From f66fa876c539733af411f20774effaa265ae2d01 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Tue, 14 May 2024 12:59:55 +0200 Subject: [PATCH 01/10] Add avatar and favicon --- src/static/avatar.png | 3 +++ src/static/favicon.ico | 3 +++ 2 files changed, 6 insertions(+) create mode 100644 src/static/avatar.png create mode 100644 src/static/favicon.ico diff --git a/src/static/avatar.png b/src/static/avatar.png new file mode 100644 index 0000000..54ec2f3 --- /dev/null +++ b/src/static/avatar.png @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:475223457ecd56a9b4450e39a1273727f98c4b0c78c6427992f4f77f6b90b957 +size 686006 diff --git a/src/static/favicon.ico b/src/static/favicon.ico new file mode 100644 index 0000000..c5d3be1 --- /dev/null +++ b/src/static/favicon.ico @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d872fe94954e47d14563d77ddba54f15aa62f5df0a76f3ead45764847e554154 +size 15406 -- 2.45.2 From 76c4f578452ab9ef50974999580f91dc3a04f9f7 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Tue, 14 May 2024 15:29:49 +0200 Subject: [PATCH 02/10] Fix the avatar that is not displayed on all pages --- src/hugo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/hugo.yaml b/src/hugo.yaml index a049ac5..1c17075 100644 --- a/src/hugo.yaml +++ b/src/hugo.yaml @@ -11,7 +11,7 @@ Params: avatar: enable: true local: false - src: avatar.png + src: /avatar.png subtitle: PunkOps by allanger comments: enabled: true -- 2.45.2 From 5414085273475be88e43c703c34b19ad59aee2eb Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Mon, 27 May 2024 09:34:42 +0200 Subject: [PATCH 03/10] Start using ingress instead of virtual service --- .woodpecker.yml | 93 ++++++++++++++++++++++++++++ chart/Chart.yaml | 4 +- chart/templates/virtual-service.yaml | 57 ----------------- chart/values.yaml | 8 --- kube/values-main.yaml | 50 ++++++++++++++- kube/values-preview.yaml | 49 ++++++++++++--- 6 files changed, 183 insertions(+), 78 deletions(-) create mode 100644 .woodpecker.yml delete mode 100644 chart/templates/virtual-service.yaml diff --git a/.woodpecker.yml b/.woodpecker.yml new file mode 100644 index 0000000..fb34ac6 --- /dev/null +++ b/.woodpecker.yml @@ -0,0 +1,93 @@ +--- +when: + event: + - push + +steps: + - image: alpine/helm + name: Publish the Helm chart + commands: + - helm plugin install https://github.com/chartmuseum/helm-push + - helm package chart -d chart-package + - helm repo add --username allanger --password $GITEA_TOKEN badhouseplants-net https://git.badhouseplants.net/api/packages/badhouseplants/helm + - helm cm-push "./chart-package/$(ls chart-package)" badhouseplants-net + secrets: + - gitea_token + + - name: Test a build + image: git.badhouseplants.net/badhouseplants/hugo-container + commands: + - hugo -s ./src + + - name: Build and push the docker image + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + privileged: true + depends_on: + - Test a build + secrets: + - gitea_token + environment: + BUILDER_COMMIT: 2449b73b13a62ae916c6703778d096e5290157b3 + commands: + - rm -rf $DRONE_WORKSPACE/src/assets/ + - ./scripts/build-container.pl + backend_options: + kubernetes: + resources: + requests: + memory: 500Mi + cpu: 200m + limits: + memory: 1000Mi + cpu: 1000m + securityContext: + privileged: true + + - name: Sync pictures from lfs to Minio + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + depends_on: + - Test a build + secrets: + - rclone_config_content + environment: + RCLONE_CONFIG: /tmp/rclone.conf + commands: + - echo "$RCLONE_CONFIG_CONTENT" > $RCLONE_CONFIG + - ./scripts/upload-media.pl + + - name: Deploy the application + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + depends_on: + - Build and push the docker image + - Sync pictures from lfs to Minio + secrets: + - gitea_token + - argocd_auth_token + - argo_github_oauth_key + - argo_google_oauth_key + environment: + ARGOCD_SERVER: argo.badhouseplants.net:443 + commands: + - ./scripts/deploy-app.pl + + - name: Cleanup everything + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + depends_on: + - Deploy the application + secrets: + - gitea_token + - argocd_auth_token + - rclone_config_content + environment: + ARGOCD_SERVER: argo.badhouseplants.net:443 + RCLONE_CONFIG: /tmp/rclone.conf + commands: + - echo "$RCLONE_CONFIG_CONTENT" > $RCLONE_CONFIG + - ./scripts/cleanup.pl + + - name: Spell-Checker + failure: ignore + image: node + commands: + - npm i markdown-spellcheck -g + - mdspell "src/content/**/*.md" -n -r diff --git a/chart/Chart.yaml b/chart/Chart.yaml index b249eeb..96d4f43 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -2,10 +2,10 @@ apiVersion: v2 name: badhouseplants-net description: A Helm chart for Kubernetes type: application -version: 0.8.6 +version: 0.9.0 appVersion: "4.20.0" dependencies: - name: remark42 - version: 0.5.5 + version: 0.7.0 repository: https://groundhog2k.github.io/helm-charts/ condition: remark42.enabled diff --git a/chart/templates/virtual-service.yaml b/chart/templates/virtual-service.yaml deleted file mode 100644 index 0db7593..0000000 --- a/chart/templates/virtual-service.yaml +++ /dev/null @@ -1,57 +0,0 @@ -{{- if .Values.istio.enabled -}} -apiVersion: networking.istio.io/v1beta1 -kind: VirtualService -metadata: - name: {{ include "badhouseplants-net.fullname" . }} - labels: - {{- include "badhouseplants-net.labels" . | nindent 4 }} - {{- with .Values.istio.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - gateways: - - istio-system/badhouseplants-net - hosts: - {{- range .Values.istio.hosts}} - - {{ . }} - {{- end }} - http: - - match: - - uri: - prefix: {{ .Values.istio.prefix }} - route: - - destination: - host: {{ include "badhouseplants-net.fullname" . }} - port: - number: {{ .Values.service.port }} -{{- end }} ---- -{{- if .Values.remark42.istio.enabled -}} -apiVersion: networking.istio.io/v1beta1 -kind: VirtualService -metadata: - name: {{ include "remark42.fullname" . }}-remark42 - labels: - {{- include "badhouseplants-net.labels" . | nindent 4 }} - {{- with .Values.remark42.istio.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - gateways: - - istio-system/badhouseplants-net - hosts: - {{- range .Values.remark42.istio.hosts}} - - {{ . }} - {{- end }} - http: - - match: - - uri: - prefix: {{ .Values.remark42.istio.prefix }} - route: - - destination: - host: {{ .Release.Name }}-remark42 - port: - number: {{ .Values.remark42.service.port }} -{{- end }} diff --git a/chart/values.yaml b/chart/values.yaml index ed5d115..c0463a3 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -39,14 +39,6 @@ hugo: env: HUGO_PARAMS_GITBRANCH: main -istio: - annotations: {} - enabled: true - hosts: - - badhouseplants.net - - www.badhouseplants.net - prefix: / - volumes: # ---------------------------------------------- # -- An emptydir volume where hugo should diff --git a/kube/values-main.yaml b/kube/values-main.yaml index 7555fdb..4d25e03 100644 --- a/kube/values-main.yaml +++ b/kube/values-main.yaml @@ -5,11 +5,33 @@ values: | tag: $ARGO_APP_IMAGE_TAG env: HUGO_PARAMS_GITCOMMIT: $ARGO_APP_IMAGE_TAG - istio: - annotations: + ingress: + enabled: true + className: ~ + annotations: + kubernetes.io/ingress.class: traefik + kubernetes.io/tls-acme: "true" + kubernetes.io/ingress.allow-http: "false" + kubernetes.io/ingress.global-static-ip-name: "" + cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 link.argocd.argoproj.io/env: https://badhouseplants.net/ link.argocd.argoproj.io/build: $DRONE_BUILD_LINK - link.argocd.argoproj.io/remark42: https://remark42.badhouseplants.net/web + pathtype: ImplementationSpecific + hosts: + - host: badhouseplants.net + paths: + - path: / + pathType: ImplementationSpecific + - host: www.badhouseplants.net + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: badhp-tls + hosts: + - badhouseplants.net + - www.badhouseplants.net + remark42: settings: secret: $ARGO_REMARK_SECRET @@ -26,3 +48,25 @@ values: | secret: $ARGO_GOOGLE_OAUTH_KEY storage: requestedSize: 300Mi + ingress: + enabled: true + className: ~ + annotations: + kubernetes.io/ingress.class: traefik + kubernetes.io/tls-acme: "true" + kubernetes.io/ingress.allow-http: "false" + kubernetes.io/ingress.global-static-ip-name: "" + cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 + link.argocd.argoproj.io/remark42: https://remark42.badhouseplants.net/web + ## Hosts + hosts: + - host: remark42.badhouseplants.net + paths: + - path: / + pathType: ImplementationSpecific + + tls: + secretName: chart-example-tls + hosts: + - remark42.badhouseplants.net + \ No newline at end of file diff --git a/kube/values-preview.yaml b/kube/values-preview.yaml index 5789c75..c618bd8 100644 --- a/kube/values-preview.yaml +++ b/kube/values-preview.yaml @@ -1,12 +1,27 @@ --- values: | - istio: - hosts: - - $ARGO_APP_HOSTNAME - annotations: + ingress: + enabled: true + className: ~ + annotations: + kubernetes.io/ingress.class: traefik + kubernetes.io/tls-acme: "true" + kubernetes.io/ingress.allow-http: "false" + kubernetes.io/ingress.global-static-ip-name: "" + cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 link.argocd.argoproj.io/env: https://$ARGO_APP_HOSTNAME/ - link.argocd.argoproj.io/remark42: https://remark42-$ARGO_APP_HOSTNAME/web link.argocd.argoproj.io/build: $DRONE_BUILD_LINK + pathtype: ImplementationSpecific + hosts: + - host: $ARGO_APP_HOSTNAME + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: badhp-$ARGO_APP_BRANCH-tls + hosts: + - $ARGO_APP_HOSTNAME + hugo: image: tag: $ARGO_APP_IMAGE_TAG @@ -17,13 +32,31 @@ values: | HUGO_PARAMS_COMMENTS_REMARK42_HOST: https://remark42-$ARGO_APP_HOSTNAME HUGO_PARAMS_GITCOMMIT: $ARGO_APP_IMAGE_TAG remark42: - istio: - hosts: - - remark42-$ARGO_APP_HOSTNAME settings: url: https://remark42-$ARGO_APP_HOSTNAME/ auth: anonymous: true secretKey: $ARGO_REMARK_SECRET + ingress: + enabled: true + className: ~ + annotations: + kubernetes.io/ingress.class: traefik + kubernetes.io/tls-acme: "true" + kubernetes.io/ingress.allow-http: "false" + kubernetes.io/ingress.global-static-ip-name: "" + cert-manager.io/cluster-issuer: badhouseplants-issuer-http01 + link.argocd.argoproj.io/remark42: https://remark42-$ARGO_APP_HOSTNAME/ + ## Hosts + hosts: + - host: remark42.badhouseplants.net + paths: + - path: / + pathType: ImplementationSpecific + + tls: + secretName: remark-$ARGO_APP_BRANCH-tls + hosts: + - remark42-$ARGO_APP_HOSTNAME rclone: command: 'rclone copy -P badhouseplants-public:/badhouseplants-net/$ARGO_APP_IMAGE_TAG /static' -- 2.45.2 From 33bce94b2b2f28b6a47723a2b983ec38f1850115 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Thu, 11 Jul 2024 12:32:44 +0200 Subject: [PATCH 04/10] Fix woodpecker --- .woodpecker.yml | 8 ++++---- kube/project.yaml | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index fb34ac6..78c6dfb 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -20,7 +20,7 @@ steps: - hugo -s ./src - name: Build and push the docker image - image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:f36cd03d00ce6624d86af735a5a293b3d694e1e7 privileged: true depends_on: - Test a build @@ -44,7 +44,7 @@ steps: privileged: true - name: Sync pictures from lfs to Minio - image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:f36cd03d00ce6624d86af735a5a293b3d694e1e7 depends_on: - Test a build secrets: @@ -56,7 +56,7 @@ steps: - ./scripts/upload-media.pl - name: Deploy the application - image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:f36cd03d00ce6624d86af735a5a293b3d694e1e7 depends_on: - Build and push the docker image - Sync pictures from lfs to Minio @@ -71,7 +71,7 @@ steps: - ./scripts/deploy-app.pl - name: Cleanup everything - image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3 + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:f36cd03d00ce6624d86af735a5a293b3d694e1e7 depends_on: - Deploy the application secrets: diff --git a/kube/project.yaml b/kube/project.yaml index fcb23c4..4b514fb 100644 --- a/kube/project.yaml +++ b/kube/project.yaml @@ -2,7 +2,7 @@ apiVersion: argoproj.io/v1alpha1 kind: AppProject metadata: name: badhouseplants - namespace: argo-system + namespace: platform finalizers: - resources-finalizer.argocd.argoproj.io spec: @@ -31,4 +31,4 @@ spec: # Enables namespace orphaned resource monitoring. orphanedResources: - warn: false \ No newline at end of file + warn: false -- 2.45.2 From f9457940bed71841adf61c197212ef3f27978e63 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Thu, 11 Jul 2024 12:35:12 +0200 Subject: [PATCH 05/10] Trigger build -- 2.45.2 From 59a0287b5e3fe30b0a4b2342e1a1b4e2ce763fb6 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Thu, 11 Jul 2024 13:18:21 +0200 Subject: [PATCH 06/10] Trigger build -- 2.45.2 From 79dd9a18d412f82457aedf5e089e33d32cdc56f0 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Thu, 11 Jul 2024 11:28:23 +0000 Subject: [PATCH 07/10] Update the app namespace --- kube/application.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kube/application.yaml b/kube/application.yaml index 6441ed5..e2b8240 100644 --- a/kube/application.yaml +++ b/kube/application.yaml @@ -6,7 +6,7 @@ metadata: branch: $ARGO_APP_BRANCH commit_sha: $ARGO_APP_IMAGE_TAG name: badhouseplants-$ARGO_APP_BRANCH - namespace: argo-system + namespace: platform spec: destination: namespace: badhouseplants-$ARGO_APP_NAMESPACE -- 2.45.2 From 3f5c97bf357ec902a1c5f25728ffa028bbc2034d Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Wed, 24 Jul 2024 17:58:07 +0200 Subject: [PATCH 08/10] Fix deployment --- kube/application.yaml | 2 +- kube/project.yaml | 10 ++++------ scripts/deploy-app.pl | 5 ++--- 3 files changed, 7 insertions(+), 10 deletions(-) diff --git a/kube/application.yaml b/kube/application.yaml index e2b8240..cc41ea1 100644 --- a/kube/application.yaml +++ b/kube/application.yaml @@ -9,7 +9,7 @@ metadata: namespace: platform spec: destination: - namespace: badhouseplants-$ARGO_APP_NAMESPACE + namespace: $ARGO_APP_NAMESPACE server: https://kubernetes.default.svc project: badhouseplants source: diff --git a/kube/project.yaml b/kube/project.yaml index 4b514fb..f302767 100644 --- a/kube/project.yaml +++ b/kube/project.yaml @@ -11,14 +11,12 @@ spec: - '*' destinations: - - namespace: badhouseplants-* + - namespace: development + server: https://kubernetes.default.svc + name: in-cluster + - namespace: production server: https://kubernetes.default.svc name: in-cluster - - # Deny all cluster-scoped resources from being created, except for Namespace - clusterResourceWhitelist: - - group: '' - kind: Namespace # Allow all namespaced-scoped resources to be created, except for ResourceQuota, LimitRange, NetworkPolicy namespaceResourceBlacklist: diff --git a/scripts/deploy-app.pl b/scripts/deploy-app.pl index 4a6602b..7e53405 100755 --- a/scripts/deploy-app.pl +++ b/scripts/deploy-app.pl @@ -18,9 +18,9 @@ chomp($remark_secret); $ENV{'ARGO_APP_CHART_VERSION'} = $chart_version; $ENV{'ARGO_APP_BRANCH'} = $git_branch; if ($git_branch eq $main_branch) { - $ENV{'ARGO_APP_NAMESPACE'} = $git_branch; + $ENV{'ARGO_APP_NAMESPACE'} = "production"; } else { - $ENV{'ARGO_APP_NAMESPACE'} = "preview" + $ENV{'ARGO_APP_NAMESPACE'} = "development" } $ENV{'ARGO_APP_HOSTNAME'} = "$git_branch-dev.badhouseplants.net"; $ENV{'ARGO_APP_IMAGE_TAG'} = $git_commit_sha; @@ -72,4 +72,3 @@ foreach my $app (@all_applications) { } } } - -- 2.45.2 From d8faab209cd6b8555f74c279a10c850a2aafd067 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Wed, 24 Jul 2024 18:03:49 +0200 Subject: [PATCH 09/10] Use latest builder --- .woodpecker.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 78c6dfb..859f399 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -20,7 +20,7 @@ steps: - hugo -s ./src - name: Build and push the docker image - image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:f36cd03d00ce6624d86af735a5a293b3d694e1e7 + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:latest privileged: true depends_on: - Test a build @@ -44,7 +44,7 @@ steps: privileged: true - name: Sync pictures from lfs to Minio - image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:f36cd03d00ce6624d86af735a5a293b3d694e1e7 + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:latest depends_on: - Test a build secrets: @@ -56,7 +56,7 @@ steps: - ./scripts/upload-media.pl - name: Deploy the application - image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:f36cd03d00ce6624d86af735a5a293b3d694e1e7 + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:latest depends_on: - Build and push the docker image - Sync pictures from lfs to Minio @@ -71,7 +71,7 @@ steps: - ./scripts/deploy-app.pl - name: Cleanup everything - image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:f36cd03d00ce6624d86af735a5a293b3d694e1e7 + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:latest depends_on: - Deploy the application secrets: -- 2.45.2 From 7a8e163973a989e4da5fb0cd83dde03c3c956ca2 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Wed, 24 Jul 2024 18:07:42 +0200 Subject: [PATCH 10/10] Use https for argocd --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 859f399..3189887 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -66,7 +66,7 @@ steps: - argo_github_oauth_key - argo_google_oauth_key environment: - ARGOCD_SERVER: argo.badhouseplants.net:443 + ARGOCD_SERVER: https://argo.badhouseplants.net:443 commands: - ./scripts/deploy-app.pl -- 2.45.2