fix
This commit is contained in:
@@ -1,112 +0,0 @@
|
||||
locals {
|
||||
authentik_url = "http://authentik.${var.domain}-auth.svc"
|
||||
authentik_token = data.kubernetes_secret_v1.authentik.data["AUTHENTIK_BOOTSTRAP_TOKEN"]
|
||||
common-labels = {
|
||||
"vynil.solidite.fr/owner-name" = var.instance
|
||||
"vynil.solidite.fr/owner-namespace" = var.namespace
|
||||
"vynil.solidite.fr/owner-category" = var.category
|
||||
"vynil.solidite.fr/owner-component" = var.component
|
||||
"app.kubernetes.io/managed-by" = "vynil"
|
||||
"app.kubernetes.io/instance" = var.instance
|
||||
}
|
||||
pvc_spec = merge({
|
||||
"accessModes" = [var.storage.volume.accessMode]
|
||||
"volumeMode" = var.storage.volume.type
|
||||
"resources" = {
|
||||
"requests" = {
|
||||
"storage" = "${var.storage.volume.size}"
|
||||
}
|
||||
}
|
||||
}, var.storage.volume.class != "" ?{
|
||||
"storageClassName" = var.storage.volume.class
|
||||
}:{})
|
||||
}
|
||||
|
||||
|
||||
data "kubernetes_secret_v1" "authentik" {
|
||||
metadata {
|
||||
name = "authentik"
|
||||
namespace = "${var.domain}-auth"
|
||||
}
|
||||
}
|
||||
|
||||
data "kubernetes_ingress_v1" "authentik" {
|
||||
metadata {
|
||||
name = "authentik"
|
||||
namespace = "${var.domain}-auth"
|
||||
}
|
||||
}
|
||||
|
||||
data "kustomization_overlay" "data" {
|
||||
common_labels = local.common-labels
|
||||
namespace = var.namespace
|
||||
resources = [for file in fileset(path.module, "*.yaml"): file if file != "index.yaml" && length(regexall("ClusterRole",file))<1]
|
||||
images {
|
||||
name = "docker.io/grafana/grafana"
|
||||
new_name = "${var.images.grafana.registry}/${var.images.grafana.repository}"
|
||||
new_tag = "${var.images.grafana.tag}"
|
||||
}
|
||||
images {
|
||||
name = "docker.io/library/busybox"
|
||||
new_name = "${var.images.busybox.registry}/${var.images.busybox.repository}"
|
||||
new_tag = "${var.images.busybox.tag}"
|
||||
}
|
||||
images {
|
||||
name = "quay.io/kiwigrid/k8s-sidecar"
|
||||
new_name = "${var.images.sidecar.registry}/${var.images.sidecar.repository}"
|
||||
new_tag = "${var.images.sidecar.tag}"
|
||||
}
|
||||
patches {
|
||||
target {
|
||||
kind = "PersistentVolumeClaim"
|
||||
name = "grafana"
|
||||
}
|
||||
patch = <<-EOF
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: grafana
|
||||
annotations:
|
||||
k8up.io/backup: "true"
|
||||
spec: ${jsonencode(local.pvc_spec)}
|
||||
EOF
|
||||
}
|
||||
patches {
|
||||
target {
|
||||
kind = "ServiceMonitor"
|
||||
name = "grafana"
|
||||
}
|
||||
patch = <<-EOF
|
||||
- op: replace
|
||||
path: /spec/namespaceSelector/matchNames/0
|
||||
value: "${var.namespace}"
|
||||
EOF
|
||||
}
|
||||
patches {
|
||||
target {
|
||||
kind = "Deployment"
|
||||
name = "grafana"
|
||||
}
|
||||
patch = <<-EOF
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: grafana
|
||||
annotations:
|
||||
configmap.reloader.stakater.com/reload: "grafana"
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: grafana
|
||||
volumeMounts:
|
||||
- name: local-certs
|
||||
mountPath: "/etc/local-certs"
|
||||
volumes:
|
||||
- name: local-certs
|
||||
secret:
|
||||
secretName: "${var.instance}-cert"
|
||||
defaultMode: 0444
|
||||
EOF
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user