From 86051b28b081ea164365e7c2b1525559db2b643e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Huss?= Date: Fri, 26 Jan 2024 20:00:54 +0100 Subject: [PATCH] fix --- apps/woodpecker/datas.tf | 23 +++-- apps/woodpecker/index.yaml | 166 ++++++++++++++++++++----------------- meta/domain-ci/apps.tf | 84 ++++++++++++------- meta/domain-ci/index.yaml | 157 ++++++++++++++++++++--------------- 4 files changed, 252 insertions(+), 178 deletions(-) diff --git a/apps/woodpecker/datas.tf b/apps/woodpecker/datas.tf index 663e3cf..e1483ce 100644 --- a/apps/woodpecker/datas.tf +++ b/apps/woodpecker/datas.tf @@ -10,6 +10,17 @@ locals { "app.kubernetes.io/name" = var.component "app.kubernetes.io/instance" = var.instance } + pvc_spec = merge({ + "accessModes" = [var.storage.volume.accessMode] + "volumeMode" = var.storage.volume.type + "resources" = { + "requests" = { + "storage" = "${var.storage.volume.size}" + } + } + }, var.storage.volume.class != "" ?{ + "storageClassName" = var.storage.volume.class + }:{}) } data "kubernetes_secret_v1" "authentik" { @@ -54,11 +65,11 @@ data "kustomization_overlay" "data" { - name: WOODPECKER_BACKEND_K8S_NAMESPACE value: "${var.namespace}" - name: WOODPECKER_BACKEND_K8S_STORAGE_CLASS - value: "${var.storage-agent.storageClass}" + value: "${var.storage.volume.class}" - name: WOODPECKER_BACKEND_K8S_STORAGE_RWX - value: "${var.storage-agent.writeMany}" + value: "${var.storage.volume.accessMode=="ReadOnlyMany"?"true":"false"}" - name: WOODPECKER_BACKEND_K8S_VOLUME_SIZE - value: "${var.storage-agent.size}" + value: "${var.storage.agent.size}" - name: WOODPECKER_SERVER value: "woodpecker-server.${var.namespace}.svc:9000" EOF @@ -163,11 +174,7 @@ data "kustomization_overlay" "data" { volumeClaimTemplates: - metadata: name: data - spec: - accessModes: [ "${var.storage-server.accessMode}" ] - resources: - requests: - storage: ${var.storage-server.size} + spec: ${jsonencode(local.pvc_spec)} EOF } } diff --git a/apps/woodpecker/index.yaml b/apps/woodpecker/index.yaml index 96319f5..302a05e 100644 --- a/apps/woodpecker/index.yaml +++ b/apps/woodpecker/index.yaml @@ -6,95 +6,31 @@ metadata: name: woodpecker description: null options: - admin-users: - default: woodpecker,admin + domain_name: + default: your_company.com examples: - - woodpecker,admin - type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod + - your_company.com type: string sub_domain: default: ci examples: - ci type: string - storage-server: - default: - accessMode: ReadWriteOnce - size: 10Gi + issuer: + default: letsencrypt-prod examples: - - accessMode: ReadWriteOnce - size: 10Gi - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 10Gi - type: string - type: object - timeouts: - default: - default: '60' - max: '120' - examples: - - default: '60' - max: '120' - properties: - default: - default: '60' - type: string - max: - default: '120' - type: string - type: object - storage-agent: - default: - size: 10Gi - storageClass: '' - writeMany: 'false' - examples: - - size: 10Gi - storageClass: '' - writeMany: 'false' - properties: - size: - default: 10Gi - type: string - storageClass: - default: '' - type: string - writeMany: - default: 'false' - type: string - type: object - domain_name: - default: your_company.com - examples: - - your_company.com - type: string - ingress_class: - default: traefik - examples: - - traefik - type: string - app_group: - default: dev - examples: - - dev + - letsencrypt-prod type: string domain: default: your-company examples: - your-company type: string + app_group: + default: dev + examples: + - dev + type: string images: default: agent: @@ -192,6 +128,86 @@ options: type: string type: object type: object + storage: + default: + agent: + size: 10Gi + volume: + accessMode: ReadWriteOnce + class: '' + size: 10Gi + type: Filesystem + description: Configure this app storage + examples: + - agent: + size: 10Gi + volume: + accessMode: ReadWriteOnce + class: '' + size: 10Gi + type: Filesystem + properties: + agent: + default: + size: 10Gi + properties: + size: + default: 10Gi + type: string + type: object + volume: + default: + accessMode: ReadWriteOnce + class: '' + size: 10Gi + type: Filesystem + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + class: + default: '' + type: string + size: + default: 10Gi + type: string + type: + default: Filesystem + enum: + - Filesystem + - Block + type: string + type: object + type: object + timeouts: + default: + default: '60' + max: '120' + examples: + - default: '60' + max: '120' + properties: + default: + default: '60' + type: string + max: + default: '120' + type: string + type: object + ingress_class: + default: traefik + examples: + - traefik + type: string + admin-users: + default: woodpecker,admin + examples: + - woodpecker,admin + type: string dependencies: - dist: null category: apps diff --git a/meta/domain-ci/apps.tf b/meta/domain-ci/apps.tf index a5b61b5..326145c 100644 --- a/meta/domain-ci/apps.tf +++ b/meta/domain-ci/apps.tf @@ -1,44 +1,68 @@ locals { annotations = { - "vynil.solidite.fr/meta" = var.component - "vynil.solidite.fr/name" = var.namespace - "vynil.solidite.fr/domain" = var.domain_name - "vynil.solidite.fr/issuer" = var.issuer - "vynil.solidite.fr/ingress" = var.ingress_class + "vynil.solidite.fr/meta" = var.component + "vynil.solidite.fr/name" = var.namespace + } + annotations_default = { + "default.vynil.solidite.fr/sso_vynil" = var.sso_vynil + "default.vynil.solidite.fr/domain_name" = var.domain_name + "default.vynil.solidite.fr/timezone" = var.timezone + "default.vynil.solidite.fr/language" = var.language + "default.vynil.solidite.fr/domain" = var.domain + "default.vynil.solidite.fr/issuer" = var.issuer + "default.vynil.solidite.fr/ingress_class" = var.ingress_class + "default.vynil.solidite.fr/app_group" = var.app_group + "default.vynil.solidite.fr/backups.enable" = var.backups.enable + "default.vynil.solidite.fr/backups.use_barman" = var.backups.use_barman + "default.vynil.solidite.fr/backups.endpoint" = var.backups.endpoint + "default.vynil.solidite.fr/backups.secret_name" = var.backups.secret_name + "default.vynil.solidite.fr/backups.key_id_key" = var.backups.key_id_key + "default.vynil.solidite.fr/backups.secret_key" = var.backups.secret_key + "default.vynil.solidite.fr/backups.restic_key" = var.backups.restic_key + "default.vynil.solidite.fr/storage.volume.accessMode" = var.storage.volume.accessMode + "default.vynil.solidite.fr/storage.volume.class" = var.storage.volume.class } global = { - "domain" = var.namespace - "domain_name" = var.domain_name - "issuer" = var.issuer - "ingress_class" = var.ingress_class - "backups" = var.backups + "sso_vynil" = var.sso_vynil + "domain_name" = var.domain_name + "timezone" = var.timezone + "language" = var.language + "domain" = var.domain + "issuer" = var.issuer + "ingress_class" = var.ingress_class + "app_group" = var.app_group } - default-mode = var.storage-classes.FilesystemReadWriteMany!=""?"ReadWriteMany":"ReadWriteOnce" - gitea = { for k, v in var.gitea : k => v if !contains(["enable","volume"],k) } - gitea-storage = { - "volume" = { - "size" = lookup(lookup(local.gitea, "volume",{}), "size", "20Gi") - "accessMode" = lookup(lookup(local.gitea, "volume",{}), "accessMode", local.default-mode) - } + global-backups = { + "enable" = var.backups.enable + "use_barman" = var.backups.use_barman + "endpoint" = var.backups.endpoint + "secret_name" = var.backups.secret_name + "key_id_key" = var.backups.key_id_key + "secret_key" = var.backups.secret_key + "restic_key" = var.backups.restic_key } - woodpecker = { for k, v in var.woodpecker : k => v if k!="enable" } - woodpecker-storage = merge({ - "storage-server" = { - "size" = lookup(lookup(local.woodpecker, "storage-server",{}), "size", "10Gi") - "accessMode" = lookup(lookup(local.woodpecker, "storage-server",{}), "accessMode", local.default-mode) - } - "storage-agent" = { - "size" = lookup(lookup(local.woodpecker, "storage-agent",{}), "size", "10Gi") - "writeMany" = lookup(lookup(local.woodpecker, "storage-agent",{}), "writeMany", var.storage-classes.FilesystemReadWriteMany!=""?"true":"false") - "storageClass" = lookup(lookup(local.woodpecker, "storage-agent",{}), "storageClass", var.storage-classes.FilesystemReadWriteMany!=""?var.storage-classes.FilesystemReadWriteMany:var.storage-classes.FilesystemReadWriteOnce) - } - }, { for k, v in var.woodpecker : k => v if contains(["storage-server","storage-agent"],k) }) + global-volume = { + "accessMode" = var.storage.volume.accessMode + "class" = var.storage.volume.class + } + gitea = merge(local.global,{ for k, v in var.gitea : k => v if !contains(["enable","storage","backups"],k) },{ + backups = merge(lookup(var.gitea, "backups", {}), local.global-backups) + storage = merge({ for k, v in lookup(var.gitea, "storage", {}) : k => v if !contains(["volume"],k) }, { + volume = merge(lookup(lookup(var.gitea, "storage", {}), "volume", {}), local.global-volume) + }) + }) + woodpecker = merge(local.global,{ for k, v in var.woodpecker : k => v if !contains(["enable","storage","backups"],k) },{ + backups = merge(lookup(var.woodpecker, "backups", {}), local.global-backups) + storage = merge({ for k, v in lookup(var.woodpecker, "storage", {}) : k => v if !contains(["volume"],k) }, { + volume = merge(lookup(lookup(var.woodpecker, "storage", {}), "volume", {}), local.global-volume) + }) + }) } resource "kubernetes_namespace_v1" "ci-ns" { count = ( var.gitea.enable )? 1 : 0 metadata { - annotations = local.annotations + annotations = merge(local.annotations, local.annotations_default) labels = merge(local.common-labels, local.annotations) name = "${var.namespace}-ci" } diff --git a/meta/domain-ci/index.yaml b/meta/domain-ci/index.yaml index 5c21465..805eb37 100644 --- a/meta/domain-ci/index.yaml +++ b/meta/domain-ci/index.yaml @@ -6,6 +6,11 @@ metadata: name: domain-ci description: null options: + timezone: + default: Europe/Paris + examples: + - Europe/Paris + type: string woodpecker: default: enable: false @@ -18,11 +23,51 @@ options: type: object x-vynil-category: apps x-vynil-package: woodpecker - ingress_class: - default: traefik + sso_vynil: + default: true examples: - - traefik - type: string + - true + type: boolean + backups: + default: + enable: false + endpoint: '' + key_id_key: s3-id + restic_key: bck-password + secret_key: s3-secret + secret_name: backup-settings + use_barman: false + examples: + - enable: false + endpoint: '' + key_id_key: s3-id + restic_key: bck-password + secret_key: s3-secret + secret_name: backup-settings + use_barman: false + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key_id_key: + default: s3-id + type: string + restic_key: + default: bck-password + type: string + secret_key: + default: s3-secret + type: string + secret_name: + default: backup-settings + type: string + use_barman: + default: false + type: boolean + type: object gitea: default: enable: true @@ -35,52 +80,21 @@ options: type: object x-vynil-category: apps x-vynil-package: gitea - domain: - default: your-company - examples: - - your-company - type: string - domain_name: - default: your_company.com - examples: - - your_company.com - type: string issuer: default: letsencrypt-prod examples: - letsencrypt-prod type: string - x-vynil-enum-source: issuer - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings + language: + default: fr_FR examples: - - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - type: object + - fr_FR + type: string + domain_name: + default: your-company.com + examples: + - your-company.com + type: string distributions: default: core: core @@ -96,31 +110,44 @@ options: default: domain type: string type: object - storage-classes: + storage: default: - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' + volume: + accessMode: ReadWriteOnce + class: '' examples: - - BlockReadWriteMany: '' - BlockReadWriteOnce: '' - FilesystemReadWriteMany: '' - FilesystemReadWriteOnce: '' + - volume: + accessMode: ReadWriteOnce + class: '' properties: - BlockReadWriteMany: - default: '' - type: string - BlockReadWriteOnce: - default: '' - type: string - FilesystemReadWriteMany: - default: '' - type: string - FilesystemReadWriteOnce: - default: '' - type: string + volume: + default: + accessMode: ReadWriteOnce + class: '' + properties: + accessMode: + default: ReadWriteOnce + type: string + class: + default: '' + type: string + type: object type: object + app_group: + default: infra + examples: + - infra + type: string + domain: + default: your-company + examples: + - your-company + type: string + ingress_class: + default: traefik + examples: + - traefik + type: string dependencies: [] providers: kubernetes: true