diff --git a/stl/factory.c-one-infra.de/edfbuilder.yaml b/stl/factory.c-one-infra.de/edfbuilder.yaml index f0db4e4..769f7fe 100644 --- a/stl/factory.c-one-infra.de/edfbuilder.yaml +++ b/stl/factory.c-one-infra.de/edfbuilder.yaml @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "stl/factory.c-one-infra.de/registry" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: registry + repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/stl/factory.c-one-infra.de/registry/core.yaml b/stl/factory.c-one-infra.de/registry/core.yaml index 1853b72..e87bc6a 100644 --- a/stl/factory.c-one-infra.de/registry/core.yaml +++ b/stl/factory.c-one-infra.de/registry/core.yaml @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "stl/factory.c-one-infra.de/stacks/core" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: stacks/core + repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/stl/factory.c-one-infra.de/registry/local-backup.yaml b/stl/factory.c-one-infra.de/registry/local-backup.yaml index 6b056e3..49c012c 100644 --- a/stl/factory.c-one-infra.de/registry/local-backup.yaml +++ b/stl/factory.c-one-infra.de/registry/local-backup.yaml @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "stl/factory.c-one-infra.de/stacks/local-backup" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: stacks/local-backup + repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/stl/factory.c-one-infra.de/registry/monitoring.yaml b/stl/factory.c-one-infra.de/registry/monitoring.yaml index 4175676..6609e19 100644 --- a/stl/factory.c-one-infra.de/registry/monitoring.yaml +++ b/stl/factory.c-one-infra.de/registry/monitoring.yaml @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "stl/factory.c-one-infra.de/stacks/monitoring" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: stacks/monitoring + repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/stl/factory.c-one-infra.de/registry/ref-implementation.yaml b/stl/factory.c-one-infra.de/registry/ref-implementation.yaml index 03dbe1b..5ab777e 100644 --- a/stl/factory.c-one-infra.de/registry/ref-implementation.yaml +++ b/stl/factory.c-one-infra.de/registry/ref-implementation.yaml @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "stl/factory.c-one-infra.de/stacks/ref-implementation" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: stacks/ref-implementation + repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/stl/factory.c-one-infra.de/registry/otc.yaml b/stl/factory.c-one-infra.de/registry/second-cluster.yaml similarity index 71% rename from stl/factory.c-one-infra.de/registry/otc.yaml rename to stl/factory.c-one-infra.de/registry/second-cluster.yaml index 7fbcf7d..b8595ad 100644 --- a/stl/factory.c-one-infra.de/registry/otc.yaml +++ b/stl/factory.c-one-infra.de/registry/second-cluster.yaml @@ -1,7 +1,7 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: otc + name: second-cluster namespace: argocd labels: env: dev @@ -12,8 +12,8 @@ spec: name: in-cluster namespace: argocd source: - path: "stl/factory.c-one-infra.de/stacks/otc" - repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances" + path: stacks/second-cluster + repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder' targetRevision: HEAD project: default syncPolicy: diff --git a/stl/factory.c-one-infra.de/stacks/core/argocd-sso.yaml b/stl/factory.c-one-infra.de/stacks/core/argocd-sso.yaml new file mode 100644 index 0000000..1ea9e68 --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/core/argocd-sso.yaml @@ -0,0 +1,29 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd-sso + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/core/argocd-sso" + destination: + server: "https://kubernetes.default.svc" + namespace: argocd + syncPolicy: + syncOptions: + - CreateNamespace=true + automated: + selfHeal: true + retry: + limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s \ No newline at end of file diff --git a/stl/factory.c-one-infra.de/stacks/core/argocd/manifests/argocd-forgejo-access-token.yaml b/stl/factory.c-one-infra.de/stacks/core/argocd-sso/argocd-forgejo-access-token.yaml similarity index 100% rename from stl/factory.c-one-infra.de/stacks/core/argocd/manifests/argocd-forgejo-access-token.yaml rename to stl/factory.c-one-infra.de/stacks/core/argocd-sso/argocd-forgejo-access-token.yaml diff --git a/stl/factory.c-one-infra.de/stacks/core/argocd/manifests/argocd-secret.yaml b/stl/factory.c-one-infra.de/stacks/core/argocd-sso/argocd-secret.yaml similarity index 100% rename from stl/factory.c-one-infra.de/stacks/core/argocd/manifests/argocd-secret.yaml rename to stl/factory.c-one-infra.de/stacks/core/argocd-sso/argocd-secret.yaml diff --git a/stl/factory.c-one-infra.de/stacks/core/argocd/manifests/argocd-sso-config.yaml b/stl/factory.c-one-infra.de/stacks/core/argocd-sso/argocd-sso-config.yaml similarity index 100% rename from stl/factory.c-one-infra.de/stacks/core/argocd/manifests/argocd-sso-config.yaml rename to stl/factory.c-one-infra.de/stacks/core/argocd-sso/argocd-sso-config.yaml diff --git a/stl/factory.c-one-infra.de/stacks/core/argocd.yaml b/stl/factory.c-one-infra.de/stacks/core/argocd.yaml index cdd7860..153b6f3 100644 --- a/stl/factory.c-one-infra.de/stacks/core/argocd.yaml +++ b/stl/factory.c-one-infra.de/stacks/core/argocd.yaml @@ -24,10 +24,7 @@ spec: targetRevision: argo-cd-7.8.14-depends helm: valueFiles: - - $values/stl/factory.c-one-infra.de/stacks/core/argocd/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/core/argocd/values.yaml + - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD ref: values - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/core/argocd/manifests" diff --git a/stl/factory.c-one-infra.de/stacks/core/forgejo-runner.yaml b/stl/factory.c-one-infra.de/stacks/core/forgejo-runner.yaml index f9a719f..d1e9ba7 100644 --- a/stl/factory.c-one-infra.de/stacks/core/forgejo-runner.yaml +++ b/stl/factory.c-one-infra.de/stacks/core/forgejo-runner.yaml @@ -17,6 +17,6 @@ spec: destination: server: "https://kubernetes.default.svc" source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/core/forgejo-runner" + path: "stacks/core/forgejo-runner" diff --git a/stl/factory.c-one-infra.de/stacks/core/forgejo-sso.yaml b/stl/factory.c-one-infra.de/stacks/core/forgejo-sso.yaml new file mode 100644 index 0000000..e0abdee --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/core/forgejo-sso.yaml @@ -0,0 +1,29 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: forgejo-sso + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/core/forgejo-sso" + destination: + server: "https://kubernetes.default.svc" + namespace: gitea + syncPolicy: + syncOptions: + - CreateNamespace=true + automated: + selfHeal: true + retry: + limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s \ No newline at end of file diff --git a/stl/factory.c-one-infra.de/stacks/core/forgejo/manifests/forgejo-access-token.yaml b/stl/factory.c-one-infra.de/stacks/core/forgejo-sso/forgejo-access-token.yaml similarity index 100% rename from stl/factory.c-one-infra.de/stacks/core/forgejo/manifests/forgejo-access-token.yaml rename to stl/factory.c-one-infra.de/stacks/core/forgejo-sso/forgejo-access-token.yaml diff --git a/stl/factory.c-one-infra.de/stacks/core/forgejo/manifests/forgejo-secret.yaml b/stl/factory.c-one-infra.de/stacks/core/forgejo-sso/forgejo-secret.yaml similarity index 100% rename from stl/factory.c-one-infra.de/stacks/core/forgejo/manifests/forgejo-secret.yaml rename to stl/factory.c-one-infra.de/stacks/core/forgejo-sso/forgejo-secret.yaml diff --git a/stl/factory.c-one-infra.de/stacks/core/forgejo/manifests/forgejo-sso-config.yaml b/stl/factory.c-one-infra.de/stacks/core/forgejo-sso/forgejo-sso-config.yaml similarity index 100% rename from stl/factory.c-one-infra.de/stacks/core/forgejo/manifests/forgejo-sso-config.yaml rename to stl/factory.c-one-infra.de/stacks/core/forgejo-sso/forgejo-sso-config.yaml diff --git a/stl/factory.c-one-infra.de/stacks/core/forgejo.yaml b/stl/factory.c-one-infra.de/stacks/core/forgejo.yaml index c7bfab2..58521ab 100644 --- a/stl/factory.c-one-infra.de/stacks/core/forgejo.yaml +++ b/stl/factory.c-one-infra.de/stacks/core/forgejo.yaml @@ -21,10 +21,7 @@ spec: targetRevision: v12.0.0-depends helm: valueFiles: - - $values/stl/factory.c-one-infra.de/stacks/core/forgejo/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/core/forgejo/values.yaml + - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD ref: values - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/core/forgejo/manifests" diff --git a/stl/factory.c-one-infra.de/stacks/core/forgejo/manifests/secret-admin-password.yaml b/stl/factory.c-one-infra.de/stacks/core/forgejo/manifests/secret-admin-password.yaml deleted file mode 100644 index f20efc3..0000000 --- a/stl/factory.c-one-infra.de/stacks/core/forgejo/manifests/secret-admin-password.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: generators.external-secrets.io/v1alpha1 -kind: Password -metadata: - name: forgejo-admin-password-generator - namespace: gitea -spec: - length: 36 - digits: 5 - symbols: 5 - symbolCharacters: "/-+" - noUpper: false - allowRepeat: true ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: forgejo-admin-password-generator - namespace: gitea -spec: - refreshInterval: "0" - target: - name: gitea-credential - template: - engineVersion: v2 - data: - username: giteaAdmin - password: "{{.INITIAL_ADMIN_PASSWORD}}" - dataFrom: - - sourceRef: - generatorRef: - apiVersion: generators.external-secrets.io/v1alpha1 - kind: Password - name: forgejo-admin-password-generator - rewrite: - - transform: - template: "INITIAL_ADMIN_PASSWORD" diff --git a/stl/factory.c-one-infra.de/stacks/core/ingress-apps.yaml b/stl/factory.c-one-infra.de/stacks/core/ingress-apps.yaml index cf70a92..a80f509 100644 --- a/stl/factory.c-one-infra.de/stacks/core/ingress-apps.yaml +++ b/stl/factory.c-one-infra.de/stacks/core/ingress-apps.yaml @@ -11,9 +11,9 @@ spec: destination: server: "https://kubernetes.default.svc" source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/core/ingress-apps" + path: "stacks/core/ingress-apps" project: default syncPolicy: automated: diff --git a/stl/factory.c-one-infra.de/stacks/core/ingress-apps/alloy.yaml b/stl/factory.c-one-infra.de/stacks/core/ingress-apps/alloy.yaml new file mode 100644 index 0000000..3d9131e --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/core/ingress-apps/alloy.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: alloy + namespace: monitoring +spec: + ingressClassName: nginx + rules: + - host: factory.c-one-infra.de + http: + paths: + - backend: + service: + name: alloy + port: + number: 12345 + path: /alloy + pathType: Prefix diff --git a/stl/factory.c-one-infra.de/stacks/core/ingress-apps/fibonacci-service.yaml b/stl/factory.c-one-infra.de/stacks/core/ingress-apps/fibonacci-service.yaml new file mode 100644 index 0000000..f769216 --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/core/ingress-apps/fibonacci-service.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: fibonacci-service + namespace: fibonacci-app +spec: + ingressClassName: nginx + rules: + - host: factory.c-one-infra.de + http: + paths: + - backend: + service: + name: fibonacci-service + port: + number: 9090 + path: /fibonacci + pathType: Prefix diff --git a/stl/factory.c-one-infra.de/stacks/core/ingress-apps/minio-console.yaml b/stl/factory.c-one-infra.de/stacks/core/ingress-apps/minio-console.yaml new file mode 100644 index 0000000..4094e35 --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/core/ingress-apps/minio-console.yaml @@ -0,0 +1,19 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: minio-console + namespace: minio-backup + +spec: + ingressClassName: nginx + rules: + - host: minio-backup.factory.c-one-infra.de + http: + paths: + - backend: + service: + name: minio-console + port: + number: 9001 + path: / + pathType: Prefix diff --git a/stl/factory.c-one-infra.de/stacks/core/ingress-nginx.yaml b/stl/factory.c-one-infra.de/stacks/core/ingress-nginx.yaml index af224c2..5d9827f 100644 --- a/stl/factory.c-one-infra.de/stacks/core/ingress-nginx.yaml +++ b/stl/factory.c-one-infra.de/stacks/core/ingress-nginx.yaml @@ -21,7 +21,7 @@ spec: targetRevision: helm-chart-4.12.1-depends helm: valueFiles: - - $values/stl/factory.c-one-infra.de/stacks/core/ingress-nginx/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/core/ingress-nginx/values.yaml + - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD ref: values diff --git a/stl/factory.c-one-infra.de/stacks/local-backup/minio.yaml b/stl/factory.c-one-infra.de/stacks/local-backup/minio.yaml index 519b839..a6d9061 100644 --- a/stl/factory.c-one-infra.de/stacks/local-backup/minio.yaml +++ b/stl/factory.c-one-infra.de/stacks/local-backup/minio.yaml @@ -10,19 +10,19 @@ metadata: spec: project: default sources: - - repoURL: "https://charts.min.io" + - repoURL: 'https://charts.min.io' targetRevision: 5.0.15 helm: releaseName: minio valueFiles: - - $values/stl/factory.c-one-infra.de/stacks/local-backup/minio/helm/values.yaml + - $values/stacks/local-backup/minio/helm/values.yaml chart: minio - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD ref: values - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/local-backup/minio/manifests" + path: "stacks/local-backup/minio/manifests" destination: server: "https://kubernetes.default.svc" namespace: minio-backup diff --git a/stl/factory.c-one-infra.de/stacks/local-backup/velero.yaml b/stl/factory.c-one-infra.de/stacks/local-backup/velero.yaml index f45fe17..af5354d 100644 --- a/stl/factory.c-one-infra.de/stacks/local-backup/velero.yaml +++ b/stl/factory.c-one-infra.de/stacks/local-backup/velero.yaml @@ -10,14 +10,14 @@ metadata: spec: project: default sources: - - repoURL: "https://vmware-tanzu.github.io/helm-charts" + - repoURL: 'https://vmware-tanzu.github.io/helm-charts' targetRevision: 8.0.0 helm: releaseName: velero valueFiles: - - $values/stl/factory.c-one-infra.de/stacks/local-backup/velero/helm/values.yaml + - $values/stacks/local-backup/velero/helm/values.yaml chart: velero - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD ref: values destination: diff --git a/stl/factory.c-one-infra.de/stacks/monitoring/alloy.yaml b/stl/factory.c-one-infra.de/stacks/monitoring/alloy.yaml index a4c122b..633f879 100644 --- a/stl/factory.c-one-infra.de/stacks/monitoring/alloy.yaml +++ b/stl/factory.c-one-infra.de/stacks/monitoring/alloy.yaml @@ -19,11 +19,11 @@ spec: namespace: monitoring sources: - repoURL: https://github.com/grafana/alloy.git - path: operations/helm/charts/alloy - targetRevision: HEAD + path: operations/helm/charts/alloy + targetRevision: HEAD helm: valueFiles: - - $values/stl/factory.c-one-infra.de/stacks/monitoring/alloy/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/monitoring/alloy/values.yaml + - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - ref: values + ref: values \ No newline at end of file diff --git a/stl/factory.c-one-infra.de/stacks/monitoring/grafana-dashboards.yaml b/stl/factory.c-one-infra.de/stacks/monitoring/grafana-dashboards.yaml index 8f9c6b6..6aabc40 100644 --- a/stl/factory.c-one-infra.de/stacks/monitoring/grafana-dashboards.yaml +++ b/stl/factory.c-one-infra.de/stacks/monitoring/grafana-dashboards.yaml @@ -10,9 +10,9 @@ metadata: spec: project: default source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/dashboards" + path: "stacks/monitoring/kube-prometheus/dashboards" destination: server: "https://kubernetes.default.svc" namespace: monitoring @@ -22,4 +22,4 @@ spec: automated: selfHeal: true retry: - limit: -1 + limit: -1 \ No newline at end of file diff --git a/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus-sso.yaml b/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus-sso.yaml new file mode 100644 index 0000000..b2b2787 --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus-sso.yaml @@ -0,0 +1,29 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kube-prometheus-sso + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/monitoring/kube-prometheus-sso" + destination: + server: "https://kubernetes.default.svc" + namespace: monitoring + syncPolicy: + syncOptions: + - CreateNamespace=true + automated: + selfHeal: true + retry: + limit: -1 + backoff: + duration: 15s + factor: 1 + maxDuration: 15s diff --git a/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/manifests/secret-grafana.yaml b/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus-sso/secret-grafana.yaml similarity index 100% rename from stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/manifests/secret-grafana.yaml rename to stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus-sso/secret-grafana.yaml diff --git a/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus.yaml b/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus.yaml index a332272..d3aea43 100644 --- a/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus.yaml +++ b/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus.yaml @@ -14,7 +14,7 @@ spec: selfHeal: true syncOptions: - CreateNamespace=true - - ServerSideApply=true # do not copy metdata, since (because of its large size) it can lead to sync failure + - ServerSideApply=true # do not copy metdata, since (because of its large size) it can lead to sync failure retry: limit: -1 backoff: @@ -30,10 +30,7 @@ spec: targetRevision: HEAD helm: valueFiles: - - $values/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/monitoring/kube-prometheus/values.yaml + - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD ref: values - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/manifests" diff --git a/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/manifests/secret-admin-password.yaml b/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/manifests/secret-admin-password.yaml deleted file mode 100644 index 1473a79..0000000 --- a/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/manifests/secret-admin-password.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: generators.external-secrets.io/v1alpha1 -kind: Password -metadata: - name: grafana-admin-password-generator - namespace: monitoring -spec: - length: 36 - digits: 5 - symbols: 5 - symbolCharacters: "/-+" - noUpper: false - allowRepeat: true ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: grafana-admin-password-generator - namespace: monitoring -spec: - refreshInterval: "0" - target: - name: kube-prometheus-stack-grafana-admin-password - template: - engineVersion: v2 - data: - admin-user: admin - admin-password: "{{.INITIAL_ADMIN_PASSWORD}}" - dataFrom: - - sourceRef: - generatorRef: - apiVersion: generators.external-secrets.io/v1alpha1 - kind: Password - name: grafana-admin-password-generator - rewrite: - - transform: - template: "INITIAL_ADMIN_PASSWORD" diff --git a/stl/factory.c-one-infra.de/stacks/monitoring/loki.yaml b/stl/factory.c-one-infra.de/stacks/monitoring/loki.yaml index bc20ec5..af46970 100644 --- a/stl/factory.c-one-infra.de/stacks/monitoring/loki.yaml +++ b/stl/factory.c-one-infra.de/stacks/monitoring/loki.yaml @@ -19,15 +19,16 @@ spec: namespace: monitoring sources: - repoURL: https://github.com/grafana/helm-charts - path: charts/loki-distributed - targetRevision: HEAD + path: charts/loki-distributed + targetRevision: HEAD helm: valueFiles: - - $values/stl/factory.c-one-infra.de/stacks/monitoring/loki/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/monitoring/loki/values.yaml + - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD ref: values ## consider using the following version, if it works again #- repoURL: https://github.com/grafana/loki - # path: production/helm/loki + # path: production/helm/loki + diff --git a/stl/factory.c-one-infra.de/stacks/otc/storageclass/storageclass.yaml b/stl/factory.c-one-infra.de/stacks/otc/storageclass/storageclass.yaml deleted file mode 100644 index 038bf24..0000000 --- a/stl/factory.c-one-infra.de/stacks/otc/storageclass/storageclass.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - annotations: - storageclass.beta.kubernetes.io/is-default-class: "true" - labels: - kubernetes.io/cluster-service: "true" - name: default -parameters: - kubernetes.io/description: "" - kubernetes.io/hw:passthrough: "true" - kubernetes.io/storagetype: BS - kubernetes.io/volumetype: SATA - kubernetes.io/zone: eu-de-02 -provisioner: flexvolume-huawei.com/fuxivol -reclaimPolicy: Delete -volumeBindingMode: Immediate -allowVolumeExpansion: true \ No newline at end of file diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/argo-workflows.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/argo-workflows.yaml index c6630ae..b9df3f5 100644 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/argo-workflows.yaml +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/argo-workflows.yaml @@ -10,9 +10,9 @@ metadata: spec: project: default source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/ref-implementation/argo-workflows/manifests/dev" + path: "stacks/ref-implementation/argo-workflows/manifests/dev" destination: server: "https://kubernetes.default.svc" namespace: argo diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage-templates.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage-templates.yaml index 7e373eb..c4b7acf 100644 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage-templates.yaml +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage-templates.yaml @@ -10,11 +10,11 @@ metadata: spec: project: default source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/ref-implementation/backstage-templates/entities" + path: "stacks/ref-implementation/backstage-templates/entities" directory: - exclude: "catalog-info.yaml" + exclude: 'catalog-info.yaml' destination: server: "https://kubernetes.default.svc" namespace: backstage diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage.yaml index 600fb7e..db8b8b1 100644 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage.yaml +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage.yaml @@ -10,9 +10,9 @@ metadata: spec: project: default source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/ref-implementation/backstage/manifests" + path: "stacks/ref-implementation/backstage/manifests" destination: server: "https://kubernetes.default.svc" namespace: backstage diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage/manifests/install.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage/manifests/install.yaml index 8b17ce1..ced1240 100644 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage/manifests/install.yaml +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage/manifests/install.yaml @@ -167,7 +167,7 @@ data: locations: # Examples from a public GitHub repository. - type: url - target: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live:443/DevFW-CICD/stacks-instances/raw/branch/main/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage-templates/entities/catalog-info.yaml + target: https://gitea.factory.c-one-infra.de:443/giteaAdmin/edfbuilder/raw/branch/main/stacks/ref-implementation/backstage-templates/entities/catalog-info.yaml rules: - allow: [Component, System, API, Resource, Location, Template, User, Group] kubernetes: diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/external-secrets.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/external-secrets.yaml index 6ee33cd..57cb1f8 100644 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/external-secrets.yaml +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/external-secrets.yaml @@ -12,9 +12,9 @@ spec: namespace: external-secrets server: "https://kubernetes.default.svc" source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/ref-implementation/external-secrets/manifests" + path: "stacks/ref-implementation/external-secrets/manifests" project: default syncPolicy: automated: diff --git a/stl/factory.c-one-infra.de/stacks/otc/storageclass.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app.yaml similarity index 62% rename from stl/factory.c-one-infra.de/stacks/otc/storageclass.yaml rename to stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app.yaml index be75bb3..12bf0fb 100644 --- a/stl/factory.c-one-infra.de/stacks/otc/storageclass.yaml +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app.yaml @@ -1,23 +1,25 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: storageclass + name: fibonacci-app namespace: argocd labels: - example: otc + env: dev finalizers: - resources-finalizer.argocd.argoproj.io spec: - destination: - namespace: default - server: "https://kubernetes.default.svc" - source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/otc/storageclass" project: default + source: + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder + targetRevision: HEAD + path: "stacks/ref-implementation/fibonacci-app" + destination: + server: "https://kubernetes.default.svc" + namespace: fibonacci-app syncPolicy: - automated: - selfHeal: true syncOptions: - CreateNamespace=true + automated: + selfHeal: true + retry: + limit: -1 diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app/deployment.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app/deployment.yaml new file mode 100644 index 0000000..16f42e8 --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app/deployment.yaml @@ -0,0 +1,20 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: fibonacci-deployment + namespace: fibonacci-app +spec: + replicas: 1 + selector: + matchLabels: + app: fibonacci-go + template: + metadata: + labels: + app: fibonacci-go + spec: + containers: + - name: fibonacci-go + image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/christopher.hase/fibonacci_http_go:1.0.0 + ports: + - containerPort: 9090 \ No newline at end of file diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app/service.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app/service.yaml new file mode 100644 index 0000000..6458fa4 --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: fibonacci-service + namespace: fibonacci-app +spec: + selector: + app: fibonacci-go + ports: + - protocol: TCP + port: 9090 + targetPort: 9090 + type: ClusterIP \ No newline at end of file diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/keycloak.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/keycloak.yaml index e18170e..e8d56ae 100644 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/keycloak.yaml +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/keycloak.yaml @@ -12,9 +12,9 @@ spec: namespace: keycloak server: "https://kubernetes.default.svc" source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/ref-implementation/keycloak/manifests" + path: "stacks/ref-implementation/keycloak/manifests" project: default syncPolicy: automated: diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/mailhog.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/mailhog.yaml index 3a8dc71..d833154 100644 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/mailhog.yaml +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/mailhog.yaml @@ -10,9 +10,9 @@ metadata: spec: project: default source: - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/ref-implementation/mailhog" + path: "stacks/ref-implementation/mailhog" destination: server: "https://kubernetes.default.svc" namespace: mailhog diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao.yaml index 64137b9..e51863e 100644 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao.yaml +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao.yaml @@ -11,7 +11,7 @@ spec: project: default syncPolicy: automated: - selfHeal: false + selfHeal: false syncOptions: - CreateNamespace=true destination: @@ -23,15 +23,12 @@ spec: targetRevision: HEAD helm: valueFiles: - - $values/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/values.yaml - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances + - $values/stacks/ref-implementation/openbao/values.yaml + - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder targetRevision: HEAD ref: values - - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances - targetRevision: HEAD - path: "stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/manifests" ignoreDifferences: - - group: admissionregistration.k8s.io - kind: MutatingWebhookConfiguration - jqPathExpressions: - - .webhooks[]?.clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + jqPathExpressions: + - .webhooks[]?.clientConfig.caBundle diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/manifests/role.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/manifests/role.yaml deleted file mode 100644 index d2f66a9..0000000 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/manifests/role.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: vault-token-role - namespace: openbao -rules: - - apiGroups: [""] # "" indicates the core API group - resources: ["secrets"] - verbs: ["create"] diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/manifests/rolebinding.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/manifests/rolebinding.yaml deleted file mode 100644 index 625acd8..0000000 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/manifests/rolebinding.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: vault-token-rolebinding - namespace: openbao -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: vault-token-role -subjects: - - kind: ServiceAccount - name: openbao - namespace: openbao diff --git a/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/values.yaml b/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/values.yaml index d409931..0ff72cf 100644 --- a/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/values.yaml +++ b/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/values.yaml @@ -3,8 +3,6 @@ server: - sh - -c - | - echo --- unseal workaround - sleep 10 bao operator init >> /tmp/init.txt cat /tmp/init.txt | grep "Key " | awk '{print $NF}' | xargs -I{} bao operator unseal {} @@ -15,20 +13,5 @@ server: echo $(grep "Unseal Key 4:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key4.txt echo $(grep "Unseal Key 5:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key5.txt rm /tmp/init.txt - - - echo --- provide OpenBAO secret to ESO - - if [[ "$(uname -m)" == "x86_64" ]]; then - wget "https://dl.k8s.io/release/$(wget https://dl.k8s.io/release/stable.txt -q -O -)/bin/linux/amd64/kubectl" -O /tmp/kubectl_eso - else - wget "https://dl.k8s.io/release/$(wget https://dl.k8s.io/release/stable.txt -q -O -)/bin/linux/arm64/kubectl" -O /tmp/kubectl_eso - fi - chmod +x /tmp/kubectl_eso - - /tmp/kubectl_eso create secret generic vault-token --from-literal=token="$(cat /openbao/data/initial_token.txt)" -n openbao - - rm /tmp/kubectl_eso - ui: enabled: true diff --git a/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook.yaml b/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook.yaml new file mode 100644 index 0000000..2e0656d --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook.yaml @@ -0,0 +1,23 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: create-new-cluster-guestbook + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: crossplane-system + source: + path: stacks/second-cluster/create-new-cluster-guestbook + repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder + targetRevision: HEAD diff --git a/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/argocluster.yaml b/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/argocluster.yaml new file mode 100644 index 0000000..22aa6be --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/argocluster.yaml @@ -0,0 +1,16 @@ +apiVersion: cluster.argocd.crossplane.io/v1alpha1 +kind: Cluster +metadata: + name: argo-app-test + labels: + purpose: dev +spec: + forProvider: + config: + kubeconfigSecretRef: + key: kubeconfig + namespace: crossplane-system + name: argo-app-test-kubeconf + name: argo-app-test-cluster + providerConfigRef: + name: argocd-provider diff --git a/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/guestbook.yaml b/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/guestbook.yaml new file mode 100644 index 0000000..ed9881c --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/guestbook.yaml @@ -0,0 +1,26 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argo-second-cluster-demo + namespace: argocd +spec: + destination: + namespace: guestbook + name: argo-app-test-cluster + project: default + source: + path: guestbook + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true + retry: + limit: -1 + backoff: + duration: 5s + factor: 2 + maxDuration: 1m diff --git a/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/kindcluster.yaml b/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/kindcluster.yaml new file mode 100644 index 0000000..3abe324 --- /dev/null +++ b/stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/kindcluster.yaml @@ -0,0 +1,26 @@ +apiVersion: container.kind.crossplane.io/v1alpha1 +kind: KindCluster +metadata: + name: argo-app-test +spec: + forProvider: + kindConfig: | + kind: Cluster + apiVersion: kind.x-k8s.io/v1alpha4 + nodes: + - role: control-plane + kubeadmConfigPatches: + - | + kind: InitConfiguration + nodeRegistration: + kubeletExtraArgs: + node-labels: "ingress-ready=true" + # TODO: RIRE used maybe for velero backup + # extraMounts: + # - hostPath: /tmp/backup # replace with your own path + # containerPath: /backup + providerConfigRef: + name: kind-provider + writeConnectionSecretToRef: + namespace: crossplane-system + name: argo-app-test-kubeconf