Start using ingress instead of virtual service
This commit is contained in:
parent
76c4f57845
commit
5414085273
93
.woodpecker.yml
Normal file
93
.woodpecker.yml
Normal file
@ -0,0 +1,93 @@
|
||||
---
|
||||
when:
|
||||
event:
|
||||
- push
|
||||
|
||||
steps:
|
||||
- image: alpine/helm
|
||||
name: Publish the Helm chart
|
||||
commands:
|
||||
- helm plugin install https://github.com/chartmuseum/helm-push
|
||||
- helm package chart -d chart-package
|
||||
- helm repo add --username allanger --password $GITEA_TOKEN badhouseplants-net https://git.badhouseplants.net/api/packages/badhouseplants/helm
|
||||
- helm cm-push "./chart-package/$(ls chart-package)" badhouseplants-net
|
||||
secrets:
|
||||
- gitea_token
|
||||
|
||||
- name: Test a build
|
||||
image: git.badhouseplants.net/badhouseplants/hugo-container
|
||||
commands:
|
||||
- hugo -s ./src
|
||||
|
||||
- name: Build and push the docker image
|
||||
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3
|
||||
privileged: true
|
||||
depends_on:
|
||||
- Test a build
|
||||
secrets:
|
||||
- gitea_token
|
||||
environment:
|
||||
BUILDER_COMMIT: 2449b73b13a62ae916c6703778d096e5290157b3
|
||||
commands:
|
||||
- rm -rf $DRONE_WORKSPACE/src/assets/
|
||||
- ./scripts/build-container.pl
|
||||
backend_options:
|
||||
kubernetes:
|
||||
resources:
|
||||
requests:
|
||||
memory: 500Mi
|
||||
cpu: 200m
|
||||
limits:
|
||||
memory: 1000Mi
|
||||
cpu: 1000m
|
||||
securityContext:
|
||||
privileged: true
|
||||
|
||||
- name: Sync pictures from lfs to Minio
|
||||
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3
|
||||
depends_on:
|
||||
- Test a build
|
||||
secrets:
|
||||
- rclone_config_content
|
||||
environment:
|
||||
RCLONE_CONFIG: /tmp/rclone.conf
|
||||
commands:
|
||||
- echo "$RCLONE_CONFIG_CONTENT" > $RCLONE_CONFIG
|
||||
- ./scripts/upload-media.pl
|
||||
|
||||
- name: Deploy the application
|
||||
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3
|
||||
depends_on:
|
||||
- Build and push the docker image
|
||||
- Sync pictures from lfs to Minio
|
||||
secrets:
|
||||
- gitea_token
|
||||
- argocd_auth_token
|
||||
- argo_github_oauth_key
|
||||
- argo_google_oauth_key
|
||||
environment:
|
||||
ARGOCD_SERVER: argo.badhouseplants.net:443
|
||||
commands:
|
||||
- ./scripts/deploy-app.pl
|
||||
|
||||
- name: Cleanup everything
|
||||
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3
|
||||
depends_on:
|
||||
- Deploy the application
|
||||
secrets:
|
||||
- gitea_token
|
||||
- argocd_auth_token
|
||||
- rclone_config_content
|
||||
environment:
|
||||
ARGOCD_SERVER: argo.badhouseplants.net:443
|
||||
RCLONE_CONFIG: /tmp/rclone.conf
|
||||
commands:
|
||||
- echo "$RCLONE_CONFIG_CONTENT" > $RCLONE_CONFIG
|
||||
- ./scripts/cleanup.pl
|
||||
|
||||
- name: Spell-Checker
|
||||
failure: ignore
|
||||
image: node
|
||||
commands:
|
||||
- npm i markdown-spellcheck -g
|
||||
- mdspell "src/content/**/*.md" -n -r
|
@ -2,10 +2,10 @@ apiVersion: v2
|
||||
name: badhouseplants-net
|
||||
description: A Helm chart for Kubernetes
|
||||
type: application
|
||||
version: 0.8.6
|
||||
version: 0.9.0
|
||||
appVersion: "4.20.0"
|
||||
dependencies:
|
||||
- name: remark42
|
||||
version: 0.5.5
|
||||
version: 0.7.0
|
||||
repository: https://groundhog2k.github.io/helm-charts/
|
||||
condition: remark42.enabled
|
||||
|
@ -1,57 +0,0 @@
|
||||
{{- if .Values.istio.enabled -}}
|
||||
apiVersion: networking.istio.io/v1beta1
|
||||
kind: VirtualService
|
||||
metadata:
|
||||
name: {{ include "badhouseplants-net.fullname" . }}
|
||||
labels:
|
||||
{{- include "badhouseplants-net.labels" . | nindent 4 }}
|
||||
{{- with .Values.istio.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
gateways:
|
||||
- istio-system/badhouseplants-net
|
||||
hosts:
|
||||
{{- range .Values.istio.hosts}}
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
http:
|
||||
- match:
|
||||
- uri:
|
||||
prefix: {{ .Values.istio.prefix }}
|
||||
route:
|
||||
- destination:
|
||||
host: {{ include "badhouseplants-net.fullname" . }}
|
||||
port:
|
||||
number: {{ .Values.service.port }}
|
||||
{{- end }}
|
||||
---
|
||||
{{- if .Values.remark42.istio.enabled -}}
|
||||
apiVersion: networking.istio.io/v1beta1
|
||||
kind: VirtualService
|
||||
metadata:
|
||||
name: {{ include "remark42.fullname" . }}-remark42
|
||||
labels:
|
||||
{{- include "badhouseplants-net.labels" . | nindent 4 }}
|
||||
{{- with .Values.remark42.istio.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
gateways:
|
||||
- istio-system/badhouseplants-net
|
||||
hosts:
|
||||
{{- range .Values.remark42.istio.hosts}}
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
http:
|
||||
- match:
|
||||
- uri:
|
||||
prefix: {{ .Values.remark42.istio.prefix }}
|
||||
route:
|
||||
- destination:
|
||||
host: {{ .Release.Name }}-remark42
|
||||
port:
|
||||
number: {{ .Values.remark42.service.port }}
|
||||
{{- end }}
|
@ -39,14 +39,6 @@ hugo:
|
||||
env:
|
||||
HUGO_PARAMS_GITBRANCH: main
|
||||
|
||||
istio:
|
||||
annotations: {}
|
||||
enabled: true
|
||||
hosts:
|
||||
- badhouseplants.net
|
||||
- www.badhouseplants.net
|
||||
prefix: /
|
||||
|
||||
volumes:
|
||||
# ----------------------------------------------
|
||||
# -- An emptydir volume where hugo should
|
||||
|
@ -5,11 +5,33 @@ values: |
|
||||
tag: $ARGO_APP_IMAGE_TAG
|
||||
env:
|
||||
HUGO_PARAMS_GITCOMMIT: $ARGO_APP_IMAGE_TAG
|
||||
istio:
|
||||
ingress:
|
||||
enabled: true
|
||||
className: ~
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: traefik
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.allow-http: "false"
|
||||
kubernetes.io/ingress.global-static-ip-name: ""
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
link.argocd.argoproj.io/env: https://badhouseplants.net/
|
||||
link.argocd.argoproj.io/build: $DRONE_BUILD_LINK
|
||||
link.argocd.argoproj.io/remark42: https://remark42.badhouseplants.net/web
|
||||
pathtype: ImplementationSpecific
|
||||
hosts:
|
||||
- host: badhouseplants.net
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
- host: www.badhouseplants.net
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: badhp-tls
|
||||
hosts:
|
||||
- badhouseplants.net
|
||||
- www.badhouseplants.net
|
||||
|
||||
remark42:
|
||||
settings:
|
||||
secret: $ARGO_REMARK_SECRET
|
||||
@ -26,3 +48,25 @@ values: |
|
||||
secret: $ARGO_GOOGLE_OAUTH_KEY
|
||||
storage:
|
||||
requestedSize: 300Mi
|
||||
ingress:
|
||||
enabled: true
|
||||
className: ~
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: traefik
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.allow-http: "false"
|
||||
kubernetes.io/ingress.global-static-ip-name: ""
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
link.argocd.argoproj.io/remark42: https://remark42.badhouseplants.net/web
|
||||
## Hosts
|
||||
hosts:
|
||||
- host: remark42.badhouseplants.net
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
|
||||
tls:
|
||||
secretName: chart-example-tls
|
||||
hosts:
|
||||
- remark42.badhouseplants.net
|
||||
|
@ -1,12 +1,27 @@
|
||||
---
|
||||
values: |
|
||||
istio:
|
||||
hosts:
|
||||
- $ARGO_APP_HOSTNAME
|
||||
ingress:
|
||||
enabled: true
|
||||
className: ~
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: traefik
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.allow-http: "false"
|
||||
kubernetes.io/ingress.global-static-ip-name: ""
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
link.argocd.argoproj.io/env: https://$ARGO_APP_HOSTNAME/
|
||||
link.argocd.argoproj.io/remark42: https://remark42-$ARGO_APP_HOSTNAME/web
|
||||
link.argocd.argoproj.io/build: $DRONE_BUILD_LINK
|
||||
pathtype: ImplementationSpecific
|
||||
hosts:
|
||||
- host: $ARGO_APP_HOSTNAME
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: badhp-$ARGO_APP_BRANCH-tls
|
||||
hosts:
|
||||
- $ARGO_APP_HOSTNAME
|
||||
|
||||
hugo:
|
||||
image:
|
||||
tag: $ARGO_APP_IMAGE_TAG
|
||||
@ -17,13 +32,31 @@ values: |
|
||||
HUGO_PARAMS_COMMENTS_REMARK42_HOST: https://remark42-$ARGO_APP_HOSTNAME
|
||||
HUGO_PARAMS_GITCOMMIT: $ARGO_APP_IMAGE_TAG
|
||||
remark42:
|
||||
istio:
|
||||
hosts:
|
||||
- remark42-$ARGO_APP_HOSTNAME
|
||||
settings:
|
||||
url: https://remark42-$ARGO_APP_HOSTNAME/
|
||||
auth:
|
||||
anonymous: true
|
||||
secretKey: $ARGO_REMARK_SECRET
|
||||
ingress:
|
||||
enabled: true
|
||||
className: ~
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: traefik
|
||||
kubernetes.io/tls-acme: "true"
|
||||
kubernetes.io/ingress.allow-http: "false"
|
||||
kubernetes.io/ingress.global-static-ip-name: ""
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
link.argocd.argoproj.io/remark42: https://remark42-$ARGO_APP_HOSTNAME/
|
||||
## Hosts
|
||||
hosts:
|
||||
- host: remark42.badhouseplants.net
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
|
||||
tls:
|
||||
secretName: remark-$ARGO_APP_BRANCH-tls
|
||||
hosts:
|
||||
- remark42-$ARGO_APP_HOSTNAME
|
||||
rclone:
|
||||
command: 'rclone copy -P badhouseplants-public:/badhouseplants-net/$ARGO_APP_IMAGE_TAG /static'
|
||||
|
Reference in New Issue
Block a user