fix
This commit is contained in:
@@ -56,14 +56,10 @@ data:
|
|||||||
}
|
}
|
||||||
install_base() {
|
install_base() {
|
||||||
mkdir -p bases/project bases/install bases/deploy bases/images bases/trigger-push bases/trigger-tag ci
|
mkdir -p bases/project bases/install bases/deploy bases/images bases/trigger-push bases/trigger-tag ci
|
||||||
template base-update.yaml.tmpl bases/images/update.yaml
|
|
||||||
copy empty-kusto.yaml "ci/kustomization.yaml"
|
copy empty-kusto.yaml "ci/kustomization.yaml"
|
||||||
copy yamllint.yaml .yamllint.yaml
|
copy yamllint.yaml .yamllint.yaml
|
||||||
copy base-repo.yaml bases/images/repo.yaml
|
copy base-repo.yaml bases/images/repo.yaml
|
||||||
copy images-kusto.yaml bases/images/kustomization.yaml
|
copy images-kusto.yaml bases/images/kustomization.yaml
|
||||||
copy base-cert.yaml bases/project/cert.yaml
|
|
||||||
copy base-ingress.yaml bases/project/ingress.yaml
|
|
||||||
copy base-policy.yaml bases/images/policy.yaml
|
|
||||||
copy base-deploy.yaml bases/project/deploy.yaml
|
copy base-deploy.yaml bases/project/deploy.yaml
|
||||||
copy base-secret.yaml bases/project/secret.yaml
|
copy base-secret.yaml bases/project/secret.yaml
|
||||||
copy base-config.yaml bases/project/config.yaml
|
copy base-config.yaml bases/project/config.yaml
|
||||||
@@ -76,6 +72,8 @@ data:
|
|||||||
copy trigger-tag.yaml bases/trigger-tag/trigger.yaml
|
copy trigger-tag.yaml bases/trigger-tag/trigger.yaml
|
||||||
copy trigger-kusto.yaml bases/trigger-push/kustomization.yaml
|
copy trigger-kusto.yaml bases/trigger-push/kustomization.yaml
|
||||||
copy trigger-push.yaml bases/trigger-push/trigger.yaml
|
copy trigger-push.yaml bases/trigger-push/trigger.yaml
|
||||||
|
template base-update.yaml.tmpl bases/images/update.yaml
|
||||||
|
template base-cert.yaml.tmpl bases/project/cert.yaml
|
||||||
template deploy-repo.yaml.tmpl bases/deploy/repo.yaml
|
template deploy-repo.yaml.tmpl bases/deploy/repo.yaml
|
||||||
if [ -f README.md ] && [ $(wc -l < README.md) -eq 2 ];then
|
if [ -f README.md ] && [ $(wc -l < README.md) -eq 2 ];then
|
||||||
rm README.md
|
rm README.md
|
||||||
@@ -93,9 +91,9 @@ data:
|
|||||||
mkdir -p "stages/${STAGE}/${PROJECT_NAME}" "stages/${STAGE}/deploy/${PROJECT_NAME}"
|
mkdir -p "stages/${STAGE}/${PROJECT_NAME}" "stages/${STAGE}/deploy/${PROJECT_NAME}"
|
||||||
template deploy-project-kusto.yaml.tmpl "stages/${STAGE}/deploy/${PROJECT_NAME}/kustomization.yaml"
|
template deploy-project-kusto.yaml.tmpl "stages/${STAGE}/deploy/${PROJECT_NAME}/kustomization.yaml"
|
||||||
if [ "${STAGE}" == "prod" ] || [ "${STAGE}" == "production" ];then
|
if [ "${STAGE}" == "prod" ] || [ "${STAGE}" == "production" ];then
|
||||||
copy deploy-policy-tag.yaml "stages/${STAGE}/deploy/${PROJECT_NAME}/policy.yaml"
|
template deploy-policy-tag.yaml.tmpl "stages/${STAGE}/deploy/${PROJECT_NAME}/policy.yaml"
|
||||||
else
|
else
|
||||||
copy deploy-policy-default.yaml "stages/${STAGE}/deploy/${PROJECT_NAME}/policy.yaml"
|
template deploy-policy-default.yaml.tmpl "stages/${STAGE}/deploy/${PROJECT_NAME}/policy.yaml"
|
||||||
fi
|
fi
|
||||||
copy empty-kusto.yaml "stages/${STAGE}/deploy/kustomization.yaml"
|
copy empty-kusto.yaml "stages/${STAGE}/deploy/kustomization.yaml"
|
||||||
template stage-kusto.yaml.tmpl "stages/${STAGE}/${PROJECT_NAME}/kustomization.yaml"
|
template stage-kusto.yaml.tmpl "stages/${STAGE}/${PROJECT_NAME}/kustomization.yaml"
|
||||||
@@ -188,22 +186,8 @@ data:
|
|||||||
resources:
|
resources:
|
||||||
- ../../../../bases/install
|
- ../../../../bases/install
|
||||||
- ../../../../bases/images
|
- ../../../../bases/images
|
||||||
|
- policy.yaml
|
||||||
patches:
|
patches:
|
||||||
- target:
|
|
||||||
kind: ImagePolicy
|
|
||||||
name: policy
|
|
||||||
patch: |-
|
|
||||||
apiVersion: image.toolkit.fluxcd.io/v1beta2
|
|
||||||
kind: ImagePolicy
|
|
||||||
metadata:
|
|
||||||
name: policy
|
|
||||||
spec:
|
|
||||||
imageRepositoryRef:
|
|
||||||
name: ${PROJECT_NAME}-repo
|
|
||||||
- target:
|
|
||||||
kind: ImagePolicy
|
|
||||||
name: policy
|
|
||||||
path: policy.yaml
|
|
||||||
- target:
|
- target:
|
||||||
kind: ImageRepository
|
kind: ImageRepository
|
||||||
name: repo
|
name: repo
|
||||||
@@ -235,26 +219,34 @@ data:
|
|||||||
spec:
|
spec:
|
||||||
update:
|
update:
|
||||||
path: ./stages/${STAGE}/${PROJECT_NAME}
|
path: ./stages/${STAGE}/${PROJECT_NAME}
|
||||||
deploy-policy-tag.yaml: |-
|
deploy-policy-tag.yaml.tmpl: |-
|
||||||
- op: add
|
apiVersion: image.toolkit.fluxcd.io/v1beta2
|
||||||
path: /spec/filterTags/pattern
|
kind: ImagePolicy
|
||||||
value: '^v(?P<semver>.*)$'
|
metadata:
|
||||||
- op: add
|
name: ${PROJECT_NAME}-policy
|
||||||
path: /spec/filterTags/extract
|
spec:
|
||||||
value: '$semver'
|
imageRepositoryRef:
|
||||||
- op: add
|
name: ${PROJECT_NAME}-repo
|
||||||
path: /spec/policy/semver/range
|
filterTags:
|
||||||
value: '>=0.1.0'
|
pattern: '^v(?P<semver>.*)$'
|
||||||
deploy-policy-default.yaml: |-
|
extract: '\$semver'
|
||||||
- op: add
|
policy:
|
||||||
path: /spec/filterTags/pattern
|
semver:
|
||||||
value: '^main-(?P<semver>.*)$'
|
range: '>=0.1.0'
|
||||||
- op: add
|
deploy-policy-default.yaml.tmpl: |-
|
||||||
path: /spec/filterTags/extract
|
apiVersion: image.toolkit.fluxcd.io/v1beta2
|
||||||
value: '$semver'
|
kind: ImagePolicy
|
||||||
- op: add
|
metadata:
|
||||||
path: /spec/policy/semver/range
|
name: ${PROJECT_NAME}-policy
|
||||||
value: '>=0.0.1-1'
|
spec:
|
||||||
|
imageRepositoryRef:
|
||||||
|
name: ${PROJECT_NAME}-repo
|
||||||
|
filterTags:
|
||||||
|
pattern: '^main-(?P<semver>.*)$'
|
||||||
|
extract: '\$semver'
|
||||||
|
policy:
|
||||||
|
semver:
|
||||||
|
range: '>=0.1.0'
|
||||||
README.md: |-
|
README.md: |-
|
||||||
# Deployment configuration
|
# Deployment configuration
|
||||||
Only valid if FluxCD is activated in the cluster
|
Only valid if FluxCD is activated in the cluster
|
||||||
@@ -473,30 +465,44 @@ data:
|
|||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- ../../../projects/${PROJECT_NAME}
|
- ../../../projects/${PROJECT_NAME}
|
||||||
|
- ingress.yaml
|
||||||
commonLabels:
|
commonLabels:
|
||||||
app.kubernetes.io/instance: ${STAGE}
|
app.kubernetes.io/instance: ${STAGE}
|
||||||
images:
|
images:
|
||||||
- name: appli
|
- name: appli
|
||||||
newName: ${ARTIFACTORY_URL}/${ORG_NAME}/${PROJECT_NAME}
|
newName: ${ARTIFACTORY_URL}/${ORG_NAME}/${PROJECT_NAME}
|
||||||
newTag: latest # {"$imagepolicy": "${NAMESPACE}:${PROJECT_NAME}-policy:tag"}
|
newTag: latest # {"$imagepolicy": "${NAMESPACE}:${PROJECT_NAME}-policy:tag"}
|
||||||
patchesStrategicMerge:
|
patches:
|
||||||
- config.yaml
|
|
||||||
- cert.yaml
|
|
||||||
patchesJson6902:
|
|
||||||
- target:
|
- target:
|
||||||
kind: Ingress
|
kind: ConfigMap
|
||||||
|
name: ${PROJECT_NAME}-config
|
||||||
|
path: config.yaml
|
||||||
|
- target:
|
||||||
|
kind: Certificate
|
||||||
name: ${PROJECT_NAME}-web
|
name: ${PROJECT_NAME}-web
|
||||||
patch: ingress.yaml
|
path: cert.yaml
|
||||||
stage-ingress.yaml.tmpl: |-
|
stage-ingress.yaml.tmpl: |-
|
||||||
- op: add
|
---
|
||||||
path: /spec/rules/O/host
|
apiVersion: networking.k8s.io/v1
|
||||||
value: ${PROJECT_NAME}.${STAGE}.${ORG_NAME}.${DOMAIN_NAME}
|
kind: Ingress
|
||||||
- op: add
|
metadata:
|
||||||
path: /spec/rules/O/host
|
name: ${PROJECT_NAME}-web
|
||||||
value: ${PROJECT_NAME}.${STAGE}.${ORG_NAME}.${DOMAIN_NAME}
|
spec:
|
||||||
- op: replace
|
tls:
|
||||||
path: /spec/tls/O/hosts/-
|
- hosts:
|
||||||
value: "${PROJECT_NAME}.${STAGE}.${ORG_NAME}.${DOMAIN_NAME}"
|
- to-replace
|
||||||
|
secretName: cert
|
||||||
|
rules:
|
||||||
|
- host: to-replace
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- backend:
|
||||||
|
service:
|
||||||
|
name: svc
|
||||||
|
port:
|
||||||
|
number: 80
|
||||||
|
path: /
|
||||||
|
pathType: Prefix
|
||||||
stage-cert.yaml.tmpl: |-
|
stage-cert.yaml.tmpl: |-
|
||||||
apiVersion: cert-manager.io/v1
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
@@ -562,25 +568,25 @@ data:
|
|||||||
Automated image update: {{ .AutomationObject }}
|
Automated image update: {{ .AutomationObject }}
|
||||||
|
|
||||||
Files:
|
Files:
|
||||||
{{ range $filename, $_ := .Updated.Files -}}
|
{{ range \$filename, \$_ := .Updated.Files -}}
|
||||||
- {{ $filename }}
|
- {{ \$filename }}
|
||||||
{{ end -}}
|
{{ end -}}
|
||||||
|
|
||||||
Objects:
|
Objects:
|
||||||
{{ range $resource, $_ := .Updated.Objects -}}
|
{{ range \$resource, \$_ := .Updated.Objects -}}
|
||||||
- {{ $resource.Kind }} {{ $resource.Name }}
|
- {{ \$resource.Kind }} {{ \$resource.Name }}
|
||||||
{{ end -}}
|
{{ end -}}
|
||||||
|
|
||||||
Images:
|
Images:
|
||||||
{{ range .Updated.Images -}}
|
{{ range .Updated.Images -}}
|
||||||
- {{.}}
|
- {{.}}
|
||||||
{{ end -}}
|
{{ end -}}
|
||||||
{{- $ChangeId := .AutomationObject -}}
|
{{- \$ChangeId := .AutomationObject -}}
|
||||||
{{- $ChangeId = printf "%s-%s" $ChangeId ( .Updated.Files | toString ) -}}
|
{{- \$ChangeId = printf "%s-%s" $ChangeId ( .Updated.Files | toString ) -}}
|
||||||
{{- $ChangeId = printf "%s-%s" $ChangeId ( .Updated.Objects | toString ) -}}
|
{{- \$ChangeId = printf "%s-%s" $ChangeId ( .Updated.Objects | toString ) -}}
|
||||||
{{- $ChangeId = printf "%s-%s" $ChangeId ( .Updated.Images | toString ) }}
|
{{- \$ChangeId = printf "%s-%s" $ChangeId ( .Updated.Images | toString ) }}
|
||||||
Change-Name: {{ $ChangeId }}
|
Change-Name: {{ \$ChangeId }}
|
||||||
Change-Id: {{ printf "I%s" ( sha256sum $ChangeId | trunc 40 ) }}
|
Change-Id: {{ printf "I%s" ( sha256sum \$ChangeId | trunc 40 ) }}
|
||||||
push:
|
push:
|
||||||
branch: main
|
branch: main
|
||||||
update:
|
update:
|
||||||
@@ -596,7 +602,7 @@ data:
|
|||||||
provider: generic
|
provider: generic
|
||||||
secretRef:
|
secretRef:
|
||||||
name: gitea
|
name: gitea
|
||||||
base-cert.yaml: |-
|
base-cert.yaml.tmpl: |-
|
||||||
---
|
---
|
||||||
apiVersion: cert-manager.io/v1
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
@@ -606,34 +612,7 @@ data:
|
|||||||
issuerRef:
|
issuerRef:
|
||||||
group: cert-manager.io
|
group: cert-manager.io
|
||||||
kind: ClusterIssuer
|
kind: ClusterIssuer
|
||||||
base-ingress.yaml: |-
|
name: ${ISSUER_NAME}
|
||||||
---
|
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: web
|
|
||||||
spec:
|
|
||||||
tls:
|
|
||||||
- hosts: []
|
|
||||||
secretName: cert
|
|
||||||
rules:
|
|
||||||
- http:
|
|
||||||
paths:
|
|
||||||
- backend:
|
|
||||||
service:
|
|
||||||
name: svc
|
|
||||||
port:
|
|
||||||
number: 80
|
|
||||||
path: /
|
|
||||||
pathType: Prefix
|
|
||||||
base-policy.yaml: |-
|
|
||||||
---
|
|
||||||
apiVersion: image.toolkit.fluxcd.io/v1beta2
|
|
||||||
kind: ImagePolicy
|
|
||||||
metadata:
|
|
||||||
name: policy
|
|
||||||
spec:
|
|
||||||
imageRepositoryRef:
|
|
||||||
base-deploy.yaml: |-
|
base-deploy.yaml: |-
|
||||||
---
|
---
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
|
|||||||
Reference in New Issue
Block a user