kubernaut v0.2.2

add Kubernaut secrets
2025-05-10 18:37:45 -05:00 · 2025-05-10 18:37:45 -05:00
16 changed files with 123 additions and 60 deletions
--- a/apps/kubernaut/ingress.yaml
+++ b/apps/kubernaut/ingress.yaml
@@ -0,0 +1,19 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    kubernetes.io/ingress.class: traefik
+  name: kubernaut-ingress
+  namespace: kubernaut
+spec:
+  rules:
+    - http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: kubernaut
+                port:
+                  name: web
--- a/apps/kubernaut/kustomization.yaml
+++ b/apps/kubernaut/kustomization.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: kubernaut
+resources:
+  - secrets.yaml
+  - https://git.kill0.net/ryanc/kubernaut/kustomize?ref=v0.2.2
+  - https://git.kill0.net/ryanc/caas/kustomize?timeout=300
+  - ingress.yaml
--- a/apps/kubernaut/secrets.yaml
+++ b/apps/kubernaut/secrets.yaml
@@ -0,0 +1,16 @@
+---
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  creationTimestamp: null
+  name: kubernaut
+  namespace: kubernaut
+spec:
+  encryptedData:
+    jwt_secret: AgAMtRQCjzFE3VviUBzekBZtp/rIAYndRxJ6H4RCVLJefogZEftf59lm9vzQ5UCge9VDNrtpRWKmpaXttblmYN7woGg+B+CG4SZpqxelWDntSH9hI+Sgnl4OcP+9YwdKRQdDgo6uANfqG6r07ouJKfGnhoYnxXSFh/LM7L3E7v3uT8yU6uOzo6gc9ZqYbRP5SRQlAKW92HFF4cJWGq3mRA0LxFJbfKnymG5pm3bMq4LV2Gvx5AHC9k/8hrWRRDKooYPQ1iKoaRguey5+Ob3K/s08fyr5uYggcI+3V8iw/3OQcwpdwN+St0xV804xftotFhBywHd2z0ZlC/8cdkaXTxDDY703UeuYeb4gwRgXLZBgfLiwWp1sDesYN0h4OIRGCGfqlslTVLBoHZctjUBdrP+6DnFRPaWhpNCd1+XhtTv7sWaFevDxbEW3Bl/oinms3JHGXt9hacoVsg6XzKaXY+wiI40C8Qd9KKl1OUsVYMn9QcYFGdh1V+1GBeTD3O0/NCBxpRWnIjeJApdJYdQknUjmyC6HwtIlnOa4kObjJgezIEE0+NQeqikuSmu0ILNndnEh8aEfIJL6ziGSQI9ErzlLRw0gYdT9yz/305TJSUG/XnD0jrqHgOWeY173m4YUZwSTfMhyPxGpBodjvU/4G2J9wjl97yPcj8SH1uZAG7aY2cyU9cXpl8eB6Rl42mlY2Se/zHYrpS2rdHVQW5m4oUpKmJ+zvknjM/VVWnwmvAK/a0P4QTeCGVeyQ9GxcS5T3KqB8S4qgRv81FsNLKcjWMSWo4RP9yg8IK52cRwgrBUr/Kb5l0jzxidRUXKVZfVxgwpTbZYJ6uU1S5RR4J0dBDLKqe4V0EvUiHgDKzIoLQNnoTc=
+    session_secret: AgCeYLO5sbCir6GjMz2YzOZXbc6HtakNtIJEv7D+z7LsQV3RixPA2NqWpgMJA0cN7HMFoa4GmvzDyj8Jtlz81Xitum2GYmGbM8Uh8sH9baRrimQ8ZErm/2FY1hCeqaUqWLhFHB39lyXI6DljgaUZcxB9QYvsvoMuqKsnoD1hBFYxcdy0uxavBWNQaarb0b6v7bBwd95n2b36mDdMLWDD58kh3V/TK09xzd++CwRWM93CZjA+VjQPXfRMzH0R2duqbhYEDhBOwXcBJjSTiYJIGxwQ/4bjn5ssze1+cEl/u43iWAw4b13VZG/yhlINcAYsRDr2FZTmI+Rbrfh2nfQ91PAjF58cwaRZc/g2h9HrBb0eY9wJkZlAE4+H/7DV14yLjkItpmEEnsqwoZ+I7e464Ur75jPZCjxTsEZVYoxoYt3SuNtrSk8yMoVBba+vEsJWYcbigdppd+mEyOv7gTvcuokFougeW9xVMJdrdXbYScmqlXKGOluZ8oBdep+190hFsrPDm8Ts6RFgWF6SQ5BSKhum0NX9XUXj/88hSp2ISVp8GVQWeA7RWj4tO88FiP0ejdNwoT7FPx3qV7+qLRGOoudqQtNJji7wa8gK8qMu4cZ8TTx6uf2LlBIlL/iZx+AJjz4kmwme7GyFachlOCfTGY9sTvqakavh7xgtnnx7dGYWsyYU+YKT8R6unkLb8H0BfaVBDAtzksIbd5K02jlGlD7Ygf6EXj9w/rMuMpJaTaKEizNmKf6b1ntIZa6MB4Q7qa5wVcgE2LikjMsoDqG0c7u83+PG0/lo6oK0xLbltrCsRH5Vdj1t34yD/ExaEfYPBkLHBj5zIgl3isSMrBXyDbDV7jdwDbTGhZoGz6UYh86Fs7k=
+  template:
+    metadata:
+      creationTimestamp: null
+      name: kubernaut
+      namespace: kubernaut
--- a/clusters/k3s-cluster/apps.yaml
+++ b/clusters/k3s-cluster/apps.yaml
--- a/clusters/my-cluster/argo-rollouts/kustomization.yaml
+++ b/clusters/my-cluster/argo-rollouts/kustomization.yaml
@@ -0,0 +1,7 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: argo-rollouts
+resources:
+  - namespace.yaml
+  - https://github.com/argoproj/argo-rollouts/releases/download/v1.7.2/install.yaml
--- a/clusters/my-cluster/argo-rollouts/namespace.yaml
+++ b/clusters/my-cluster/argo-rollouts/namespace.yaml
@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: argo-rollouts
--- a/clusters/my-cluster/argocd/kustomization.yaml
+++ b/clusters/my-cluster/argocd/kustomization.yaml
@@ -0,0 +1,18 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: argocd
+resources:
+  - namespace.yaml
+  - https://raw.githubusercontent.com/argoproj/argo-cd/v2.13.3/manifests/install.yaml
+patches:
+  - patch: |
+      apiVersion: v1
+      kind: Service
+      metadata:
+        name: argocd-server
+      spec:
+        type: LoadBalancer
+    target:
+      kind: Service
+      labelSelector: app.kubernetes.io/name=argocd-server
--- a/clusters/my-cluster/argocd/namespace.yaml
+++ b/clusters/my-cluster/argocd/namespace.yaml
@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: argocd
--- a/clusters/k3s-cluster/flux-system/gotk-components.yaml
+++ b/clusters/k3s-cluster/flux-system/gotk-components.yaml
@@ -13,65 +13,6 @@ metadata:
    pod-security.kubernetes.io/warn-version: latest
  name: flux-system
 ---
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  labels:
-    app.kubernetes.io/instance: flux-system
-    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v2.4.0
-  name: allow-egress
-  namespace: flux-system
-spec:
-  egress:
-  - {}
-  ingress:
-  - from:
-    - podSelector: {}
-  podSelector: {}
-  policyTypes:
-  - Ingress
-  - Egress
---
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  labels:
-    app.kubernetes.io/instance: flux-system
-    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v2.4.0
-  name: allow-scraping
-  namespace: flux-system
-spec:
-  ingress:
-  - from:
-    - namespaceSelector: {}
-    ports:
-    - port: 8080
-      protocol: TCP
-  podSelector: {}
-  policyTypes:
-  - Ingress
---
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  labels:
-    app.kubernetes.io/instance: flux-system
-    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v2.4.0
-  name: allow-webhooks
-  namespace: flux-system
-spec:
-  ingress:
-  - from:
-    - namespaceSelector: {}
-  podSelector:
-    matchLabels:
-      app: notification-controller
-  policyTypes:
-  - Ingress
---
 apiVersion: v1
 kind: ResourceQuota
 metadata:
--- a/clusters/k3s-cluster/flux-system/gotk-sync.yaml
+++ b/clusters/k3s-cluster/flux-system/gotk-sync.yaml
@@ -20,7 +20,7 @@ metadata:
  namespace: flux-system
 spec:
  interval: 10m0s
-  path: ./clusters/k3s-cluster
+  path: ./clusters/my-cluster
  prune: true
  sourceRef:
    kind: GitRepository
--- a/clusters/k3s-cluster/flux-system/kustomization.yaml
+++ b/clusters/k3s-cluster/flux-system/kustomization.yaml
--- a/clusters/my-cluster/goldpinger/kustomization.yaml
+++ b/clusters/my-cluster/goldpinger/kustomization.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: goldpinger
+resources:
+  - namespace.yaml
+  - repository.yaml
+  - release.yaml
--- a/clusters/my-cluster/goldpinger/namespace.yaml
+++ b/clusters/my-cluster/goldpinger/namespace.yaml
@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: goldpinger
--- a/clusters/my-cluster/goldpinger/release.yaml
+++ b/clusters/my-cluster/goldpinger/release.yaml
@@ -0,0 +1,21 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: goldpinger
+  namespace: goldpinger
+spec:
+  chart:
+    spec:
+      chart: goldpinger
+      sourceRef:
+        kind: HelmRepository
+        name: goldpinger
+  interval: 50m
+  install:
+    remediation:
+      retries: 3
+  values:
+    goldpinger:
+      isArgoRollouts: true
+      reloadStrategy: annotations
--- a/clusters/my-cluster/goldpinger/repository.yaml
+++ b/clusters/my-cluster/goldpinger/repository.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: goldpinger
+  namespace: goldpinger
+spec:
+  interval: 5m
+  url: https://bloomberg.github.io/goldpinger
--- a/clusters/k3s-cluster/infrastructure.yaml
+++ b/clusters/k3s-cluster/infrastructure.yaml
Author	SHA1	Message	Date
Ryan Cavicchioni	586f18c7ec	kubernaut v0.2.2	2025-05-10 18:37:45 -05:00
Ryan Cavicchioni	20756129ce	add Kubernaut secrets	2025-05-10 18:37:45 -05:00