DevFW-CICD/stacks-instances
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Automated upload for edp.buildth.ing

Browse source
This commit is contained in:
Automated pipeline 2025-08-01 12:32:29 +00:00 committed by Actions pipeline
parent 7d2c2a7efb
commit eafb04b866
5 changed files with 87 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

4
otc/edp.buildth.ing/stacks/core/argocd.yaml
View file

@ -18,12 +18,12 @@ spec:
name: in-cluster name: in-cluster
namespace: argocd namespace: argocd
sources: sources:
- repoURL: https://observability.buildth.ing/DevFW-CICD/argocd-helm.git - repoURL: https://github.com/argoproj/argo-helm.git
path: charts/argo-cd path: charts/argo-cd
# TODO: RIRE Can be updated when https://github.com/argoproj/argo-cd/issues/20790 is fixed and merged # TODO: RIRE Can be updated when https://github.com/argoproj/argo-cd/issues/20790 is fixed and merged
# As logout make problems, it is suggested to switch from path based routing to an own argocd domain, # As logout make problems, it is suggested to switch from path based routing to an own argocd domain,
# similar to the CNOE amazon reference implementation and in our case, Forgejo # similar to the CNOE amazon reference implementation and in our case, Forgejo
targetRevision: argo-cd-7.8.14-depends targetRevision: argo-cd-7.8.28
helm: helm:
valueFiles: valueFiles:
- $values/otc/edp.buildth.ing/stacks/core/argocd/values.yaml - $values/otc/edp.buildth.ing/stacks/core/argocd/values.yaml

10
otc/edp.buildth.ing/stacks/forgejo/forgejo-server.yaml
View file

@ -18,15 +18,9 @@ spec:
name: in-cluster name: in-cluster
namespace: gitea namespace: gitea
sources: sources:
- repoURL: https://observability.buildth.ing/DevFW-CICD/forgejo-helm.git - repoURL: https://code.forgejo.org/forgejo-helm/forgejo-helm.git
path: . path: .
# first check out the desired version (example v9.0.0): https://code.forgejo.org/forgejo-helm/forgejo-helm/src/tag/v9.0.0/Chart.yaml targetRevision: v12.0.0
# (note that the chart version is not the same as the forgejo application version, which is specified in the above Chart.yaml file)
# then use the devops pipeline and select development, forgejo and the desired version (example v9.0.0):
# https://observability.buildth.ing/DevFW-CICD/devops-pipelines/actions?workflow=update-helm-depends.yaml&actor=0&status=0
# finally update the desired version here and include "-depends", it is created by the devops pipeline.
# why do we have an added "-depends" tag? it resolves rate limitings when downloading helm OCI dependencies
targetRevision: v12.0.0-depends
helm: helm:
valueFiles: valueFiles:
- $values/otc/edp.buildth.ing/stacks/forgejo/forgejo-server/values.yaml - $values/otc/edp.buildth.ing/stacks/forgejo/forgejo-server/values.yaml

79
otc/edp.buildth.ing/stacks/forgejo/forgejo-server/manifests/forgejo-s3-backup-cronjob.yaml Normal file
View file

@ -0,0 +1,79 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: forgejo-s3-backup
namespace: gitea
spec:
schedule: "0 1 * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: rclone
image: rclone/rclone:1.70
imagePullPolicy: IfNotPresent
env:
- name: SOURCE_BUCKET
valueFrom:
secretKeyRef:
name: forgejo-cloud-credentials
key: bucket-name
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: forgejo-cloud-credentials
key: access-key
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: forgejo-cloud-credentials
key: secret-key
volumeMounts:
- name: rclone-config
mountPath: /config/rclone
readOnly: true
- name: backup-dir
mountPath: /backup
readOnly: false
command:
- /bin/sh
- -c
- |
rclone sync source:/${SOURCE_BUCKET}/packages /backup -v --ignore-checksum
restartPolicy: OnFailure
volumes:
- name: rclone-config
secret:
secretName: forgejo-s3-backup
- name: backup-dir
persistentVolumeClaim:
claimName: s3-backup
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: s3-backup
namespace: gitea
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 50Gi
---
apiVersion: v1
kind: Secret
metadata:
name: forgejo-s3-backup
namespace: gitea
type: Opaque
stringData:
rclone.conf: |
[source]
type = s3
provider = HuaweiOBS
env_auth = true
endpoint = obs.eu-de.otc.t-systems.com
region = eu-de
acl = private

3
otc/edp.buildth.ing/stacks/forgejo/forgejo-server/values.yaml
View file

@ -1,4 +1,4 @@
# We use recreate to make sure only one instance with one version is running, because Forgejo might break or data gets inconsistant. # This is only used for deploying older versions of infra-catalogue where the bucket name is not an output of the terragrunt modules# We use recreate to make sure only one instance with one version is running, because Forgejo might break or data gets inconsistant.
strategy: strategy:
type: Recreate type: Recreate
@ -136,6 +136,7 @@ gitea:
service: service:
DISABLE_REGISTRATION: true DISABLE_REGISTRATION: true
ENABLE_NOTIFY_MAIL: true
other: other:
SHOW_FOOTER_VERSION: false SHOW_FOOTER_VERSION: false

4
otc/edp.buildth.ing/stacks/otc/ingress-nginx.yaml
View file

@ -18,9 +18,9 @@ spec:
name: in-cluster name: in-cluster
namespace: ingress-nginx namespace: ingress-nginx
sources: sources:
- repoURL: https://observability.buildth.ing/DevFW-CICD/ingress-nginx-helm.git - repoURL: https://github.com/kubernetes/ingress-nginx.git
path: charts/ingress-nginx path: charts/ingress-nginx
targetRevision: helm-chart-4.12.1-depends targetRevision: helm-chart-4.12.1
helm: helm:
valueFiles: valueFiles:
- $values/otc/edp.buildth.ing/stacks/otc/ingress-nginx/values.yaml - $values/otc/edp.buildth.ing/stacks/otc/ingress-nginx/values.yaml