Update helmrelease

2024-05-04 18:42:28 +02:00 · 2024-05-04 18:42:28 +02:00 · bc7833754a
commit bc7833754a
parent c520ba3a5c
18 changed files with 276 additions and 18 deletions
--- a/charts/softplayer-backend/templates/vs.yaml
+++ b/charts/softplayer-backend/templates/vs.yaml
@ -9,7 +9,7 @@ spec:
  gateways:
  - istio-system/badhouseplants-net
  hosts:
-  - "softplayer-backend.badhouseplants.net"
+  - {{ .Values.config.hostname }}
  http:
  - match:
    - uri:
--- a/charts/softplayer-backend/values.yaml
+++ b/charts/softplayer-backend/values.yaml
@ -1,3 +1,5 @@
+config:
+  hostname: softplayer.dev.badhouseplants.net
 replicaCount: 1

 image:
--- a/charts/softplayer-web/templates/vs.yaml
+++ b/charts/softplayer-web/templates/vs.yaml
@ -9,7 +9,7 @@ spec:
  gateways:
  - istio-system/badhouseplants-net
  hosts:
-  - "softplayer-web.badhouseplants.net"
+  - {{ .Values.config.hostname }}
  http:
  - match:
    - uri:
--- a/charts/softplayer-web/values.yaml
+++ b/charts/softplayer-web/values.yaml
@ -1,3 +1,6 @@
+config:
+  hostname: dev.badhouseplants.net
+
 replicaCount: 1

 image:
--- a/charts/tekton-pipelines/templates/pipelines/hetzner-cleanup.yaml
+++ b/charts/tekton-pipelines/templates/pipelines/hetzner-cleanup.yaml
@ -28,3 +28,19 @@ spec:
          value: $(params.environment)
        - name: namespace
          value: $(params.namespace)
+    - name: cleanup-dns-records
+      retries: 3
+      taskRef:
+        resolver: cluster
+        params:
+          - name: kind
+            value: task
+          - name: name
+            value: cleanup-dns-records
+          - name: namespace
+            value: tekton-pipelines
+      params:
+        - name: environment
+          value: $(params.environment)
+        - name: namespace
+          value: $(params.namespace)
--- a/charts/tekton-pipelines/templates/pipelines/hetzner-k3s.yaml
+++ b/charts/tekton-pipelines/templates/pipelines/hetzner-k3s.yaml
@ -55,6 +55,28 @@ spec:
          value: $(params.environment)
        - name: namespace
          value: $(params.namespace)
+    - name: prepare-dns-records
+      retries: 3
+      runAfter:
+        - prepare-hetzner-infra
+      taskRef:
+        resolver: cluster
+        params:
+          - name: kind
+            value: task
+          - name: name
+            value: prepare-dns-records
+          - name: namespace
+            value: tekton-pipelines
+      workspaces:
+        - name: outputs
+          workspace: inventory
+      params:
+        - name: environment
+          value: $(params.environment)
+        - name: namespace
+          value: $(params.namespace)
+
    - name: bootstrap-k3s
      retries: 3
      runAfter:
--- a/charts/tekton-pipelines/templates/pipelines/install-app.yaml
+++ b/charts/tekton-pipelines/templates/pipelines/install-app.yaml
@ -0,0 +1,32 @@
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: install-app
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: environment
+      type: string
+    - name: namespace
+      type: string
+  tasks:
+    - name: install-app
+      retries: 3
+      taskRef:
+        resolver: cluster
+        params:
+          - name: kind
+            value: task
+          - name: name
+            value: install-app
+          - name: namespace
+            value: tekton-pipelines
+      params:
+        - name: environment
+          value: $(params.environment)
+        - name: namespace
+          value: $(params.namespace)
+        - name: application
+          value: $(params.application)
--- a/charts/tekton-pipelines/templates/rbac.yaml
+++ b/charts/tekton-pipelines/templates/rbac.yaml
@ -10,6 +10,11 @@ rules:
  - apiGroups: [""]
    resources: ["secrets", "configmaps"]
    verbs: ["*"]
+  - apiGroups: 
+      - helm.toolkit.fluxcd.io
+      - source.toolkit.fluxcd.io
+    resources: ["*"]
+    verbs: ["*"]
 ---
 apiVersion: v1
 kind: ServiceAccount
--- a/charts/tekton-pipelines/templates/tasks/bootstrap-k3s.yml
+++ b/charts/tekton-pipelines/templates/tasks/bootstrap-k3s.yml
@ -97,7 +97,7 @@ spec:
        kubectl create secret generic \
          "$(params.environment)"-config \
          --namespace "$(params.namespace)" \
-          --from-file=kubeconfig=/tmp/outputs/admin-default-config
+          --from-file=value=/tmp/outputs/admin-default-config
  workspaces:
    - name: outputs
      description: A folder to store outputs
--- a/charts/tekton-pipelines/templates/tasks/cleanup-dns-records.yml
+++ b/charts/tekton-pipelines/templates/tasks/cleanup-dns-records.yml
@ -0,0 +1,40 @@
+---
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: cleanup-dns-records
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: namespace
+      type: string
+    - name: environment
+      type: string
+  steps:
+    - name: get-provider-outputs
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl get configmap "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)" -o yaml \
+          | yq '.data."provider_outputs.yaml"' > /tmp/outputs/provider_outputs.yaml
+    - name: setup-dns
+      image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
+      env:
+        - name: SP_STATE
+          value: absent
+        - name: SP_ENV
+          value: $(params.environment)
+        - name: SOPS_AGE_KEY
+          value: {{ .Values.providers.hetzner.ageKey }}
+      script: |-
+        #!/bin/sh
+        ansible-playbook /src/playbooks/other/cloudflare/playbook.yml
+        
+  workspaces:
+    - name: outputs
+      description: A folder to store outputs
+      optional: false
+      mountPath: /tmp/outputs
--- a/charts/tekton-pipelines/templates/tasks/cleanup-hetzner-infra.yml
+++ b/charts/tekton-pipelines/templates/tasks/cleanup-hetzner-infra.yml
@ -42,3 +42,7 @@ spec:
        kubectl delete secret \
          "$(params.environment)-config" \
          --namespace "$(params.namespace)" || true
+        kubectl delete configmap \
+          "$(params.environment)-provider-outputs" \
+          --namespace "$(params.namespace)" || true
+
--- a/charts/tekton-pipelines/templates/tasks/deploy-helmfile-base.yml
+++ b/charts/tekton-pipelines/templates/tasks/deploy-helmfile-base.yml
@ -19,7 +19,7 @@ spec:
        #!/bin/sh
        kubectl get secret "$(params.environment)"-config \
          --namespace "$(params.namespace)" -o yaml \
-          | yq '.data.kubeconfig' \
+          | yq '.data.value' \
          | base64 -d > /tmp/outputs/config
        chmod 0600 /tmp/outputs/config
    - name: annonate-an-env-cm-installing
--- a/charts/tekton-pipelines/templates/tasks/install-app.yml
+++ b/charts/tekton-pipelines/templates/tasks/install-app.yml
@ -0,0 +1,47 @@
+# ---------------------------------------------------------------------
+# This task should create a flux resource that will deploy a helm
+# chart to the environemnt 
+# -- Create an app secret with configs
+# -- shell-operator is running a pipeline with confi 
+# -- Tekton is creating a flux HelmRelease resource
+# ---------------------------------------------------------------------
+---
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: install-app
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: namespace
+      type: string
+    - name: environment
+      type: string
+    - name: application
+      type: string
+  steps:
+    - name: create-an-app
+      image: fluxcd/flux-cli:v2.2.3
+      env:
+        - name: SP_STATE
+          value: present
+        - name: SP_ENV
+          value: $(params.environment)
+        - name: SP_APPLICATION
+          value: $(params.application)
+        - name: SP_ACCOUNT
+          value: $(params.namespace)
+      script: |-
+        #!/bin/sh
+        flux create source helm $SP_APPLICATION \
+          --namespace=$SP_ACCOUNT \
+          --url=oci://git.badhouseplants.net/softplayer/helm
+        flux create helmrelease $SP_APPLICATION \
+          --source=HelmRepository/$SP_APPLICATION \
+          --namespace=$SP_ACCOUNT \
+          --chart=helmrelease \
+          --values-from Secret/$SP_APPLICATION-config \
+          --kubeconfig-secret-ref=$SP_ENV-config \
+          --target-namespace=default
--- a/charts/tekton-pipelines/templates/tasks/prepare-dns-records.yml
+++ b/charts/tekton-pipelines/templates/tasks/prepare-dns-records.yml
@ -0,0 +1,48 @@
+---
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: prepare-dns-records
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: namespace
+      type: string
+    - name: environment
+      type: string
+  steps:
+    - name: get-provider-outputs
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl get configmap "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)" -o yaml \
+          | yq '.data."provider_outputs.yaml"' > /tmp/outputs/provider_outputs.yaml
+    - name: annonate-an-env-cm
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl annotate --overwrite configmap \
+          "$(params.environment)" \
+          --namespace "$(params.namespace)" \
+          "softplayer.net/status=setting-up-dns"
+    - name: setup-dns
+      image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
+      env:
+        - name: SP_STATE
+          value: present
+        - name: SP_ENV
+          value: $(params.environment)
+        - name: SOPS_AGE_KEY
+          value: {{ .Values.providers.hetzner.ageKey }}
+      script: |-
+        #!/bin/sh
+        ansible-playbook /src/playbooks/other/cloudflare/playbook.yml
+
+  workspaces:
+    - name: outputs
+      description: A folder to store outputs
+      optional: false
+      mountPath: /tmp/outputs
--- a/charts/tekton-pipelines/templates/tasks/prepare-hetzner-infra.yml
+++ b/charts/tekton-pipelines/templates/tasks/prepare-hetzner-infra.yml
@ -55,6 +55,18 @@ spec:
          "$(params.environment)"-inventory \
          --namespace "$(params.namespace)" \
          --from-file /tmp/outputs/inventory.yaml
+    - name: save-provider-outputs
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl delete configmap \
+          "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)"
+        kubectl create configmap \
+          "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)" \
+          --from-file /tmp/outputs/provider_outputs.yaml
+
  workspaces:
    - name: outputs
      description: A folder to store outputs
--- a/helmule/helmule.yaml
+++ b/helmule/helmule.yaml
@ -41,7 +41,12 @@ repositories:
    git:
      url: https://git.badhouseplants.net/softplayer/softplayer-helmfile
      git_ref: main
-      path: charts/helmrelease
+      path: charts
+  - name: allanger-charts
+    git:
+      url: https://git.badhouseplants.net/allanger/helm-charts
+      git_ref: add-shadowsocks
+      path: charts

 mirrors:
  - name: custom-commands
@ -122,3 +127,13 @@ charts:
    repository: fluxcd-community
    mirrors:
      - custom_command
+  
+  - name: helmrelease
+    repository: softplayer
+    mirrors:
+      - custom_command
+
+  - name: shadowsocks-libev
+    repository: allanger-charts
+    mirrors:
+      - custom_command
--- a/workload/helmfile.yaml
+++ b/workload/helmfile.yaml
@ -3,20 +3,20 @@ repositories:
    url: git.badhouseplants.net/softplayer/helm
    oci: true

-releases: 
+releases:
  - name: namespaces
    chart: ../charts/namespaces
    namespace: kube-system
-    values: 
+    values:
      - ./values/namespaces.yaml
-  
+
  - name: coredns
    chart: zot/coredns
    version: 1.29.0
    namespace: kube-system
    values:
      - ./values/coredns.yaml
-  
+
  - name: cilium
    chart: zot/cilium
    installed: true
@ -26,7 +26,7 @@ releases:
      - kube-system/coredns
    values:
      - ./values/cilium.yaml
-  
+
  - name: metrics-server
    chart: zot/metrics-server
    version: 3.12.1
@ -36,7 +36,7 @@ releases:
      - kube-system/cilium
    values:
      - ./values/metrics-server.yaml
-  
+
  - name: flux2
    chart: zot/flux2
    namespace: flux-system
@ -47,15 +47,13 @@ releases:
      - kube-system/cilium
      - kube-system/namespaces
    values:
-      - policies:
-          create: false
-
+      - ./values/flux.yaml
  - name: cert-manager
    chart: zot/cert-manager
    version: v1.14.4
    namespace: cert-manager
    needs:
-      - kube-system/namespaces 
+      - kube-system/namespaces
      - kube-system/coredns
    values:
      - ./values/cert-mangager.yaml
@ -66,16 +64,16 @@ releases:
    namespace: metallb-system
    createNamespace: false
    needs:
-      - kube-system/namespaces 
+      - kube-system/namespaces
      - kube-system/coredns
      - kube-system/cilium
-  
+

  - name: traefik
    chart: zot/traefik
    version: 27.0.2
    needs:
-      - kube-system/namespaces 
+      - kube-system/namespaces
      - kube-system/coredns
      - kube-system/cilium
    namespace: traefik-system
@ -84,4 +82,10 @@ releases:
  - name: local-path-provisioner
    chart: zot/local-path-provisioner
    version: 0.0.25-dev
+    needs:
+      - kube-system/namespaces
+      - kube-system/coredns
+      - kube-system/cilium
+    namespace: traefik-system
+

--- a/workload/values/flux.yaml
+++ b/workload/values/flux.yaml
@ -0,0 +1,8 @@
+policies:
+  create: false
+kustomizeController:
+  create: false
+imageAutomationController:
+  create: false
+imageReflectionController:
+  create: false