badhouseplants/k8s-cluster-config
Archived
4
0
Fork 0
Code Issues 6 Pull Requests 1 Actions Packages Projects Releases Activity

Install and test woodpecker-ci

Browse Source
This commit is contained in:
Nikolai Rodionov 2023-10-05 10:07:25 +02:00
parent eed6c898c5
commit 283bcc5cd2
No known key found for this signature in database
GPG Key ID: 19DB54039EBF8F10
7 changed files with 127 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
.woodpecker.yml Normal file
View File

@ -0,0 +1,24 @@
---
when:
event: push
steps:
Diff Badhouseplants:
image: ghcr.io/helmfile/helmfile:canary
secrets: [ sops_age_key, kubeconfig_content ]
commands:
- mkdir $HOME/.kube
- echo "$KUBECONFIG_CONTENT" > $HOME/.kube/config && chmod 0600 $HOME/.kube/config
- helmfile -e badhouseplants diff --suppress-secrets
Diff Eterosoft:
image: ghcr.io/helmfile/helmfile:canary
secrets: [ sops_age_key, kubeconfig_content ]
commands:
- mkdir $HOME/.kube
- echo "$KUBECONFIG_CONTENT" > $HOME/.kube/config && chmod 0600 $HOME/.kube/config
- helmfile -e etersoft diff --suppress-secrets
#services:
# kind:
# image: kindest/node:v1.27.3

7
badhouseplants/helmfile.yaml
View File

@ -97,9 +97,14 @@ releases:
namespace: istio-system
createNamespace: false
- <<: *vaultwarden
- <<: &vaultwarde
createNamespace: true
installed: true
namespace: vaultwarden-application
- <<: *woodpecker-ci
installed: true
namespace: woodpecker
createNamespace: true
bases:

23
badhouseplants/values/secrets.woodpecker-agent.yaml Normal file
View File

@ -0,0 +1,23 @@
env:
WOODPECKER_AGENT_SECRET: ENC[AES256_GCM,data:cJoxJw6c6FYZ337i5P6dGUzLmgUn9Z+/Ed9aUK76WYnB8m0D9h5IlAlOfCQ=,iv:1BgxKsaI3dhhPNkZbpHKBn6GXadn1RD+3Q4RwKLfmcU=,tag:y8qLWwpVAwKrOWN1cC2ulw==,type:str]
WOODPECKER_GITEA_SECRET: ENC[AES256_GCM,data:VdWASwxPurzmfSjb2h8wBw3XbZSfG9UG0jmXSbTBPreZ+l7UQblI/wqr8Tw=,iv:APNuiqimA/ofCWsvywj+SJedQBMgRoCd65Gd3Ps2/fw=,tag:ATLGT4ACZ2GR46qD9ABUng==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTRFNvdnBsSHFBcjlGcGl1
RnU1NEpZekpucTNCZHBGcXdBakhkU1drb2dZClVYZ2xMVUJiOXV2enlBbm1TS2Mz
ZnZ0UHpsVHVUU2ZkSGtwUXNMM0R6VjQKLS0tIFR4NEdTTGRIY3QycTFhRzJNSEY0
SEs0Z3VjaTN2Y3Z0QmtEUEdQdmtwYnMKxQ3z1p2GulSOklUEolWeH20JeFwNpZqY
870x5UtCJNVTMrIDgwMQK3hn+yywxPdgSRhkW3bqH4PJDxi78UUpXw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-10-05T08:06:51Z"
mac: ENC[AES256_GCM,data:pc4n/3MEP0GhmZ+wdbOiK2gj7ah/9IJ2hoXRtM1sAGy3UPNBrF5VE7hxnAi393YpWBank7crDTvg2aJjhVt7XqB8zcjiHtNMlcpxL6fJ+uWxeH4uVj/NBfSvoO410oYbtPuKMjZpPU7KACmTJ9tzVIZdZOScXx7fLQxNUq01Hu8=,iv:18MqueG9MHrTcXmu14Q8LPnMFT9lolDkCbXjjA2P1qg=,tag:6ETPd8vZ0CCGEUP5u8ZxNA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.0

26
badhouseplants/values/secrets.woodpecker-ci.yaml Normal file
View File

@ -0,0 +1,26 @@
server:
env:
WOODPECKER_GITEA_SECRET: ENC[AES256_GCM,data:mGYEvlIeQC3mg+kxy3ZX6gAVf88DXLVdeSdgpQa8wixsb2rDoj4+l2ET2saquK+lVhjvv8ZKdvg=,iv:VlPgDYPj1xpxnpWnEHj+slBi0H2nWKeScclPItUaG9A=,tag:ox/Ur5vsOARXRT3g0hCgsg==,type:str]
agent:
env:
WOODPECKER_AGENT_SECRET: ENC[AES256_GCM,data:rnxJ1aKdMnJDXbiQFIUP2a1zaB/hfdXZ0YLwegT+aMSM4tBRV+YgQ/0OvoUuoTC2j1Jtp1SnY94=,iv:XHDR0WSiG1zwOkqTUnVtw0hLceWyI4W5sYNrsnXAAik=,tag:6mddyqwUd/mOQeEGIJlQhQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlQjZqNE9iMDl6MlhnSUp5
QTBSOG83WFBqZFZIU2dEMzlpengrUFg4alZFCld4MkI4WW8xMUZnMm1SU2hmMCtn
bTZSVTIxTk5aZmo3OEJJdlJwL2xhV3MKLS0tIGJraERVZTNyMWFCVE1TbEhRR3J4
WXh3NGd4UG9OODhHNEp0cDVoQkM5dWMKcz4h0O4J2WlB+L9+/U8Rl+zzd87hsJo8
ThPZgnUNDGpdRrU2IYiXo03fZOhBoqBJe1ZG+Ol8z9bvTeyeMZxRIg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-10-14T16:17:58Z"
mac: ENC[AES256_GCM,data:guD5+TBhN9n0WKRN4Ffzo0khhL+3CroELwxTfvUPmxQndFBzOnw/kvj8ZP/NBHMwAiQ1sirUdoJE0QKruHpkHlPs0slyNK0adGExPlSmn9fS5egltbtthzZYbftTJKFlImo3/3Z6tapBWN8neJNc3fhtZbItuwgfYJecXPPqW7Q=,iv:bqqhU1KDfzIN4LOY4dMpSw8XT/2j+NiD74M56jSpjWE=,tag:VGXSlEreapoSFCUnfHXIXA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

37
badhouseplants/values/values.woodpecker-ci.yaml Normal file
View File

@ -0,0 +1,37 @@
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: woodpecker-server-http
gateway: istio-system/badhouseplants-net
kind: http
hostname: ci.badhouseplants.net
service: woodpecker-ci-server
port: 80
server:
image:
tag: v1.0.2
enabled: true
env:
WOODPECKER_GITEA: true
WOODPECKER_GITEA_URL: https://git.badhouseplants.net
WOODPECKER_GITEA_CLIENT: ab5e4687-a476-4668-9fbc-288d54095634
WOODPECKER_ADMIN: "woodpecker,allanger"
WOODPECKER_HOST: "https://ci.badhouseplants.net"
extraSecretNamesForEnvFrom: []
agent:
image:
tag: v1.0.2
enabled: true
extraSecretNamesForEnvFrom: []
env:
WOODPECKER_SERVER: woodpecker-ci-server:9000
WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 1Gi
WOODPECKER_BACKEND_K8S_STORAGE_CLASS:
serviceAccount:
create: true
rbac:
create: true

9
releases.yaml
View File

@ -229,6 +229,15 @@ templates:
- template: default-env-secrets
- template: drone-common
woodpecker-ci: &woodpecker-ci
name: woodpecker-ci
chart: woodpecker/woodpecker
version: 0.4.2
inherit:
- template: default-env-values
- template: default-env-secrets
- template: ext-istio-resource
nrodionov: &nrodionov
name: nrodionov
chart: bitnami/wordpress

2
repositories.yaml
View File

@ -38,3 +38,5 @@ repositories:
url: https://git.badhouseplants.net/api/packages/allanger/helm
- name: badhouseplants
url: https://badhouseplants.github.io/helm-charts/
- name: woodpecker
url: https://woodpecker-ci.org