: helmfiles/redis
|
||||
plugin:
|
||||
name: helmfile
|
||||
env:
|
||||
- name: CLUSTER_NAME
|
||||
value: {{ .Values.clusterConfig.cluster }}
|
||||
project: aux
|
||||
syncPolicy:
|
||||
managedNamespaceMetadata:
|
||||
labels:
|
||||
component: aux
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
# - ServerSideApply=true
|
||||
{{- if .Values.redis.autosync }}
|
||||
automated:
|
||||
prune: true
|
||||
# selfHeal: false
|
||||
{{- end }}
|
||||
ignoreDifferences:
|
||||
- group: apps
|
||||
kind: StatefulSet
|
||||
jqPathExpressions:
|
||||
- '.spec.template.spec.containers[].resources.limits.cpu'
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,5 @@
|
||||
redis:
|
||||
enabled: true
|
||||
envs:
|
||||
- prod
|
||||
- staging
|
||||
@@ -17,21 +17,20 @@ replica:
|
||||
# - "--loadmodule"
|
||||
# - "/opt/redis-stack/lib/rejson.so"
|
||||
|
||||
auth:
|
||||
enabled: true
|
||||
sentinel: true
|
||||
password: ""
|
||||
usePasswordFiles: false
|
||||
existingSecretPasswordKey: ""
|
||||
# existingSecret: staging-redis
|
||||
|
||||
master:
|
||||
resources:
|
||||
limits:
|
||||
ephemeral-storage: 1024Mi
|
||||
memory: 192Mi
|
||||
requests:
|
||||
cpu: 150m
|
||||
ephemeral-storage: 50Mi
|
||||
memory: 128Mi
|
||||
#auth:
|
||||
# enabled: true
|
||||
# sentinel: true
|
||||
# password: ""
|
||||
# usePasswordFiles: false
|
||||
# existingSecretPasswordKey: ""
|
||||
# # existingSecret: prod-redis
|
||||
|
||||
#master:
|
||||
# resources:
|
||||
# limits:
|
||||
# ephemeral-storage: 1024Mi
|
||||
# memory: 192Mi
|
||||
# requests:
|
||||
# cpu: 150m
|
||||
# ephemeral-storage: 50Mi
|
||||
# memory: 128Mi
|
||||
@@ -17,21 +17,20 @@ replica:
|
||||
# - "--loadmodule"
|
||||
# - "/opt/redis-stack/lib/rejson.so"
|
||||
|
||||
auth:
|
||||
enabled: true
|
||||
sentinel: true
|
||||
password: ""
|
||||
usePasswordFiles: false
|
||||
existingSecretPasswordKey: ""
|
||||
# existingSecret: staging-redis
|
||||
|
||||
master:
|
||||
resources:
|
||||
limits:
|
||||
ephemeral-storage: 1024Mi
|
||||
memory: 192Mi
|
||||
requests:
|
||||
cpu: 150m
|
||||
ephemeral-storage: 50Mi
|
||||
memory: 128Mi
|
||||
#auth:
|
||||
# enabled: true
|
||||
# sentinel: true
|
||||
# password: ""
|
||||
# usePasswordFiles: false
|
||||
# existingSecretPasswordKey: ""
|
||||
# # existingSecret: staging-redis
|
||||
|
||||
#master:
|
||||
# resources:
|
||||
# limits:
|
||||
# ephemeral-storage: 1024Mi
|
||||
# memory: 192Mi
|
||||
# requests:
|
||||
# cpu: 150m
|
||||
# ephemeral-storage: 50Mi
|
||||
# memory: 128Mi
|
||||
@@ -0,0 +1,17 @@
|
||||
auth:
|
||||
enabled: true
|
||||
sentinel: true
|
||||
password: ""
|
||||
usePasswordFiles: false
|
||||
existingSecretPasswordKey: ""
|
||||
# existingSecret: prod-redis
|
||||
|
||||
master:
|
||||
resources:
|
||||
limits:
|
||||
ephemeral-storage: 1024Mi
|
||||
memory: 192Mi
|
||||
requests:
|
||||
cpu: 150m
|
||||
ephemeral-storage: 50Mi
|
||||
memory: 128Mi
|
||||
@@ -0,0 +1,4 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- _manifest.yaml
|
||||
@@ -0,0 +1,4 @@
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
||||
resources:
|
||||
- ../base
|
||||
@@ -0,0 +1,38 @@
|
||||
{{- if .Values.clusterConfig.argo.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: tempo
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: tempo
|
||||
server: 'https://kubernetes.default.svc'
|
||||
sources:
|
||||
- repoURL: {{ .Values.clusterConfig.manifests }}
|
||||
targetRevision: HEAD
|
||||
path: helmfiles/tempo
|
||||
plugin:
|
||||
name: helmfile
|
||||
env:
|
||||
- name: CLUSTER_NAME
|
||||
value: {{ .Values.clusterConfig.cluster }}
|
||||
project: sys
|
||||
syncPolicy:
|
||||
managedNamespaceMetadata:
|
||||
labels:
|
||||
component: sys
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
# - ServerSideApply=true
|
||||
{{- if .Values.tempo.autosync }}
|
||||
automated:
|
||||
prune: true
|
||||
# selfHeal: false
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,12 @@
|
||||
tempo:
|
||||
enabled: true
|
||||
autosync: true
|
||||
s3:
|
||||
endpoint: ""
|
||||
region: ""
|
||||
insecure_skip_verify: false
|
||||
secret:
|
||||
name: ""
|
||||
access_key: ""
|
||||
access_secret: ""
|
||||
bucketName: ""
|
||||
@@ -0,0 +1,53 @@
|
||||
tempo:
|
||||
reportingEnabled: false
|
||||
storage:
|
||||
trace:
|
||||
backend: s3
|
||||
s3:
|
||||
bucket: {{ .Values.tempo.bucketName | default "tempo-traces" }}
|
||||
endpoint: {{ .Values.tempo.s3.endpoint | default "https://s3.production.itpartner.no" }}
|
||||
prefix: traces
|
||||
access_key: ${S3KEY}
|
||||
secret_key: ${S3SECRET}
|
||||
forcepathstyle: true
|
||||
region: us-east-1
|
||||
{{- if .Values.tempo.s3.insecure_skip_verify }}
|
||||
tls_insecure_skip_verify: true
|
||||
{{- end }}
|
||||
local:
|
||||
path: /var/tempo/traces
|
||||
wal:
|
||||
path: /var/tempo/wal
|
||||
metricsGenerator:
|
||||
enabled: true
|
||||
remoteWriteUrl: "http://prom-prometheus.prometheus:9090/api/v1/write"
|
||||
extraArgs: { config.expand-env=true }
|
||||
extraEnv:
|
||||
- name: S3KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.tempo.secret.name | default "s3-credentials"}}
|
||||
key: {{ .Values.tempo.secret.access_key | default "access_key" }}
|
||||
- name: S3SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.tempo.secret.name | default "s3-credentials"}}
|
||||
key: {{ .Values.tempo.secret.access_key | default "access_secret" }}
|
||||
tempoQuery:
|
||||
ingress:
|
||||
enabled: true
|
||||
ingressClassName: nginx
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }}
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
{{- with .Values.cluster_config.ingress_whitelist_ips }}
|
||||
nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
|
||||
{{- end }}
|
||||
path: /
|
||||
pathType: Prefix
|
||||
hosts:
|
||||
- query.tempo.{{ .Values.cluster_config.domain }}
|
||||
tls:
|
||||
- secretName: tempo-query-tls
|
||||
hosts:
|
||||
- query.tempo.{{ .Values.cluster_config.domain }}
|
||||
@@ -0,0 +1,4 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- _manifest.yaml
|
||||
@@ -0,0 +1,4 @@
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
||||
resources:
|
||||
- ../base
|
||||
@@ -0,0 +1,38 @@
|
||||
{{- if .Values.clusterConfig.argo.enabled }}
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: x509-exporter
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
destination:
|
||||
namespace: x509-exporter
|
||||
server: 'https://kubernetes.default.svc'
|
||||
sources:
|
||||
- repoURL: {{ .Values.clusterConfig.manifests }}
|
||||
targetRevision: HEAD
|
||||
path: helmfiles/x509-exporter
|
||||
plugin:
|
||||
name: helmfile
|
||||
env:
|
||||
- name: CLUSTER_NAME
|
||||
value: {{ .Values.clusterConfig.cluster }}
|
||||
project: sys
|
||||
syncPolicy:
|
||||
managedNamespaceMetadata:
|
||||
labels:
|
||||
component: sys
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- ApplyOutOfSyncOnly=true
|
||||
# - ServerSideApply=true
|
||||
{{- if .Values.x509_exporter.autosync }}
|
||||
automated:
|
||||
prune: true
|
||||
# selfHeal: false
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,4 @@
|
||||
x509_exporter:
|
||||
enabled: true
|
||||
autosync: true
|
||||
alerts: true
|
||||
@@ -0,0 +1,16 @@
|
||||
secretsExporter:
|
||||
excludeNamespaces:
|
||||
- sealed-secrets
|
||||
excludeLabels:
|
||||
- cert-manager.io/*
|
||||
resources:
|
||||
limits:
|
||||
memory: 100Mi
|
||||
requests:
|
||||
cpu: 20m
|
||||
memory: 100Mi
|
||||
prometheusServiceMonitor:
|
||||
extraLabels:
|
||||
k8s-app: x509-exporter
|
||||
prometheusRules:
|
||||
create: false
|
||||
Reference in New Issue
Block a user