Updated the tekton installation

2023-09-27 06:26:54 +02:00
parent bfe08e1eae
commit 3274fbdd97
10 changed files with 127 additions and 123 deletions
--- a/badhouseplants/values/secrets.tekton-pipeline.yaml
+++ b/badhouseplants/values/secrets.tekton-pipeline.yaml
@@ -0,0 +1,23 @@
 auth:
    git:
        password: ENC[AES256_GCM,data:X1wVDcAeDP9IY/Kry+pP3BayBFJJ4o4NxA==,iv:qVG9R033GKeQxaVpCpN3hUV9d6dGULceEPt70U5psX0=,tag:jgmc/T42T9/JH3PgN6v2qA==,type:str]
 sops:
    kms: []
    gcp_kms: []
    azure_kv: []
    hc_vault: []
    age:
        - recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
          enc: |
            -----BEGIN AGE ENCRYPTED FILE-----
            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEdmJzcTFKd1M2dUZyTmxZ
            Mnljc1FCRk9tQUFyWUk4U21kYWR0MVMzSms4CjdCNTFONTJGU1B4bDBOQnp3NEtW
            UDZpTkU4bWFrYVhiV0tUbGRmaTlPTUEKLS0tIHJmTkhGbTZiQkQzR2VHckRoVFVF
            eUtWMXpDWlBwVE1zM1FOMklQd3BhZk0KvJBAxTdAQCHGDd7W2qv/31OblHrX7o0X
            0GCL/z1dw+sG4GS0zwgxVu8jlGzWK8PCZjq5k8bMMzbbKtUNKiShuA==
            -----END AGE ENCRYPTED FILE-----
    lastmodified: "2023-09-27T04:26:20Z"
    mac: ENC[AES256_GCM,data:Hknt7Td7Tyx/c98Xf7dbsaGRLKO1zzZR34ZarkZtFVyvTcB0kxb5VWeJv+O215UAXEjPE7LUB2gHvhAtgLsAnek55stjZ84ifz923gMKB2ul18TeX4s0oqXyKvKZyv7SKPsVduSA4EutbrOnxLiZCmL8b/u0Y6scUH5pOe7aydg=,iv:vXvdvPE4n6ZYb0CXZZppWuvFFOlDEM2dMiiUwVTTTvE=,tag:gfNWefDG3cC1QzNGwgs5mQ==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
    version: 3.8.0
--- a/badhouseplants/values/values.tekton-pipeline.yaml
+++ b/badhouseplants/values/values.tekton-pipeline.yaml
@@ -0,0 +1,4 @@
 auth:
  git:
    username: tekton
    url: https://git.badhouseplants.net
--- a/manifests/debug/istio-stuff.yaml
+++ b/manifests/debug/istio-stuff.yaml
@@ -1,17 +0,0 @@
 apiVersion: networking.istio.io/v1alpha3
 kind: EnvoyFilter
 metadata:
  name: proxy-protocol
  namespace: istio-system
 spec:
  workloadSelector:
    labels:
      istio: ingressgateway
  configPatches:
  - applyTo: LISTENER
    patch:
      operation: MERGE
      value:
        listener_filters:
        - name: envoy.listener.proxy_protocol
--- a/manifests/debug/proxy-prot.yaml
+++ b/manifests/debug/proxy-prot.yaml
@@ -1,17 +0,0 @@
 apiVersion: networking.istio.io/v1alpha3
 kind: EnvoyFilter
 metadata:
  name: proxy-protocol
  namespace: istio-system
 spec:
  configPatches:
  - applyTo: LISTENER
    patch:
      operation: MERGE
      value:
        listener_filters:
        - name: envoy.listener.proxy_protocol
        - name: envoy.listener.tls_inspector
  workloadSelector:
    labels:
      istio: ingressgateway
--- a/manifests/debug/test.yaml
+++ b/manifests/debug/test.yaml
@@ -1,83 +0,0 @@
 apiVersion: networking.istio.io/v1alpha3
 kind: Gateway
 metadata:
  name: httpbin-gateway
 spec:
  selector:
    istio: ingressgateway
  servers:
  - port:
      number: 80
      name: http
      protocol: HTTP2
    hosts:
    - "test.badhouseplants.net"
  - hosts:
    - "test.badhouseplants.net"
    port:
      name: https
      number: 443
      protocol: HTTPS
    tls:
      credentialName: badhouseplants-wildcard-tls
      mode: SIMPLE
 ---
 apiVersion: networking.istio.io/v1alpha3
 kind: VirtualService
 metadata:
  name: httpbin
 spec:
  hosts:
  - "test.badhouseplants.net"
  gateways:
  - httpbin-gateway
  http:
  - route:
    - destination:
        host: httpbin
        port:
          number: 8000
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: httpbin
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: httpbin
  labels:
    app: httpbin
    service: httpbin
 spec:
  ports:
  - name: http
    port: 8000
    targetPort: 80
  selector:
    app: httpbin
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: httpbin
 spec:
  replicas: 1
  selector:
    matchLabels:
      app: httpbin
      version: v1
  template:
    metadata:
      labels:
        app: httpbin
        version: v1
    spec:
      serviceAccountName: httpbin
      containers:
      - image: docker.io/kong/httpbin
        imagePullPolicy: IfNotPresent
        name: httpbin
        ports:
        - containerPort: 80
--- a/manifests/git_clone.yaml
+++ b/manifests/git_clone.yaml
@@ -0,0 +1,80 @@
 apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
  name: git-clone-repo
  namespace: tekton-jobs
 spec:
  workspaces:
    - name: src
      mountPath: /src
  params:
    - name: url
  steps:
    - name: Git Clone
      image: alpine/git
      script: |
        #!/bin/bash
 ---
 apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
  name: write
  namespace: tekton-jobs
 spec:
  workspaces:
    - name: src
      mountPath: /custom/path/relative/to/root
  steps:
    - name: goodbye
      image: ubuntu
      script: |
        #!/bin/bash
        cat $(workspaces.src.path)/check
 ---
 apiVersion: tekton.dev/v1beta1
 kind: Pipeline
 metadata:
  name: hello-goodbye
  namespace: tekton-jobs
 spec:
  tasks:
    - name: read
      taskRef:
        name: read
      workspaces:
        - name: src
          workspace: src
    - name: write
      runAfter:
        - read
      taskRef:
        name: read
      workspaces:
        - name: src
          workspace: src
  workspaces:
    - name: src
 ---
 apiVersion: tekton.dev/v1beta1
 kind: PipelineRun
 metadata:
  name: hello-goodbye-run
  namespace: tekton-jobs
 spec:
  pipelineRef:
    name: hello-goodbye
    namespace: tekton-jobs
  params:
    - name: username
      value: "Tekton"
  workspaces:
    - name: src
      volumeClaimTemplate:
        spec:
          accessModes:
            - ReadWriteOnce # access mode may affect how you can use this volume in parallel tasks
          resources:
            requests:
              storage: 1Gi
--- a/manifests/metallb/badhouseplants-ip.yaml
+++ b/manifests/metallb/badhouseplants-ip.yaml
@@ -1,5 +1,4 @@
 # addresspool.yaml
 ---
 apiVersion: metallb.io/v1beta1
 kind: IPAddressPool
 metadata:
@@ -7,4 +6,4 @@ metadata:
  namespace: metallb-system
 spec:
  addresses:
-  - 195.201.250.50-195.201.250.50
+    - 195.201.250.50-195.201.250.50
--- a/manifests/metallb/etersoft-ip.yaml
+++ b/manifests/metallb/etersoft-ip.yaml
@@ -1,5 +1,4 @@
 # addresspool.yaml
 ---
 apiVersion: metallb.io/v1beta1
 kind: IPAddressPool
 metadata:
@@ -7,4 +6,4 @@ metadata:
  namespace: metallb-system
 spec:
  addresses:
-  - 91.232.225.63-91.232.225.63
+    - 91.232.225.63-91.232.225.63
--- a/manifests/tekton/cdh.yaml
+++ b/manifests/tekton/cdh.yaml
@@ -0,0 +1,13 @@
 apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
  name: check-da-helm
  namespace: tekton-pipelines
 spec:
  params:
    - name: environment
      type: string
  steps:
    - name: check-da-helm
      image: ghcr.io/allanger/check-da-helm-helmfile-secrets:stable
      script: "cdh --kind helmfile -p helmfile.yaml --helmfile-environment  \n"
--- a/releases.yaml
+++ b/releases.yaml
@@ -217,6 +217,9 @@ templates:
    name: tekton-pipeline
    chart: cdf/tekton-pipeline
    version: 1.0.2
    inherit:
      - template: default-env-values
      - template: default-env-secrets
  nrodionov: &nrodionov
    name: nrodionov