allanger
/
helmfile-vs-flux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity

Fix kustomize example

This commit is contained in:
Nikolai Rodionov 2024-02-07 11:06:37 +01:00
parent 840eeeeef8
commit 4c725c3c55
Signed by: allanger
GPG Key ID: 0AA46A90E25592AD
20 changed files with 244 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
flux/cluster-1

@ -1 +0,0 @@
Subproject commit 7ddc6f1d90f387a2889e9e473316e05247857fae

1
flux/cluster-2

@ -1 +0,0 @@
Subproject commit 1543773dc3dee56a05d7ca8bcb990bb7759f6ff2

5
kustomize/cluster-1/.sops.yaml Normal file
View File

@ -0,0 +1,5 @@
creation_rules:
- path_regex: secrets/.*.yaml
key_groups:
- age:
- age1nrsmsgq0xynqke4sh8qmuxnlqqg7z5ll5stkpe8qy6tqy40cearqhxjy70

14
kustomize/cluster-1/kustomization.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: kustomize.config.k8s.io/v1beta1
generatorOptions:
disableNameSuffixHash: true
generators:
- sec-generator.yaml
kind: Kustomization
metadata:
name: helm-root
namespace: flux-system
resources:
- src/release-postgresql.yaml
- src/repository-bitnami.yaml
- src/values/database-postgresql-values.postgresql.yaml
- src/values/database-postgresql-values.spec.postgresql.yaml

7
kustomize/cluster-1/sec-generator.yaml Normal file
View File

@ -0,0 +1,7 @@
---
apiVersion: viaduct.ai/v1
kind: ksops
metadata:
name: shoebill-secret-gen
files:
- src/secrets/database-postgresql-secrets.postgresql.yaml

0
kustomize/cluster-1/src/.gitkeep Normal file
View File

32
kustomize/cluster-1/src/release-postgresql.yaml Normal file
View File

@ -0,0 +1,32 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
creationTimestamp: null
name: postgresql
namespace: flux-system
spec:
chart:
spec:
chart: postgresql
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
version: 13.3.1
install:
crds: Create
createNamespace: true
interval: 1m0s
releaseName: postgresql
targetNamespace: database
valuesFrom:
- kind: ConfigMap
name: database-postgresql-values.postgresql.yaml
valuesKey: database-postgresql-values.postgresql.yaml
- kind: ConfigMap
name: database-postgresql-values.spec.postgresql.yaml
valuesKey: database-postgresql-values.spec.postgresql.yaml
- kind: Secret
name: database-postgresql-secrets.postgresql.yaml
valuesKey: database-postgresql-secrets.postgresql.yaml
status: {}

11
kustomize/cluster-1/src/repository-bitnami.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
creationTimestamp: null
name: bitnami
namespace: flux-system
spec:
interval: 1m0s
type: default
url: https://charts.bitnami.com/bitnami
status: {}

28
kustomize/cluster-1/src/secrets/database-postgresql-secrets.postgresql.yaml Normal file
View File

@ -0,0 +1,28 @@
apiVersion: ENC[AES256_GCM,data:0IQ=,iv:6DBjaKbEYluzcIXt41qI1nibvmsBCMpjCygTSYIbbpI=,tag:oxFoA9i3y2qIWTAx13fZgQ==,type:str]
data:
database-postgresql-secrets.postgresql.yaml: ENC[AES256_GCM,data:bku6a/JrpOAhCLzewyAi3EXn+0Ag4XR0jLbBu/2qE5CwJmUpF++dPOtuGQkDMA9BQ/+vBCiX8swioHi4Vm2DiFB1E92beIDUYDIlAxpEp9zcMNpIX3tgqtNMy0lcwoZ4tz38eBOrZa4=,iv:6BI87Bt02PDVzMOrNnH+C5AHJ+mpAbvZqeERUW2AqkI=,tag:l1+QS4qFomJhjUkgsAkiNQ==,type:str]
kind: ENC[AES256_GCM,data:ZFyQkoBd,iv:hORdR7eZvVQYVOVPsksikkDQ7gxmXk9yaqo3ZbcHJDQ=,tag:VqZ6yB8D9Il9T8CS4r+CmA==,type:str]
metadata:
creationTimestamp: null
name: ENC[AES256_GCM,data:5GUso4i6iR+XIc4x0oV1YnynuwBsQszBiEIbbbgywnQQvUwTpXTg0HStcw==,iv:FOZN5t4y/Nof0RThN25zo3yYvVq/jFAivbRrk+2/nDY=,tag:fagVnwd2+nZob4cInc0HCQ==,type:str]
namespace: ENC[AES256_GCM,data:Gi2FTIVlqneUJN8=,iv:Nsn9/2rj36kTsx7oc7ooqzHzWjpyz6LI0gSjDhF+3CE=,tag:bmbMSRA4wKVfxHMkM8OLDQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1nrsmsgq0xynqke4sh8qmuxnlqqg7z5ll5stkpe8qy6tqy40cearqhxjy70
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1UXRBRnBjWER3a3B2a2pQ
Ymo0M21yMXlXdm5RTmc5S2tQN1lub3BPV21NCldvZGIxTGV3UmMrMVk4di9Gb2xI
K2tPc1FrL3ZCWjBLSi9zVTRpUTd2YU0KLS0tIGFYYUZSUllteDJzeW8wdXdlUyt6
NWtXVmVrSVhJaHVOdFV6eGF3ektQNk0KdRktWh7bAYzf/dMkZI6GFERjjloITA1c
LDZot6QNyWGmxPMMMTPKPWVTPpQ6mAMrYBRfY0fGGBN0vEk+UDqzbg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-06T20:38:58Z"
mac: ENC[AES256_GCM,data:Ks/88amf/v7xT+oQaeAB4TR/QR6JTRzvNJyi5A4AhV2l6PEWCqyN4kK2SQd+khwrYhtPUcFuteIUoch9vGiwhxlRsE+lCEJ3RceU/YJg9dOaBXZX1eWs6p2gcxxJhxDGbHEgXimf8URCvl5YOzk5OjbbI8rI9OjYiiGpOLkZxIs=,iv:lgpgL6Ro8SVNqvN+/md/N6RBIXyMICE691eZ4xeFTnQ=,tag:eMv6nqjG+s/FTk5h9hfnXQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

15
kustomize/cluster-1/src/values/database-postgresql-values.postgresql.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: v1
data:
database-postgresql-values.postgresql.yaml: |
architecture: standalone
auth:
database: postgres
metrics:
enabled: false
kind: ConfigMap
metadata:
creationTimestamp: null
name: database-postgresql-values.postgresql.yaml
namespace: flux-system

10
kustomize/cluster-1/src/values/database-postgresql-values.spec.postgresql.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
data:
database-postgresql-values.spec.postgresql.yaml: |
persistence:
size: 1Gi
kind: ConfigMap
metadata:
creationTimestamp: null
name: database-postgresql-values.spec.postgresql.yaml
namespace: flux-system

5
kustomize/cluster-2/.sops.yaml Normal file
View File

@ -0,0 +1,5 @@
creation_rules:
- path_regex: secrets/.*.yaml
key_groups:
- age:
- age1qf6709hu4wlg6s5wyy3w0en265k9qjuxesz2tqq8e0xdrfwjrc2qngtfew

14
kustomize/cluster-2/kustomization.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: kustomize.config.k8s.io/v1beta1
generatorOptions:
disableNameSuffixHash: true
generators:
- sec-generator.yaml
kind: Kustomization
metadata:
name: helm-root
namespace: flux-system
resources:
- src/release-postgresql.yaml
- src/repository-bitnami.yaml
- src/values/database-postgresql-values.postgresql.yaml
- src/values/database-postgresql-values.spec.postgresql.yaml

7
kustomize/cluster-2/sec-generator.yaml Normal file
View File

@ -0,0 +1,7 @@
---
apiVersion: viaduct.ai/v1
kind: ksops
metadata:
name: shoebill-secret-gen
files:
- src/secrets/database-postgresql-secrets.postgresql.yaml

0
kustomize/cluster-2/src/.gitkeep Normal file
View File

32
kustomize/cluster-2/src/release-postgresql.yaml Normal file
View File

@ -0,0 +1,32 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
creationTimestamp: null
name: postgresql
namespace: flux-system
spec:
chart:
spec:
chart: postgresql
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
version: 13.3.1
install:
crds: Create
createNamespace: true
interval: 1m0s
releaseName: postgresql
targetNamespace: database
valuesFrom:
- kind: ConfigMap
name: database-postgresql-values.postgresql.yaml
valuesKey: database-postgresql-values.postgresql.yaml
- kind: ConfigMap
name: database-postgresql-values.spec.postgresql.yaml
valuesKey: database-postgresql-values.spec.postgresql.yaml
- kind: Secret
name: database-postgresql-secrets.postgresql.yaml
valuesKey: database-postgresql-secrets.postgresql.yaml
status: {}

11
kustomize/cluster-2/src/repository-bitnami.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
creationTimestamp: null
name: bitnami
namespace: flux-system
spec:
interval: 1m0s
type: default
url: https://charts.bitnami.com/bitnami
status: {}

28
kustomize/cluster-2/src/secrets/database-postgresql-secrets.postgresql.yaml Normal file
View File

@ -0,0 +1,28 @@
apiVersion: ENC[AES256_GCM,data:QfE=,iv:vk+W6EpT+3/cFYVahk7rOzluFjNtRS82fiT+aXudxiE=,tag:6jyzh9YmotDo7dW8dRrz/A==,type:str]
data:
database-postgresql-secrets.postgresql.yaml: ENC[AES256_GCM,data:SOe+Bw/lG33RmMcb+L6HqQ0we7h+y0wATk0/sKF77awPFO/7VX1jHgZmHXO0pTpfP5cFz7JDRY8otaL+WZJ3deH6tomYOuQx1PFBxiyZiDpLAX4dIH1RpxKa7RsiChGU3SG9N/GRmUU=,iv:rjSww8arBW69vw10EMz40wu2Xt3o7GCzFfo21XvNzLU=,tag:owUDgpMkQjAQwXCNgp8Aaw==,type:str]
kind: ENC[AES256_GCM,data:r8+gX2XV,iv:kR+CWq9h7qI7Q03QXZciiIkFj6IK4GcwEg/QpTPXq/4=,tag:SXVMggg9efy670umdUQpzw==,type:str]
metadata:
creationTimestamp: null
name: ENC[AES256_GCM,data:wv2KayG7X8JnVxY15zSyIjyZlu8aSZSLlNn3+HjaozizH0Z4UfE29X3UgQ==,iv:erc4WrkzbeC5W017seKd2Y0xO322+m6LPZt1rYobGbI=,tag:AnmRmf5mcJqJpKr5YpFzRg==,type:str]
namespace: ENC[AES256_GCM,data:7+Driy1rvuToNkI=,iv:XeaL2SAyGEcJive//UYxH/fI90kDduycD29Qkh4c/jw=,tag:BVh1rPwYJQQKctcR39jrGw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1qf6709hu4wlg6s5wyy3w0en265k9qjuxesz2tqq8e0xdrfwjrc2qngtfew
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2dVhKQmdJZGlrZmE1VTdo
OFdudmE3MUVydXhwbzIzN1BOQXZJeFB1NkQ4CkVVcENGUjlIWldzZFpNWk5xcG1q
SUFZakZIbzVaRDhoTStBblFabkZTVGsKLS0tIG1Hc09lWndIWHpZZjR4UjlLazZW
a0tnMmVuTGlHOGVDeUtiSzFjNU1oWWcK40x6CfKlRo0GoQ5xPs39FnSxLIEOq0Ad
I1OtZuVpjE2h9Wm45dAMfB4h5sI8Z7/WW7122jVtKYrH6KqBSbpfcg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-06T20:39:45Z"
mac: ENC[AES256_GCM,data:7fRvSUKtsKSTq605EaLBb+Dj+2uTa19t0FsUeue1XvQVwOzOI1oOMrwyNP6b90g55FsLdzoy0Q2U4ehnoFY7Rvjj0mnM9ApcWFvcWTCXYrqJfNkkObpsqHSQWItGvf/4iJPokk4vIneGZzkPOQXnzj5sP5s6+Sr6Tb8r40Wlqqo=,iv:3cRz3rnGOM1p8y6MRplJedNLMjQV4f2BrR2iliFm+fc=,tag:tt1bCtYDvAueelaF0LezLA==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

15
kustomize/cluster-2/src/values/database-postgresql-values.postgresql.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: v1
data:
database-postgresql-values.postgresql.yaml: |
architecture: standalone
auth:
database: postgres
metrics:
enabled: false
kind: ConfigMap
metadata:
creationTimestamp: null
name: database-postgresql-values.postgresql.yaml
namespace: flux-system

10
kustomize/cluster-2/src/values/database-postgresql-values.spec.postgresql.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
data:
database-postgresql-values.spec.postgresql.yaml: |
persistence:
size: 10Gi
kind: ConfigMap
metadata:
creationTimestamp: null
name: database-postgresql-values.spec.postgresql.yaml
namespace: flux-system