Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

1023 develop -> release ( v3.1.0 ) #274

Merged
merged 38 commits into from
Oct 23, 2023
Merged
Changes from 2 commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
1a35e94
Merge pull request #240 from openinfradev/main
ktkfree Jul 13, 2023
23deb23
bumpup lma-addons(new dashboard)
Jul 20, 2023
baf5045
Merge pull request #244 from openinfradev/s3support
intelliguy Jul 22, 2023
c67512e
typo
Jul 22, 2023
58d9235
s3support: change release name
Jul 24, 2023
494374f
Merge pull request #245 from openinfradev/s3support
intelliguy Jul 24, 2023
3a6f6f7
Merge pull request #246 from openinfradev/s3support
intelliguy Jul 25, 2023
115c7d3
Update resources.yaml
intelliguy Jul 25, 2023
467f1d9
Merge pull request #248 from openinfradev/s3support
intelliguy Jul 27, 2023
4891c19
Merge pull request #251 from openinfradev/release
ktkfree Jul 31, 2023
f4e3da4
Merge pull request #255 from openinfradev/release
bluejayA Aug 14, 2023
9efb733
Merge pull request #260 from openinfradev/release
seungkyua Aug 16, 2023
f078232
Merge pull request #261 from openinfradev/main
ktkfree Aug 22, 2023
a7f95f6
ingress-nginx: update default replica and resource spec
Aug 29, 2023
3398c7e
update lma-addson chart version
robertchoi80 Aug 30, 2023
c475f09
Merge pull request #263 from openinfradev/tks-issues-858
ktkfree Aug 31, 2023
71857e8
Merge pull request #262 from openinfradev/minimal_deploy_support
ktkfree Sep 12, 2023
bde3d03
add tks-admin-tools group
robertchoi80 Sep 14, 2023
9d487ae
Merge pull request #264 from openinfradev/tks-issues-861
zugwan Sep 26, 2023
a202800
policy: add a decapod app for policies
Oct 4, 2023
9d54202
policy: add a decapod app for policies
Oct 4, 2023
5f29d8f
tks-cluster: byoh: upgrade byoh helm chart to v0.3.0
zugwan Oct 16, 2023
38b36d8
Merge branch 'develop' into fix_byoh_chart_version
zugwan Oct 16, 2023
6e74b51
Merge pull request #268 from openinfradev/fix_byoh_chart_version
ktkfree Oct 16, 2023
1f44bb3
Update site-values.yaml
ktkfree Oct 19, 2023
569183d
bugfix. change release name to tks-apis
ktkfree Oct 19, 2023
8aca782
Merge pull request #269 from openinfradev/tks_apis
cho4036 Oct 19, 2023
bcd8bd9
use separate ingress-nginx for tks-admin-tools
robertchoi80 Oct 10, 2023
64d38e7
trivial: add tunable tag
robertchoi80 Oct 10, 2023
e140219
Merge pull request #270 from openinfradev/clone-ingress-nginx
ktkfree Oct 19, 2023
7f0ccf4
test
ktkfree Oct 19, 2023
b141003
test
ktkfree Oct 19, 2023
22c7449
fix msa
seungkyua Oct 20, 2023
e3a073f
Merge pull request #271 from seungkyua/20231019_byoh_msa
seungkyua Oct 20, 2023
c5c3482
change jaeger cassandra options
seungkyua Oct 20, 2023
9fd8bae
Merge pull request #272 from seungkyua/20231019_byoh_msa
seungkyua Oct 20, 2023
b12821f
minio: update bucket names
Oct 23, 2023
bde5d2b
Merge pull request #273 from openinfradev/minio
intelliguy Oct 23, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions tks-admin-tools/base/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
resources:
- resources.yaml

transformers:
- site-values.yaml
188 changes: 188 additions & 0 deletions tks-admin-tools/base/resources.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,188 @@
---
apiVersion: helm.fluxcd.io/v1
kind: HelmRelease
metadata:
labels:
name: keycloak
name: keycloak
spec:
chart:
type: helmrepo
repository: https://harbor.taco-cat.xyz/chartrepo/tks
name: keycloak
version: 15.1.6
origin: https://github.com/bitnami/charts/tree/main/bitnami/keycloak
releaseName: keycloak
targetNamespace: keycloak
values:
global:
storageClass: "taco-storage"
auth:
adminUser: "admin"
adminPassword: password
proxy: edge
httpRelativePath: "/auth/"
production: true
replicaCount: 1 # tunable
ingress:
enabled: true
ingressClassName: nginx # tunable
hostname: TO_BE_FIXED
annotations:
nginx.ingress.kubernetes.io/proxy-buffer-size: 20k
acme.cert-manager.io/http01-edit-in-place: "true"
cert-manager.io/cluster-issuer: http0issuer
tls: true
selfSigned: false
cache:
enabled: true
stackName: kubernetes
postgresql:
enabled: false
externalDatabase:
host: "postgresql.tks-db.svc" # tunable
port: 5432
password: password
readinessProbe:
failureThreshold: 10
extraEnvVars:
- name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY
value: "true"

---
apiVersion: helm.fluxcd.io/v1
kind: HelmRelease
metadata:
labels:
name: tks-api
name: tks-api
spec:
chart:
type: helmrepo
repository: https://harbor.taco-cat.xyz/chartrepo/tks
name: tks-api
version: 0.1.2
origin: https://openinfradev.github.io/helm-repo
releaseName: tks-api
targetNamespace: tks
values:
gitBaseUrl: https://github.com
gitAccount: decapod10
db:
dbHost: postgresql.tks-db.svc
adminUser: postgres
adminPassword: password # tunable
dbUser: tksuser
dbPassword: password # tunable
tksapi:
replicaCount: 1
image:
repository: harbor.taco-cat.xyz/tks/tks-api
tag: v3.0.1
# Master org's admin password
tksAccount:
password: admin # tunable
args:
imageRegistryUrl: "harbor.taco-cat.xyz/appserving" # tunable
harborPwSecret: "harbor-core"
gitRepositoryUrl: "github.com/openinfradev" # tunable
keycloakAddress: http://keycloak.keycloak.svc:80/auth
tksbatch:
replicaCount: 1
image:
repository: harbor.taco-cat.xyz/tks/tks-batch
tag: v3.0.0
tksconsole:
replicaCount: 1
image:
repository: harbor.taco-cat.xyz/tks/tks-console
tag: v3.0.1

---
apiVersion: helm.fluxcd.io/v1
kind: HelmRelease
metadata:
labels:
name: harbor
name: harbor
spec:
chart:
type: helmrepo
repository: https://harbor.taco-cat.xyz/chartrepo/tks
name: harbor
version: 1.11.0
origin: https://github.com/goharbor/harbor-helm
releaseName: harbor
targetNamespace: harbor
values:
expose:
tls:
certSource: secret
secret:
secretName: "harbor.taco-cat-tls" # tunable
ingress:
hosts:
core: TO_BE_FIXED
className: "nginx" # tunable
annotations:
cert-manager.io/cluster-issuer: http0issuer
acme.cert-manager.io/http01-edit-in-place: "true"
externalURL: TO_BE_FIXED
#######################################################
## all values under persistence are tunable (for HA) ##
#######################################################
persistence:
persistentVolumeClaim:
registry:
storageClass: taco-storage
accessMode: ReadWriteOnce
size: 200Gi
chartmuseum:
storageClass: taco-storage
accessMode: ReadWriteOnce
size: 20Gi
jobservice:
jobLog:
storageClass: taco-storage
accessMode: ReadWriteOnce
scanDataExports:
storageClass: taco-storage
accessMode: ReadWriteOnce
redis:
storageClass: taco-storage
accessMode: ReadWriteOnce
trivy:
storageClass: taco-storage
database:
type: external
external:
host: "postgresql.tks-db.svc" # tunable
port: "5432"
username: "harbor"
password: password # tunable
existingSecret: ""
# "disable" - No SSL
# "require" - Always SSL (skip verification)
# "verify-ca" - Always SSL (verify that the certificate presented by the
# server was signed by a trusted CA)
# "verify-full" - Always SSL (verify that the certification presented by the
# server was signed by a trusted CA and the server host name matches the one
# in the certificate)
sslmode: "require"
notary:
enabled: false
cache:
enabled: true
core:
replicas: 1 # tunable
jobservice:
replicas: 1 # tunable
registry:
replicas: 1 # tunable
chartmuseum:
replicas: 1 # tunable
trivy:
replicas: 1 # tunable
portal:
replicas: 1 # tunable
harborAdminPassword: password # tunable
91 changes: 91 additions & 0 deletions tks-admin-tools/base/site-values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
apiVersion: openinfradev.github.com/v1
kind: HelmValuesTransformer
metadata:
name: site

global:
dbHost: ${DATABASE_HOST}
commonPassword: ${COMMON_PASSWORD}
storageClass: ${STORAGE_CLASS}
storageClassHa: ${STORAGE_CLASS_HA}

charts:
- name: keycloak
override:
global.storageClass: $(storageClass)
auth.adminPassword: $(commonPassword)
ingress.enabled: true
ingress.hostname: TO_BE_FIXED
externalDatabase.host: $(dbHost)
externalDatabase.password: $(commonPassword)

- name: tks-api
override:
gitBaseUrl: https://github.com
gitAccount: decapod10
db:
dbHost: $(dbHost)
adminPassword: $(commonPassword)
dbUser: tksuser
dbPassword: $(commonPassword)
tksapi:
replicaCount: 1
tksAccount:
password: $(commonPassword)
args:
imageRegistryUrl: "harbor.taco-cat.xyz/appserving"
gitRepositoryUrl: "github.com/openinfradev"
keycloakAddress: http://keycloak.keycloak.svc:80/auth
tksbatch:
replicaCount: 1
tksconsole:
replicaCount: 1

- name: harbor
override:
expose:
ingress:
hosts:
core: TO_BE_FIXED
className: "nginx"
externalURL: TO_BE_FIXED
persistence:
persistentVolumeClaim:
registry:
storageClass: $(storageClassHa)
accessMode: ReadWriteMany
size: 200Gi
chartmuseum:
storageClass: $(storageClassHa)
accessMode: ReadWriteMany
size: 20Gi
jobservice:
jobLog:
storageClass: $(storageClassHa)
accessMode: ReadWriteMany
scanDataExports:
storageClass: $(storageClassHa)
accessMode: ReadWriteMany
redis:
storageClass: $(storageClass)
accessMode: ReadWriteOnce
trivy:
storageClass: $(storageClass)
database:
type: external
external:
host: $(dbHost)
password: $(commonPassword)
core:
replicas: 2
jobservice:
replicas: 2
registry:
replicas: 2
chartmuseum:
replicas: 2
trivy:
replicas: 2
portal:
replicas: 2
harborAdminPassword: $(commonPassword)
78 changes: 78 additions & 0 deletions tks-admin-tools/image/image-values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
apiVersion: openinfradev.github.com/v1
kind: HelmValuesTransformer
metadata:
name: image

global:
registry: harbor.taco-cat.xyz

charts:
- name: keycloak
override:
image:
registry: $(registry)
repository: bitnami/keycloak
tag: 21.1.2-debian-11-r0
- name: tks-api
override:
tks-api:
image:
repository: $(registry)/tks/tks-api
tag: v3.0.1
tksbatch:
image:
repository: $(registry)/tks/tks-batch
tag: v3.0.0
tksconsole:
image:
repository: $(registry)/tks/tks-console
tag: v3.0.1
- name: harbor
override:
portal:
image:
repository: $(registry)/goharbor/harbor-portal
tag: v2.7.0
core:
image:
repository: $(registry)/goharbor/harbor-core
tag: v2.7.0
jobservice:
image:
repository: $(registry)/goharbor/harbor-jobservice
tag: v2.7.0
registry:
registry:
image:
repository: $(registry)/goharbor/registry-photon
tag: v2.7.0
controller:
image:
repository: $(registry)/goharbor/harbor-registryctl
tag: v2.7.0
chartmuseum:
image:
repository: $(registry)/goharbor/chartmuseum-photon
tag: v2.7.0
trivy:
image:
repository: $(registry)/goharbor/trivy-adapter-photon
tag: v2.7.0
notary:
server:
image:
repository: $(registry)/goharbor/notary-server-photon
tag: v2.7.0
signer:
image:
repository: $(registry)/goharbor/notary-signer-photon
tag: v2.7.0
redis:
internal:
image:
repository: $(registry)/goharbor/redis-photon
tag: v2.7.0
exporter:
image:
repository: $(registry)/goharbor/harbor-exporter
tag: v2.7.0