Merge pull request 'add woodpecker-deployment' (#152) from woodpecker-deployment into main
All checks were successful
ci/woodpecker/push/dashboard Pipeline was successful
All checks were successful
ci/woodpecker/push/dashboard Pipeline was successful
Reviewed-on: #152 Reviewed-by: Tom Neuber <tomneuber@web.de>
This commit is contained in:
commit
806634b0f0
5 changed files with 130 additions and 0 deletions
30
app-files/apps.yaml
Normal file
30
app-files/apps.yaml
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
---
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: woodpecker
|
||||||
|
namespace: argocd
|
||||||
|
spec:
|
||||||
|
project: default
|
||||||
|
sources:
|
||||||
|
- chart: woodpecker
|
||||||
|
repoURL: https://woodpecker-ci.org/
|
||||||
|
targetRevision: 1.6.0
|
||||||
|
helm:
|
||||||
|
releaseName: woodpecker
|
||||||
|
valueFiles:
|
||||||
|
- $values/woodpecker/values.yaml
|
||||||
|
- repoURL: https://git.ar21.de/yolokube/core-deployments.git
|
||||||
|
targetRevision: HEAD
|
||||||
|
ref: values
|
||||||
|
- repoURL: https://git.ar21.de/yolokube/core-deployments.git
|
||||||
|
targetRevision: HEAD
|
||||||
|
path: secrets
|
||||||
|
destination:
|
||||||
|
server: https://kubernetes.default.svc
|
||||||
|
namespace: woodpecker
|
||||||
|
syncPolicy:
|
||||||
|
syncOptions:
|
||||||
|
- CreateNamespace=true
|
||||||
|
automated:
|
||||||
|
prune: false
|
4
woodpecker/secrets/kustomization.yaml
Normal file
4
woodpecker/secrets/kustomization.yaml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
generators:
|
||||||
|
- ./secret-generator.yaml
|
10
woodpecker/secrets/secret-generator.yaml
Normal file
10
woodpecker/secrets/secret-generator.yaml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
apiVersion: viaduct.ai/v1
|
||||||
|
kind: ksops
|
||||||
|
metadata:
|
||||||
|
name: secret-generator
|
||||||
|
annotations:
|
||||||
|
config.kubernetes.io/function: |
|
||||||
|
exec:
|
||||||
|
path: ksops
|
||||||
|
files:
|
||||||
|
- ./secrets.enc.yaml
|
51
woodpecker/secrets/secrets.enc.yaml
Normal file
51
woodpecker/secrets/secrets.enc.yaml
Normal file
|
@ -0,0 +1,51 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: woodpecker-forgejo
|
||||||
|
namespace: woodpecker
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/instance: woodpecker
|
||||||
|
type: Opaque
|
||||||
|
data:
|
||||||
|
WOODPECKER_FORGEJO_CLIENT: ENC[AES256_GCM,data:zTcJ9+s6Oykd2ptkaM4/FTcIriF0BarmswUyDzvLIyeBQl7mvTktPKJaeK/RudFVzdgEJA==,iv:im64HVYag5cWwo3+wINzoHMbfaiAYu67GeNexm6ffsA=,tag:a1a6eUmjyRPOzX4r8m9iuQ==,type:str]
|
||||||
|
WOODPECKER_FORGEJO_SECRET: ENC[AES256_GCM,data:gYiC+ZYXeMGPgWnvaHHEs8pNq1UP3kFthryX346TNnM7+oJVKQjz+ufLlsKmradtH6W4ulHzmSBHByT2VHHH8uHItA+Qbs55twRL0w==,iv:4VaEMHf7K+2lEYZAMCTo+Ot018SNIzCNJs27RovaN+I=,tag:qMkWRopd4/4xGBFZk7PW/Q==,type:str]
|
||||||
|
WOODPECKER_AGENT_SECRET: ENC[AES256_GCM,data:DokhZ7SJGOeHnTVmnwJgmXJngaoSBZjdCAQUE76bf/tyQJoBA8Sh4vGy3VgVORY3MQIF33glxm+VNvqFWxV6LYbOvfGlJgZ5R8435NBPXfZnG/+PEungX9vQpcDvIf8ffcgGpC/Z/f3QBRAV,iv:DyuzOYf/bvUUm8NT4+8dk2hEgyqeVxOJqmt0mKCw2SQ=,tag:pvKr0hZzM4cXMErTYRr2jg==,type:str]
|
||||||
|
WOODPECKER_PROMETHEUS_AUTH_TOKEN: ENC[AES256_GCM,data:yzYzatAWs3BO8C4rsq3KpTYrHagA0eUkSD6aOlSU8u0mfJeoVq1vTzR3lLo=,iv:bhaaf9CCSHLkhYgdsTvNlZD/FFQCL6FanhIgsaXLfOA=,tag:W+MXx47fRElZaTmsAoMvPw==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1mraede6gqxkh2rkeq5fjrcflp7emenl2qn885asxvtx5erga2pdqujuexz
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzakpwaHhhclQ5MU5BOVpO
|
||||||
|
eHY0WGF6bHlyaStxNW5WVGZIQzZnRVR3SVFrCjdrRjIzRjFheHZqdWpmYlFpODVo
|
||||||
|
RzBsd1llNk5JZEtFbCtuN3Nrd2lTejAKLS0tIEFxOU00aGVlM1U3S0tYdFJ5NnVH
|
||||||
|
U0h3czZCUUk5NDdlL1o1THJGSXdqMUUKA4bMrmS1o1yB+aGdUgUzWMGjfYaQ55UW
|
||||||
|
Em+FXnis5k+3eY18YplZs3rBRiiuSHjt4WOnrwOymn3TvGixS1nA2A==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1s9nvc4rxj3kaj4apmzzn8fmjrudrvdhgu70rg04we9hyse5aadsq7kmckn
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0WGlRZzJ4emVKazRtbGxk
|
||||||
|
SUs3R3J4aGpZV2EvVTllb2h4Tlh6NDd2QndBCnlxdUQ1L3BReHV3eTQ2OEh1bjNM
|
||||||
|
b3UzdjR5YlBqakN1aU9CanZrM0RqajQKLS0tIGFhVGVXSmRXbmhJVE1aOW0xYzV2
|
||||||
|
ZStBaHZxRDhzWTVnSHFBK3J4R3R5Z2cKg/yRNnsxy0Zrwi/dcNHTzjSHcQ9ZbipN
|
||||||
|
N1JKH1WCGdmZku3m/G0DSRdxP7yNs3rJBoOg63h632bWHKHj/pElsQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1z5wtjmk0jw0j9qz9k5rrnp30nzqxrl3v6wgl7eryvqus28zekp4qpx9jc2
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlVkdsM01hVzhpaUVCYTk5
|
||||||
|
SXZTemJudWl6YlNnTnJiN1dIQkdlbnBZZ2o0CkFvNndWbXBNcUNkSkVmeGx2aVBJ
|
||||||
|
WkYxbHV0czBydWZpWnN6NFkwdm5aZVUKLS0tIEhNK0FLakVZMXNKRGdpYXd2WmQz
|
||||||
|
dGZrWWhwemxSdzdjNmF2UmdVWklJeEkKmLPdUb3KcgA61fMhhiaQxwcDx0kEdh0t
|
||||||
|
gMyW7MGzyCxkUjGxb/amuPJkq0/7MujpfHK8q0AgUztmqa6Tk02P9Q==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-10-04T17:19:41Z"
|
||||||
|
mac: ENC[AES256_GCM,data:oW62pLYPe4greXFb5rbyLhr29FltC1tcVsbwJd6x9HZ5Iz3JiLkHU49R4fObMBBt7gE/Dv+d+U5Ov/ucq3ulzvQdLffkzhIBilfHMCTksd8Dj41Q+I6mcedRnnFbPhyI2bVTivftotsbtPldYIl8PaWcmCRohM9Mjzf/TbWWrag=,iv:ZlmpKUWt0T06RaJdRJqqjeQaBoCgMhnpLcnydcgMCLI=,tag:Vgw7xuWVp/gnLNOD096z+w==,type:str]
|
||||||
|
pgp: []
|
||||||
|
encrypted_regex: ^(data|stringData)$
|
||||||
|
version: 3.9.0
|
35
woodpecker/values/values.yaml
Normal file
35
woodpecker/values/values.yaml
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
server:
|
||||||
|
ingress:
|
||||||
|
# -- Enable the ingress for the server component
|
||||||
|
enabled: true
|
||||||
|
# -- Add annotations to the ingress
|
||||||
|
annotations:
|
||||||
|
# kubernetes.io/ingress.class: nginx
|
||||||
|
kubernetes.io/tls-acme: "true"
|
||||||
|
hosts:
|
||||||
|
- host: woodpecker.ar21.de
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
backend:
|
||||||
|
serviceName: woodpecker-svc
|
||||||
|
servicePort: 80
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- woodpecker.ar21.de
|
||||||
|
secretName: woodpecker-tls-key
|
||||||
|
statefulSet:
|
||||||
|
replicaCount: 1
|
||||||
|
env:
|
||||||
|
WOODPECKER_ADMIN: 'aaron'
|
||||||
|
WOODPECKER_HOST: 'https://woodpecker.ar21.de'
|
||||||
|
WOODPECKER_OPEN: true
|
||||||
|
WOODPECKER_FORGEJO: true
|
||||||
|
WOODPECKER_FORGEJO_URL: 'https://git.ar21.de'
|
||||||
|
extraSecretNamesForEnvFrom:
|
||||||
|
- woodpecker-forgejo
|
||||||
|
agent:
|
||||||
|
extraSecretNamesForEnvFrom:
|
||||||
|
- woodpecker-forgejo
|
||||||
|
replicaCount: 3
|
||||||
|
env:
|
||||||
|
WOODPECKER_MAX_WORKFLOWS: 2
|
Loading…
Reference in a new issue