Skip to content

Commit 1cf136a

Browse files
Revert manifests removal (#639)
* Revert "Remove unused manifests (#638)" This reverts commit a9c1e99. * fix version
1 parent a9c1e99 commit 1cf136a

20 files changed

+580
-0
lines changed

manifests/app-proxy/app-proxy.cm.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
apiVersion: v1
2+
kind: ConfigMap
3+
metadata:
4+
name: cap-app-proxy-cm
5+
data:
6+
argoCdUsername: admin
7+
argoCdInsecure: "true"
Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: ClusterRoleBinding
3+
metadata:
4+
name: cap-app-proxy-binding
5+
roleRef:
6+
apiGroup: rbac.authorization.k8s.io
7+
kind: ClusterRole
8+
name: argo-server-cluster-role
9+
subjects:
10+
- kind: ServiceAccount
11+
name: cap-app-proxy
12+
namespace: default
Lines changed: 152 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,152 @@
1+
apiVersion: apps/v1
2+
kind: Deployment
3+
metadata:
4+
labels:
5+
app: cap-app-proxy
6+
name: cap-app-proxy
7+
spec:
8+
selector:
9+
matchLabels:
10+
app: cap-app-proxy
11+
template:
12+
metadata:
13+
labels:
14+
app: cap-app-proxy
15+
spec:
16+
serviceAccountName: cap-app-proxy
17+
containers:
18+
- env:
19+
- name: ARGO_CD_URL
20+
valueFrom:
21+
configMapKeyRef:
22+
name: cap-app-proxy-cm
23+
key: argoCdUrl
24+
optional: true
25+
- name: ARGO_CD_USERNAME
26+
valueFrom:
27+
configMapKeyRef:
28+
name: cap-app-proxy-cm
29+
key: argoCdUsername
30+
optional: true
31+
- name: ARGO_CD_PASSWORD
32+
valueFrom:
33+
secretKeyRef:
34+
name: argocd-initial-admin-secret
35+
key: password
36+
- name: ARGO_CD_INSECURE
37+
valueFrom:
38+
configMapKeyRef:
39+
name: cap-app-proxy-cm
40+
key: argoCdInsecure
41+
- name: ARGO_WORKFLOWS_INSECURE
42+
valueFrom:
43+
configMapKeyRef:
44+
name: cap-app-proxy-cm
45+
key: argoWorkflowsInsecure
46+
- name: ARGO_WORKFLOWS_URL
47+
valueFrom:
48+
configMapKeyRef:
49+
name: cap-app-proxy-cm
50+
key: argoWorkflowsUrl
51+
optional: true
52+
- name: CF_HOST
53+
valueFrom:
54+
configMapKeyRef:
55+
name: cap-app-proxy-cm
56+
key: cfHost
57+
optional: true
58+
- name: CORS
59+
valueFrom:
60+
configMapKeyRef:
61+
name: cap-app-proxy-cm
62+
key: cors
63+
optional: true
64+
- name: ENV
65+
valueFrom:
66+
configMapKeyRef:
67+
name: cap-app-proxy-cm
68+
key: env
69+
optional: true
70+
- name: GRAPHQL_DEBUG
71+
valueFrom:
72+
configMapKeyRef:
73+
name: cap-app-proxy-cm
74+
key: graphqlDebug
75+
optional: true
76+
- name: GRAPHQL_PLAYGROUND
77+
valueFrom:
78+
configMapKeyRef:
79+
name: cap-app-proxy-cm
80+
key: graphqlPlayground
81+
optional: true
82+
- name: NAMESPACE
83+
valueFrom:
84+
fieldRef:
85+
fieldPath: metadata.namespace
86+
- name: PORT
87+
valueFrom:
88+
configMapKeyRef:
89+
name: cap-app-proxy-cm
90+
key: port
91+
optional: true
92+
- name: REPOS_DIR
93+
valueFrom:
94+
configMapKeyRef:
95+
name: cap-app-proxy-cm
96+
key: reposDir
97+
optional: true
98+
- name: RUNTIME_NAME
99+
valueFrom:
100+
configMapKeyRef:
101+
name: cap-app-proxy-cm
102+
key: runtimeName
103+
optional: true
104+
- name: RUNTIME_TOKEN
105+
valueFrom:
106+
secretKeyRef:
107+
name: codefresh-token
108+
key: token
109+
- name: RUNTIME_STORE_IV
110+
valueFrom:
111+
secretKeyRef:
112+
name: codefresh-token
113+
key: encryptionIV
114+
optional: true
115+
- name: STORE_BACKEND
116+
valueFrom:
117+
configMapKeyRef:
118+
name: cap-app-proxy-cm
119+
key: storeBackend
120+
optional: true
121+
- name: STRIP_PREFIX
122+
valueFrom:
123+
configMapKeyRef:
124+
name: cap-app-proxy-cm
125+
key: stripPrefix
126+
optional: true
127+
image: quay.io/codefresh/cap-app-proxy
128+
imagePullPolicy: Always
129+
name: cap-app-proxy
130+
readinessProbe:
131+
initialDelaySeconds: 10
132+
timeoutSeconds: 10
133+
httpGet:
134+
port: http
135+
path: /api/readyz
136+
livenessProbe:
137+
initialDelaySeconds: 10
138+
timeoutSeconds: 10
139+
failureThreshold: 10
140+
httpGet:
141+
port: http
142+
path: /api/healthz
143+
ports:
144+
- name: http
145+
containerPort: 80
146+
resources:
147+
requests:
148+
memory: "256Mi"
149+
cpu: "100m"
150+
limits:
151+
memory: "2048Mi"
152+
cpu: "2"

manifests/app-proxy/app-proxy.rb.yaml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: RoleBinding
3+
metadata:
4+
labels:
5+
app: cap-app-proxy
6+
name: cap-app-proxy
7+
roleRef:
8+
apiGroup: rbac.authorization.k8s.io
9+
kind: Role
10+
name: cap-app-proxy
11+
subjects:
12+
- kind: ServiceAccount
13+
name: cap-app-proxy
Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
apiVersion: rbac.authorization.k8s.io/v1
2+
kind: Role
3+
metadata:
4+
labels:
5+
app: cap-app-proxy
6+
name: cap-app-proxy
7+
rules:
8+
- apiGroups:
9+
- ""
10+
resources:
11+
- secrets
12+
- configmap
13+
- pods
14+
verbs:
15+
- get
16+
- create
17+
- delete
18+
- deletecollection
19+
- update
20+
- patch
21+
- list
22+
- watch
23+
- apiGroups:
24+
- ""
25+
resources:
26+
- services
27+
verbs:
28+
- get
29+
- list
30+
- apiGroups:
31+
- argoproj.io
32+
resources:
33+
- applications
34+
verbs:
35+
- get
36+
- list
37+
- watch

manifests/app-proxy/app-proxy.sa.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
apiVersion: v1
2+
kind: ServiceAccount
3+
metadata:
4+
labels:
5+
app: cap-app-proxy
6+
name: cap-app-proxy
Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
apiVersion: v1
2+
kind: Service
3+
metadata:
4+
labels:
5+
app: cap-app-proxy
6+
name: cap-app-proxy
7+
spec:
8+
selector:
9+
app: cap-app-proxy
10+
ports:
11+
- name: http
12+
port: 3017
13+
protocol: TCP
14+
targetPort: http
Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
apiVersion: kustomize.config.k8s.io/v1beta1
2+
kind: Kustomization
3+
images:
4+
- name: quay.io/codefresh/cap-app-proxy
5+
newName: quay.io/codefresh/cap-app-proxy
6+
newTag: 1.1960.1
7+
resources:
8+
- app-proxy.deploy.yaml
9+
- app-proxy.svc.yaml
10+
- app-proxy.sa.yaml
11+
- app-proxy.rb.yaml
12+
- app-proxy.crb.yaml
13+
- app-proxy.role.yaml
14+
- app-proxy.cm.yaml

manifests/argo-cd/default-rbac.yaml

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
# allow default service account to read the codefresh-cm configmap
2+
apiVersion: rbac.authorization.k8s.io/v1
3+
kind: Role
4+
metadata:
5+
name: codefresh-config-reader
6+
rules:
7+
- apiGroups: [""]
8+
resources: ["configmaps", "secrets"]
9+
resourceNames: ["codefresh-cm", "codefresh-token"]
10+
verbs: ["get"]
11+
12+
---
13+
apiVersion: rbac.authorization.k8s.io/v1
14+
kind: RoleBinding
15+
metadata:
16+
name: codefresh-config-reader
17+
roleRef:
18+
apiGroup: rbac.authorization.k8s.io
19+
kind: Role
20+
name: codefresh-config-reader
21+
subjects:
22+
- kind: ServiceAccount
23+
name: default

manifests/argo-cd/kustomization.yaml

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
apiVersion: kustomize.config.k8s.io/v1beta1
2+
kind: Kustomization
3+
resources:
4+
- https://raw.githubusercontent.com/codefresh-io/argo-cd/release-2.3/manifests/install.yaml
5+
- default-rbac.yaml
6+
images:
7+
- name: quay.io/codefresh/argocd
8+
newName: quay.io/codefresh/argocd
9+
newTag: v2.3.4-cap-CR-14428-dest-server-validation
10+
11+
# will be effective on argo-cd 2.1
12+
configMapGenerator:
13+
- name: argocd-cm
14+
behavior: merge
15+
literals:
16+
- "timeout.reconciliation=20s"
17+
- "accounts.admin=apiKey,login" # need to be able to generate apikey for generic eventsource
18+
- name: argocd-cmd-params-cm
19+
behavior: merge
20+
literals:
21+
- "server.insecure=true"
22+
23+
patches:
24+
# reset the crbs to `subject.namespace: default`, so that argo-cd will later change them to the actual ns
25+
- target:
26+
group: rbac.authorization.k8s.io
27+
version: v1
28+
kind: ClusterRoleBinding
29+
patch: |-
30+
- op: replace
31+
path: /subjects/0/namespace
32+
value: default
33+
34+
# Istio protocol selection: https://istio.io/latest/docs/ops/configuration/traffic-management/protocol-selection/
35+
# Ovveride the default protocol selection which is done by the port name (http), since this port is being used for both http and grpc.
36+
- target:
37+
version: v1
38+
kind: Service
39+
name: argocd-server
40+
patch: |
41+
- op: add
42+
path: /spec/ports/0/appProtocol
43+
value: tcp
44+
45+
- target:
46+
version: v1
47+
group: apps
48+
kind: Deployment
49+
name: argocd-server
50+
patch: |
51+
- op: add
52+
path: /spec/template/spec/containers/0/env/-
53+
value:
54+
name: ARGOCD_SYNC_WAVE_DELAY
55+
value: "10"
Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
apiVersion: argoproj.io/v1alpha1
2+
kind: EventBus
3+
metadata:
4+
name: codefresh-eventbus
5+
annotations:
6+
argocd.argoproj.io/sync-wave: "2"
7+
spec:
8+
nats:
9+
native:
10+
replicas: 3
11+
auth: token
12+
maxPayload: "2MB"
13+
containerTemplate:
14+
resources:
15+
limits:
16+
cpu: 500m
17+
memory: 8Gi
18+
ephemeral-storage: 2Gi
19+
requests:
20+
cpu: 200m
21+
memory: 500Mi
22+
ephemeral-storage: 2Gi
Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
# This api version is only acceptable since kubernetes 1.21
2+
# We need to think how we introduce this gradually to our customers
3+
4+
apiVersion: policy/v1
5+
kind: PodDisruptionBudget
6+
metadata:
7+
name: codefresh-eventbus
8+
spec:
9+
minAvailable: 2
10+
selector:
11+
matchLabels:
12+
eventbus-name: codefresh-eventbus
Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
apiVersion: kustomize.config.k8s.io/v1beta1
2+
kind: Kustomization
3+
resources:
4+
- https://raw.githubusercontent.com/codefresh-io/argo-events/v1.7.2-cap-CR-14600/manifests/install.yaml
5+
- https://raw.githubusercontent.com/codefresh-io/argo-events/v1.7.2-cap-CR-14600/manifests/install-validating-webhook.yaml
6+
- codefresh-eventbus.eventbus.yaml
7+
# - codefresh-eventbus.pdb.yaml

0 commit comments

Comments
 (0)