sarex/iac
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: sarex:a4de4c0efcd6b808f5b471f279cc7c99d77ee580
Branches Tags
sarex:master
sarex:argocd-helm-master
sarex:helm
sarex:helm-master
sarex:3.9.0
..
compare: sarex:7b7383aa826f37b482ef5accbcd8303c00dbe31f
Branches Tags
sarex:master
sarex:argocd-helm-master
sarex:helm
sarex:helm-master
sarex:3.9.0

No commits in common. "a4de4c0efcd6b808f5b471f279cc7c99d77ee580" and "7b7383aa826f37b482ef5accbcd8303c00dbe31f" have entirely different histories.
a4de4c0efc ... 7b7383aa82

7 changed files with 3 additions and 107 deletions
Show Stats Expand all files Collapse all files

4
apps/control-interface/brusnika-stage/kustomization.yaml
View File

@ -1,6 +1,6 @@
--- ---
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
namespace: django namespace: mapper
resources: resources:
- helmrelease.yaml - helmrelease.yaml

2
clusters/brusnika-stage/kustomization.yaml
View File

@ -6,4 +6,4 @@ resources:
- ./infrastructure - ./infrastructure
- ./test-service.yaml - ./test-service.yaml
- ../../apps/mapper/brusnika-stage - ../../apps/mapper/brusnika-stage
- ../../apps/control-interface/brusnika-stage - ../../apps/control-interface/brusnika-stage

12
clusters/yc-cps-prod/helm-repositories.yaml
View File

@ -1,12 +0,0 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: yc-oci-charts
namespace: flux-system
spec:
type: oci
interval: 10m0s
url: oci://cr.yandex/crp3ccidau046kdj8g9q/charts
secretRef:
name: yc-cr-auth

13
clusters/yc-cps-prod/infrastructure/kustomization.yaml
View File

@ -1,13 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../../infrastructure/vault
- ./vault-istio.yaml
patches:
- path: ./patches/vault.yaml
target:
group: helm.toolkit.fluxcd.io
version: v2
kind: HelmRelease
name: vault
namespace: vault

12
clusters/yc-cps-prod/infrastructure/patches/vault.yaml
View File

@ -1,12 +0,0 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: vault
namespace: vault
spec:
interval: 5m
timeout: 10m
values:
server:
dataStorage:
storageClass: yc-network-hdd

61
clusters/yc-cps-prod/infrastructure/vault-istio.yaml
View File

@ -1,61 +0,0 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: vault-cert
namespace: istio-system
spec:
dnsNames:
- vault.infra.cps.sarex.io
duration: 2160h
issuerRef:
kind: ClusterIssuer
name: letsencrypt-issuer-istio
privateKey:
rotationPolicy: Always
renewBefore: 360h
secretName: vault-tls
---
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: vault-gateway
namespace: gateway
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- vault.infra.cps.sarex.io
port:
name: https-443
number: 443
protocol: HTTPS
tls:
credentialName: vault-tls
mode: SIMPLE
- hosts:
- vault.infra.cps.sarex.io
port:
name: http-80
number: 80
protocol: HTTP
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: vault-virt-service
namespace: vault
spec:
gateways:
- gateway/vault-gateway
hosts:
- vault.infra.cps.sarex.io
http:
- match:
- uri:
prefix: /
route:
- destination:
host: vault-vault-contour.vault.svc.cluster.local
port:
number: 8200

6
clusters/yc-cps-prod/kustomization.yaml
View File

@ -1,6 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./flux-system
- ./helm-repositories.yaml
- ./infrastructure