From d44a134fc46c10693a83039ad83e5598bf9c5d4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Huss?= Date: Mon, 31 Jul 2023 08:35:11 +0200 Subject: [PATCH] fix --- apps/woodpecker/index.yaml | 66 ++++++++++++++++----------------- apps/woodpecker/ingress.tf | 75 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 108 insertions(+), 33 deletions(-) create mode 100644 apps/woodpecker/ingress.tf diff --git a/apps/woodpecker/index.yaml b/apps/woodpecker/index.yaml index a19e71d..11d544f 100644 --- a/apps/woodpecker/index.yaml +++ b/apps/woodpecker/index.yaml @@ -6,6 +6,26 @@ metadata: name: woodpecker description: null options: + storage-agent: + default: + size: 10Gi + storageClass: '' + writeMany: 'false' + examples: + - size: 10Gi + storageClass: '' + writeMany: 'false' + properties: + size: + default: 10Gi + type: string + storageClass: + default: '' + type: string + writeMany: + default: 'false' + type: string + type: object images: default: agent: @@ -103,41 +123,16 @@ options: type: string type: object type: object - storage-agent: - default: - size: 10Gi - storageClass: '' - writeMany: 'false' - examples: - - size: 10Gi - storageClass: '' - writeMany: 'false' - properties: - size: - default: 10Gi - type: string - storageClass: - default: '' - type: string - writeMany: - default: 'false' - type: string - type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - domain: - default: your-company - examples: - - your-company - type: string sub-domain: default: ci examples: - ci type: string + ingress-class: + default: traefik + examples: + - traefik + type: string storage-server: default: accessMode: ReadWriteOnce @@ -157,15 +152,20 @@ options: default: 10Gi type: string type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string domain-name: default: your_company.com examples: - your_company.com type: string - issuer: - default: letsencrypt-prod + domain: + default: your-company examples: - - letsencrypt-prod + - your-company type: string dependencies: [] providers: diff --git a/apps/woodpecker/ingress.tf b/apps/woodpecker/ingress.tf new file mode 100644 index 0000000..0ae29d6 --- /dev/null +++ b/apps/woodpecker/ingress.tf @@ -0,0 +1,75 @@ +locals { + dns-names = ["${var.sub-domain}.${var.domain-name}"] + middlewares = ["${var.instance}-https"] + service = { + "name" = "${var.component}-server" + "port" = { + "number" = 80 + } + } + rules = [ for v in local.dns-names : { + "host" = "${v}" + "http" = { + "paths" = [{ + "backend" = { + "service" = local.service + } + "path" = "/" + "pathType" = "Prefix" + }] + } + }] +} + +resource "kubectl_manifest" "prj_certificate" { + yaml_body = <<-EOF + apiVersion: "cert-manager.io/v1" + kind: "Certificate" + metadata: + name: "${var.instance}" + namespace: "${var.namespace}" + labels: ${jsonencode(local.common-labels)} + spec: + secretName: "${var.instance}-cert" + dnsNames: ${jsonencode(local.dns-names)} + issuerRef: + name: "${var.issuer}" + kind: "ClusterIssuer" + group: "cert-manager.io" + EOF +} + +resource "kubectl_manifest" "prj_https_redirect" { + yaml_body = <<-EOF + apiVersion: "traefik.containo.us/v1alpha1" + kind: "Middleware" + metadata: + name: "${var.instance}-https" + namespace: "${var.namespace}" + labels: ${jsonencode(local.common-labels)} + spec: + redirectScheme: + scheme: "https" + permanent: true + EOF +} + +resource "kubectl_manifest" "prj_ingress" { + force_conflicts = true + yaml_body = <<-EOF + apiVersion: "networking.k8s.io/v1" + kind: "Ingress" + metadata: + name: "${var.instance}" + namespace: "${var.namespace}" + labels: ${jsonencode(local.common-labels)} + annotations: + "traefik.ingress.kubernetes.io/router.middlewares": "${join(",", [for m in local.middlewares : format("%s-%s@kubernetescrd", var.namespace, m)])}" + spec: + ingressClassName: "${var.ingress-class}" + rules: ${jsonencode(local.rules)} + tls: + - hosts: ${jsonencode(local.dns-names)} + secretName: "${var.instance}-cert" + EOF +}