ryanc/fleet-infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: ryanc:main
Branches Tags
ryanc:main
..
compare: ryanc:16c32ce60bd0204f97fb87bcd1c15f73d018a8d5
Branches Tags
ryanc:main

2 Commits
main ... 16c32ce60b

Author SHA1 Message Date
Ryan Cavicchioni
16c32ce60b kubernaut v0.2.0 2025-04-29 14:39:00 -05:00
Ryan Cavicchioni
4116879c54 add Envoy Gateway 2025-04-29 14:39:00 -05:00
18 changed files with 58 additions and 81 deletions
Expand all files Collapse all files

2
apps/kubernaut/ingress.yaml
View File

@ -3,7 +3,7 @@ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: traefik
kubernetes.io/ingress.class: istio
name: kubernaut-ingress
namespace: kubernaut
spec:

13
apps/kubernaut/kustomization.yaml
View File

@ -3,6 +3,15 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: kubernaut
resources:
- secrets.yaml
- https://git.kill0.net/ryanc/kubernaut/kustomize?ref=v0.2.2
- https://git.kill0.net/ryanc/kubernaut/kustomize?ref=v0.2.0
- https://git.kill0.net/ryanc/caas/kustomize?timeout=300
- ingress.yaml
patches:
- patch: |
- op: add
path: /metadata/labels/istio-injection
value: enabled
target:
kind: Namespace
name: kubernaut

16
apps/kubernaut/secrets.yaml
View File

@ -1,16 +0,0 @@
---
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: kubernaut
namespace: kubernaut
spec:
encryptedData:
jwt_secret: AgBcARUqnBw3V5At/AbhfVoC1E+jgVXOkWHiWXFw+6ZoIljVOP3s2IJ1ORq5Lcynr1trwlre8cQrMCwTr8q05e2jH1MjVkZ33elzB1wpAjrZlrOwSgKURC8OfWOeIUQenq5pg8RLuOWFmvG/VLutus+lYBZ01kJICP0N0iZkIwZHRuJ527fXK9vhSA598Mn9Fki9W6dw0cA0PCUIDmyrIlBtKBnYrO/T899wbQakNoL3SXIgJ5gPug2gJG6O5YhJu5f2SBP0+paKcbRiGDIRVS17S8O49W/cNvYGGhovKWxozexYO/okDDeRToGCpeHcT0thZfpe6PvOVWM+tcW/ZPd8dhJF57wDliBPa3iC+kAzj3t2wLqNC5sEy2P3ZPEnRz3cHsyD51dbfpXZzXczNLai2shrsd872vCISkBGPF3b1r0aVbYcL1wyJRt1OI0CQq1cPomXrjyWZFK+oNyXXIdfdXz9zbLmmOCS7vL7cZu5sRbl33ClUWFPoTdjKe0whZ6oeUMXgI/AmVpLdqVUVs55MYt7qhTa6Eraws5gFBu2JKSn0W/fHOdhvzeU/SrWwpQR/iQmt/lRJS34Z8a22GrG3BqETwt6FWeLdNNpoHuoXtIQnO89y81cxVKUYKIhayLU0NNwegkENZ4WMm2aULqmtNo3F0tQkEfWB23cSOYQIVFVXf0F0WN5E6yPO4qiD926tJJbeMrzj9toEjGEl+FFLAwyfiuvC4TMregz8y2YUSmhkZ9WS0i8BTkCNq5jnZECg3DVBi5uP7exTXPYoc/q8TwvCw7owAK9c6g97fot5JST3mj+BPZyzCkALnyC8Ap4PHNpvWGG+MlGUzLzsieXb/FcamKepC8pR9AX5A+Pfrg=
session_secret: AgB3+WGGt7x9Rn3ZcyP9z7xr1572aR1dLROI3815kj/98kJpvhIAjisWSfVQaaJRnLWaLBeWQgwIVQSFN7zcm7n4pYxVO4BqCwb/k3ZYJsUI5maR/meNnOvXrpp1+yKxmJXSHlh7/2WzzKUK9OwDT4qmoT2oJnjrKJNRoXvIbR42NTiO8CDtzHiJ6MNEY6oH+dra4GamJ/KjNXC7NUdSZSeq1HpOBudrsrYoCZ6MZxZfMsDG7ROHvIakcSN1ibfQwOjjucDJdZWm/L41cxgW3glvTql6cJtqa9yZpije2Wja1HUHGalnwaWyXFp/5jVpPgFGYZ4SHtyQOy5Hy275Gmee8qSQjvW8iLSor4/pXiEBArWRX0iPDqVudO9onMaYtQz+hz/MEXkhMvopfokrAyrSvUogrTq/1XfRABe1nAMXVrYo74w/27RiiBDEcoRzEra1f5UxrXHJ1B1LZ+iqTSRLrBw1iqPpOG7HDSSv80+m5OKai+ppptY3OcERF9HUA/BWeRHo7h2SbMfPRqVXXihtbgArCZoU570FryGfcHjwEffQIvKYKq/KjTcpRP0dTO/99mfY/Uw7VmdmYiQC4kG/kcxQ8yPgypQNl1YSfLnSBNZH1SRgXQAsY3hETZ74jbCyaPTvpoL/IVzTDo1YrBgTVjUcZoqYW+gwwj5bt9kQZFRL4FMsCNQ7V+wAtT9GmRNkf2cxbNawHknKYx4arGpWP0y6jorebaGzSpWPl8hY1jCipU2MZw2g7f9QVw+10Tik9FlzfkK457fR1pjBNRXlAe5e0MNfNNiuJtKfHZfbj32CNEEK7JZUumqkkUl1J+Lsa8vL3HvANxYgvhohNfJSY9D2G+DD8xbD2jk7P52150Y=
template:
metadata:
creationTimestamp: null
name: kubernaut
namespace: kubernaut

0
clusters/k3s-cluster/apps.yaml → clusters/my-cluster/apps.yaml
View File

0
clusters/k3s-cluster/argo-rollouts/kustomization.yaml → clusters/my-cluster/argo-rollouts/kustomization.yaml
View File

0
clusters/k3s-cluster/argo-rollouts/namespace.yaml → clusters/my-cluster/argo-rollouts/namespace.yaml
View File

0
clusters/k3s-cluster/argocd/kustomization.yaml → clusters/my-cluster/argocd/kustomization.yaml
View File

0
clusters/k3s-cluster/argocd/namespace.yaml → clusters/my-cluster/argocd/namespace.yaml
View File

59
clusters/k3s-cluster/flux-system/gotk-components.yaml → clusters/my-cluster/flux-system/gotk-components.yaml
View File

@ -13,65 +13,6 @@ metadata:
pod-security.kubernetes.io/warn-version: latest
name: flux-system
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
name: allow-egress
namespace: flux-system
spec:
egress:
- {}
ingress:
- from:
- podSelector: {}
podSelector: {}
policyTypes:
- Ingress
- Egress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
name: allow-scraping
namespace: flux-system
spec:
ingress:
- from:
- namespaceSelector: {}
ports:
- port: 8080
protocol: TCP
podSelector: {}
policyTypes:
- Ingress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
app.kubernetes.io/version: v2.4.0
name: allow-webhooks
namespace: flux-system
spec:
ingress:
- from:
- namespaceSelector: {}
podSelector:
matchLabels:
app: notification-controller
policyTypes:
- Ingress
---
apiVersion: v1
kind: ResourceQuota
metadata:

2
clusters/k3s-cluster/flux-system/gotk-sync.yaml → clusters/my-cluster/flux-system/gotk-sync.yaml
View File

@ -20,7 +20,7 @@ metadata:
namespace: flux-system
spec:
interval: 10m0s
path: ./clusters/k3s-cluster
path: ./clusters/my-cluster
prune: true
sourceRef:
kind: GitRepository

0
clusters/k3s-cluster/flux-system/kustomization.yaml → clusters/my-cluster/flux-system/kustomization.yaml
View File

8
clusters/my-cluster/goldpinger/kustomization.yaml Normal file
View File

@ -0,0 +1,8 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: goldpinger
resources:
- namespace.yaml
- repository.yaml
- release.yaml

5
clusters/my-cluster/goldpinger/namespace.yaml Normal file
View File

@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: goldpinger

21
clusters/my-cluster/goldpinger/release.yaml Normal file
View File

@ -0,0 +1,21 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: goldpinger
namespace: goldpinger
spec:
chart:
spec:
chart: goldpinger
sourceRef:
kind: HelmRepository
name: goldpinger
interval: 50m
install:
remediation:
retries: 3
values:
goldpinger:
isArgoRollouts: true
reloadStrategy: annotations

9
clusters/my-cluster/goldpinger/repository.yaml Normal file
View File

@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: goldpinger
namespace: goldpinger
spec:
interval: 5m
url: https://bloomberg.github.io/goldpinger

0
clusters/k3s-cluster/infrastructure.yaml → clusters/my-cluster/infrastructure.yaml
View File

2
infrastructure/controllers/envoy-gateway/repository.yaml
View File

@ -8,4 +8,4 @@ spec:
interval: 10m
url: oci://docker.io/envoyproxy/gateway-helm
ref:
semver: ">=1.3.2"
semver: ">v1.3.2"

2
infrastructure/controllers/sealedsecrets/kustomization.yaml
View File

@ -2,4 +2,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.29.0/controller.yaml
- https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.28.0/controller.yaml