kubernaut v0.2.2

add Kubernaut secrets
2025-05-10 18:31:00 -05:00 · 2025-05-10 18:31:00 -05:00
16 changed files with 123 additions and 60 deletions
--- a/apps/kubernaut/ingress.yaml
+++ b/apps/kubernaut/ingress.yaml
@@ -0,0 +1,19 @@
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  annotations:
    kubernetes.io/ingress.class: traefik
  name: kubernaut-ingress
  namespace: kubernaut
 spec:
  rules:
    - http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: kubernaut
                port:
                  name: web
--- a/apps/kubernaut/kustomization.yaml
+++ b/apps/kubernaut/kustomization.yaml
@@ -0,0 +1,9 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: kubernaut
 resources:
  - secrets.yaml
  - https://git.kill0.net/ryanc/kubernaut/kustomize?ref=v0.2.2
  - https://git.kill0.net/ryanc/caas/kustomize?timeout=300
  - ingress.yaml
--- a/apps/kubernaut/secrets.yaml
+++ b/apps/kubernaut/secrets.yaml
@@ -0,0 +1,16 @@
 ---
 apiVersion: bitnami.com/v1alpha1
 kind: SealedSecret
 metadata:
  creationTimestamp: null
  name: kubernaut
  namespace: kubernaut
 spec:
  encryptedData:
    session_secret: AgBRfIefGnsUQk5p3cxi8B3/leuyKpdV7ZjRjjuWM6SPS60eTD545yppNWIUFTgQvX8kaGfpwu2Fw1A8TCyRargyWopgD55yFunCmLVfeSPPXKhF6DE2CZOjX/KjmOmlvV+g49kFMBamq47mruFHuWIw2G9eJnMhnPx1Vmz7XTKxL/tw57w+cK5WMNVfEHI1KfvKJkO1YBGPyLyr67dbEWCrm+HFu9KFwrdQ6VOzD0qvfylOktiNJu+UganBGBR23UTx7FXzZRHiYGk2dezF+7fLkGOTIg5ILO50iWPWitxXBPlijO4Qm/idNdZ30V5uAV9EiC27pWl8SV4jbgeHe/GUhfCuQZ+RyKdKbDP9dmjCvmlbibI47W3b9zEi9v/kCPGIIjmWI4Tz2h3zVBpy0lLgaoBKOFb9JP5K2FycRPp6BCjGM5BbspbPm7DuovCtMqHhqu2QoSbEuMaQfifFAeJyQQXP6wDjWzPRrXU2gvT2mfCbGptwwKBjooVXw6UPajH6ehCa2LzpExqWaAn9VITRJdhgBpb9TnNuTlN15GqU7Y1V1t82Al6q6H/LrrxazxNQ6zwIufqiVWw+oqbfqwNlYnoqb9Lc6egdPsn0AVvvJTxXH+5DM59XQ2J5rVkiJalK89NaXeVKsj7ytOba16QXtwLagarJawHhB5xahikAN++bkAzEow+ol2V2SyPnWbbaDBGxV070/h68CW5NEUxwXDfzOlP9aXzUUPnYtWF2jy2+KYxRqC+iEKNulFPBYtkaueKCVY20IGyk2RcQzAgoWMgT0VITl4Fx2qGXzPqqRIP2gOuif9n7Qz19WrgSF9ukH0y93/Twv90gj3mcXVQ/6dshFO2+AHD2oNrYJNun0ns=
    jwt_secret: AgCQpsaHKYt2xm738HTE2YpeHvnnH5CHiW6lm5wBgpxwe2107Neoi9MCHK3pUmweMuOWV2B7/PJkCRSLzAnriRDwGybVO9lmw5oe01GzT8VKEtcoxS42sP9BwhK6CpZE3mSVbUhZTwKriAT4HjrFNtojtWsihzmvLrNDDjubROrJNBoznWcVXcxPZeKLQt/jIthunnJwh6lV9/tV7tHj7SA7a+TkmX3F0dcGT5IQPoPKpm5lFvsNINf497mQJE48kTytBs5OFWvI6SoR1ThJGQgZ1S5NXvL3GVArt97ZmLHrbhETZvWPRI/xRrUtdktZrWZMXnmjPOxciqY88wtx1cGyJw3FrzaftzaBmpJRrdfO1S83AZYPYnNctYltzMBSSGbMD6yHLoEFj/pilFuWGsmuokc7sMfAu1NBLsBNqfrQ61GVTZVaEuIc45ZVUu1T5K7lhjMEa5t6qCCCxLaa3c97xrddcwss1voFY/vi5cYu99bOXVmlrPcggDAycrP4FYYaTqdwHar7jWje82LcIUOry9E30jQhYWzQoEIuh6f1tanmvpduDIEqYcsQAhKXN8klsOds0ZZxrlc87E4n+ZzJDVOp+5H8ukj30hKaR3oWCAvU1sy1LalRUEMD6rL4JDTJs5ZX0AfxUEhqjmNlvOR6O+gtL1zPqX51PQtaijdaalaXbTU8ykpEiH7cE/kmSbDzYIOTkCnPsDvzqSIWYZVc208lVs40SJpHZFGKeeWTtl1O4rWy8UzHSdl28UfNruP41KAeVayDq9EoUa/dJpjHA8mbA17K0zdwQq4WIzlk+SGaNHSMv1O/OmKTyWzsNL9dFJI52sLoLRYPrKTY59qcUK38Vth5pP0jXu99RakBJUI=
  template:
    metadata:
      creationTimestamp: null
      name: kubernaut
      namespace: kubernaut
--- a/clusters/k3s-cluster/apps.yaml
+++ b/clusters/k3s-cluster/apps.yaml
--- a/clusters/my-cluster/argo-rollouts/kustomization.yaml
+++ b/clusters/my-cluster/argo-rollouts/kustomization.yaml
@@ -0,0 +1,7 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: argo-rollouts
 resources:
  - namespace.yaml
  - https://github.com/argoproj/argo-rollouts/releases/download/v1.7.2/install.yaml
--- a/clusters/my-cluster/argo-rollouts/namespace.yaml
+++ b/clusters/my-cluster/argo-rollouts/namespace.yaml
@@ -0,0 +1,5 @@
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  name: argo-rollouts
--- a/clusters/my-cluster/argocd/kustomization.yaml
+++ b/clusters/my-cluster/argocd/kustomization.yaml
@@ -0,0 +1,18 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: argocd
 resources:
  - namespace.yaml
  - https://raw.githubusercontent.com/argoproj/argo-cd/v2.13.3/manifests/install.yaml
 patches:
  - patch: |
      apiVersion: v1
      kind: Service
      metadata:
        name: argocd-server
      spec:
        type: LoadBalancer
    target:
      kind: Service
      labelSelector: app.kubernetes.io/name=argocd-server
--- a/clusters/my-cluster/argocd/namespace.yaml
+++ b/clusters/my-cluster/argocd/namespace.yaml
@@ -0,0 +1,5 @@
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  name: argocd
--- a/clusters/k3s-cluster/flux-system/gotk-components.yaml
+++ b/clusters/k3s-cluster/flux-system/gotk-components.yaml
@@ -13,65 +13,6 @@ metadata:
    pod-security.kubernetes.io/warn-version: latest
  name: flux-system
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    app.kubernetes.io/version: v2.4.0
  name: allow-egress
  namespace: flux-system
 spec:
  egress:
  - {}
  ingress:
  - from:
    - podSelector: {}
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    app.kubernetes.io/version: v2.4.0
  name: allow-scraping
  namespace: flux-system
 spec:
  ingress:
  - from:
    - namespaceSelector: {}
    ports:
    - port: 8080
      protocol: TCP
  podSelector: {}
  policyTypes:
  - Ingress
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    app.kubernetes.io/version: v2.4.0
  name: allow-webhooks
  namespace: flux-system
 spec:
  ingress:
  - from:
    - namespaceSelector: {}
  podSelector:
    matchLabels:
      app: notification-controller
  policyTypes:
  - Ingress
 ---
 apiVersion: v1
 kind: ResourceQuota
 metadata:
--- a/clusters/k3s-cluster/flux-system/gotk-sync.yaml
+++ b/clusters/k3s-cluster/flux-system/gotk-sync.yaml
@@ -20,7 +20,7 @@ metadata:
  namespace: flux-system
 spec:
  interval: 10m0s
-  path: ./clusters/k3s-cluster
+  path: ./clusters/my-cluster
  prune: true
  sourceRef:
    kind: GitRepository
--- a/clusters/k3s-cluster/flux-system/kustomization.yaml
+++ b/clusters/k3s-cluster/flux-system/kustomization.yaml
--- a/clusters/my-cluster/goldpinger/kustomization.yaml
+++ b/clusters/my-cluster/goldpinger/kustomization.yaml
@@ -0,0 +1,8 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: goldpinger
 resources:
  - namespace.yaml
  - repository.yaml
  - release.yaml
--- a/clusters/my-cluster/goldpinger/namespace.yaml
+++ b/clusters/my-cluster/goldpinger/namespace.yaml
@@ -0,0 +1,5 @@
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  name: goldpinger
--- a/clusters/my-cluster/goldpinger/release.yaml
+++ b/clusters/my-cluster/goldpinger/release.yaml
@@ -0,0 +1,21 @@
 ---
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
  name: goldpinger
  namespace: goldpinger
 spec:
  chart:
    spec:
      chart: goldpinger
      sourceRef:
        kind: HelmRepository
        name: goldpinger
  interval: 50m
  install:
    remediation:
      retries: 3
  values:
    goldpinger:
      isArgoRollouts: true
      reloadStrategy: annotations
--- a/clusters/my-cluster/goldpinger/repository.yaml
+++ b/clusters/my-cluster/goldpinger/repository.yaml
@@ -0,0 +1,9 @@
 ---
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
  name: goldpinger
  namespace: goldpinger
 spec:
  interval: 5m
  url: https://bloomberg.github.io/goldpinger
--- a/clusters/k3s-cluster/infrastructure.yaml
+++ b/clusters/k3s-cluster/infrastructure.yaml
Author	SHA1	Message	Date
Ryan Cavicchioni	ef6ae798b7	kubernaut v0.2.2	2025-05-10 18:31:00 -05:00
Ryan Cavicchioni	774dd24122	add Kubernaut secrets	2025-05-10 18:31:00 -05:00