kubernaut v0.2.2

add Kubernaut secrets
2025-05-10 18:37:45 -05:00 · 2025-05-10 18:37:45 -05:00
16 changed files with 123 additions and 60 deletions
--- a/apps/kubernaut/ingress.yaml
+++ b/apps/kubernaut/ingress.yaml
@@ -0,0 +1,19 @@
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  annotations:
    kubernetes.io/ingress.class: traefik
  name: kubernaut-ingress
  namespace: kubernaut
 spec:
  rules:
    - http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: kubernaut
                port:
                  name: web
--- a/apps/kubernaut/kustomization.yaml
+++ b/apps/kubernaut/kustomization.yaml
@@ -0,0 +1,9 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: kubernaut
 resources:
  - secrets.yaml
  - https://git.kill0.net/ryanc/kubernaut/kustomize?ref=v0.2.2
  - https://git.kill0.net/ryanc/caas/kustomize?timeout=300
  - ingress.yaml
--- a/apps/kubernaut/secrets.yaml
+++ b/apps/kubernaut/secrets.yaml
@@ -0,0 +1,16 @@
 ---
 apiVersion: bitnami.com/v1alpha1
 kind: SealedSecret
 metadata:
  creationTimestamp: null
  name: kubernaut
  namespace: kubernaut
 spec:
  encryptedData:
    jwt_secret: AgAMtRQCjzFE3VviUBzekBZtp/rIAYndRxJ6H4RCVLJefogZEftf59lm9vzQ5UCge9VDNrtpRWKmpaXttblmYN7woGg+B+CG4SZpqxelWDntSH9hI+Sgnl4OcP+9YwdKRQdDgo6uANfqG6r07ouJKfGnhoYnxXSFh/LM7L3E7v3uT8yU6uOzo6gc9ZqYbRP5SRQlAKW92HFF4cJWGq3mRA0LxFJbfKnymG5pm3bMq4LV2Gvx5AHC9k/8hrWRRDKooYPQ1iKoaRguey5+Ob3K/s08fyr5uYggcI+3V8iw/3OQcwpdwN+St0xV804xftotFhBywHd2z0ZlC/8cdkaXTxDDY703UeuYeb4gwRgXLZBgfLiwWp1sDesYN0h4OIRGCGfqlslTVLBoHZctjUBdrP+6DnFRPaWhpNCd1+XhtTv7sWaFevDxbEW3Bl/oinms3JHGXt9hacoVsg6XzKaXY+wiI40C8Qd9KKl1OUsVYMn9QcYFGdh1V+1GBeTD3O0/NCBxpRWnIjeJApdJYdQknUjmyC6HwtIlnOa4kObjJgezIEE0+NQeqikuSmu0ILNndnEh8aEfIJL6ziGSQI9ErzlLRw0gYdT9yz/305TJSUG/XnD0jrqHgOWeY173m4YUZwSTfMhyPxGpBodjvU/4G2J9wjl97yPcj8SH1uZAG7aY2cyU9cXpl8eB6Rl42mlY2Se/zHYrpS2rdHVQW5m4oUpKmJ+zvknjM/VVWnwmvAK/a0P4QTeCGVeyQ9GxcS5T3KqB8S4qgRv81FsNLKcjWMSWo4RP9yg8IK52cRwgrBUr/Kb5l0jzxidRUXKVZfVxgwpTbZYJ6uU1S5RR4J0dBDLKqe4V0EvUiHgDKzIoLQNnoTc=
    session_secret: AgCeYLO5sbCir6GjMz2YzOZXbc6HtakNtIJEv7D+z7LsQV3RixPA2NqWpgMJA0cN7HMFoa4GmvzDyj8Jtlz81Xitum2GYmGbM8Uh8sH9baRrimQ8ZErm/2FY1hCeqaUqWLhFHB39lyXI6DljgaUZcxB9QYvsvoMuqKsnoD1hBFYxcdy0uxavBWNQaarb0b6v7bBwd95n2b36mDdMLWDD58kh3V/TK09xzd++CwRWM93CZjA+VjQPXfRMzH0R2duqbhYEDhBOwXcBJjSTiYJIGxwQ/4bjn5ssze1+cEl/u43iWAw4b13VZG/yhlINcAYsRDr2FZTmI+Rbrfh2nfQ91PAjF58cwaRZc/g2h9HrBb0eY9wJkZlAE4+H/7DV14yLjkItpmEEnsqwoZ+I7e464Ur75jPZCjxTsEZVYoxoYt3SuNtrSk8yMoVBba+vEsJWYcbigdppd+mEyOv7gTvcuokFougeW9xVMJdrdXbYScmqlXKGOluZ8oBdep+190hFsrPDm8Ts6RFgWF6SQ5BSKhum0NX9XUXj/88hSp2ISVp8GVQWeA7RWj4tO88FiP0ejdNwoT7FPx3qV7+qLRGOoudqQtNJji7wa8gK8qMu4cZ8TTx6uf2LlBIlL/iZx+AJjz4kmwme7GyFachlOCfTGY9sTvqakavh7xgtnnx7dGYWsyYU+YKT8R6unkLb8H0BfaVBDAtzksIbd5K02jlGlD7Ygf6EXj9w/rMuMpJaTaKEizNmKf6b1ntIZa6MB4Q7qa5wVcgE2LikjMsoDqG0c7u83+PG0/lo6oK0xLbltrCsRH5Vdj1t34yD/ExaEfYPBkLHBj5zIgl3isSMrBXyDbDV7jdwDbTGhZoGz6UYh86Fs7k=
  template:
    metadata:
      creationTimestamp: null
      name: kubernaut
      namespace: kubernaut
--- a/clusters/k3s-cluster/apps.yaml
+++ b/clusters/k3s-cluster/apps.yaml
--- a/clusters/my-cluster/argo-rollouts/kustomization.yaml
+++ b/clusters/my-cluster/argo-rollouts/kustomization.yaml
@@ -0,0 +1,7 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: argo-rollouts
 resources:
  - namespace.yaml
  - https://github.com/argoproj/argo-rollouts/releases/download/v1.7.2/install.yaml
--- a/clusters/my-cluster/argo-rollouts/namespace.yaml
+++ b/clusters/my-cluster/argo-rollouts/namespace.yaml
@@ -0,0 +1,5 @@
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  name: argo-rollouts
--- a/clusters/my-cluster/argocd/kustomization.yaml
+++ b/clusters/my-cluster/argocd/kustomization.yaml
@@ -0,0 +1,18 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: argocd
 resources:
  - namespace.yaml
  - https://raw.githubusercontent.com/argoproj/argo-cd/v2.13.3/manifests/install.yaml
 patches:
  - patch: |
      apiVersion: v1
      kind: Service
      metadata:
        name: argocd-server
      spec:
        type: LoadBalancer
    target:
      kind: Service
      labelSelector: app.kubernetes.io/name=argocd-server
--- a/clusters/my-cluster/argocd/namespace.yaml
+++ b/clusters/my-cluster/argocd/namespace.yaml
@@ -0,0 +1,5 @@
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  name: argocd
--- a/clusters/k3s-cluster/flux-system/gotk-components.yaml
+++ b/clusters/k3s-cluster/flux-system/gotk-components.yaml
@@ -13,65 +13,6 @@ metadata:
    pod-security.kubernetes.io/warn-version: latest
  name: flux-system
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    app.kubernetes.io/version: v2.4.0
  name: allow-egress
  namespace: flux-system
 spec:
  egress:
  - {}
  ingress:
  - from:
    - podSelector: {}
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    app.kubernetes.io/version: v2.4.0
  name: allow-scraping
  namespace: flux-system
 spec:
  ingress:
  - from:
    - namespaceSelector: {}
    ports:
    - port: 8080
      protocol: TCP
  podSelector: {}
  policyTypes:
  - Ingress
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    app.kubernetes.io/version: v2.4.0
  name: allow-webhooks
  namespace: flux-system
 spec:
  ingress:
  - from:
    - namespaceSelector: {}
  podSelector:
    matchLabels:
      app: notification-controller
  policyTypes:
  - Ingress
 ---
 apiVersion: v1
 kind: ResourceQuota
 metadata:
--- a/clusters/k3s-cluster/flux-system/gotk-sync.yaml
+++ b/clusters/k3s-cluster/flux-system/gotk-sync.yaml
@@ -20,7 +20,7 @@ metadata:
  namespace: flux-system
 spec:
  interval: 10m0s
-  path: ./clusters/k3s-cluster
+  path: ./clusters/my-cluster
  prune: true
  sourceRef:
    kind: GitRepository
--- a/clusters/k3s-cluster/flux-system/kustomization.yaml
+++ b/clusters/k3s-cluster/flux-system/kustomization.yaml
--- a/clusters/my-cluster/goldpinger/kustomization.yaml
+++ b/clusters/my-cluster/goldpinger/kustomization.yaml
@@ -0,0 +1,8 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: goldpinger
 resources:
  - namespace.yaml
  - repository.yaml
  - release.yaml
--- a/clusters/my-cluster/goldpinger/namespace.yaml
+++ b/clusters/my-cluster/goldpinger/namespace.yaml
@@ -0,0 +1,5 @@
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  name: goldpinger
--- a/clusters/my-cluster/goldpinger/release.yaml
+++ b/clusters/my-cluster/goldpinger/release.yaml
@@ -0,0 +1,21 @@
 ---
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
  name: goldpinger
  namespace: goldpinger
 spec:
  chart:
    spec:
      chart: goldpinger
      sourceRef:
        kind: HelmRepository
        name: goldpinger
  interval: 50m
  install:
    remediation:
      retries: 3
  values:
    goldpinger:
      isArgoRollouts: true
      reloadStrategy: annotations
--- a/clusters/my-cluster/goldpinger/repository.yaml
+++ b/clusters/my-cluster/goldpinger/repository.yaml
@@ -0,0 +1,9 @@
 ---
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
  name: goldpinger
  namespace: goldpinger
 spec:
  interval: 5m
  url: https://bloomberg.github.io/goldpinger
--- a/clusters/k3s-cluster/infrastructure.yaml
+++ b/clusters/k3s-cluster/infrastructure.yaml
Author	SHA1	Message	Date
Ryan Cavicchioni	586f18c7ec	kubernaut v0.2.2	2025-05-10 18:37:45 -05:00
Ryan Cavicchioni	20756129ce	add Kubernaut secrets	2025-05-10 18:37:45 -05:00