DevFW-CICD/stacks
12
0
Fork 1
Code Issues Pull requests 3 Projects Releases Packages Wiki Activity Actions

Merge pull request 'outsource_ingresses' (#1) from outsource_ingresses into development

Browse source 
Reviewed-on: #1
This commit is contained in:
richardrobertreitz 2024-12-08 17:49:50 +00:00
commit 952c3e1fe1
21 changed files with 217 additions and 186 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
template/stacks/core/argocd/values.kind.yaml
View file

@ -25,20 +25,3 @@ notifications:
dex: dex:
enabled: false enabled: false
server:
ingress:
enabled: true
ingressClassName: nginx
annotations:
nginx.ingress.kubernetes.io/backend-protocol: HTTP
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
path: /argocd(/|$)(.*)
pathType: ImplementationSpecific
extraTls:
- hosts:
- {{ .Values.edfbuilderTargetDomain }}
secretName: argocd-net-tls

20
template/stacks/core/argocd/values.osc.yaml
View file

@ -31,23 +31,3 @@ notifications:
dex: dex:
enabled: false enabled: false
server:
ingress:
enabled: true
ingressClassName: nginx
annotations:
dns.gardener.cloud/class: garden
dns.gardener.cloud/dnsnames: {{ .Values.edfbuilderTargetDomain }}
dns.gardener.cloud/ttl: "600"
nginx.ingress.kubernetes.io/backend-protocol: HTTP
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
path: /argocd(/|$)(.*)
pathType: ImplementationSpecific
extraTls:
- hosts:
- {{ .Values.edfbuilderTargetDomain }}
secretName: argocd-net-tls

17
template/stacks/core/forgejo/values.kind.yaml
View file

@ -34,23 +34,6 @@ service:
nodePort: 32222 nodePort: 32222
externalTrafficPolicy: Local externalTrafficPolicy: Local
ingress:
# NOTE: The ingress is generated in a later step for path based routing feature See: hack/argo-cd/generate-manifests.sh
enabled: true
className: nginx
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 512m
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
hosts:
- host: gitea.{{ .Values.edfbuilderTargetDomain }}
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- gitea.{{ .Values.edfbuilderTargetDomain }}
secretName: forgejo-net-tls
image: image:
pullPolicy: "IfNotPresent" pullPolicy: "IfNotPresent"
# Overrides the image tag whose default is the chart appVersion. # Overrides the image tag whose default is the chart appVersion.

20
template/stacks/core/forgejo/values.osc.yaml
View file

@ -34,26 +34,6 @@ service:
nodePort: 32222 nodePort: 32222
externalTrafficPolicy: Local externalTrafficPolicy: Local
ingress:
# NOTE: The ingress is generated in a later step for path based routing feature See: hack/argo-cd/generate-manifests.sh
enabled: true
className: nginx
annotations:
dns.gardener.cloud/class: garden
dns.gardener.cloud/dnsnames: gitea.{{ .Values.edfbuilderTargetDomain }}
dns.gardener.cloud/ttl: "600"
nginx.ingress.kubernetes.io/proxy-body-size: 512m
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
hosts:
- host: gitea.{{ .Values.edfbuilderTargetDomain }}
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- gitea.{{ .Values.edfbuilderTargetDomain }}
secretName: forgejo-net-tls
image: image:
pullPolicy: "IfNotPresent" pullPolicy: "IfNotPresent"
# Overrides the image tag whose default is the chart appVersion. # Overrides the image tag whose default is the chart appVersion.

22
template/stacks/core/ingress-apps.yaml Normal file
View file

@ -0,0 +1,22 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: ingress-apps
namespace: argocd
labels:
example: ref-implementation
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
server: "https://kubernetes.default.svc"
source:
repoURL: https://gitea.{{ .Values.edfbuilderTargetDomain }}/giteaAdmin/edfbuilder
targetRevision: HEAD
path: "stacks/core/ingress-apps"
project: default
syncPolicy:
automated:
selfHeal: true
syncOptions:
- CreateNamespace=true

31
template/stacks/core/ingress-apps/argo-workflows-ingress.yaml Normal file
View file

@ -0,0 +1,31 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/use-regex: "true"
name: argo-workflows-ingress
namespace: argo
spec:
ingressClassName: nginx
rules:
- host: localhost
http:
paths:
- backend:
service:
name: argo-server
port:
name: web
path: /argo-workflows(/|$)(.*)
pathType: ImplementationSpecific
- host: cnoe.localtest.me
http:
paths:
- backend:
service:
name: argo-server
port:
name: web
path: /argo-workflows(/|$)(.*)
pathType: ImplementationSpecific

27
template/stacks/core/ingress-apps/argocd-server.yaml Normal file
View file

@ -0,0 +1,27 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/backend-protocol: HTTP
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/use-regex: "true"
name: argocd-server
namespace: argocd
spec:
ingressClassName: nginx
rules:
- host: cnoe.localtest.me
http:
paths:
- backend:
service:
name: argocd-server
port:
number: 80
path: /argocd(/|$)(.*)
pathType: ImplementationSpecific
tls:
- hosts:
- cnoe.localtest.me
secretName: argocd-net-tls

28
template/stacks/core/ingress-apps/backstage.yaml Normal file
View file

@ -0,0 +1,28 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: backstage
namespace: backstage
spec:
ingressClassName: nginx
rules:
- host: localhost
http:
paths:
- backend:
service:
name: backstage
port:
name: http
path: /
pathType: Prefix
- host: cnoe.localtest.me
http:
paths:
- backend:
service:
name: backstage
port:
name: http
path: /
pathType: Prefix

4
template/stacks/ref-implementation/fibonacci-app/ingress.yaml → template/stacks/core/ingress-apps/fibonacci-service.yaml
View file

@ -6,7 +6,7 @@ metadata:
spec: spec:
ingressClassName: nginx ingressClassName: nginx
rules: rules:
- host: {{ .Values.edfbuilderTargetDomain }} - host: cnoe.localtest.me
http: http:
paths: paths:
- backend: - backend:
@ -15,4 +15,4 @@ spec:
port: port:
number: 9090 number: 9090
path: /fibonacci path: /fibonacci
pathType: Prefix pathType: Prefix

25
template/stacks/core/ingress-apps/forgejo.yaml Normal file
View file

@ -0,0 +1,25 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: 512m
name: forgejo
namespace: gitea
spec:
ingressClassName: nginx
rules:
- host: gitea.cnoe.localtest.me
http:
paths:
- backend:
service:
name: forgejo-http
port:
number: 3000
path: /
pathType: Prefix
tls:
- hosts:
- gitea.cnoe.localtest.me
secretName: forgejo-net-tls

28
template/stacks/core/ingress-apps/keycloak-ingress-localhost.yaml Normal file
View file

@ -0,0 +1,28 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: keycloak-ingress-localhost
namespace: keycloak
spec:
ingressClassName: nginx
rules:
- host: localhost
http:
paths:
- backend:
service:
name: keycloak
port:
name: http
path: /keycloak
pathType: ImplementationSpecific
- host: cnoe.localtest.me
http:
paths:
- backend:
service:
name: keycloak
port:
name: http
path: /keycloak
pathType: ImplementationSpecific

18
template/stacks/core/ingress-apps/kube-prometheus-stack-grafana.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: kube-prometheus-stack-grafana
namespace: monitoring
spec:
ingressClassName: nginx
rules:
- host: cnoe.localtest.me
http:
paths:
- backend:
service:
name: kube-prometheus-stack-grafana
port:
number: 80
path: /grafana
pathType: Prefix

18
template/stacks/core/ingress-apps/minio-console.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: minio-console
namespace: minio-backup
spec:
ingressClassName: nginx
rules:
- host: minio-backup.cnoe.localtest.me
http:
paths:
- backend:
service:
name: minio-console
port:
number: 9001
path: /
pathType: Prefix

18
template/stacks/core/ingress-apps/openbao.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: openbao
namespace: openbao
spec:
ingressClassName: nginx
rules:
- host: openbao.cnoe.localtest.me
http:
paths:
- backend:
service:
name: openbao
port:
number: 8200
path: /
pathType: Prefix

6
template/stacks/local-backup/minio/helm/values.yaml
View file

@ -14,10 +14,4 @@ persistence:
buckets: buckets:
- name: edfbuilder-backups - name: edfbuilder-backups
consoleIngress:
enabled: true
ingressClassName: nginx
hosts:
- minio-backup.{{ .Values.edfbuilderTargetDomain }}
existingSecret: root-creds existingSecret: root-creds

7
template/stacks/monitoring/kube-prometheus/values.yaml
View file

@ -17,13 +17,6 @@ grafana:
syncOptions: syncOptions:
- ServerSideApply=true - ServerSideApply=true
ingress:
enabled: true
ingressClassName: nginx
hosts:
- {{ .Values.edfbuilderTargetDomain }}
path: /grafana
sidecar: sidecar:
dashboards: dashboards:
enabled: true enabled: true

31
template/stacks/ref-implementation/argo-workflows/manifests/dev/ingress.yaml
View file

@ -1,31 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argo-workflows-ingress
namespace: argo
annotations:
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
ingressClassName: "nginx"
rules:
- host: localhost
http:
paths:
- path: /argo-workflows(/|$)(.*)
pathType: ImplementationSpecific
backend:
service:
name: argo-server
port:
name: web
- host: {{ .Values.edfbuilderTargetDomain }}
http:
paths:
- path: /argo-workflows(/|$)(.*)
pathType: ImplementationSpecific
backend:
service:
name: argo-server
port:
name: web

1
template/stacks/ref-implementation/argo-workflows/manifests/dev/kustomization.yaml
View file

@ -1,7 +1,6 @@
resources: resources:
- ../base - ../base
- external-secret.yaml - external-secret.yaml
- ingress.yaml
- sa-admin.yaml - sa-admin.yaml
patches: patches:
- path: patches/cm-argo-workflows.yaml - path: patches/cm-argo-workflows.yaml

29
template/stacks/ref-implementation/backstage/manifests/install.yaml
View file

@ -425,32 +425,3 @@ spec:
remoteRef: remoteRef:
key: gitea-credential key: gitea-credential
property: password property: password
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: backstage
namespace: backstage
spec:
ingressClassName: "nginx"
rules:
- host: localhost
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: backstage
port:
name: http
- host: {{ .Values.edfbuilderTargetDomain }}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: backstage
port:
name: http

30
template/stacks/ref-implementation/keycloak/manifests/ingress.yaml
View file

@ -1,30 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: keycloak-ingress-localhost
namespace: keycloak
annotations:
argocd.argoproj.io/sync-wave: "100"
spec:
ingressClassName: "nginx"
rules:
- host: localhost
http:
paths:
- path: /keycloak
pathType: ImplementationSpecific
backend:
service:
name: keycloak
port:
name: http
- host: {{ .Values.edfbuilderTargetDomain }}
http:
paths:
- path: /keycloak
pathType: ImplementationSpecific
backend:
service:
name: keycloak
port:
name: http

6
template/stacks/ref-implementation/openbao/values.yaml
View file

@ -1,10 +1,4 @@
server: server:
ingress:
enabled: true
ingressClassName: nginx
hosts:
- host: openbao.{{ .Values.edfbuilderTargetDomain }}
paths: []
dev: dev:
enabled: true enabled: true