AverageMarcus/cluster.fun
1
0
Fork 0
Code Issues 1 Pull Requests 1 Releases Activity

Compare commits

base: AverageMarcus:720bfb8b62bb35332f1bef309cd2c5fdafbdd687
Branches Tags
AverageMarcus:master
AverageMarcus:renovate/grafana-promtail-3.x
AverageMarcus:increase_cluster_max
..
compare: AverageMarcus:9c66dac0f9f0ff3b642d6637ddb876450a2a860c
Branches Tags
AverageMarcus:renovate/grafana-promtail-3.x
AverageMarcus:master
AverageMarcus:increase_cluster_max

3 Commits
720bfb8b62 ... 9c66dac0f9

Author SHA1 Message Date
Marcus Noble
9c66dac0f9 Added website-to-remarkable 2020-05-07 21:19:46 +01:00
Marcus Noble
7e4350201e Added deployment for RSS reader 2020-05-07 21:15:38 +01:00
Marcus Noble
a28d0d8364 Fixed tekton pipelines 2020-05-07 21:15:26 +01:00
6 changed files with 291 additions and 5 deletions
Show Stats Expand all files Collapse all files

100
manifests/rss.yaml Normal file
View File

@ -0,0 +1,100 @@
apiVersion: v1
kind: Namespace
metadata:
name: rss
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: rss
namespace: rss
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: Service
metadata:
name: rss
namespace: rss
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 8080
name: web
selector:
app: rss
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rss
namespace: rss
labels:
app: rss
spec:
replicas: 1
selector:
matchLabels:
app: rss
template:
metadata:
labels:
app: rss
spec:
securityContext:
fsGroup: 1000
dnsConfig:
options:
- name: ndots
value: "2"
containers:
- name: web
image: mdswanson/stringer
env:
- name: SECRET_TOKEN
value: inward-popcorn-decamp-epsilon
- name: PORT
value: "8080"
- name: DATABASE_URL
value: sqlite3:/data/stringer.db
ports:
- containerPort: 8080
name: web
volumeMounts:
- mountPath: /data
name: storage
volumes:
- name: storage
persistentVolumeClaim:
claimName: rss
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: rss
namespace: rss
annotations:
cert-manager.io/cluster-issuer: letsencrypt
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
traefik.ingress.kubernetes.io/redirect-entry-point: https
traefik.ingress.kubernetes.io/redirect-permanent: "true"
spec:
tls:
- hosts:
- rss.cluster.fun
secretName: rss-ingress
rules:
- host: rss.cluster.fun
http:
paths:
- path: /
backend:
serviceName: rss
servicePort: 80
---

132
manifests/website-to-remarkable.yaml Normal file
View File

@ -0,0 +1,132 @@
apiVersion: v1
kind: Namespace
metadata:
name: website-to-remarkable
---
apiVersion: v1
kind: Secret
metadata:
name: website-to-remarkable-auth
namespace: website-to-remarkable
annotations:
kube-1password: mr6spkkx7n3memkbute6ojaarm
kube-1password/vault: Kubernetes
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
name: website-to-remarkable
namespace: website-to-remarkable
annotations:
kube-1password: smp3qkv74qt72ttzkltyhiktja
kube-1password/vault: Kubernetes
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
name: website-to-remarkable
namespace: website-to-remarkable
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 8080
name: web
selector:
app: website-to-remarkable
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: website-to-remarkable
namespace: website-to-remarkable
labels:
app: website-to-remarkable
spec:
replicas: 1
selector:
matchLabels:
app: website-to-remarkable
template:
metadata:
labels:
app: website-to-remarkable
spec:
dnsConfig:
options:
- name: ndots
value: "2"
containers:
- args:
- --cookie-secure=false
- --provider=oidc
- --provider-display-name=Auth0
- --upstream=http://localhost:8000
- --http-address=$(HOST_IP):8080
- --redirect-url=https://website-to-remarkable.cluster.fun/oauth2/callback
- --email-domain=*
- --pass-basic-auth=false
- --pass-access-token=false
- --oidc-issuer-url=https://marcusnoble.eu.auth0.com/
- --cookie-secret=KDGD6rrK6cBmryyZ4wcJ9xAUNW9AQN
env:
- name: HOST_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: OAUTH2_PROXY_CLIENT_ID
valueFrom:
secretKeyRef:
key: username
name: website-to-remarkable-auth
- name: OAUTH2_PROXY_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: password
name: website-to-remarkable-auth
image: quay.io/oauth2-proxy/oauth2-proxy:v5.1.1
name: oauth-proxy
ports:
- containerPort: 8080
protocol: TCP
- name: web
image: docker.cluster.fun/averagemarcus/website-to-remarkable:latest
imagePullPolicy: Always
env:
- name: REMARKABLE_TOKEN
valueFrom:
secretKeyRef:
name: website-to-remarkable
key: password
ports:
- containerPort: 8000
name: web
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: website-to-remarkable
namespace: website-to-remarkable
annotations:
cert-manager.io/cluster-issuer: letsencrypt
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
traefik.ingress.kubernetes.io/redirect-entry-point: https
traefik.ingress.kubernetes.io/redirect-permanent: "true"
spec:
tls:
- hosts:
- website-to-remarkable.cluster.fun
secretName: website-to-remarkable-ingress
rules:
- host: website-to-remarkable.cluster.fun
http:
paths:
- path: /
backend:
serviceName: website-to-remarkable
servicePort: 80
---

10
tekton/2-Setup/kubeconfig-creds.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: Secret
metadata:
name: kubeconfig
namespace: tekton-pipelines
annotations:
kube-1password: ppvndbst3pdqpvfaavgy7mkluq
kube-1password/vault: Kubernetes
kube-1password/secret-text-key: config
type: Opaque

32
tekton/pipelines/deploy.yaml
View File

@ -65,12 +65,36 @@ spec:
inputs: inputs:
- name: src - name: src
resource: git-source resource: git-source
- name: make-release - name: build-and-publish-sha-public
conditions:
- conditionRef: is-public-project
params:
- name: isprivate
value: $(params.isprivate)
taskRef: taskRef:
name: make name: docker-build-and-publish
params: params:
- name: TARGET - name: IMAGE
value: "release" value: $(params.publicdockerregistry)/$(params.projectname):$(params.gitrevision)
resources:
inputs:
- name: src
resource: git-source
- name: make-release
taskRef:
name: make
runAfter:
- build-and-publish-sha
- build-and-publish-sha-public
params:
- name: TARGET
value: "release"
- name: REPO
value: $(params.projectname)
- name: PR_ID
value: ""
- name: SHA
value: $(params.gitrevision)
resources: resources:
inputs: inputs:
- name: src - name: src

1
tekton/tasks/docker-build-and-publish.yaml
View File

@ -41,6 +41,7 @@ spec:
- --destination=$(params.IMAGE) - --destination=$(params.IMAGE)
- --oci-layout-path=/workspace/src/image-digest - --oci-layout-path=/workspace/src/image-digest
- --digest-file=/tekton/results/IMAGE_DIGEST - --digest-file=/tekton/results/IMAGE_DIGEST
- --cache=true
securityContext: securityContext:
runAsUser: 0 runAsUser: 0
volumeMounts: volumeMounts:

21
tekton/tasks/make.yaml
View File

@ -7,6 +7,12 @@ spec:
params: params:
- name: TARGET - name: TARGET
description: The make target to run description: The make target to run
- name: REPO
description: The name of the repo
- name: PR_ID
description: The ID of the pull request
- name: SHA
description: The commit sha
resources: resources:
inputs: inputs:
- name: src - name: src
@ -16,14 +22,27 @@ spec:
workingDir: /workspace/src workingDir: /workspace/src
image: docker.cluster.fun/averagemarcus/ci-builder:latest image: docker.cluster.fun/averagemarcus/ci-builder:latest
script: | script: |
make --dry-run -t $(params.TARGET) &> /dev/null && make $(params.TARGET) || echo "No '$(params.TARGET)' target found, skipping" make --dry-run $(params.TARGET) &> /dev/null || (echo "No '$(params.TARGET)' target found, skipping" && exit 0)
make $(params.TARGET)
env: env:
- name: REPO - name: REPO
value: $(params.REPO) value: $(params.REPO)
- name: PR_ID - name: PR_ID
value: $(params.PR_ID) value: $(params.PR_ID)
- name: SHA
value: $(params.SHA)
- name: ACCESS_TOKEN - name: ACCESS_TOKEN
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: gitea-access-token name: gitea-access-token
key: access-token key: access-token
- name: KUBECONFIG
value: /root/.kube/config
volumeMounts:
- name: kubeconfig
mountPath: /root/.kube/config
subPath: config
volumes:
- name: kubeconfig
secret:
secretName: kubeconfig