From e56b2114ef49ded62320db47ac6d44f928160465 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Huss?= Date: Thu, 25 Apr 2024 08:58:18 +0200 Subject: [PATCH] fix --- .../v1_ConfigMap_auto-cd-templates.yaml | 169 ++++++++---------- 1 file changed, 74 insertions(+), 95 deletions(-) diff --git a/share/gitea-tekton-org/v1_ConfigMap_auto-cd-templates.yaml b/share/gitea-tekton-org/v1_ConfigMap_auto-cd-templates.yaml index 4b1b6a5..2855805 100644 --- a/share/gitea-tekton-org/v1_ConfigMap_auto-cd-templates.yaml +++ b/share/gitea-tekton-org/v1_ConfigMap_auto-cd-templates.yaml @@ -56,14 +56,10 @@ data: } install_base() { mkdir -p bases/project bases/install bases/deploy bases/images bases/trigger-push bases/trigger-tag ci - template base-update.yaml.tmpl bases/images/update.yaml copy empty-kusto.yaml "ci/kustomization.yaml" copy yamllint.yaml .yamllint.yaml copy base-repo.yaml bases/images/repo.yaml copy images-kusto.yaml bases/images/kustomization.yaml - copy base-cert.yaml bases/project/cert.yaml - copy base-ingress.yaml bases/project/ingress.yaml - copy base-policy.yaml bases/images/policy.yaml copy base-deploy.yaml bases/project/deploy.yaml copy base-secret.yaml bases/project/secret.yaml copy base-config.yaml bases/project/config.yaml @@ -76,6 +72,8 @@ data: copy trigger-tag.yaml bases/trigger-tag/trigger.yaml copy trigger-kusto.yaml bases/trigger-push/kustomization.yaml copy trigger-push.yaml bases/trigger-push/trigger.yaml + template base-update.yaml.tmpl bases/images/update.yaml + template base-cert.yaml.tmpl bases/project/cert.yaml template deploy-repo.yaml.tmpl bases/deploy/repo.yaml if [ -f README.md ] && [ $(wc -l < README.md) -eq 2 ];then rm README.md @@ -93,9 +91,9 @@ data: mkdir -p "stages/${STAGE}/${PROJECT_NAME}" "stages/${STAGE}/deploy/${PROJECT_NAME}" template deploy-project-kusto.yaml.tmpl "stages/${STAGE}/deploy/${PROJECT_NAME}/kustomization.yaml" if [ "${STAGE}" == "prod" ] || [ "${STAGE}" == "production" ];then - copy deploy-policy-tag.yaml "stages/${STAGE}/deploy/${PROJECT_NAME}/policy.yaml" + template deploy-policy-tag.yaml.tmpl "stages/${STAGE}/deploy/${PROJECT_NAME}/policy.yaml" else - copy deploy-policy-default.yaml "stages/${STAGE}/deploy/${PROJECT_NAME}/policy.yaml" + template deploy-policy-default.yaml.tmpl "stages/${STAGE}/deploy/${PROJECT_NAME}/policy.yaml" fi copy empty-kusto.yaml "stages/${STAGE}/deploy/kustomization.yaml" template stage-kusto.yaml.tmpl "stages/${STAGE}/${PROJECT_NAME}/kustomization.yaml" @@ -188,22 +186,8 @@ data: resources: - ../../../../bases/install - ../../../../bases/images + - policy.yaml patches: - - target: - kind: ImagePolicy - name: policy - patch: |- - apiVersion: image.toolkit.fluxcd.io/v1beta2 - kind: ImagePolicy - metadata: - name: policy - spec: - imageRepositoryRef: - name: ${PROJECT_NAME}-repo - - target: - kind: ImagePolicy - name: policy - path: policy.yaml - target: kind: ImageRepository name: repo @@ -235,26 +219,34 @@ data: spec: update: path: ./stages/${STAGE}/${PROJECT_NAME} - deploy-policy-tag.yaml: |- - - op: add - path: /spec/filterTags/pattern - value: '^v(?P.*)$' - - op: add - path: /spec/filterTags/extract - value: '$semver' - - op: add - path: /spec/policy/semver/range - value: '>=0.1.0' - deploy-policy-default.yaml: |- - - op: add - path: /spec/filterTags/pattern - value: '^main-(?P.*)$' - - op: add - path: /spec/filterTags/extract - value: '$semver' - - op: add - path: /spec/policy/semver/range - value: '>=0.0.1-1' + deploy-policy-tag.yaml.tmpl: |- + apiVersion: image.toolkit.fluxcd.io/v1beta2 + kind: ImagePolicy + metadata: + name: ${PROJECT_NAME}-policy + spec: + imageRepositoryRef: + name: ${PROJECT_NAME}-repo + filterTags: + pattern: '^v(?P.*)$' + extract: '\$semver' + policy: + semver: + range: '>=0.1.0' + deploy-policy-default.yaml.tmpl: |- + apiVersion: image.toolkit.fluxcd.io/v1beta2 + kind: ImagePolicy + metadata: + name: ${PROJECT_NAME}-policy + spec: + imageRepositoryRef: + name: ${PROJECT_NAME}-repo + filterTags: + pattern: '^main-(?P.*)$' + extract: '\$semver' + policy: + semver: + range: '>=0.1.0' README.md: |- # Deployment configuration Only valid if FluxCD is activated in the cluster @@ -473,30 +465,44 @@ data: kind: Kustomization resources: - ../../../projects/${PROJECT_NAME} + - ingress.yaml commonLabels: app.kubernetes.io/instance: ${STAGE} images: - name: appli newName: ${ARTIFACTORY_URL}/${ORG_NAME}/${PROJECT_NAME} newTag: latest # {"$imagepolicy": "${NAMESPACE}:${PROJECT_NAME}-policy:tag"} - patchesStrategicMerge: - - config.yaml - - cert.yaml - patchesJson6902: + patches: - target: - kind: Ingress + kind: ConfigMap + name: ${PROJECT_NAME}-config + path: config.yaml + - target: + kind: Certificate name: ${PROJECT_NAME}-web - patch: ingress.yaml + path: cert.yaml stage-ingress.yaml.tmpl: |- - - op: add - path: /spec/rules/O/host - value: ${PROJECT_NAME}.${STAGE}.${ORG_NAME}.${DOMAIN_NAME} - - op: add - path: /spec/rules/O/host - value: ${PROJECT_NAME}.${STAGE}.${ORG_NAME}.${DOMAIN_NAME} - - op: replace - path: /spec/tls/O/hosts/- - value: "${PROJECT_NAME}.${STAGE}.${ORG_NAME}.${DOMAIN_NAME}" + --- + apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + name: ${PROJECT_NAME}-web + spec: + tls: + - hosts: + - to-replace + secretName: cert + rules: + - host: to-replace + http: + paths: + - backend: + service: + name: svc + port: + number: 80 + path: / + pathType: Prefix stage-cert.yaml.tmpl: |- apiVersion: cert-manager.io/v1 kind: Certificate @@ -562,25 +568,25 @@ data: Automated image update: {{ .AutomationObject }} Files: - {{ range $filename, $_ := .Updated.Files -}} - - {{ $filename }} + {{ range \$filename, \$_ := .Updated.Files -}} + - {{ \$filename }} {{ end -}} Objects: - {{ range $resource, $_ := .Updated.Objects -}} - - {{ $resource.Kind }} {{ $resource.Name }} + {{ range \$resource, \$_ := .Updated.Objects -}} + - {{ \$resource.Kind }} {{ \$resource.Name }} {{ end -}} Images: {{ range .Updated.Images -}} - {{.}} {{ end -}} - {{- $ChangeId := .AutomationObject -}} - {{- $ChangeId = printf "%s-%s" $ChangeId ( .Updated.Files | toString ) -}} - {{- $ChangeId = printf "%s-%s" $ChangeId ( .Updated.Objects | toString ) -}} - {{- $ChangeId = printf "%s-%s" $ChangeId ( .Updated.Images | toString ) }} - Change-Name: {{ $ChangeId }} - Change-Id: {{ printf "I%s" ( sha256sum $ChangeId | trunc 40 ) }} + {{- \$ChangeId := .AutomationObject -}} + {{- \$ChangeId = printf "%s-%s" $ChangeId ( .Updated.Files | toString ) -}} + {{- \$ChangeId = printf "%s-%s" $ChangeId ( .Updated.Objects | toString ) -}} + {{- \$ChangeId = printf "%s-%s" $ChangeId ( .Updated.Images | toString ) }} + Change-Name: {{ \$ChangeId }} + Change-Id: {{ printf "I%s" ( sha256sum \$ChangeId | trunc 40 ) }} push: branch: main update: @@ -596,7 +602,7 @@ data: provider: generic secretRef: name: gitea - base-cert.yaml: |- + base-cert.yaml.tmpl: |- --- apiVersion: cert-manager.io/v1 kind: Certificate @@ -606,34 +612,7 @@ data: issuerRef: group: cert-manager.io kind: ClusterIssuer - base-ingress.yaml: |- - --- - apiVersion: networking.k8s.io/v1 - kind: Ingress - metadata: - name: web - spec: - tls: - - hosts: [] - secretName: cert - rules: - - http: - paths: - - backend: - service: - name: svc - port: - number: 80 - path: / - pathType: Prefix - base-policy.yaml: |- - --- - apiVersion: image.toolkit.fluxcd.io/v1beta2 - kind: ImagePolicy - metadata: - name: policy - spec: - imageRepositoryRef: + name: ${ISSUER_NAME} base-deploy.yaml: |- --- apiVersion: apps/v1