Initial upload

stl/factory.c-one-infra.de/edfbuilder.yaml

@@ -12,8 +12,8 @@ spec:
     name: in-cluster
     namespace: argocd
   source:
-    path: "stl/factory.c-one-infra.de/registry"
+    path: registry
-    repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances"
+    repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder'
     targetRevision: HEAD
   project: default
   syncPolicy:

stl/factory.c-one-infra.de/registry/core.yaml

@@ -12,8 +12,8 @@ spec:
     name: in-cluster
     namespace: argocd
   source:
-    path: "stl/factory.c-one-infra.de/stacks/core"
+    path: stacks/core
-    repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances"
+    repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder'
     targetRevision: HEAD
   project: default
   syncPolicy:

stl/factory.c-one-infra.de/registry/local-backup.yaml

@@ -12,8 +12,8 @@ spec:
     name: in-cluster
     namespace: argocd
   source:
-    path: "stl/factory.c-one-infra.de/stacks/local-backup"
+    path: stacks/local-backup
-    repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances"
+    repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder'
     targetRevision: HEAD
   project: default
   syncPolicy:

stl/factory.c-one-infra.de/registry/monitoring.yaml

@@ -12,8 +12,8 @@ spec:
     name: in-cluster
     namespace: argocd
   source:
-    path: "stl/factory.c-one-infra.de/stacks/monitoring"
+    path: stacks/monitoring
-    repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances"
+    repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder'
     targetRevision: HEAD
   project: default
   syncPolicy:

stl/factory.c-one-infra.de/registry/ref-implementation.yaml

@@ -12,8 +12,8 @@ spec:
     name: in-cluster
     namespace: argocd
   source:
-    path: "stl/factory.c-one-infra.de/stacks/ref-implementation"
+    path: stacks/ref-implementation
-    repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances"
+    repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder'
     targetRevision: HEAD
   project: default
   syncPolicy:

stl/factory.c-one-infra.de/registry/second-cluster.yaml

@@ -1,7 +1,7 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
-  name: otc
+  name: second-cluster
   namespace: argocd
   labels:
     env: dev
@@ -12,8 +12,8 @@ spec:
     name: in-cluster
     namespace: argocd
   source:
-    path: "stl/factory.c-one-infra.de/stacks/otc"
+    path: stacks/second-cluster
-    repoURL: "https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances"
+    repoURL: 'https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder'
     targetRevision: HEAD
   project: default
   syncPolicy:

stl/factory.c-one-infra.de/stacks/core/argocd-sso.yaml

@@ -0,0 +1,29 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argocd-sso
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
+    targetRevision: HEAD
+    path: "stacks/core/argocd-sso"
+  destination:
+    server: "https://kubernetes.default.svc"
+    namespace: argocd
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+    automated:
+      selfHeal: true
+    retry:
+      limit: -1
+      backoff:
+        duration: 15s
+        factor: 1
+        maxDuration: 15s

stl/factory.c-one-infra.de/stacks/core/argocd.yaml

@@ -24,10 +24,7 @@ spec:
       targetRevision: argo-cd-7.8.14-depends
       helm:
         valueFiles:
-          - $values/stl/factory.c-one-infra.de/stacks/core/argocd/values.yaml
+          - $values/stacks/core/argocd/values.yaml
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
       targetRevision: HEAD
       ref: values
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
-      targetRevision: HEAD
-      path: "stl/factory.c-one-infra.de/stacks/core/argocd/manifests"

stl/factory.c-one-infra.de/stacks/core/forgejo-runner.yaml

@@ -17,6 +17,6 @@ spec:
   destination:
     server: "https://kubernetes.default.svc"
   source:
-    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
     targetRevision: HEAD
-    path: "stl/factory.c-one-infra.de/stacks/core/forgejo-runner"
+    path: "stacks/core/forgejo-runner"

stl/factory.c-one-infra.de/stacks/core/forgejo-sso.yaml

@@ -0,0 +1,29 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: forgejo-sso
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
+    targetRevision: HEAD
+    path: "stacks/core/forgejo-sso"
+  destination:
+    server: "https://kubernetes.default.svc"
+    namespace: gitea
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+    automated:
+      selfHeal: true
+    retry:
+      limit: -1
+      backoff:
+        duration: 15s
+        factor: 1
+        maxDuration: 15s

stl/factory.c-one-infra.de/stacks/core/forgejo.yaml

@@ -21,10 +21,7 @@ spec:
       targetRevision: v12.0.0-depends
       helm:
         valueFiles:
-          - $values/stl/factory.c-one-infra.de/stacks/core/forgejo/values.yaml
+          - $values/stacks/core/forgejo/values.yaml
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
       targetRevision: HEAD
       ref: values
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
-      targetRevision: HEAD
-      path: "stl/factory.c-one-infra.de/stacks/core/forgejo/manifests"

stl/factory.c-one-infra.de/stacks/core/forgejo/manifests/secret-admin-password.yaml

@@ -1,36 +0,0 @@
-apiVersion: generators.external-secrets.io/v1alpha1
-kind: Password
-metadata:
-  name: forgejo-admin-password-generator
-  namespace: gitea 
-spec:
-  length: 36
-  digits: 5
-  symbols: 5
-  symbolCharacters: "/-+"
-  noUpper: false
-  allowRepeat: true
----
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: forgejo-admin-password-generator
-  namespace: gitea 
-spec:
-  refreshInterval: "0"
-  target:
-    name: gitea-credential
-    template:
-      engineVersion: v2
-      data:
-        username: giteaAdmin
-        password: "{{.INITIAL_ADMIN_PASSWORD}}"
-  dataFrom:
-    - sourceRef:
-        generatorRef:
-          apiVersion: generators.external-secrets.io/v1alpha1
-          kind: Password
-          name: forgejo-admin-password-generator
-      rewrite:
-        - transform:
-            template: "INITIAL_ADMIN_PASSWORD"

stl/factory.c-one-infra.de/stacks/core/ingress-apps.yaml

@@ -11,9 +11,9 @@ spec:
   destination:
     server: "https://kubernetes.default.svc"
   source:
-    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
     targetRevision: HEAD
-    path: "stl/factory.c-one-infra.de/stacks/core/ingress-apps"
+    path: "stacks/core/ingress-apps"
   project: default
   syncPolicy:
     automated:

stl/factory.c-one-infra.de/stacks/core/ingress-apps/alloy.yaml

@@ -0,0 +1,18 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: alloy
+  namespace: monitoring
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: factory.c-one-infra.de
+    http:
+      paths:
+      - backend:
+          service:
+            name: alloy
+            port:
+              number: 12345
+        path: /alloy
+        pathType: Prefix

stl/factory.c-one-infra.de/stacks/core/ingress-apps/fibonacci-service.yaml

@@ -0,0 +1,18 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: fibonacci-service
+  namespace: fibonacci-app
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: factory.c-one-infra.de
+    http:
+      paths:
+      - backend:
+          service:
+            name: fibonacci-service
+            port:
+              number: 9090
+        path: /fibonacci
+        pathType: Prefix

stl/factory.c-one-infra.de/stacks/core/ingress-apps/minio-console.yaml

@@ -0,0 +1,19 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: minio-console
+  namespace: minio-backup
+
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: minio-backup.factory.c-one-infra.de
+    http:
+      paths:
+      - backend:
+          service:
+            name: minio-console
+            port:
+              number: 9001
+        path: /
+        pathType: Prefix

stl/factory.c-one-infra.de/stacks/core/ingress-nginx.yaml

@@ -21,7 +21,7 @@ spec:
       targetRevision: helm-chart-4.12.1-depends
       helm:
         valueFiles:
-          - $values/stl/factory.c-one-infra.de/stacks/core/ingress-nginx/values.yaml
+          - $values/stacks/core/ingress-nginx/values.yaml
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
       targetRevision: HEAD
       ref: values

stl/factory.c-one-infra.de/stacks/local-backup/minio.yaml

@@ -10,19 +10,19 @@ metadata:
 spec:
   project: default
   sources:
-    - repoURL: "https://charts.min.io"
+    - repoURL: 'https://charts.min.io'
       targetRevision: 5.0.15
       helm:
         releaseName: minio
         valueFiles:
-          - $values/stl/factory.c-one-infra.de/stacks/local-backup/minio/helm/values.yaml
+          - $values/stacks/local-backup/minio/helm/values.yaml
       chart: minio
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
       targetRevision: HEAD
       ref: values
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
       targetRevision: HEAD
-      path: "stl/factory.c-one-infra.de/stacks/local-backup/minio/manifests"
+      path: "stacks/local-backup/minio/manifests"
   destination:
     server: "https://kubernetes.default.svc"
     namespace: minio-backup

stl/factory.c-one-infra.de/stacks/local-backup/velero.yaml

@@ -10,14 +10,14 @@ metadata:
 spec:
   project: default
   sources:
-    - repoURL: "https://vmware-tanzu.github.io/helm-charts"
+    - repoURL: 'https://vmware-tanzu.github.io/helm-charts'
       targetRevision: 8.0.0
       helm:
         releaseName: velero
         valueFiles:
-          - $values/stl/factory.c-one-infra.de/stacks/local-backup/velero/helm/values.yaml
+          - $values/stacks/local-backup/velero/helm/values.yaml
       chart: velero
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
       targetRevision: HEAD
       ref: values
   destination:

stl/factory.c-one-infra.de/stacks/monitoring/alloy.yaml

@@ -19,11 +19,11 @@ spec:
     namespace: monitoring
   sources:
     - repoURL: https://github.com/grafana/alloy.git
-      path: operations/helm/charts/alloy
+      path: operations/helm/charts/alloy   
-      targetRevision: HEAD
+      targetRevision: HEAD      
       helm:
         valueFiles:
-          - $values/stl/factory.c-one-infra.de/stacks/monitoring/alloy/values.yaml
+          - $values/stacks/monitoring/alloy/values.yaml
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
       targetRevision: HEAD
-      ref: values
+      ref: values

stl/factory.c-one-infra.de/stacks/monitoring/grafana-dashboards.yaml

@@ -10,9 +10,9 @@ metadata:
 spec:
   project: default
   source:
-    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
     targetRevision: HEAD
-    path: "stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/dashboards"
+    path: "stacks/monitoring/kube-prometheus/dashboards"
   destination:
     server: "https://kubernetes.default.svc"
     namespace: monitoring
@@ -22,4 +22,4 @@ spec:
     automated:
       selfHeal: true
     retry:
-      limit: -1
+      limit: -1

stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus-sso.yaml

@@ -0,0 +1,29 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: kube-prometheus-sso
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
+    targetRevision: HEAD
+    path: "stacks/monitoring/kube-prometheus-sso"
+  destination:
+    server: "https://kubernetes.default.svc"
+    namespace: monitoring
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+    automated:
+      selfHeal: true
+    retry:
+      limit: -1
+      backoff:
+        duration: 15s
+        factor: 1
+        maxDuration: 15s

stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus.yaml

@@ -14,7 +14,7 @@ spec:
       selfHeal: true
     syncOptions:
       - CreateNamespace=true
-      - ServerSideApply=true # do not copy metdata, since (because of its large size) it can lead to sync failure
+      - ServerSideApply=true  # do not copy metdata, since (because of its large size) it can lead to sync failure
     retry:
       limit: -1
       backoff:
@@ -30,10 +30,7 @@ spec:
       targetRevision: HEAD
       helm:
         valueFiles:
-          - $values/stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/values.yaml
+          - $values/stacks/monitoring/kube-prometheus/values.yaml
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
       targetRevision: HEAD
       ref: values
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
-      targetRevision: HEAD
-      path: "stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/manifests"

stl/factory.c-one-infra.de/stacks/monitoring/kube-prometheus/manifests/secret-admin-password.yaml

@@ -1,36 +0,0 @@
-apiVersion: generators.external-secrets.io/v1alpha1
-kind: Password
-metadata:
-  name: grafana-admin-password-generator
-  namespace: monitoring 
-spec:
-  length: 36
-  digits: 5
-  symbols: 5
-  symbolCharacters: "/-+"
-  noUpper: false
-  allowRepeat: true
----
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: grafana-admin-password-generator
-  namespace: monitoring 
-spec:
-  refreshInterval: "0"
-  target:
-    name: kube-prometheus-stack-grafana-admin-password
-    template:
-      engineVersion: v2
-      data:
-        admin-user: admin
-        admin-password: "{{.INITIAL_ADMIN_PASSWORD}}"
-  dataFrom:
-    - sourceRef:
-        generatorRef:
-          apiVersion: generators.external-secrets.io/v1alpha1
-          kind: Password
-          name: grafana-admin-password-generator
-      rewrite:
-        - transform:
-            template: "INITIAL_ADMIN_PASSWORD"

stl/factory.c-one-infra.de/stacks/monitoring/loki.yaml

@@ -19,15 +19,16 @@ spec:
     namespace: monitoring
   sources:
     - repoURL: https://github.com/grafana/helm-charts
-      path: charts/loki-distributed
+      path:     charts/loki-distributed         
-      targetRevision: HEAD
+      targetRevision: HEAD      
       helm:
         valueFiles:
-          - $values/stl/factory.c-one-infra.de/stacks/monitoring/loki/values.yaml
+          - $values/stacks/monitoring/loki/values.yaml
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
       targetRevision: HEAD
       ref: values
 
     ## consider using the following version, if it works again
     #- repoURL: https://github.com/grafana/loki
-    #  path: production/helm/loki
+    #  path: production/helm/loki        
+

stl/factory.c-one-infra.de/stacks/otc/storageclass/storageclass.yaml

@@ -1,18 +0,0 @@
-apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  annotations:
-    storageclass.beta.kubernetes.io/is-default-class: "true"
-  labels:
-    kubernetes.io/cluster-service: "true"
-  name: default
-parameters:
-  kubernetes.io/description: ""
-  kubernetes.io/hw:passthrough: "true"
-  kubernetes.io/storagetype: BS
-  kubernetes.io/volumetype: SATA
-  kubernetes.io/zone: eu-de-02
-provisioner: flexvolume-huawei.com/fuxivol
-reclaimPolicy: Delete
-volumeBindingMode: Immediate
-allowVolumeExpansion: true

stl/factory.c-one-infra.de/stacks/ref-implementation/argo-workflows.yaml

@@ -10,9 +10,9 @@ metadata:
 spec:
   project: default
   source:
-    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
     targetRevision: HEAD
-    path: "stl/factory.c-one-infra.de/stacks/ref-implementation/argo-workflows/manifests/dev"
+    path: "stacks/ref-implementation/argo-workflows/manifests/dev"
   destination:
     server: "https://kubernetes.default.svc"
     namespace: argo

stl/factory.c-one-infra.de/stacks/ref-implementation/backstage-templates.yaml

@@ -10,11 +10,11 @@ metadata:
 spec:
   project: default
   source:
-    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
     targetRevision: HEAD
-    path: "stl/factory.c-one-infra.de/stacks/ref-implementation/backstage-templates/entities"
+    path: "stacks/ref-implementation/backstage-templates/entities"
     directory:
-      exclude: "catalog-info.yaml"
+      exclude: 'catalog-info.yaml'
   destination:
     server: "https://kubernetes.default.svc"
     namespace: backstage

stl/factory.c-one-infra.de/stacks/ref-implementation/backstage.yaml

@@ -10,9 +10,9 @@ metadata:
 spec:
   project: default
   source:
-    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
     targetRevision: HEAD
-    path: "stl/factory.c-one-infra.de/stacks/ref-implementation/backstage/manifests"
+    path: "stacks/ref-implementation/backstage/manifests"
   destination:
     server: "https://kubernetes.default.svc"
     namespace: backstage

stl/factory.c-one-infra.de/stacks/ref-implementation/backstage/manifests/install.yaml

@@ -167,7 +167,7 @@ data:
       locations:
         # Examples from a public GitHub repository.
         - type: url
-          target: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live:443/DevFW-CICD/stacks-instances/raw/branch/main/stl/factory.c-one-infra.de/stacks/ref-implementation/backstage-templates/entities/catalog-info.yaml
+          target: https://gitea.factory.c-one-infra.de:443/giteaAdmin/edfbuilder/raw/branch/main/stacks/ref-implementation/backstage-templates/entities/catalog-info.yaml
           rules:
             - allow: [Component, System, API, Resource, Location, Template, User, Group]
     kubernetes:

stl/factory.c-one-infra.de/stacks/ref-implementation/external-secrets.yaml

@@ -12,9 +12,9 @@ spec:
     namespace: external-secrets
     server: "https://kubernetes.default.svc"
   source:
-    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
     targetRevision: HEAD
-    path: "stl/factory.c-one-infra.de/stacks/ref-implementation/external-secrets/manifests"
+    path: "stacks/ref-implementation/external-secrets/manifests"
   project: default
   syncPolicy:
     automated:

stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app.yaml

@@ -1,23 +1,25 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
-  name: storageclass
+  name: fibonacci-app
   namespace: argocd
   labels:
-    example: otc
+    env: dev
   finalizers:
     - resources-finalizer.argocd.argoproj.io
 spec:
-  destination:
-    namespace: default
-    server: "https://kubernetes.default.svc"
-  source:
-    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
-    targetRevision: HEAD
-    path: "stl/factory.c-one-infra.de/stacks/otc/storageclass"
   project: default
+  source:
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
+    targetRevision: HEAD
+    path: "stacks/ref-implementation/fibonacci-app"
+  destination:
+    server: "https://kubernetes.default.svc"
+    namespace: fibonacci-app
   syncPolicy:
-    automated:
-      selfHeal: true
     syncOptions:
       - CreateNamespace=true
+    automated:
+      selfHeal: true
+    retry:
+      limit: -1

stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app/deployment.yaml

@@ -0,0 +1,20 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: fibonacci-deployment
+  namespace: fibonacci-app  
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: fibonacci-go
+  template:
+    metadata:
+      labels:
+        app: fibonacci-go
+    spec:
+      containers:
+      - name: fibonacci-go
+        image: forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/christopher.hase/fibonacci_http_go:1.0.0
+        ports:
+        - containerPort: 9090

stl/factory.c-one-infra.de/stacks/ref-implementation/fibonacci-app/service.yaml

@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: fibonacci-service
+  namespace: fibonacci-app
+spec:
+  selector:
+    app: fibonacci-go
+  ports:
+    - protocol: TCP
+      port: 9090
+      targetPort: 9090
+  type: ClusterIP

stl/factory.c-one-infra.de/stacks/ref-implementation/keycloak.yaml

@@ -12,9 +12,9 @@ spec:
     namespace: keycloak
     server: "https://kubernetes.default.svc"
   source:
-    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
     targetRevision: HEAD
-    path: "stl/factory.c-one-infra.de/stacks/ref-implementation/keycloak/manifests"
+    path: "stacks/ref-implementation/keycloak/manifests"
   project: default
   syncPolicy:
     automated:

stl/factory.c-one-infra.de/stacks/ref-implementation/mailhog.yaml

@@ -10,9 +10,9 @@ metadata:
 spec:
   project: default
   source:
-    repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
     targetRevision: HEAD
-    path: "stl/factory.c-one-infra.de/stacks/ref-implementation/mailhog"
+    path: "stacks/ref-implementation/mailhog"
   destination:
     server: "https://kubernetes.default.svc"
     namespace: mailhog

stl/factory.c-one-infra.de/stacks/ref-implementation/openbao.yaml

@@ -11,7 +11,7 @@ spec:
   project: default
   syncPolicy:
     automated:
-      selfHeal: false
+     selfHeal: false
     syncOptions:
       - CreateNamespace=true
   destination:
@@ -23,15 +23,12 @@ spec:
       targetRevision: HEAD
       helm:
         valueFiles:
-          - $values/stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/values.yaml
+          - $values/stacks/ref-implementation/openbao/values.yaml
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
+    - repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
       targetRevision: HEAD
       ref: values
-    - repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
-      targetRevision: HEAD
-      path: "stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/manifests"
   ignoreDifferences:
-    - group: admissionregistration.k8s.io
+  - group: admissionregistration.k8s.io
-      kind: MutatingWebhookConfiguration
+    kind: MutatingWebhookConfiguration
-      jqPathExpressions:
+    jqPathExpressions:
-        - .webhooks[]?.clientConfig.caBundle
+    - .webhooks[]?.clientConfig.caBundle

stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/manifests/role.yaml

@@ -1,9 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: vault-token-role
-  namespace: openbao
-rules:
-  - apiGroups: [""] # "" indicates the core API group
-    resources: ["secrets"]
-    verbs: ["create"]

stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/manifests/rolebinding.yaml

@@ -1,13 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: vault-token-rolebinding
-  namespace: openbao
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: vault-token-role
-subjects:
-  - kind: ServiceAccount
-    name: openbao
-    namespace: openbao

stl/factory.c-one-infra.de/stacks/ref-implementation/openbao/values.yaml

@@ -3,8 +3,6 @@ server:
     - sh
     - -c
     - |
-      echo --- unseal workaround
-
       sleep 10
       bao operator init >> /tmp/init.txt
       cat /tmp/init.txt | grep "Key " | awk '{print $NF}' | xargs -I{} bao operator unseal {}
@@ -15,20 +13,5 @@ server:
       echo $(grep "Unseal Key 4:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key4.txt
       echo $(grep "Unseal Key 5:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key5.txt
       rm /tmp/init.txt
-      
-
-      echo --- provide OpenBAO secret to ESO
-
-      if [[ "$(uname -m)" == "x86_64" ]]; then
-        wget "https://dl.k8s.io/release/$(wget https://dl.k8s.io/release/stable.txt -q -O -)/bin/linux/amd64/kubectl" -O /tmp/kubectl_eso
-      else
-        wget "https://dl.k8s.io/release/$(wget https://dl.k8s.io/release/stable.txt -q -O -)/bin/linux/arm64/kubectl" -O /tmp/kubectl_eso
-      fi
-      chmod +x /tmp/kubectl_eso
-
-      /tmp/kubectl_eso create secret generic vault-token --from-literal=token="$(cat /openbao/data/initial_token.txt)" -n openbao
-
-      rm /tmp/kubectl_eso
-
 ui:
   enabled: true

stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook.yaml

@@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: create-new-cluster-guestbook
+  namespace: argocd
+  labels:
+    env: dev
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  syncPolicy:
+    automated:
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+  destination:
+    name: in-cluster
+    namespace: crossplane-system
+  source:
+    path: stacks/second-cluster/create-new-cluster-guestbook
+    repoURL: https://gitea.factory.c-one-infra.de/giteaAdmin/edfbuilder
+    targetRevision: HEAD

stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/argocluster.yaml

@@ -0,0 +1,16 @@
+apiVersion: cluster.argocd.crossplane.io/v1alpha1
+kind: Cluster
+metadata:
+  name: argo-app-test
+  labels:
+    purpose: dev
+spec:
+  forProvider:
+    config:
+      kubeconfigSecretRef:
+        key: kubeconfig
+        namespace: crossplane-system
+        name: argo-app-test-kubeconf
+    name: argo-app-test-cluster
+  providerConfigRef:
+    name: argocd-provider

stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/guestbook.yaml

@@ -0,0 +1,26 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: argo-second-cluster-demo
+  namespace: argocd
+spec:
+  destination:
+    namespace: guestbook
+    name: argo-app-test-cluster
+  project: default
+  source:
+    path: guestbook
+    repoURL: https://github.com/argoproj/argocd-example-apps.git
+    targetRevision: HEAD
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+    - CreateNamespace=true
+    retry:
+      limit: -1
+      backoff:
+        duration: 5s 
+        factor: 2 
+        maxDuration: 1m

stl/factory.c-one-infra.de/stacks/second-cluster/create-new-cluster-guestbook/kindcluster.yaml

@@ -0,0 +1,26 @@
+apiVersion: container.kind.crossplane.io/v1alpha1
+kind: KindCluster
+metadata:
+  name: argo-app-test
+spec:
+  forProvider:
+    kindConfig: |
+      kind: Cluster
+      apiVersion: kind.x-k8s.io/v1alpha4
+      nodes:
+      - role: control-plane
+        kubeadmConfigPatches:
+        - |
+          kind: InitConfiguration
+          nodeRegistration:
+            kubeletExtraArgs:
+              node-labels: "ingress-ready=true"
+      # TODO: RIRE used maybe for velero backup
+      #  extraMounts:
+      #    - hostPath: /tmp/backup # replace with your own path
+      #      containerPath: /backup
+  providerConfigRef:
+    name: kind-provider
+  writeConnectionSecretToRef:
+    namespace: crossplane-system
+    name: argo-app-test-kubeconf