From 283bcc5cd2a0260b85b2bcac43f479833299a896 Mon Sep 17 00:00:00 2001
From: Nikolai Rodionov <allanger@zohomail.com>
Date: Thu, 5 Oct 2023 10:07:25 +0200
Subject: [PATCH] Install and test woodpecker-ci

---
 .woodpecker.yml                               | 24 ++++++++++++
 badhouseplants/helmfile.yaml                  |  7 +++-
 .../values/secrets.woodpecker-agent.yaml      | 23 ++++++++++++
 .../values/secrets.woodpecker-ci.yaml         | 26 +++++++++++++
 .../values/values.woodpecker-ci.yaml          | 37 +++++++++++++++++++
 releases.yaml                                 |  9 +++++
 repositories.yaml                             |  2 +
 7 files changed, 127 insertions(+), 1 deletion(-)
 create mode 100644 .woodpecker.yml
 create mode 100644 badhouseplants/values/secrets.woodpecker-agent.yaml
 create mode 100644 badhouseplants/values/secrets.woodpecker-ci.yaml
 create mode 100644 badhouseplants/values/values.woodpecker-ci.yaml

diff --git a/.woodpecker.yml b/.woodpecker.yml
new file mode 100644
index 0000000..b18ba77
--- /dev/null
+++ b/.woodpecker.yml
@@ -0,0 +1,24 @@
+---
+when:
+  event: push
+
+steps:
+  Diff Badhouseplants:
+    image: ghcr.io/helmfile/helmfile:canary
+    secrets: [ sops_age_key, kubeconfig_content ]
+    commands:
+      - mkdir $HOME/.kube
+      - echo "$KUBECONFIG_CONTENT" > $HOME/.kube/config && chmod 0600 $HOME/.kube/config
+      - helmfile -e badhouseplants diff --suppress-secrets
+
+  Diff Eterosoft:
+    image: ghcr.io/helmfile/helmfile:canary
+    secrets: [ sops_age_key, kubeconfig_content ]
+    commands:
+      - mkdir $HOME/.kube
+      - echo "$KUBECONFIG_CONTENT" > $HOME/.kube/config && chmod 0600 $HOME/.kube/config
+      - helmfile -e etersoft diff --suppress-secrets
+
+        #services:
+        #  kind:
+        #    image: kindest/node:v1.27.3
diff --git a/badhouseplants/helmfile.yaml b/badhouseplants/helmfile.yaml
index 8d7ed5b..5023f26 100644
--- a/badhouseplants/helmfile.yaml
+++ b/badhouseplants/helmfile.yaml
@@ -97,9 +97,14 @@ releases:
     namespace: istio-system
     createNamespace: false
 
-  - <<: *vaultwarden
+  - <<: &vaultwarde
+    createNamespace: true
     installed: true
     namespace: vaultwarden-application
+
+  - <<: *woodpecker-ci
+    installed: true
+    namespace: woodpecker
     createNamespace: true
 
 bases:
diff --git a/badhouseplants/values/secrets.woodpecker-agent.yaml b/badhouseplants/values/secrets.woodpecker-agent.yaml
new file mode 100644
index 0000000..f71db04
--- /dev/null
+++ b/badhouseplants/values/secrets.woodpecker-agent.yaml
@@ -0,0 +1,23 @@
+env:
+    WOODPECKER_AGENT_SECRET: ENC[AES256_GCM,data:cJoxJw6c6FYZ337i5P6dGUzLmgUn9Z+/Ed9aUK76WYnB8m0D9h5IlAlOfCQ=,iv:1BgxKsaI3dhhPNkZbpHKBn6GXadn1RD+3Q4RwKLfmcU=,tag:y8qLWwpVAwKrOWN1cC2ulw==,type:str]
+    WOODPECKER_GITEA_SECRET: ENC[AES256_GCM,data:VdWASwxPurzmfSjb2h8wBw3XbZSfG9UG0jmXSbTBPreZ+l7UQblI/wqr8Tw=,iv:APNuiqimA/ofCWsvywj+SJedQBMgRoCd65Gd3Ps2/fw=,tag:ATLGT4ACZ2GR46qD9ABUng==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTRFNvdnBsSHFBcjlGcGl1
+            RnU1NEpZekpucTNCZHBGcXdBakhkU1drb2dZClVYZ2xMVUJiOXV2enlBbm1TS2Mz
+            ZnZ0UHpsVHVUU2ZkSGtwUXNMM0R6VjQKLS0tIFR4NEdTTGRIY3QycTFhRzJNSEY0
+            SEs0Z3VjaTN2Y3Z0QmtEUEdQdmtwYnMKxQ3z1p2GulSOklUEolWeH20JeFwNpZqY
+            870x5UtCJNVTMrIDgwMQK3hn+yywxPdgSRhkW3bqH4PJDxi78UUpXw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-10-05T08:06:51Z"
+    mac: ENC[AES256_GCM,data:pc4n/3MEP0GhmZ+wdbOiK2gj7ah/9IJ2hoXRtM1sAGy3UPNBrF5VE7hxnAi393YpWBank7crDTvg2aJjhVt7XqB8zcjiHtNMlcpxL6fJ+uWxeH4uVj/NBfSvoO410oYbtPuKMjZpPU7KACmTJ9tzVIZdZOScXx7fLQxNUq01Hu8=,iv:18MqueG9MHrTcXmu14Q8LPnMFT9lolDkCbXjjA2P1qg=,tag:6ETPd8vZ0CCGEUP5u8ZxNA==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.8.0
diff --git a/badhouseplants/values/secrets.woodpecker-ci.yaml b/badhouseplants/values/secrets.woodpecker-ci.yaml
new file mode 100644
index 0000000..dedead1
--- /dev/null
+++ b/badhouseplants/values/secrets.woodpecker-ci.yaml
@@ -0,0 +1,26 @@
+server:
+    env:
+        WOODPECKER_GITEA_SECRET: ENC[AES256_GCM,data:mGYEvlIeQC3mg+kxy3ZX6gAVf88DXLVdeSdgpQa8wixsb2rDoj4+l2ET2saquK+lVhjvv8ZKdvg=,iv:VlPgDYPj1xpxnpWnEHj+slBi0H2nWKeScclPItUaG9A=,tag:ox/Ur5vsOARXRT3g0hCgsg==,type:str]
+agent:
+    env:
+        WOODPECKER_AGENT_SECRET: ENC[AES256_GCM,data:rnxJ1aKdMnJDXbiQFIUP2a1zaB/hfdXZ0YLwegT+aMSM4tBRV+YgQ/0OvoUuoTC2j1Jtp1SnY94=,iv:XHDR0WSiG1zwOkqTUnVtw0hLceWyI4W5sYNrsnXAAik=,tag:6mddyqwUd/mOQeEGIJlQhQ==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlQjZqNE9iMDl6MlhnSUp5
+            QTBSOG83WFBqZFZIU2dEMzlpengrUFg4alZFCld4MkI4WW8xMUZnMm1SU2hmMCtn
+            bTZSVTIxTk5aZmo3OEJJdlJwL2xhV3MKLS0tIGJraERVZTNyMWFCVE1TbEhRR3J4
+            WXh3NGd4UG9OODhHNEp0cDVoQkM5dWMKcz4h0O4J2WlB+L9+/U8Rl+zzd87hsJo8
+            ThPZgnUNDGpdRrU2IYiXo03fZOhBoqBJe1ZG+Ol8z9bvTeyeMZxRIg==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-10-14T16:17:58Z"
+    mac: ENC[AES256_GCM,data:guD5+TBhN9n0WKRN4Ffzo0khhL+3CroELwxTfvUPmxQndFBzOnw/kvj8ZP/NBHMwAiQ1sirUdoJE0QKruHpkHlPs0slyNK0adGExPlSmn9fS5egltbtthzZYbftTJKFlImo3/3Z6tapBWN8neJNc3fhtZbItuwgfYJecXPPqW7Q=,iv:bqqhU1KDfzIN4LOY4dMpSw8XT/2j+NiD74M56jSpjWE=,tag:VGXSlEreapoSFCUnfHXIXA==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.8.1
diff --git a/badhouseplants/values/values.woodpecker-ci.yaml b/badhouseplants/values/values.woodpecker-ci.yaml
new file mode 100644
index 0000000..51b5f98
--- /dev/null
+++ b/badhouseplants/values/values.woodpecker-ci.yaml
@@ -0,0 +1,37 @@
+# ------------------------------------------
+# -- Istio extenstion. Just because I'm
+# --  not using ingress nginx
+# ------------------------------------------
+istio:
+  enabled: true
+  istio:
+    - name: woodpecker-server-http
+      gateway: istio-system/badhouseplants-net
+      kind: http
+      hostname: ci.badhouseplants.net
+      service: woodpecker-ci-server
+      port: 80
+server:
+  image: 
+    tag: v1.0.2
+  enabled: true
+  env:
+    WOODPECKER_GITEA: true
+    WOODPECKER_GITEA_URL: https://git.badhouseplants.net
+    WOODPECKER_GITEA_CLIENT: ab5e4687-a476-4668-9fbc-288d54095634
+    WOODPECKER_ADMIN: "woodpecker,allanger"
+    WOODPECKER_HOST: "https://ci.badhouseplants.net"
+  extraSecretNamesForEnvFrom: []  
+agent:
+  image: 
+    tag: v1.0.2
+  enabled: true
+  extraSecretNamesForEnvFrom: []
+  env:
+    WOODPECKER_SERVER: woodpecker-ci-server:9000
+    WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 1Gi
+    WOODPECKER_BACKEND_K8S_STORAGE_CLASS:
+  serviceAccount:
+    create: true
+  rbac:
+    create: true
diff --git a/releases.yaml b/releases.yaml
index 43ebded..e380875 100644
--- a/releases.yaml
+++ b/releases.yaml
@@ -229,6 +229,15 @@ templates:
       - template: default-env-secrets
       - template: drone-common
 
+  woodpecker-ci: &woodpecker-ci
+    name: woodpecker-ci
+    chart: woodpecker/woodpecker
+    version: 0.4.2
+    inherit:
+      - template: default-env-values
+      - template: default-env-secrets
+      - template: ext-istio-resource
+
   nrodionov: &nrodionov
     name: nrodionov
     chart: bitnami/wordpress
diff --git a/repositories.yaml b/repositories.yaml
index fcdf4fe..0d52f2e 100644
--- a/repositories.yaml
+++ b/repositories.yaml
@@ -38,3 +38,5 @@ repositories:
     url: https://git.badhouseplants.net/api/packages/allanger/helm
   - name: badhouseplants
     url: https://badhouseplants.github.io/helm-charts/
+  - name: woodpecker
+    url: https://woodpecker-ci.org