backend

template/stacks/core/argocd-sso/argocd-forgejo-access-token.yaml

@@ -1,29 +0,0 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: forgejo-access-token
-  namespace: argocd 
-spec:
-  secretStoreRef:
-    name: gitea
-    kind: ClusterSecretStore
-  refreshInterval: "0"
-  target:
-    name: forgejo-access-token
-    template:
-      engineVersion: v2
-      data:
-        forgejo_username: "{{.FORGEJO_ACCESS_USERNAME}}"
-        forgejo_token: "{{.FORGEJO_ACCESS_TOKEN}}"
-      metadata:
-        labels:
-          app.kubernetes.io/part-of: argocd
-  data:
-    - secretKey: FORGEJO_ACCESS_USERNAME
-      remoteRef:
-        key: forgejo-access-token
-        property: username
-    - secretKey: FORGEJO_ACCESS_TOKEN
-      remoteRef:
-        key: forgejo-access-token
-        property: token

template/stacks/core/argocd-sso/argocd-sso-config.yaml

@@ -1,54 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: argocd-config
-  namespace: argocd
-spec:
-  template:
-    metadata:
-      generateName: argocd-config-
-    spec:
-      restartPolicy: OnFailure
-      containers:
-        - name: push
-          image: docker.io/library/ubuntu:22.04
-          env:
-            - name: FORGEJO_USER
-              valueFrom:
-                secretKeyRef:
-                  name: forgejo-access-token
-                  key: forgejo_username
-            - name: FORGEJO_TOKEN
-              valueFrom:
-                secretKeyRef:
-                  name: forgejo-access-token
-                  key: forgejo_token
-          command: ["/bin/bash", "-c"]
-          args:
-            - |
-              #! /bin/bash
-
-              apt -qq update
-              apt -qq install git wget -y
-              if [[ "$(uname -m)" == "x86_64" ]]; then
-                wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_amd64
-                install yq_linux_amd64 /usr/local/bin/yq
-                rm yq_linux_amd64
-              else
-                wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_arm64
-                install yq_linux_arm64 /usr/local/bin/yq
-                rm yq_linux_arm64
-              fi
-
-              git config --global user.email "bot@bots.de"
-              git config --global user.name "bot"
-              
-              git clone https://${FORGEJO_USER}:${FORGEJO_TOKEN}@{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder.git
-              cd edfbuilder
-              yq eval '.configs.cm."oidc.config" = "name: Keycloak\nissuer: https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe\nclientID: argocd\nclientSecret: $auth-generic-oauth-secret:client_secret\nrequestedScopes: [\"openid\", \"profile\", \"email\", \"groups\"]"' -i stacks/core/argocd/values.yaml
-              
-              git add stacks/core/argocd/values.yaml
-              git commit -m "adds Forgejo SSO config"
-              git push
-  backoffLimit: 99           

template/stacks/core/crossplane-compositions.yaml

@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: crossplane-compositions
+  namespace: argocd
+  labels:
+    env: dev
+spec:
+  project: default
+  syncPolicy:
+    automated:
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+  destination:
+    name: in-cluster
+    namespace: crossplane-system
+  source:
+    path: stacks/core/crossplane-compositions
+    repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder
+    targetRevision: HEAD
+    directory:
+      recurse: true

template/stacks/core/crossplane-compositions/edfbuilder/definition.yaml

@@ -0,0 +1,30 @@
+apiVersion: apiextensions.crossplane.io/v1
+kind: CompositeResourceDefinition
+metadata:
+  name: edfbuilders.edfbuilder.crossplane.io
+spec:
+  connectionSecretKeys:
+    - kubeconfig
+  group: edfbuilder.crossplane.io
+  names:
+    kind: EDFBuilder
+    listKind: EDFBuilderList
+    plural: edfbuilders
+    singular: edfbuilders
+  versions:
+    - name: v1alpha1
+      served: true
+      referenceable: true
+      schema:
+        openAPIV3Schema:
+          description: A EDFBuilder is a composite resource that represents a K8S Cluster with edfbuilder Installed
+          type: object
+          properties:
+            spec:
+              type: object
+              properties:
+                repoURL:
+                  type: string
+                  description: URL to ArgoCD stack of stacks repo
+              required:
+                - repoURL

template/stacks/core/crossplane-providers.yaml

@@ -0,0 +1,23 @@
+{{{ if eq .Env.CLUSTER_TYPE "kind" }}}
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: crossplane-providers
+  namespace: argocd
+  labels:
+    env: dev
+spec:
+  project: default
+  syncPolicy:
+    automated:
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+  destination:
+    name: in-cluster
+    namespace: crossplane-system
+  source:
+    path: stacks/core/crossplane-providers
+    repoURL: https://{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder
+    targetRevision: HEAD
+{{{ end }}}

template/stacks/core/crossplane-providers/function-patch-and-transform.yaml

@@ -0,0 +1,9 @@
+apiVersion: pkg.crossplane.io/v1
+kind: Function
+metadata:
+  name: crossplane-contrib-function-patch-and-transform
+spec:
+  package: xpkg.upbound.io/crossplane-contrib/function-patch-and-transform:v0.7.0
+  packagePullPolicy: IfNotPresent # Only download the package if it isn’t in the cache.
+  revisionActivationPolicy: Automatic # Otherwise our Provider never gets activate & healthy
+  revisionHistoryLimit: 1

template/stacks/core/crossplane-providers/provider-argocd-config.yaml

@@ -0,0 +1,14 @@
+apiVersion: argocd.crossplane.io/v1alpha1
+kind: ProviderConfig
+metadata:
+  name: argocd-provider
+spec:
+  serverAddr: argocd-server.argocd.svc.cluster.local:80
+  insecure: true
+  plainText: true
+  credentials:
+    source: Secret
+    secretRef:
+      namespace: crossplane-system
+      name: argocd-credentials
+      key: authToken

template/stacks/core/crossplane-providers/provider-kind-config.yaml

@@ -0,0 +1,14 @@
+apiVersion: kind.crossplane.io/v1alpha1
+kind: ProviderConfig
+metadata:
+  name: kind-provider
+spec:
+  credentials:
+    source: Secret
+    secretRef:
+      namespace: crossplane-system
+      name: kind-credentials
+      key: credentials
+  endpoint:
+    # the url is managed by crossplane-edfbuilder
+    url: https://DOCKER_HOST:SERVER_PORT/api/v1/kindserver

template/stacks/core/crossplane.yaml

@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: crossplane
+  namespace: argocd
+  labels:
+    env: dev
+spec:
+  project: default
+  syncPolicy:
+    automated:
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+  destination:
+    name: in-cluster
+    namespace: crossplane-system
+  source:
+    chart: crossplane
+    repoURL: https://charts.crossplane.io/stable
+    targetRevision: 1.18.0
+    helm:
+      releaseName: crossplane

template/stacks/core/forgejo-sso/forgejo-access-token.yaml

@@ -1,26 +0,0 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: forgejo-access-token
-  namespace: gitea 
-spec:
-  secretStoreRef:
-    name: gitea
-    kind: ClusterSecretStore
-  refreshInterval: "0"
-  target:
-    name: forgejo-access-token
-    template:
-      engineVersion: v2
-      data:
-        forgejo_username: "{{.FORGEJO_ACCESS_USERNAME}}"
-        forgejo_token: "{{.FORGEJO_ACCESS_TOKEN}}"
-  data:
-    - secretKey: FORGEJO_ACCESS_USERNAME
-      remoteRef:
-        key: forgejo-access-token
-        property: username
-    - secretKey: FORGEJO_ACCESS_TOKEN
-      remoteRef:
-        key: forgejo-access-token
-        property: token

template/stacks/core/forgejo-sso/forgejo-sso-config.yaml

@@ -1,76 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: forgejo-config
-  namespace: gitea
-spec:
-  template:
-    metadata:
-      generateName: forgejo-config-
-    spec:
-      restartPolicy: OnFailure
-      containers:
-        - name: push
-          image: docker.io/library/ubuntu:22.04
-          env:
-            - name: FORGEJO_USER
-              valueFrom:
-                secretKeyRef:
-                  name: forgejo-access-token
-                  key: forgejo_username
-            - name: FORGEJO_TOKEN
-              valueFrom:
-                secretKeyRef:
-                  name: forgejo-access-token
-                  key: forgejo_token
-          command: ["/bin/bash", "-c"]
-          args:
-            - |
-              #! /bin/bash
-
-              apt -qq update
-              apt -qq install git wget -y
-              if [[ "$(uname -m)" == "x86_64" ]]; then
-                wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_amd64
-                install yq_linux_amd64 /usr/local/bin/yq
-                rm yq_linux_amd64
-              else
-                wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_arm64
-                install yq_linux_arm64 /usr/local/bin/yq
-                rm yq_linux_arm64
-              fi
-
-              git config --global user.email "bot@bots.de"
-              git config --global user.name "giteaAdmin"
-              
-              git clone https://${FORGEJO_USER}:${FORGEJO_TOKEN}@{{{ .Env.DOMAIN_GITEA }}}/giteaAdmin/edfbuilder.git
-              cd edfbuilder
-              yq eval ".gitea.oauth = [
-                {
-                  \"name\": \"Keycloak\",
-                  \"provider\": \"openidConnect\",
-                  \"existingSecret\": \"auth-generic-oauth-secret\",
-                  \"autoDiscoverUrl\": \"https://{{{ .Env.DOMAIN }}}/keycloak/realms/cnoe/.well-known/openid-configuration\"
-                }
-              ] |
-                (.gitea.oauth[] | .name) |= (. style=\"single\")
-                |
-                (.gitea.oauth[] | .provider) |= (. style=\"single\")
-                |
-                (.gitea.oauth[] | .existingSecret) |= (. style=\"single\")
-                |
-                (.gitea.oauth[] | .autoDiscoverUrl) |= (. style=\"single\")
-              " -i stacks/core/forgejo/values.yaml
-
-              yq eval '.gitea.config.oauth2_client = 
-                {
-                  "ENABLE_AUTO_REGISTRATION" : true,
-                  "ACCOUNT_LINKING" : "auto"
-                }
-              ' -i stacks/core/forgejo/values.yaml
-              
-              git add stacks/core/forgejo/values.yaml
-              git commit -m "adds Forgejo SSO config"
-              git push
-  backoffLimit: 99

template/stacks/core/forgejo.yaml

@@ -18,7 +18,7 @@ spec:
   sources:
     - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/forgejo-helm.git
       path: .
-      targetRevision: v12.0.0-depends
+      targetRevision: v11.0.5-depends
       helm:
         valueFiles:
           - $values/stacks/core/forgejo/values.yaml

template/stacks/core/forgejo/values.yaml

@@ -1,5 +1,5 @@
 redis-cluster:
-  enabled: true
+  enabled: false
 postgresql:
   enabled: false
 postgresql-ha:

template/stacks/core/ingress-apps/silly-game.yaml

@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: silly-game-ingress
+  namespace: silly-game
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: {{{ .Env.DOMAIN }}}
+    http:
+        paths:
+          - path: /silly-game
+            pathType: Prefix
+            backend:
+              service:
+                name: silly-game-frontend-service
+                port:
+                  number: 80
+          - path: /silly-game-api
+            pathType: Prefix
+            backend:
+              service:
+                name: silly-game-backend-service
+                port:
+                  number: 8080

template/stacks/ref-implementation/backstage/manifests/install.yaml

@@ -264,8 +264,7 @@ spec:
                 name: gitea-credentials
             - secretRef:
                 name: argocd-credentials
-          image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/backstage-edp:1.1.0
-          imagePullPolicy: Always
+          image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/devfw-cicd/backstage-edp:development
           name: backstage
           ports:
             - containerPort: 7007

template/stacks/ref-implementation/fibonacci-app copy/backend.yaml

@@ -0,0 +1,20 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: jumpingGameBackend
+  namespace: jumpingGame  
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: jumpingGameBackend
+  template:
+    metadata:
+      labels:
+        app: jumpingGameBackend
+    spec:
+      containers:
+      - name: jumpingGameBackend
+        image: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/Michal.Wrobel/-/packages
+        ports:
+        - containerPort: 8080

template/stacks/ref-implementation/fibonacci-app copy/frontend.yaml

@@ -0,0 +1,20 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: jumpingGameFrontend
+  namespace: jumpingGame  
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: jumpingGameFrontend
+  template:
+    metadata:
+      labels:
+        app: jumpingGameFrontend
+    spec:
+      containers:
+      - name: jumpingGameFrontend
+        image: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/Michal.Wrobel/-/packages
+        ports:
+        - containerPort: 8080

template/stacks/ref-implementation/fibonacci-app copy/service.yaml

@@ -0,0 +1,29 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: jumpingGameFrontendService
+  namespace: jumpingGame
+spec:
+  selector:
+    app: jumpingGameFrontend
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+  type: ClusterIP
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: jumpingGameBackendService
+  namespace: jumpingGame
+spec:
+  selector:
+    app: jumpingGameBackend
+  ports:
+    - protocol: TCP
+      port: 8080
+      targetPort: 8080
+  type: ClusterIP

template/stacks/ref-implementation/silly-game-backend.yaml

@@ -0,0 +1,25 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: silly-game-backend
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/michals-silly-game-backend
+    targetRevision: HEAD
+    path: "k8"
+  destination:
+    name: in-cluster
+    namespace: silly-game
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+    automated:
+      selfHeal: true
+    retry:
+      limit: -1

template/stacks/ref-implementation/silly-game-frontend.yaml

@@ -0,0 +1,25 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: silly-game-frontend
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/michals-silly-game-frontend
+    targetRevision: HEAD
+    path: "k8"
+  destination:
+    name: in-cluster
+    namespace: silly-game
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+    automated:
+      selfHeal: true
+    retry:
+      limit: -1