DevFW-CICD/stacks-instances
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial upload

Browse source
This commit is contained in:
Automated pipeline 2025-06-03 15:33:04 +00:00 committed by Actions pipeline
parent 6ff50c46a8
commit 149877808e
111 changed files with 17100 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

32
otc/a.think-ahead.cloud/stacks/core/argocd.yaml Normal file
View file

@ -0,0 +1,32 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: argocd
namespace: argocd
labels:
env: dev
spec:
project: default
syncPolicy:
automated:
selfHeal: true
syncOptions:
- CreateNamespace=true
retry:
limit: -1
destination:
name: in-cluster
namespace: argocd
sources:
- repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/argocd-helm.git
path: charts/argo-cd
# TODO: RIRE Can be updated when https://github.com/argoproj/argo-cd/issues/20790 is fixed and merged
# As logout make problems, it is suggested to switch from path based routing to an own argocd domain,
# similar to the CNOE amazon reference implementation and in our case, Forgejo
targetRevision: argo-cd-7.8.14-depends
helm:
valueFiles:
- $values/otc/a.think-ahead.cloud/stacks/core/argocd/values.yaml
- repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
targetRevision: HEAD
ref: values

35
otc/a.think-ahead.cloud/stacks/core/argocd/values.yaml Normal file
View file

@ -0,0 +1,35 @@
global:
domain: a.think-ahead.cloud
configs:
params:
server.insecure: true
server.basehref: /argocd
server.rootpath: /argocd
cm:
application.resourceTrackingMethod: annotation
timeout.reconciliation: 60s
resource.exclusions: |
- apiGroups:
- "*"
kinds:
- ProviderConfigUsage
- apiGroups:
- cilium.io
kinds:
- CiliumIdentity
clusters:
- "*"
accounts.provider-argocd: apiKey
url: https://a.think-ahead.cloud/argocd
rbac:
policy.csv: 'g, provider-argocd, role:admin'
tls:
certificates:
notifications:
enabled: false
dex:
enabled: false

24
otc/a.think-ahead.cloud/stacks/core/ingress-apps.yaml Normal file
View file

@ -0,0 +1,24 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: ingress-apps
namespace: argocd
labels:
example: ref-implementation
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
destination:
server: "https://kubernetes.default.svc"
source:
repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
targetRevision: HEAD
path: "otc/a.think-ahead.cloud/stacks/core/ingress-apps"
project: default
syncPolicy:
automated:
selfHeal: true
syncOptions:
- CreateNamespace=true
retry:
limit: -1

27
otc/a.think-ahead.cloud/stacks/core/ingress-apps/argocd-server.yaml Normal file
View file

@ -0,0 +1,27 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/backend-protocol: HTTP
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
cert-manager.io/cluster-issuer: main
name: argocd-server
namespace: argocd
spec:
ingressClassName: nginx
rules:
- host: a.think-ahead.cloud
http:
paths:
- backend:
service:
name: argocd-server
port:
number: 80
path: /argocd
pathType: Prefix
tls:
- hosts:
- a.think-ahead.cloud
secretName: argocd-net-tls

27
otc/a.think-ahead.cloud/stacks/core/ingress-apps/forgejo.yaml Normal file
View file

@ -0,0 +1,27 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: 512m
cert-manager.io/cluster-issuer: main
name: forgejo
namespace: gitea
spec:
ingressClassName: nginx
rules:
- host: gitea.a.think-ahead.cloud
http:
paths:
- backend:
service:
name: forgejo-http
port:
number: 3000
path: /
pathType: Prefix
tls:
- hosts:
- gitea.a.think-ahead.cloud
secretName: forgejo-net-tls

29
otc/a.think-ahead.cloud/stacks/core/vector.yaml Normal file
View file

@ -0,0 +1,29 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: vector
namespace: argocd
labels:
env: dev
spec:
project: default
syncPolicy:
automated:
selfHeal: true
syncOptions:
- CreateNamespace=true
retry:
limit: -1
destination:
name: in-cluster
namespace: observability
sources:
- chart: vector
repoURL: https://helm.vector.dev
targetRevision: 0.43.0
helm:
valueFiles:
- $values/otc/a.think-ahead.cloud/stacks/core/vector/values.yaml
- repoURL: https://forgejo.edf-bootstrap.cx.fg1.ffm.osc.live/DevFW-CICD/stacks-instances
targetRevision: HEAD
ref: values

58
otc/a.think-ahead.cloud/stacks/core/vector/values.yaml Normal file
View file

@ -0,0 +1,58 @@
# -- Enable deployment of vector
role: Agent
dataDir: /vector-data-dir
resources: {}
args:
- -w
- --config-dir
- /etc/vector/
containerPorts:
- name: prom-exporter
containerPort: 9090
protocol: TCP
service:
enabled: false
customConfig:
data_dir: /vector-data-dir
api:
enabled: false
address: 0.0.0.0:8686
playground: true
sources:
k8s:
type: kubernetes_logs
internal_metrics:
type: internal_metrics
transforms:
parser:
type: remap
inputs: [k8s]
source: |
.log = parse_json(.message) ?? .message
del(.message)
sinks:
exporter:
type: prometheus_exporter
address: 0.0.0.0:9090
inputs: [internal_metrics]
vlogs:
type: elasticsearch
inputs: [parser]
endpoints:
- https://o12y.observability.think-ahead.cloud/insert/elasticsearch/
auth:
strategy: basic
user: simple-user
password: simple-password
mode: bulk
api_version: v8
compression: gzip
healthcheck:
enabled: false
request:
headers:
VL-Time-Field: timestamp
VL-Stream-Fields: stream,kubernetes.pod_name,kubernetes.container_name,kubernetes.pod_namespace
VL-Msg-Field: message,msg,_msg,log.msg,log.message,log
AccountID: "0"
ProjectID: "0"