badhouseplants/k8s-cluster-config
Archived
4
0
Fork 0
Code Issues 6 Pull Requests 1 Actions Packages Projects Releases Activity

Updated the tekton installation

Browse Source
This commit is contained in:
Nikolai Rodionov
2023-09-27 06:26:54 +02:00
parent bfe08e1eae
commit 3274fbdd97
10 changed files with 127 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
badhouseplants/values/secrets.tekton-pipeline.yaml Normal file
View File

@@ -0,0 +1,23 @@
auth:
git:
password: ENC[AES256_GCM,data:X1wVDcAeDP9IY/Kry+pP3BayBFJJ4o4NxA==,iv:qVG9R033GKeQxaVpCpN3hUV9d6dGULceEPt70U5psX0=,tag:jgmc/T42T9/JH3PgN6v2qA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEdmJzcTFKd1M2dUZyTmxZ
Mnljc1FCRk9tQUFyWUk4U21kYWR0MVMzSms4CjdCNTFONTJGU1B4bDBOQnp3NEtW
UDZpTkU4bWFrYVhiV0tUbGRmaTlPTUEKLS0tIHJmTkhGbTZiQkQzR2VHckRoVFVF
eUtWMXpDWlBwVE1zM1FOMklQd3BhZk0KvJBAxTdAQCHGDd7W2qv/31OblHrX7o0X
0GCL/z1dw+sG4GS0zwgxVu8jlGzWK8PCZjq5k8bMMzbbKtUNKiShuA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-09-27T04:26:20Z"
mac: ENC[AES256_GCM,data:Hknt7Td7Tyx/c98Xf7dbsaGRLKO1zzZR34ZarkZtFVyvTcB0kxb5VWeJv+O215UAXEjPE7LUB2gHvhAtgLsAnek55stjZ84ifz923gMKB2ul18TeX4s0oqXyKvKZyv7SKPsVduSA4EutbrOnxLiZCmL8b/u0Y6scUH5pOe7aydg=,iv:vXvdvPE4n6ZYb0CXZZppWuvFFOlDEM2dMiiUwVTTTvE=,tag:gfNWefDG3cC1QzNGwgs5mQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.0

4
badhouseplants/values/values.tekton-pipeline.yaml Normal file
View File

@@ -0,0 +1,4 @@
auth:
git:
username: tekton
url: https://git.badhouseplants.net

17
manifests/debug/istio-stuff.yaml
View File

@@ -1,17 +0,0 @@
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: proxy-protocol
namespace: istio-system
spec:
workloadSelector:
labels:
istio: ingressgateway
configPatches:
- applyTo: LISTENER
patch:
operation: MERGE
value:
listener_filters:
- name: envoy.listener.proxy_protocol

17
manifests/debug/proxy-prot.yaml
View File

@@ -1,17 +0,0 @@
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: proxy-protocol
namespace: istio-system
spec:
configPatches:
- applyTo: LISTENER
patch:
operation: MERGE
value:
listener_filters:
- name: envoy.listener.proxy_protocol
- name: envoy.listener.tls_inspector
workloadSelector:
labels:
istio: ingressgateway

83
manifests/debug/test.yaml
View File

@@ -1,83 +0,0 @@
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: httpbin-gateway
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP2
hosts:
- "test.badhouseplants.net"
- hosts:
- "test.badhouseplants.net"
port:
name: https
number: 443
protocol: HTTPS
tls:
credentialName: badhouseplants-wildcard-tls
mode: SIMPLE
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: httpbin
spec:
hosts:
- "test.badhouseplants.net"
gateways:
- httpbin-gateway
http:
- route:
- destination:
host: httpbin
port:
number: 8000
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: httpbin
---
apiVersion: v1
kind: Service
metadata:
name: httpbin
labels:
app: httpbin
service: httpbin
spec:
ports:
- name: http
port: 8000
targetPort: 80
selector:
app: httpbin
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: httpbin
spec:
replicas: 1
selector:
matchLabels:
app: httpbin
version: v1
template:
metadata:
labels:
app: httpbin
version: v1
spec:
serviceAccountName: httpbin
containers:
- image: docker.io/kong/httpbin
imagePullPolicy: IfNotPresent
name: httpbin
ports:
- containerPort: 80

80
manifests/git_clone.yaml Normal file
View File

@@ -0,0 +1,80 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: git-clone-repo
namespace: tekton-jobs
spec:
workspaces:
- name: src
mountPath: /src
params:
- name: url
steps:
- name: Git Clone
image: alpine/git
script: |
#!/bin/bash
---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: write
namespace: tekton-jobs
spec:
workspaces:
- name: src
mountPath: /custom/path/relative/to/root
steps:
- name: goodbye
image: ubuntu
script: |
#!/bin/bash
cat $(workspaces.src.path)/check
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: hello-goodbye
namespace: tekton-jobs
spec:
tasks:
- name: read
taskRef:
name: read
workspaces:
- name: src
workspace: src
- name: write
runAfter:
- read
taskRef:
name: read
workspaces:
- name: src
workspace: src
workspaces:
- name: src
---
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: hello-goodbye-run
namespace: tekton-jobs
spec:
pipelineRef:
name: hello-goodbye
namespace: tekton-jobs
params:
- name: username
value: "Tekton"
workspaces:
- name: src
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce # access mode may affect how you can use this volume in parallel tasks
resources:
requests:
storage: 1Gi

1
manifests/badhouseplants-ip.yaml → manifests/metallb/badhouseplants-ip.yaml
View File

@@ -1,5 +1,4 @@
# addresspool.yaml
---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:

1
manifests/etersoft-ip.yaml → manifests/metallb/etersoft-ip.yaml
View File

@@ -1,5 +1,4 @@
# addresspool.yaml
---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:

13
manifests/tekton/cdh.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: check-da-helm
namespace: tekton-pipelines
spec:
params:
- name: environment
type: string
steps:
- name: check-da-helm
image: ghcr.io/allanger/check-da-helm-helmfile-secrets:stable
script: "cdh --kind helmfile -p helmfile.yaml --helmfile-environment \n"

3
releases.yaml
View File

@@ -217,6 +217,9 @@ templates:
name: tekton-pipeline
chart: cdf/tekton-pipeline
version: 1.0.2
inherit:
- template: default-env-values
- template: default-env-secrets
nrodionov: &nrodionov
name: nrodionov