Update helmrelease

charts/softplayer-backend/templates/vs.yaml

@@ -9,7 +9,7 @@ spec:
   gateways:
   - istio-system/badhouseplants-net
   hosts:
-  - "softplayer-backend.badhouseplants.net"
+  - {{ .Values.config.hostname }}
   http:
   - match:
     - uri:

charts/softplayer-backend/values.yaml

@@ -1,3 +1,5 @@
+config:
+  hostname: softplayer.dev.badhouseplants.net
 replicaCount: 1
 
 image:

charts/softplayer-web/templates/vs.yaml

@@ -9,7 +9,7 @@ spec:
   gateways:
   - istio-system/badhouseplants-net
   hosts:
-  - "softplayer-web.badhouseplants.net"
+  - {{ .Values.config.hostname }}
   http:
   - match:
     - uri:

charts/softplayer-web/values.yaml

@@ -1,3 +1,6 @@
+config:
+  hostname: dev.badhouseplants.net
+
 replicaCount: 1
 
 image:

charts/tekton-pipelines/templates/pipelines/hetzner-cleanup.yaml

@@ -28,3 +28,19 @@ spec:
           value: $(params.environment)
         - name: namespace
           value: $(params.namespace)
+    - name: cleanup-dns-records
+      retries: 3
+      taskRef:
+        resolver: cluster
+        params:
+          - name: kind
+            value: task
+          - name: name
+            value: cleanup-dns-records
+          - name: namespace
+            value: tekton-pipelines
+      params:
+        - name: environment
+          value: $(params.environment)
+        - name: namespace
+          value: $(params.namespace)

charts/tekton-pipelines/templates/pipelines/hetzner-k3s.yaml

@@ -55,6 +55,28 @@ spec:
           value: $(params.environment)
         - name: namespace
           value: $(params.namespace)
+    - name: prepare-dns-records
+      retries: 3
+      runAfter:
+        - prepare-hetzner-infra
+      taskRef:
+        resolver: cluster
+        params:
+          - name: kind
+            value: task
+          - name: name
+            value: prepare-dns-records
+          - name: namespace
+            value: tekton-pipelines
+      workspaces:
+        - name: outputs
+          workspace: inventory
+      params:
+        - name: environment
+          value: $(params.environment)
+        - name: namespace
+          value: $(params.namespace)
+
     - name: bootstrap-k3s
       retries: 3
       runAfter:

charts/tekton-pipelines/templates/pipelines/install-app.yaml

@@ -0,0 +1,32 @@
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: install-app
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: environment
+      type: string
+    - name: namespace
+      type: string
+  tasks:
+    - name: install-app
+      retries: 3
+      taskRef:
+        resolver: cluster
+        params:
+          - name: kind
+            value: task
+          - name: name
+            value: install-app
+          - name: namespace
+            value: tekton-pipelines
+      params:
+        - name: environment
+          value: $(params.environment)
+        - name: namespace
+          value: $(params.namespace)
+        - name: application
+          value: $(params.application)

charts/tekton-pipelines/templates/rbac.yaml

@@ -10,6 +10,11 @@ rules:
   - apiGroups: [""]
     resources: ["secrets", "configmaps"]
     verbs: ["*"]
+  - apiGroups: 
+      - helm.toolkit.fluxcd.io
+      - source.toolkit.fluxcd.io
+    resources: ["*"]
+    verbs: ["*"]
 ---
 apiVersion: v1
 kind: ServiceAccount

charts/tekton-pipelines/templates/tasks/bootstrap-k3s.yml

@@ -97,7 +97,7 @@ spec:
         kubectl create secret generic \
           "$(params.environment)"-config \
           --namespace "$(params.namespace)" \
-          --from-file=kubeconfig=/tmp/outputs/admin-default-config
+          --from-file=value=/tmp/outputs/admin-default-config
   workspaces:
     - name: outputs
       description: A folder to store outputs

charts/tekton-pipelines/templates/tasks/cleanup-dns-records.yml

@@ -0,0 +1,40 @@
+---
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: cleanup-dns-records
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: namespace
+      type: string
+    - name: environment
+      type: string
+  steps:
+    - name: get-provider-outputs
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl get configmap "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)" -o yaml \
+          | yq '.data."provider_outputs.yaml"' > /tmp/outputs/provider_outputs.yaml
+    - name: setup-dns
+      image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
+      env:
+        - name: SP_STATE
+          value: absent
+        - name: SP_ENV
+          value: $(params.environment)
+        - name: SOPS_AGE_KEY
+          value: {{ .Values.providers.hetzner.ageKey }}
+      script: |-
+        #!/bin/sh
+        ansible-playbook /src/playbooks/other/cloudflare/playbook.yml
+        
+  workspaces:
+    - name: outputs
+      description: A folder to store outputs
+      optional: false
+      mountPath: /tmp/outputs

charts/tekton-pipelines/templates/tasks/cleanup-hetzner-infra.yml

@@ -42,3 +42,7 @@ spec:
         kubectl delete secret \
           "$(params.environment)-config" \
           --namespace "$(params.namespace)" || true
+        kubectl delete configmap \
+          "$(params.environment)-provider-outputs" \
+          --namespace "$(params.namespace)" || true
+

charts/tekton-pipelines/templates/tasks/deploy-helmfile-base.yml

@@ -19,7 +19,7 @@ spec:
         #!/bin/sh
         kubectl get secret "$(params.environment)"-config \
           --namespace "$(params.namespace)" -o yaml \
-          | yq '.data.kubeconfig' \
+          | yq '.data.value' \
           | base64 -d > /tmp/outputs/config
         chmod 0600 /tmp/outputs/config
     - name: annonate-an-env-cm-installing

charts/tekton-pipelines/templates/tasks/install-app.yml

@@ -0,0 +1,47 @@
+# ---------------------------------------------------------------------
+# This task should create a flux resource that will deploy a helm
+# chart to the environemnt 
+# -- Create an app secret with configs
+# -- shell-operator is running a pipeline with confi 
+# -- Tekton is creating a flux HelmRelease resource
+# ---------------------------------------------------------------------
+---
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: install-app
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: namespace
+      type: string
+    - name: environment
+      type: string
+    - name: application
+      type: string
+  steps:
+    - name: create-an-app
+      image: fluxcd/flux-cli:v2.2.3
+      env:
+        - name: SP_STATE
+          value: present
+        - name: SP_ENV
+          value: $(params.environment)
+        - name: SP_APPLICATION
+          value: $(params.application)
+        - name: SP_ACCOUNT
+          value: $(params.namespace)
+      script: |-
+        #!/bin/sh
+        flux create source helm $SP_APPLICATION \
+          --namespace=$SP_ACCOUNT \
+          --url=oci://git.badhouseplants.net/softplayer/helm
+        flux create helmrelease $SP_APPLICATION \
+          --source=HelmRepository/$SP_APPLICATION \
+          --namespace=$SP_ACCOUNT \
+          --chart=helmrelease \
+          --values-from Secret/$SP_APPLICATION-config \
+          --kubeconfig-secret-ref=$SP_ENV-config \
+          --target-namespace=default

charts/tekton-pipelines/templates/tasks/prepare-dns-records.yml

@@ -0,0 +1,48 @@
+---
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: prepare-dns-records
+  namespace: {{ .Values.pipelineNamespace }}
+  labels:
+    {{- include "tekton-pipelines.labels" . | nindent 4 }}
+spec:
+  params:
+    - name: namespace
+      type: string
+    - name: environment
+      type: string
+  steps:
+    - name: get-provider-outputs
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl get configmap "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)" -o yaml \
+          | yq '.data."provider_outputs.yaml"' > /tmp/outputs/provider_outputs.yaml
+    - name: annonate-an-env-cm
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl annotate --overwrite configmap \
+          "$(params.environment)" \
+          --namespace "$(params.namespace)" \
+          "softplayer.net/status=setting-up-dns"
+    - name: setup-dns
+      image: git.badhouseplants.net/softplayer/softplayer-coskgne:latest
+      env:
+        - name: SP_STATE
+          value: present
+        - name: SP_ENV
+          value: $(params.environment)
+        - name: SOPS_AGE_KEY
+          value: {{ .Values.providers.hetzner.ageKey }}
+      script: |-
+        #!/bin/sh
+        ansible-playbook /src/playbooks/other/cloudflare/playbook.yml
+
+  workspaces:
+    - name: outputs
+      description: A folder to store outputs
+      optional: false
+      mountPath: /tmp/outputs

charts/tekton-pipelines/templates/tasks/prepare-hetzner-infra.yml

@@ -55,6 +55,18 @@ spec:
           "$(params.environment)"-inventory \
           --namespace "$(params.namespace)" \
           --from-file /tmp/outputs/inventory.yaml
+    - name: save-provider-outputs
+      image: alpine/k8s:1.29.2
+      script: |-
+        #!/bin/sh
+        kubectl delete configmap \
+          "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)"
+        kubectl create configmap \
+          "$(params.environment)"-provider-outputs \
+          --namespace "$(params.namespace)" \
+          --from-file /tmp/outputs/provider_outputs.yaml
+
   workspaces:
     - name: outputs
       description: A folder to store outputs