fix

2024-04-22 19:50:34 +02:00
parent aa63ce8451
commit d92bc212f7
7 changed files with 576 additions and 95 deletions
--- a/share/gitea-tekton-org/v1_ConfigMap_auto-cd-create-templates.yaml
+++ b/share/gitea-tekton-org/v1_ConfigMap_auto-cd-create-templates.yaml
@@ -0,0 +1,274 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: auto-cd-create-templates
+data:
+  base-kusto.yaml: |-
+    ---
+    apiVersion: kustomize.config.k8s.io/v1beta1
+    kind: Kustomization
+
+    resources:
+    - cert.yaml
+    - ingress.yaml
+    - deploy.yaml
+    - service.yaml
+    - config.yaml
+    - secret.yaml
+    - repo.yaml
+    - policy.yaml
+    - update.yaml
+    - ../install
+  base-update.yaml.tmpl: |-
+    ---
+    apiVersion: image.toolkit.fluxcd.io/v1beta1
+    kind: ImageUpdateAutomation
+    metadata:
+      name: update
+    spec:
+      interval: 5m
+      sourceRef:
+        kind: GitRepository
+        name: deploy-git
+      git:
+        checkout:
+          ref:
+            branch: main
+        commit:
+          author:
+            email: fluxcd.automation@${ARTIFACTORY_URL}
+            name: fluxcd
+          messageTemplate: |
+            Automated image update: {{ .AutomationObject }}
+
+            Files:
+            {{ range $filename, $_ := .Updated.Files -}}
+            - {{ $filename }}
+            {{ end -}}
+
+            Objects:
+            {{ range $resource, $_ := .Updated.Objects -}}
+            - {{ $resource.Kind }} {{ $resource.Name }}
+            {{ end -}}
+
+            Images:
+            {{ range .Updated.Images -}}
+            - {{.}}
+            {{ end -}}
+            {{- $ChangeId := .AutomationObject -}}
+            {{- $ChangeId = printf "%s-%s" $ChangeId ( .Updated.Files | toString ) -}}
+            {{- $ChangeId = printf "%s-%s" $ChangeId ( .Updated.Objects | toString ) -}}
+            {{- $ChangeId = printf "%s-%s" $ChangeId ( .Updated.Images | toString ) }}
+            Change-Name: {{ $ChangeId }}
+            Change-Id: {{ printf "I%s" ( sha256sum $ChangeId | trunc 40 ) }}
+        push:
+          branch: main
+      update:
+        strategy: Setters
+  base-repo.yaml: |-
+    ---
+    apiVersion: image.toolkit.fluxcd.io/v1beta2
+    kind: ImageRepository
+    metadata:
+      name: repo
+    spec:
+      interval: 5m
+      provider: generic
+      secretRef:
+        name: gitea
+  base-cert.yaml: |-
+    ---
+    apiVersion: cert-manager.io/v1
+    kind: Certificate
+    metadata:
+      name: web
+    spec:
+      issuerRef:
+        group: cert-manager.io
+        kind: ClusterIssuer
+  base-ingress.yaml: |-
+    ---
+    apiVersion: networking.k8s.io/v1
+    kind: Ingress
+    metadata:
+      name: web
+    spec:
+      rules:
+      - http:
+          paths:
+          - backend:
+              service:
+                name: svc
+                port:
+                  number: 80
+            path: /
+            pathType: Prefix
+  base-policy.yaml: |-
+    ---
+    apiVersion: image.toolkit.fluxcd.io/v1beta2
+    kind: ImagePolicy
+    metadata:
+      name: policy
+    spec:
+      imageRepositoryRef:
+  base-deploy.yaml: |-
+    ---
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      name: app
+    spec:
+      replicas: 1
+      selector:
+      template:
+        spec:
+          securityContext:
+            runAsGroup: 1000
+            runAsUser: 1000
+            fsGroup: 1000
+          containers:
+          - name: app
+            image: appli
+            imagePullPolicy: IfNotPresent
+            envFrom:
+            - configMapRef:
+                name: "config"
+            - secretRef:
+                name: "secret"
+  base-secret.yaml: |-
+    ---
+    apiVersion: v1
+    kind: Secret
+    metadata:
+      name: "secret"
+      annotations:
+        gramo.solidite.fr/no-parent: "true"
+      labels:
+        k8up.io/backup: "true"
+    type: Opaque
+  base-config.yaml: |-
+    ---
+    apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      name: "config"
+      labels:
+        app: holdup
+      labels:
+        k8up.io/backup: "true"
+    data:
+  base-service.yaml: |-
+    ---
+    apiVersion: v1
+    kind: Service
+    metadata:
+      name: svc
+    spec:
+      ports:
+      - name: app
+        port: 80
+        protocol: TCP
+        targetPort: app
+      type: ClusterIP
+  install-install.yaml: |-
+    ---
+    apiVersion: kustomize.toolkit.fluxcd.io/v1
+    kind: Kustomization
+    metadata:
+      name: install
+    spec:
+      interval: 5m
+      sourceRef:
+        kind: GitRepository
+        name: deploy-git
+      prune: true
+      timeout: 1m
+  install-kusto.yaml: |-
+    ---
+    apiVersion: kustomize.config.k8s.io/v1beta1
+    kind: Kustomization
+
+    resources:
+    - install.yaml
+  deploy-repo.yaml.tmpl: |-
+    ---
+    apiVersion: source.toolkit.fluxcd.io/v1
+    kind: GitRepository
+    metadata:
+      name: git
+    spec:
+      interval: 5m0s
+      url: ${DEPLOY_URL}
+      ref:
+        branch: main
+      secretRef:
+        name: ssh-credentials
+  deploy-kusto.yaml: |-
+    ---
+    apiVersion: kustomize.config.k8s.io/v1beta1
+    kind: Kustomization
+
+    namePrefix: deploy-
+    resources:
+    - repo-git.yaml
+    - ../install
+  project-kusto.yaml.tmpl: |-
+    ---
+    apiVersion: kustomize.config.k8s.io/v1beta1
+    kind: Kustomization
+
+    namePrefix: ${PROJECT_NAME}-
+    commonLabels:
+      app.kubernetes.io/component: ${PROJECT_NAME}
+      component: ${PROJECT_NAME}
+
+    resources:
+      - ../../bases/project
+
+    patches:
+      - target:
+          kind: ImagePolicy
+          name: policy
+        patch: |-
+          apiVersion: image.toolkit.fluxcd.io/v1beta2
+          kind: ImagePolicy
+          metadata:
+            name: policy
+          spec:
+            imageRepositoryRef:
+              name: ${PROJECT_NAME}-repo
+      - target:
+          kind: ImageRepository
+          name: repo
+        patch: |-
+          apiVersion: image.toolkit.fluxcd.io/v1beta2
+          kind: ImageRepository
+          metadata:
+            name: repo
+          spec:
+            image: ${ARTIFACTORY_URL}/${PROJECT_PATH}
+      - target:
+          kind: Deployment
+          name: app
+        patch: |-
+          apiVersion: apps/v1
+          kind: Deployment
+          metadata:
+            name: app
+            annotations:
+              configmap.reloader.stakater.com/reload: "${PROJECT_NAME}-config"
+              secret.reloader.stakater.com/reload: "${PROJECT_NAME}-secret"
+          spec:
+            selector:
+            template:
+              spec:
+                securityContext:
+                  runAsGroup: 1000
+                  runAsUser: 1000
+                  fsGroup: 1000
+                containers:
+                - name: app
+                  ports:
+                  - name: app
+                    containerPort: 8080
+                    protocol: TCP