Merge pull request 'Add yamllint to Woodpecker CI' (#154) from improce_ci into main
All checks were successful
ci/woodpecker/push/yamllint Pipeline was successful
All checks were successful
ci/woodpecker/push/yamllint Pipeline was successful
Reviewed-on: #154 Reviewed-by: Aaron Riedel <git@ar21.de>
This commit is contained in:
commit
e868463399
67 changed files with 702 additions and 631 deletions
13
.drone.yml
13
.drone.yml
|
@ -1,7 +1,8 @@
|
|||
---
|
||||
kind: pipeline
|
||||
name: deploy
|
||||
steps:
|
||||
- name: kustomize build dashboard (prod + staging)
|
||||
- name: kustomize build dashboard (prod + staging)
|
||||
image: git.ar21.de/aaron/kustomize-ci
|
||||
commands:
|
||||
- cd /deployment-repo
|
||||
|
@ -18,7 +19,7 @@ steps:
|
|||
- main
|
||||
event:
|
||||
- push
|
||||
- name: kustomize build dashboard (staging)
|
||||
- name: kustomize build dashboard (staging)
|
||||
image: git.ar21.de/aaron/kustomize-ci
|
||||
commands:
|
||||
- cd /deployment-repo
|
||||
|
@ -38,7 +39,7 @@ steps:
|
|||
- main
|
||||
event:
|
||||
- push
|
||||
- name: kustomize push dashboard changes (prod + staging)
|
||||
- name: kustomize push dashboard changes (prod + staging)
|
||||
image: appleboy/drone-git-push
|
||||
settings:
|
||||
branch: main
|
||||
|
@ -57,7 +58,7 @@ steps:
|
|||
- main
|
||||
event:
|
||||
- push
|
||||
- name: kustomize push dashboard changes (staging)
|
||||
- name: kustomize push dashboard changes (staging)
|
||||
image: appleboy/drone-git-push
|
||||
settings:
|
||||
branch: main
|
||||
|
@ -78,9 +79,9 @@ steps:
|
|||
event:
|
||||
- push
|
||||
volumes:
|
||||
- name: deployment-repo
|
||||
- name: deployment-repo
|
||||
temp: {}
|
||||
- name: staging-repo
|
||||
- name: staging-repo
|
||||
temp: {}
|
||||
when:
|
||||
event:
|
||||
|
|
8
.woodpecker/.yamllint.yaml
Normal file
8
.woodpecker/.yamllint.yaml
Normal file
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
steps:
|
||||
- name: linting
|
||||
image: cytopia/yamllint:latest
|
||||
commands:
|
||||
- yamllint -f colored -s .
|
||||
when:
|
||||
- event: push
|
10
.yamllint
Normal file
10
.yamllint
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
yaml-files:
|
||||
- '*.yaml'
|
||||
- '*.yml'
|
||||
- '.yamllint'
|
||||
|
||||
extends: default
|
||||
|
||||
rules:
|
||||
line-length: disable
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
generators:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
global:
|
||||
domain: argo.services.yolokube.de
|
||||
configs:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
generators:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
namespace: cert-manager
|
||||
replicaCount: 3
|
||||
podDisruptionBudget:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
encryption:
|
||||
enabled: false
|
||||
ipam:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- dashboard.yaml
|
||||
- dashboard.yaml
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
---
|
||||
resources:
|
||||
- ../../base
|
||||
- ../../base
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
images:
|
||||
- name: git.ar21.de/yolokube/dashboard
|
||||
- name: git.ar21.de/yolokube/dashboard
|
||||
newName: git.ar21.de/yolokube/dashboard
|
||||
newTag: "96"
|
||||
namespace: dashboard
|
||||
|
|
|
@ -1,28 +1,29 @@
|
|||
---
|
||||
resources:
|
||||
- ../../base
|
||||
- ../../base
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
images:
|
||||
- name: git.ar21.de/yolokube/dashboard
|
||||
- name: git.ar21.de/yolokube/dashboard
|
||||
newName: git.ar21.de/yolokube/dashboard
|
||||
newTag: staging-95
|
||||
namespace: dashboard-staging
|
||||
patches:
|
||||
- patch: |-
|
||||
- patch: |-
|
||||
- op: replace
|
||||
path: /spec/rules/0/host
|
||||
value: "dashboard-staging.services.yolokube.de"
|
||||
target:
|
||||
kind: Ingress
|
||||
name: dashboard-ingress
|
||||
- patch: |-
|
||||
- patch: |-
|
||||
- op: replace
|
||||
path: /spec/tls/0/hosts/0
|
||||
value: "dashboard-staging.services.yolokube.de"
|
||||
target:
|
||||
kind: Ingress
|
||||
name: dashboard-ingress
|
||||
- patch: |-
|
||||
- patch: |-
|
||||
- op: replace
|
||||
path: /spec/replicas
|
||||
value: 1
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
controller:
|
||||
enableSnippets: true
|
||||
hostNetwork: true
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
generators:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
loki:
|
||||
auth_enabled: false
|
||||
persistence:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
generators:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: longhorn.io/v1beta1
|
||||
kind: RecurringJob
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
@ -7,11 +8,11 @@ type: Opaque
|
|||
data:
|
||||
AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:78iskasj0MX32r8qp4LCmTsf5q8r3W5nCs7BrA==,iv:dQFU/Pm+bQQKWfWKq7c63XTW2+czjOeIZuoL2mrPKbM=,tag:we+rZ+YoMpeiAve7zcH6pg==,type:str]
|
||||
AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:zR3LNrmweWn9ONkpOlgNGfJ0ERJeNgNsurvBcsX7JZox/vyaZRb6lt4VEjdBDMdTZ+dWRvtvHUw=,iv:CCLoHHixnzVaT0SX3uOjyb7SCNyAe5H30acmMEIgubI=,tag:c7nWPRTZQXqgp8jVgtU57g==,type:str]
|
||||
#ENC[AES256_GCM,data:p1aNW086iJ/xbZGc3A9VFitml4AB0ly8BOyJztOoIBd9I7Ld,iv:5um8w4PL9EfHcCHlfIW0Yr6aqvgs5FVh4Y54RDQDOLY=,tag:17ELSDORVx0aj2hzFDaxUA==,type:comment]
|
||||
# ENC[AES256_GCM,data:p1aNW086iJ/xbZGc3A9VFitml4AB0ly8BOyJztOoIBd9I7Ld,iv:5um8w4PL9EfHcCHlfIW0Yr6aqvgs5FVh4Y54RDQDOLY=,tag:17ELSDORVx0aj2hzFDaxUA==,type:comment]
|
||||
AWS_ENDPOINTS: ENC[AES256_GCM,data:Cm4ISXx3mosAwVCzFqK5461gFIAqWtSwazvhfe/01blpOLOGpEW7b7S00fnRMviR,iv:Zflw/1JEQjcKarQPOrpBSpCprdL/2Ry6FH74K3/NfFo=,tag:l6idxnQStu2ycr0og2/otw==,type:str]
|
||||
#ENC[AES256_GCM,data:0QVDgxSYpM+pFAiXf2+xcAnZath1zSzyZDy/zS8L36kZrSQnBSDN91OwAKLYpOb1m+cbex6lWN9OYFRYcIhUjA==,iv:Cm7bwYZS6F4XkRFaqUcBehXUQXmUI/48l+cDBPjlao8=,tag:jBUadTKqWJbPqpljshBoRg==,type:comment]
|
||||
#ENC[AES256_GCM,data:oxfKvt9xbus8la9hJGLOCVBfyQMCP4wpD4QZcEIw/SFWysMm2NaFzUHtUH39QAG2kCw1C5gKtTQ5EhJ1C2bgxVB6qlC6DUhO5uwlIoXtDqNsfhnsyWuIvJMH5jnPwAfO8Y+plLk2g4dV3aMmYt8Hfg==,iv:Ai/0l0GDbJzTaVy7Xhp1offyaqKD/Ge/oU9YDiGXC28=,tag:wIGYy7TBnCZYrbKDd1y7xQ==,type:comment]
|
||||
#ENC[AES256_GCM,data:6IieK5gwtUr+u3PjRjOXs5fJafO3N14yLmDCxBdU5VBfgOpIV4P5nX07DJ5jXw9BJgr6nqsQA0tlgeddT0vnO/cQNKJFBeQXVCzjxLHlrNv7JLg6EbtXZoO/eNow0XBGCLyg6Mq+6S83J2p8pix4tEae4YQrwveQ+dD0A15hK7n5gWOdFz50qE5IImbZsm9aR3ymxs1o9fjkZYTNycsneWe069SNCdb2gFtf4Q==,iv:N30tKPf2ajQT2s0/GYZPV8ipy1Qkkfh+dAlJ4pdGm9M=,tag:qtfr6TY8nyAoMykRONC3kQ==,type:comment]
|
||||
# ENC[AES256_GCM,data:0QVDgxSYpM+pFAiXf2+xcAnZath1zSzyZDy/zS8L36kZrSQnBSDN91OwAKLYpOb1m+cbex6lWN9OYFRYcIhUjA==,iv:Cm7bwYZS6F4XkRFaqUcBehXUQXmUI/48l+cDBPjlao8=,tag:jBUadTKqWJbPqpljshBoRg==,type:comment]
|
||||
# ENC[AES256_GCM,data:oxfKvt9xbus8la9hJGLOCVBfyQMCP4wpD4QZcEIw/SFWysMm2NaFzUHtUH39QAG2kCw1C5gKtTQ5EhJ1C2bgxVB6qlC6DUhO5uwlIoXtDqNsfhnsyWuIvJMH5jnPwAfO8Y+plLk2g4dV3aMmYt8Hfg==,iv:Ai/0l0GDbJzTaVy7Xhp1offyaqKD/Ge/oU9YDiGXC28=,tag:wIGYy7TBnCZYrbKDd1y7xQ==,type:comment]
|
||||
# ENC[AES256_GCM,data:6IieK5gwtUr+u3PjRjOXs5fJafO3N14yLmDCxBdU5VBfgOpIV4P5nX07DJ5jXw9BJgr6nqsQA0tlgeddT0vnO/cQNKJFBeQXVCzjxLHlrNv7JLg6EbtXZoO/eNow0XBGCLyg6Mq+6S83J2p8pix4tEae4YQrwveQ+dD0A15hK7n5gWOdFz50qE5IImbZsm9aR3ymxs1o9fjkZYTNycsneWe069SNCdb2gFtf4Q==,iv:N30tKPf2ajQT2s0/GYZPV8ipy1Qkkfh+dAlJ4pdGm9M=,tag:qtfr6TY8nyAoMykRONC3kQ==,type:comment]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
# this is the storageclass manifest for the logs and metrics volumes
|
||||
kind: StorageClass
|
||||
apiVersion: storage.k8s.io/v1
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
persistence:
|
||||
recurringJobSelector:
|
||||
enable: true
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
kind: VolumeSnapshotClass
|
||||
apiVersion: snapshot.storage.k8s.io/v1
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
generators:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
alertmanager:
|
||||
alertmanagerSpec:
|
||||
podAntiAffinity: "hard"
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
|
|
|
@ -1,17 +1,17 @@
|
|||
#---
|
||||
#apiVersion: v1
|
||||
#kind: Namespace
|
||||
#metadata:
|
||||
# ---
|
||||
# apiVersion: v1
|
||||
# kind: Namespace
|
||||
# metadata:
|
||||
# name: egress
|
||||
#---
|
||||
#apiVersion: apps/v1
|
||||
#kind: Deployment
|
||||
#metadata:
|
||||
# ---
|
||||
# apiVersion: apps/v1
|
||||
# kind: Deployment
|
||||
# metadata:
|
||||
# name: egress-deployment
|
||||
# namespace: egress
|
||||
# labels:
|
||||
# app: egress
|
||||
#spec:
|
||||
# spec:
|
||||
# replicas: 3
|
||||
# selector:
|
||||
# matchLabels:
|
||||
|
@ -26,15 +26,15 @@
|
|||
# image: curlimages/curl
|
||||
# command: ['/usr/bin/curl']
|
||||
# args: ['-s', '-L', '-4', 'ip.hetzner.com']
|
||||
#---
|
||||
#apiVersion: apps/v1
|
||||
#kind: Deployment
|
||||
#metadata:
|
||||
# ---
|
||||
# apiVersion: apps/v1
|
||||
# kind: Deployment
|
||||
# metadata:
|
||||
# name: egress6-deployment
|
||||
# namespace: egress
|
||||
# labels:
|
||||
# app: egress6
|
||||
#spec:
|
||||
# spec:
|
||||
# replicas: 3
|
||||
# selector:
|
||||
# matchLabels:
|
||||
|
|
|
@ -1,31 +1,31 @@
|
|||
### example app "privatebin" to test storage
|
||||
#---
|
||||
#apiVersion: v1
|
||||
#kind: Namespace
|
||||
#metadata:
|
||||
# ## example app "privatebin" to test storage
|
||||
# ---
|
||||
# apiVersion: v1
|
||||
# kind: Namespace
|
||||
# metadata:
|
||||
# name: paste
|
||||
#---
|
||||
#apiVersion: v1
|
||||
#kind: PersistentVolumeClaim
|
||||
#metadata:
|
||||
# ---
|
||||
# apiVersion: v1
|
||||
# kind: PersistentVolumeClaim
|
||||
# metadata:
|
||||
# name: paste-pvc
|
||||
# namespace: paste
|
||||
#spec:
|
||||
# spec:
|
||||
# accessModes:
|
||||
# - ReadWriteOnce
|
||||
# volumeMode: Filesystem
|
||||
# resources:
|
||||
# requests:
|
||||
# storage: 8Gi
|
||||
#---
|
||||
#apiVersion: apps/v1
|
||||
#kind: Deployment
|
||||
#metadata:
|
||||
# ---
|
||||
# apiVersion: apps/v1
|
||||
# kind: Deployment
|
||||
# metadata:
|
||||
# name: paste-deployment
|
||||
# namespace: paste
|
||||
# labels:
|
||||
# app: paste
|
||||
#spec:
|
||||
# spec:
|
||||
# replicas: 1
|
||||
# selector:
|
||||
# matchLabels:
|
||||
|
@ -49,28 +49,28 @@
|
|||
# - name: paste-volume
|
||||
# persistentVolumeClaim:
|
||||
# claimName: paste-pvc
|
||||
#---
|
||||
#apiVersion: v1
|
||||
#kind: Service
|
||||
#metadata:
|
||||
# ---
|
||||
# apiVersion: v1
|
||||
# kind: Service
|
||||
# metadata:
|
||||
# name: paste-service
|
||||
# namespace: paste
|
||||
#spec:
|
||||
# spec:
|
||||
# selector:
|
||||
# app: paste
|
||||
# ports:
|
||||
# - protocol: TCP
|
||||
# port: 80
|
||||
# targetPort: 8080
|
||||
#---
|
||||
#apiVersion: networking.k8s.io/v1
|
||||
#kind: Ingress
|
||||
#metadata:
|
||||
# ---
|
||||
# apiVersion: networking.k8s.io/v1
|
||||
# kind: Ingress
|
||||
# metadata:
|
||||
# annotations:
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
# name: paste-ingress
|
||||
# namespace: paste
|
||||
#spec:
|
||||
# spec:
|
||||
# rules:
|
||||
# - host: "paste.apps.yolokube.de"
|
||||
# http:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
generators:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: IngressClass
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
deployment:
|
||||
kind: DaemonSet
|
||||
minReadySeconds: 120
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
controlPlane:
|
||||
distro:
|
||||
k8s:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRouteTCP
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
controlPlane:
|
||||
distro:
|
||||
k8s:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
generators:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: viaduct.ai/v1
|
||||
kind: ksops
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
server:
|
||||
ingress:
|
||||
# -- Enable the ingress for the server component
|
||||
|
|
Loading…
Reference in a new issue