DevFW-CICD/stacks
DevFW-CICD/stacks
Archived
16
0
Fork 2
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Compare commits

base: DevFW-CICD:952c3e1fe12abaec68119fd265081014be9dce19
Branches Tags
DevFW-CICD:main
DevFW-CICD:development
DevFW-CICD:local_edpbuilder
DevFW-CICD:IPCEICIS-2951
DevFW-CICD:sso_jobs_push_to_cefor
DevFW-CICD:IPCEICIS-3796
DevFW-CICD:michals-silly-game
DevFW-CICD:django-backstage-template
DevFW-CICD:kindserver_development
DevFW-CICD:update_provider_argocd
DevFW-CICD:IPCEICIS-3110
DevFW-CICD:IPCEICIS-3111
DevFW-CICD:shipping_openbao_logs
DevFW-CICD:root_path_argocd_test
DevFW-CICD:forgego_10_update
DevFW-CICD:IPCEICIS-2435_change_argocd_path_routing_to_domain
DevFW-CICD:IPCEICIS-2643_install_keycloak_and_eso_first
DevFW-CICD:forgejo_runner_configuration_test
DevFW-CICD:helm_hydrate
DevFW-CICD:feature/externaldns_certmanager_test
DevFW-CICD:1.2.0
DevFW-CICD:1.1.1
DevFW-CICD:1.1.0
DevFW-CICD:1.0.0
..
compare: DevFW-CICD:47f0536858688eb70f0ac90af1b75dab77924554
Branches Tags
DevFW-CICD:main
DevFW-CICD:development
DevFW-CICD:local_edpbuilder
DevFW-CICD:IPCEICIS-2951
DevFW-CICD:sso_jobs_push_to_cefor
DevFW-CICD:IPCEICIS-3796
DevFW-CICD:michals-silly-game
DevFW-CICD:django-backstage-template
DevFW-CICD:kindserver_development
DevFW-CICD:update_provider_argocd
DevFW-CICD:IPCEICIS-3110
DevFW-CICD:IPCEICIS-3111
DevFW-CICD:shipping_openbao_logs
DevFW-CICD:root_path_argocd_test
DevFW-CICD:forgego_10_update
DevFW-CICD:IPCEICIS-2435_change_argocd_path_routing_to_domain
DevFW-CICD:IPCEICIS-2643_install_keycloak_and_eso_first
DevFW-CICD:forgejo_runner_configuration_test
DevFW-CICD:helm_hydrate
DevFW-CICD:feature/externaldns_certmanager_test
DevFW-CICD:1.2.0
DevFW-CICD:1.1.1
DevFW-CICD:1.1.0
DevFW-CICD:1.0.0

No commits in common. "952c3e1fe12abaec68119fd265081014be9dce19" and "47f0536858688eb70f0ac90af1b75dab77924554" have entirely different histories.
952c3e1fe1 ... 47f0536858

21 changed files with 186 additions and 217 deletions
Show stats Expand all files Collapse all files

17
template/stacks/core/argocd/values.kind.yaml
View file

@ -25,3 +25,20 @@ notifications:
dex:
enabled: false
server:
ingress:
enabled: true
ingressClassName: nginx
annotations:
nginx.ingress.kubernetes.io/backend-protocol: HTTP
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
path: /argocd(/|$)(.*)
pathType: ImplementationSpecific
extraTls:
- hosts:
- {{ .Values.edfbuilderTargetDomain }}
secretName: argocd-net-tls

20
template/stacks/core/argocd/values.osc.yaml
View file

@ -31,3 +31,23 @@ notifications:
dex:
enabled: false
server:
ingress:
enabled: true
ingressClassName: nginx
annotations:
dns.gardener.cloud/class: garden
dns.gardener.cloud/dnsnames: {{ .Values.edfbuilderTargetDomain }}
dns.gardener.cloud/ttl: "600"
nginx.ingress.kubernetes.io/backend-protocol: HTTP
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
path: /argocd(/|$)(.*)
pathType: ImplementationSpecific
extraTls:
- hosts:
- {{ .Values.edfbuilderTargetDomain }}
secretName: argocd-net-tls

17
template/stacks/core/forgejo/values.kind.yaml
View file

@ -34,6 +34,23 @@ service:
nodePort: 32222
externalTrafficPolicy: Local
ingress:
# NOTE: The ingress is generated in a later step for path based routing feature See: hack/argo-cd/generate-manifests.sh
enabled: true
className: nginx
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 512m
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
hosts:
- host: gitea.{{ .Values.edfbuilderTargetDomain }}
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- gitea.{{ .Values.edfbuilderTargetDomain }}
secretName: forgejo-net-tls
image:
pullPolicy: "IfNotPresent"
# Overrides the image tag whose default is the chart appVersion.

20
template/stacks/core/forgejo/values.osc.yaml
View file

@ -34,6 +34,26 @@ service:
nodePort: 32222
externalTrafficPolicy: Local
ingress:
# NOTE: The ingress is generated in a later step for path based routing feature See: hack/argo-cd/generate-manifests.sh
enabled: true
className: nginx
annotations:
dns.gardener.cloud/class: garden
dns.gardener.cloud/dnsnames: gitea.{{ .Values.edfbuilderTargetDomain }}
dns.gardener.cloud/ttl: "600"
nginx.ingress.kubernetes.io/proxy-body-size: 512m
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
hosts:
- host: gitea.{{ .Values.edfbuilderTargetDomain }}
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- gitea.{{ .Values.edfbuilderTargetDomain }}
secretName: forgejo-net-tls
image:
pullPolicy: "IfNotPresent"
# Overrides the image tag whose default is the chart appVersion.

22
template/stacks/core/ingress-apps.yaml
View file

@ -1,22 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: ingress-apps
namespace: argocd
labels:
example: ref-implementation
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
server: "https://kubernetes.default.svc"
source:
repoURL: https://gitea.{{ .Values.edfbuilderTargetDomain }}/giteaAdmin/edfbuilder
targetRevision: HEAD
path: "stacks/core/ingress-apps"
project: default
syncPolicy:
automated:
selfHeal: true
syncOptions:
- CreateNamespace=true

31
template/stacks/core/ingress-apps/argo-workflows-ingress.yaml
View file

@ -1,31 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/use-regex: "true"
name: argo-workflows-ingress
namespace: argo
spec:
ingressClassName: nginx
rules:
- host: localhost
http:
paths:
- backend:
service:
name: argo-server
port:
name: web
path: /argo-workflows(/|$)(.*)
pathType: ImplementationSpecific
- host: cnoe.localtest.me
http:
paths:
- backend:
service:
name: argo-server
port:
name: web
path: /argo-workflows(/|$)(.*)
pathType: ImplementationSpecific

27
template/stacks/core/ingress-apps/argocd-server.yaml
View file

@ -1,27 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/backend-protocol: HTTP
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/use-regex: "true"
name: argocd-server
namespace: argocd
spec:
ingressClassName: nginx
rules:
- host: cnoe.localtest.me
http:
paths:
- backend:
service:
name: argocd-server
port:
number: 80
path: /argocd(/|$)(.*)
pathType: ImplementationSpecific
tls:
- hosts:
- cnoe.localtest.me
secretName: argocd-net-tls

28
template/stacks/core/ingress-apps/backstage.yaml
View file

@ -1,28 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: backstage
namespace: backstage
spec:
ingressClassName: nginx
rules:
- host: localhost
http:
paths:
- backend:
service:
name: backstage
port:
name: http
path: /
pathType: Prefix
- host: cnoe.localtest.me
http:
paths:
- backend:
service:
name: backstage
port:
name: http
path: /
pathType: Prefix

25
template/stacks/core/ingress-apps/forgejo.yaml
View file

@ -1,25 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: 512m
name: forgejo
namespace: gitea
spec:
ingressClassName: nginx
rules:
- host: gitea.cnoe.localtest.me
http:
paths:
- backend:
service:
name: forgejo-http
port:
number: 3000
path: /
pathType: Prefix
tls:
- hosts:
- gitea.cnoe.localtest.me
secretName: forgejo-net-tls

28
template/stacks/core/ingress-apps/keycloak-ingress-localhost.yaml
View file

@ -1,28 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: keycloak-ingress-localhost
namespace: keycloak
spec:
ingressClassName: nginx
rules:
- host: localhost
http:
paths:
- backend:
service:
name: keycloak
port:
name: http
path: /keycloak
pathType: ImplementationSpecific
- host: cnoe.localtest.me
http:
paths:
- backend:
service:
name: keycloak
port:
name: http
path: /keycloak
pathType: ImplementationSpecific

18
template/stacks/core/ingress-apps/kube-prometheus-stack-grafana.yaml
View file

@ -1,18 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: kube-prometheus-stack-grafana
namespace: monitoring
spec:
ingressClassName: nginx
rules:
- host: cnoe.localtest.me
http:
paths:
- backend:
service:
name: kube-prometheus-stack-grafana
port:
number: 80
path: /grafana
pathType: Prefix

18
template/stacks/core/ingress-apps/minio-console.yaml
View file

@ -1,18 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: minio-console
namespace: minio-backup
spec:
ingressClassName: nginx
rules:
- host: minio-backup.cnoe.localtest.me
http:
paths:
- backend:
service:
name: minio-console
port:
number: 9001
path: /
pathType: Prefix

18
template/stacks/core/ingress-apps/openbao.yaml
View file

@ -1,18 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: openbao
namespace: openbao
spec:
ingressClassName: nginx
rules:
- host: openbao.cnoe.localtest.me
http:
paths:
- backend:
service:
name: openbao
port:
number: 8200
path: /
pathType: Prefix

6
template/stacks/local-backup/minio/helm/values.yaml
View file

@ -14,4 +14,10 @@ persistence:
buckets:
- name: edfbuilder-backups
consoleIngress:
enabled: true
ingressClassName: nginx
hosts:
- minio-backup.{{ .Values.edfbuilderTargetDomain }}
existingSecret: root-creds

7
template/stacks/monitoring/kube-prometheus/values.yaml
View file

@ -17,6 +17,13 @@ grafana:
syncOptions:
- ServerSideApply=true
ingress:
enabled: true
ingressClassName: nginx
hosts:
- {{ .Values.edfbuilderTargetDomain }}
path: /grafana
sidecar:
dashboards:
enabled: true

31
template/stacks/ref-implementation/argo-workflows/manifests/dev/ingress.yaml Normal file
View file

@ -0,0 +1,31 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argo-workflows-ingress
namespace: argo
annotations:
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
ingressClassName: "nginx"
rules:
- host: localhost
http:
paths:
- path: /argo-workflows(/|$)(.*)
pathType: ImplementationSpecific
backend:
service:
name: argo-server
port:
name: web
- host: {{ .Values.edfbuilderTargetDomain }}
http:
paths:
- path: /argo-workflows(/|$)(.*)
pathType: ImplementationSpecific
backend:
service:
name: argo-server
port:
name: web

1
template/stacks/ref-implementation/argo-workflows/manifests/dev/kustomization.yaml
View file

@ -1,6 +1,7 @@
resources:
- ../base
- external-secret.yaml
- ingress.yaml
- sa-admin.yaml
patches:
- path: patches/cm-argo-workflows.yaml

29
template/stacks/ref-implementation/backstage/manifests/install.yaml
View file

@ -425,3 +425,32 @@ spec:
remoteRef:
key: gitea-credential
property: password
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: backstage
namespace: backstage
spec:
ingressClassName: "nginx"
rules:
- host: localhost
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: backstage
port:
name: http
- host: {{ .Values.edfbuilderTargetDomain }}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: backstage
port:
name: http

2
template/stacks/core/ingress-apps/fibonacci-service.yaml → template/stacks/ref-implementation/fibonacci-app/ingress.yaml
View file

@ -6,7 +6,7 @@ metadata:
spec:
ingressClassName: nginx
rules:
- host: cnoe.localtest.me
- host: {{ .Values.edfbuilderTargetDomain }}
http:
paths:
- backend:

30
template/stacks/ref-implementation/keycloak/manifests/ingress.yaml Normal file
View file

@ -0,0 +1,30 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: keycloak-ingress-localhost
namespace: keycloak
annotations:
argocd.argoproj.io/sync-wave: "100"
spec:
ingressClassName: "nginx"
rules:
- host: localhost
http:
paths:
- path: /keycloak
pathType: ImplementationSpecific
backend:
service:
name: keycloak
port:
name: http
- host: {{ .Values.edfbuilderTargetDomain }}
http:
paths:
- path: /keycloak
pathType: ImplementationSpecific
backend:
service:
name: keycloak
port:
name: http

6
template/stacks/ref-implementation/openbao/values.yaml
View file

@ -1,4 +1,10 @@
server:
ingress:
enabled: true
ingressClassName: nginx
hosts:
- host: openbao.{{ .Values.edfbuilderTargetDomain }}
paths: []
dev:
enabled: true