Compare commits
25 Commits
69de4b5429
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 082e159a96 | |||
| e865676f76 | |||
| 1899074f21 | |||
| 33c9d0648f | |||
| dfdbc6bff5 | |||
| b50508a71a | |||
| 61cbec9fdd | |||
| 742d074c3f | |||
| 06b288e17c | |||
| 2278a4f048 | |||
| cdd4b0162a | |||
| 2e7be7edbe | |||
| 383f29e421 | |||
| b43cdeba18 | |||
| bde7552ae1 | |||
| 3830d32c67 | |||
| 92892732d0 | |||
| d71b0597cc | |||
| 1a70faa2e9 | |||
| e1e54e567d | |||
| 3daa236d8c | |||
| d764dbc6d2 | |||
| 44104ba195 | |||
| 45754be712 | |||
| 0e9d1eb85d |
@@ -131,4 +131,4 @@ jobs:
|
||||
tags: action,failed
|
||||
details: "Docker linting for compose dirs: ${{ steps.check-dir-changes.outputs.compose-dir-csv }}"
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "View Logs", "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]'
|
||||
actions: '[{"action": "view", "label": "View Logs", "url": "${{ vars.USER_URL }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]'
|
||||
|
||||
@@ -218,9 +218,9 @@ jobs:
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: "Helm linting for cluster '${CLUSTER}' failed on charts: ${{ steps.lint.outputs.failed-charts }}"
|
||||
details: "Helm linting for cluster '${{ env.CLUSTER }}' failed on charts: ${{ steps.lint.outputs.failed-charts }}"
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "View Run", "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]'
|
||||
actions: '[{"action": "view", "label": "View Run", "url": "${{ vars.USER_URL }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]'
|
||||
image: true
|
||||
|
||||
validate-kubeconform:
|
||||
@@ -361,7 +361,7 @@ jobs:
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: "Kubeconform for cluster '${CLUSTER}' failed on charts: ${{ steps.validate.outputs.failed-charts }}"
|
||||
details: "Kubeconform for cluster '${{ env.CLUSTER }}' failed on charts: ${{ steps.validate.outputs.failed-charts }}"
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "View Run", "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]'
|
||||
actions: '[{"action": "view", "label": "View Run", "url": "${{ vars.USER_URL }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]'
|
||||
image: true
|
||||
|
||||
@@ -1,463 +0,0 @@
|
||||
name: render-manifests-automerge
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
# pull_request:
|
||||
# branches:
|
||||
# - main
|
||||
# paths:
|
||||
# - 'clusters/cl01tl/helm/**'
|
||||
# types:
|
||||
# - closed
|
||||
|
||||
env:
|
||||
CLUSTER: cl01tl
|
||||
BASE_BRANCH: manifests
|
||||
BRANCH_NAME_BASE: auto/update-manifests-automerge
|
||||
MAIN_DIR: /workspace/alexlebens/infrastructure/infrastructure
|
||||
MANIFEST_DIR: /workspace/alexlebens/infrastructure/infrastructure-manifests
|
||||
|
||||
jobs:
|
||||
render-manifests-automerge:
|
||||
runs-on: ubuntu-js
|
||||
if: ${{ (github.event.pull_request.merged == true) && (contains(github.event.pull_request.labels.*.name, 'automerge')) }}
|
||||
steps:
|
||||
- name: Checkout Main
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
path: infrastructure
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Checkout Manifests
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
ref: manifests
|
||||
path: infrastructure-manifests
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
|
||||
cache: true
|
||||
|
||||
- name: Configure Kubeconfig
|
||||
uses: azure/k8s-set-context@v4
|
||||
with:
|
||||
method: kubeconfig
|
||||
kubeconfig: ${{ secrets.KUBECONFIG }}
|
||||
|
||||
- name: Cache Helm Dependencies
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/.cache/helm
|
||||
~/.config/helm
|
||||
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
|
||||
restore-keys: |
|
||||
helm-cache-${{ runner.os }}-
|
||||
|
||||
- name: Prepare Manifest Branch
|
||||
id: prepare-manifest-branch
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
BRANCH_NAME="${BRANCH_NAME_BASE}-$(date +%Y%m%d%H%M%S)"
|
||||
|
||||
echo ""
|
||||
echo ">> Configure git to use gitea-bot as user ..."
|
||||
git config user.name "gitea-bot"
|
||||
git config user.email "gitea-bot@alexlebens.net"
|
||||
|
||||
echo ""
|
||||
echo ">> Creating branch ..."
|
||||
git checkout -b $BRANCH_NAME
|
||||
|
||||
echo "----"
|
||||
|
||||
echo "BRANCH_NAME=${BRANCH_NAME}" >> $GITEA_OUTPUT
|
||||
|
||||
- name: Check which Directories have Changes
|
||||
id: check-dir-changes
|
||||
run: |
|
||||
cd "${MAIN_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Checking for changes from HEAD^..HEAD ..."
|
||||
|
||||
# Extract the chart names from the git diff
|
||||
RENDER_DIR=$(git diff --name-only HEAD^..HEAD | grep -E "^clusters/${CLUSTER}/helm/" | awk -F '/' '{print $4}' | sort -u || true)
|
||||
|
||||
if [ -n "${RENDER_DIR}" ]; then
|
||||
echo ""
|
||||
echo ">> Directories to Render:"
|
||||
echo "${RENDER_DIR}"
|
||||
|
||||
echo "----"
|
||||
|
||||
echo "changes-detected=true" >> "$GITEA_OUTPUT"
|
||||
echo "render-dir<<EOF" >> "$GITEA_OUTPUT"
|
||||
echo "${RENDER_DIR}" >> "$GITEA_OUTPUT"
|
||||
echo "EOF" >> "$GITEA_OUTPUT"
|
||||
|
||||
else
|
||||
echo ""
|
||||
echo ">> No chart changes detected"
|
||||
echo "changes-detected=false" >> "$GITEA_OUTPUT"
|
||||
|
||||
fi
|
||||
|
||||
- name: Add Repositories
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd "${MAIN_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Adding repositories for chart dependencies ..."
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
helm dependency list --max-col-width 120 "${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" 2> /dev/null \
|
||||
| tail -n +2 \
|
||||
| awk 'NF > 0 { print $1, $3 }' \
|
||||
| while read -r REPO_NAME REPO_URL; do
|
||||
if [[ "${REPO_URL}" == oci://* ]]; then
|
||||
echo ""
|
||||
echo ">> Ignoring OCI repo: ${REPO_URL}"
|
||||
|
||||
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
|
||||
helm repo add "${REPO_NAME}" "${REPO_URL}"
|
||||
|
||||
fi
|
||||
done || true
|
||||
done
|
||||
|
||||
if helm repo list > /dev/null 2>&1; then
|
||||
echo ""
|
||||
echo ">> Update repository cache ..."
|
||||
helm repo update
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Remove Changed Manifest Files
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Remove manfiest files and rebuild from source ..."
|
||||
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
CHART_PATH=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${DIR}
|
||||
|
||||
echo "${CHART_PATH}"
|
||||
rm -rf ${CHART_PATH}/*
|
||||
done
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Render Helm Manifests
|
||||
id: render-manifests
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd ${MAIN_DIR}
|
||||
|
||||
echo ""
|
||||
echo ">> Rendering Manifests ..."
|
||||
|
||||
render_chart() {
|
||||
local DIR="$1"
|
||||
local CHART_PATH="${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}"
|
||||
local CHART_NAME=$(basename "${CHART_PATH}")
|
||||
|
||||
echo ""
|
||||
echo ">> Rendering ..."
|
||||
echo ">> Chart: ${CHART_NAME}"
|
||||
echo ">> Path: ${CHART_PATH}"
|
||||
|
||||
if [ -f "${CHART_PATH}/Chart.yaml" ]; then
|
||||
local OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${CHART_NAME}/"
|
||||
|
||||
mkdir -p "${OUTPUT_FOLDER}"
|
||||
cd "${CHART_PATH}"
|
||||
|
||||
echo ""
|
||||
echo ">> Updating helm dependencies ..."
|
||||
helm dependency update --skip-refresh > /dev/null
|
||||
|
||||
echo ""
|
||||
echo ">> Linting helm chart ..."
|
||||
helm lint --namespace "${CHART_NAME}" --quiet
|
||||
|
||||
local NAMESPACE="${CHART_NAME}"
|
||||
case "${CHART_NAME}" in
|
||||
"stack")
|
||||
NAMESPACE="argocd"
|
||||
echo ""
|
||||
echo ">> Special Rendering into 'argocd' namespace ..."
|
||||
;;
|
||||
"cilium" | "coredns" | "metrics-server" | "prometheus-operator-crds")
|
||||
NAMESPACE="kube-system"
|
||||
echo ""
|
||||
echo ">> Special Rendering for ${CHART_NAME} into 'kube-system' namespace ..."
|
||||
;;
|
||||
*)
|
||||
echo ""
|
||||
echo ">> Standard Rendering for ${CHART_NAME} ..."
|
||||
esac
|
||||
|
||||
echo ""
|
||||
echo ">> Formating rendered template ..."
|
||||
local TEMPLATE
|
||||
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
|
||||
|
||||
# Format and split rendered template
|
||||
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
|
||||
|
||||
# Strip comments again to ensure formatting correctness
|
||||
for file in "$OUTPUT_FOLDER"/*; do
|
||||
yq -i '... comments=""' $file
|
||||
done
|
||||
|
||||
echo ""
|
||||
echo ">> Manifests for ${CHART_NAME} rendered to ${OUTPUT_FOLDER}:"
|
||||
ls $OUTPUT_FOLDER
|
||||
echo ""
|
||||
else
|
||||
echo ""
|
||||
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..."
|
||||
echo ""
|
||||
fi
|
||||
}
|
||||
|
||||
export -f render_chart
|
||||
export MAIN_DIR CLUSTER MANIFEST_DIR
|
||||
|
||||
# Run rendering in parallel
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
echo "${DIR}"
|
||||
done | xargs -n 1 -P 4 -I {} bash -c 'render_chart "$@"' _ {}
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Check for Changes
|
||||
id: check-changes
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
GIT_CHANGES=$(git status --porcelain)
|
||||
|
||||
if [ -n "${GIT_CHANGES}" ]; then
|
||||
echo ""
|
||||
echo ">> Changes detected"
|
||||
git status --porcelain
|
||||
echo "changes-detected=true" >> $GITEA_OUTPUT
|
||||
|
||||
else
|
||||
echo ""
|
||||
echo ">> No changes detected, skipping PR creation"
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Commit and Push Changes
|
||||
id: commit-push
|
||||
if: steps.check-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
BRANCH_NAME: ${{ steps.prepare-manifest-branch.outputs.BRANCH_NAME }}
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Commiting changes to ${BRANCH_NAME} ..."
|
||||
git add .
|
||||
git commit -m "chore: Update manifests after automerge"
|
||||
|
||||
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
|
||||
echo ""
|
||||
echo ">> Pushing changes to ${REPO_URL} ..."
|
||||
|
||||
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@${REPO_URL#*://}" "${BRANCH_NAME}"
|
||||
|
||||
echo "----"
|
||||
|
||||
echo "push=true" >> "$GITEA_OUTPUT"
|
||||
|
||||
- name: Create Pull Request
|
||||
id: create-pull-request
|
||||
if: steps.commit-push.outputs.push == 'true'
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
||||
BRANCH_NAME: ${{ steps.prepare-manifest-branch.outputs.BRANCH_NAME }}
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls"
|
||||
|
||||
PAYLOAD=$( jq -n \
|
||||
--arg head "${BRANCH_NAME}" \
|
||||
--arg base "${BASE_BRANCH}" \
|
||||
--arg title "Automated Manifest Update - Automerge" \
|
||||
--arg body "This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. This is expected to be automerged." \
|
||||
'{head: $head, base: $base, title: $title, body: $body}' )
|
||||
|
||||
echo ">> Creating PR from branch ${BRANCH_NAME} into ${BASE_BRANCH}"
|
||||
echo ">> With Endpoint of:"
|
||||
echo "$API_ENDPOINT"
|
||||
echo ">> With Payload of:"
|
||||
echo "$PAYLOAD"
|
||||
|
||||
HTTP_STATUS=$(
|
||||
curl -X POST \
|
||||
--silent \
|
||||
--write-out '%{http_code}' \
|
||||
--output response_body.json \
|
||||
--dump-header response_headers.txt \
|
||||
--data "$PAYLOAD" \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
"$API_ENDPOINT" 2> response_errors.txt
|
||||
)
|
||||
|
||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
||||
echo ">> Response Output ..."
|
||||
echo "----"
|
||||
cat response_body.json
|
||||
echo "----"
|
||||
cat response_headers.txt
|
||||
echo "----"
|
||||
cat response_errors.txt
|
||||
echo "----"
|
||||
|
||||
if [ "$HTTP_STATUS" == "201" ]; then
|
||||
echo ">> Pull Request created successfully!"
|
||||
|
||||
PR_URL=$(cat response_body.json | jq -r .html_url)
|
||||
echo ">> Pull Request URL: $PR_URL"
|
||||
echo "pull-request-url=${PR_URL}" >> $GITEA_OUTPUT
|
||||
|
||||
PR_NUMBER=$(cat response_body.json | jq -r .number)
|
||||
echo ">> Pull Request Number: $PR_NUMBER"
|
||||
echo "pull-request-number=${PR_NUMBER}" >> $GITEA_OUTPUT
|
||||
|
||||
echo "pull-request-operation=created" >> $GITEA_OUTPUT
|
||||
|
||||
elif [ "$HTTP_STATUS" == "422" ]; then
|
||||
echo ">> Failed to create PR (HTTP 422: Unprocessable Entity), PR may already exist"
|
||||
|
||||
elif [ "$HTTP_STATUS" == "409" ]; then
|
||||
echo ">> Failed to create PR (HTTP 409: Conflict), PR already exists"
|
||||
|
||||
else
|
||||
echo ">> Failed to create PR, HTTP status code: $HTTP_STATUS"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Merge Changes
|
||||
id: merge-changes
|
||||
if: steps.commit-push.outputs.push == 'true'
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
||||
BRANCH_NAME: ${{ steps.prepare-manifest-branch.outputs.BRANCH_NAME }}
|
||||
PR_NUMBER: ${{ steps.create-pull-request.outputs.pull-request-number }}
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls/${PR_NUMBER}/merge"
|
||||
|
||||
PAYLOAD=$( jq -n \
|
||||
--arg Do "merge" \
|
||||
'{Do: $Do}' )
|
||||
|
||||
echo ">> Merging PR with ID: ${PR_NUMBER}"
|
||||
echo ">> With Endpoint of:"
|
||||
echo "$API_ENDPOINT"
|
||||
echo ">> With Payload of:"
|
||||
echo "$PAYLOAD"
|
||||
|
||||
HTTP_STATUS=$(
|
||||
curl -X POST \
|
||||
--silent \
|
||||
--write-out '%{http_code}' \
|
||||
--output response_body.json \
|
||||
--dump-header response_headers.txt \
|
||||
--data "$PAYLOAD" \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
"$API_ENDPOINT" 2> response_errors.txt
|
||||
)
|
||||
|
||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
||||
echo ">> Response Output ..."
|
||||
echo "----"
|
||||
cat response_body.json
|
||||
echo "----"
|
||||
cat response_headers.txt
|
||||
echo "----"
|
||||
cat response_errors.txt
|
||||
echo "----"
|
||||
|
||||
if [ "$HTTP_STATUS" == "200" ]; then
|
||||
echo ">> Pull Request merged successfully!"
|
||||
echo "pull-request-operation=merged" >> $GITEA_OUTPUT
|
||||
|
||||
else
|
||||
echo ">> Failed to create PR, HTTP status code: $HTTP_STATUS"
|
||||
echo "pull-request-operation=failed" >> $GITEA_OUTPUT
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Cleanup Branch
|
||||
if: failure()
|
||||
env:
|
||||
BRANCH_NAME: ${{ steps.prepare-manifest-branch.outputs.BRANCH_NAME }}
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
echo ">> Removing branch: ${BRANCH_NAME}"
|
||||
git push origin --delete ${BRANCH_NAME}
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: ntfy Merged
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: steps.merge-changes.outputs.pull-request-operation == 'merged'
|
||||
with:
|
||||
url: "${{ secrets.NTFY_URL }}"
|
||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
||||
title: "Manifest Render PR Merged - Infrastructure"
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: "Automerge Manifest rendering for Infrastructure!"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "${{ steps.create-pull-request.outputs.pull-request-url }}", "clear": true}]'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: "${{ secrets.NTFY_URL }}"
|
||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
||||
title: "Manifest Render Failure - Infrastructure"
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: "Automerge Manifest rendering for Infrastructure has failed!"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=render-manifests-automerge.yaml", "clear": true}]'
|
||||
image: true
|
||||
@@ -1,445 +0,0 @@
|
||||
name: render-manifests-dispatch
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
# schedule:
|
||||
# - cron: '0 15 * * *'
|
||||
|
||||
# workflow_dispatch:
|
||||
|
||||
env:
|
||||
CLUSTER: cl01tl
|
||||
BASE_BRANCH: manifests
|
||||
BRANCH_NAME: auto/update-manifests
|
||||
ASSIGNEE: alexlebens
|
||||
MAIN_DIR: /workspace/alexlebens/infrastructure/infrastructure
|
||||
MANIFEST_DIR: /workspace/alexlebens/infrastructure/infrastructure-manifests
|
||||
|
||||
jobs:
|
||||
render-manifests-dispatch:
|
||||
runs-on: ubuntu-js
|
||||
steps:
|
||||
- name: Checkout Main
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
path: infrastructure
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Checkout Manifests
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
ref: manifests
|
||||
path: infrastructure-manifests
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
|
||||
cache: true
|
||||
|
||||
- name: Configure Kubeconfig
|
||||
uses: azure/k8s-set-context@v4
|
||||
with:
|
||||
method: kubeconfig
|
||||
kubeconfig: ${{ secrets.KUBECONFIG }}
|
||||
|
||||
- name: Cache Helm Dependencies
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/.cache/helm
|
||||
~/.config/helm
|
||||
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
|
||||
restore-keys: |
|
||||
helm-cache-${{ runner.os }}-
|
||||
|
||||
- name: Prepare Manifest Branch
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Configure git to use gitea-bot as user ..."
|
||||
git config user.name "gitea-bot"
|
||||
git config user.email "gitea-bot@alexlebens.net"
|
||||
|
||||
echo ""
|
||||
echo ">> Checking if PR branch exists ..."
|
||||
if git ls-remote --exit-code --heads origin "${BRANCH_NAME}" > /dev/null 2>&1; then
|
||||
echo ""
|
||||
echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..."
|
||||
git fetch origin "${BRANCH_NAME}"
|
||||
git checkout "${BRANCH_NAME}"
|
||||
git pull --rebase
|
||||
|
||||
else
|
||||
echo ""
|
||||
echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..."
|
||||
git checkout -b "${BRANCH_NAME}"
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Check which Directories have Changes
|
||||
id: check-dir-changes
|
||||
run: |
|
||||
cd "${MAIN_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Triggered on dispatch, will check all paths ..."
|
||||
|
||||
# Extract names of charts
|
||||
RENDER_DIR=$(find "clusters/${CLUSTER}/helm" -mindepth 1 -maxdepth 1 -type d -exec basename {} \; | sort -u)
|
||||
|
||||
if [ -n "${RENDER_DIR}" ]; then
|
||||
echo ""
|
||||
echo ">> Directories to Render:"
|
||||
echo "${RENDER_DIR}"
|
||||
echo "----"
|
||||
|
||||
echo "changes-detected=true" >> "$GITEA_OUTPUT"
|
||||
echo "render-dir<<EOF" >> "$GITEA_OUTPUT"
|
||||
echo "${RENDER_DIR}" >> "$GITEA_OUTPUT"
|
||||
echo "EOF" >> "$GITEA_OUTPUT"
|
||||
|
||||
else
|
||||
echo ">> No directories found"
|
||||
echo "changes-detected=false" >> "$GITEA_OUTPUT"
|
||||
|
||||
fi
|
||||
|
||||
- name: Add Repositories
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd "${MAIN_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Adding repositories for chart dependencies ..."
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
helm dependency list --max-col-width 120 "${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" 2> /dev/null \
|
||||
| tail -n +2 \
|
||||
| awk 'NF > 0 { print $1, $3 }' \
|
||||
| while read -r REPO_NAME REPO_URL; do
|
||||
if [[ "${REPO_URL}" == oci://* ]]; then
|
||||
echo ""
|
||||
echo ">> Ignoring OCI repo: ${REPO_URL}"
|
||||
|
||||
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
|
||||
helm repo add "${REPO_NAME}" "${REPO_URL}"
|
||||
|
||||
fi
|
||||
done || true
|
||||
done
|
||||
|
||||
if helm repo list > /dev/null 2>&1; then
|
||||
echo ""
|
||||
echo ">> Update repository cache ..."
|
||||
helm repo update
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Remove Changed Manifest Files
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Remove manfiest files and rebuild from source ..."
|
||||
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
CHART_PATH=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${DIR}
|
||||
|
||||
echo "${CHART_PATH}"
|
||||
rm -rf ${CHART_PATH}/*
|
||||
done
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Render Helm Manifests
|
||||
id: render-manifests
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd ${MAIN_DIR}
|
||||
|
||||
echo ""
|
||||
echo ">> Rendering Manifests ..."
|
||||
|
||||
render_chart() {
|
||||
local DIR="$1"
|
||||
local CHART_PATH="${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}"
|
||||
local CHART_NAME=$(basename "${CHART_PATH}")
|
||||
|
||||
echo ""
|
||||
echo ">> Rendering ..."
|
||||
echo ">> Chart: ${CHART_NAME}"
|
||||
echo ">> Path: ${CHART_PATH}"
|
||||
|
||||
if [ -f "${CHART_PATH}/Chart.yaml" ]; then
|
||||
local OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${CHART_NAME}/"
|
||||
|
||||
mkdir -p "${OUTPUT_FOLDER}"
|
||||
cd "${CHART_PATH}"
|
||||
|
||||
echo ""
|
||||
echo ">> Updating helm dependencies ..."
|
||||
helm dependency update --skip-refresh > /dev/null
|
||||
|
||||
echo ""
|
||||
echo ">> Linting helm chart ..."
|
||||
helm lint --namespace "${CHART_NAME}" --quiet
|
||||
|
||||
local NAMESPACE="${CHART_NAME}"
|
||||
case "${CHART_NAME}" in
|
||||
"stack")
|
||||
NAMESPACE="argocd"
|
||||
echo ""
|
||||
echo ">> Special Rendering into 'argocd' namespace ..."
|
||||
;;
|
||||
"cilium" | "coredns" | "metrics-server" | "prometheus-operator-crds")
|
||||
NAMESPACE="kube-system"
|
||||
echo ""
|
||||
echo ">> Special Rendering for ${CHART_NAME} into 'kube-system' namespace ..."
|
||||
;;
|
||||
*)
|
||||
echo ""
|
||||
echo ">> Standard Rendering for ${CHART_NAME} ..."
|
||||
esac
|
||||
|
||||
echo ""
|
||||
echo ">> Formating rendered template ..."
|
||||
local TEMPLATE
|
||||
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
|
||||
|
||||
# Format and split rendered template
|
||||
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
|
||||
|
||||
# Strip comments again to ensure formatting correctness
|
||||
for file in "$OUTPUT_FOLDER"/*; do
|
||||
yq -i '... comments=""' $file
|
||||
done
|
||||
|
||||
echo ""
|
||||
echo ">> Manifests for ${CHART_NAME} rendered to ${OUTPUT_FOLDER}:"
|
||||
ls $OUTPUT_FOLDER
|
||||
echo ""
|
||||
else
|
||||
echo ""
|
||||
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..."
|
||||
echo ""
|
||||
fi
|
||||
}
|
||||
|
||||
export -f render_chart
|
||||
export MAIN_DIR CLUSTER MANIFEST_DIR
|
||||
|
||||
# Run rendering in parallel
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
echo "${DIR}"
|
||||
done | xargs -n 1 -P 4 -I {} bash -c 'render_chart "$@"' _ {}
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Check for Changes
|
||||
id: check-changes
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
GIT_CHANGES=$(git status --porcelain)
|
||||
|
||||
if [ -n "${GIT_CHANGES}" ]; then
|
||||
echo ""
|
||||
echo ">> Changes detected"
|
||||
git status --porcelain
|
||||
echo "changes-detected=true" >> $GITEA_OUTPUT
|
||||
|
||||
else
|
||||
echo ""
|
||||
echo ">> No changes detected, skipping PR creation"
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Commit and Push Changes
|
||||
id: commit-push
|
||||
if: steps.check-changes.outputs.changes-detected == 'true'
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Commiting changes to ${BRANCH_NAME} ..."
|
||||
git add .
|
||||
git commit -m "chore: Update manifests after change"
|
||||
|
||||
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
|
||||
echo ""
|
||||
echo ">> Pushing changes to ${REPO_URL} ..."
|
||||
|
||||
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@${REPO_URL#*://}" "${BRANCH_NAME}"
|
||||
|
||||
echo "----"
|
||||
|
||||
echo "HEAD_BRANCH=${BRANCH_NAME}" >> "$GITEA_OUTPUT"
|
||||
echo "push=true" >> "$GITEA_OUTPUT"
|
||||
|
||||
- name: Check for Pull Request
|
||||
id: check-for-pull-requst
|
||||
if: steps.commit-push.outputs.push == 'true'
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls?base_branch=${BASE_BRANCH}&state=open&page=1"
|
||||
|
||||
echo ">> Checking if PR from branch ${HEAD_BRANCH} into ${BASE_BRANCH}"
|
||||
echo ">> With Endpoint of:"
|
||||
echo "$API_ENDPOINT"
|
||||
|
||||
HTTP_STATUS=$(
|
||||
curl -X GET \
|
||||
--silent \
|
||||
--write-out '%{http_code}' \
|
||||
--output response_body.json \
|
||||
--dump-header response_headers.txt \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
"$API_ENDPOINT" 2> response_errors.txt
|
||||
)
|
||||
|
||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
||||
echo ">> Response Output ..."
|
||||
echo "----"
|
||||
cat response_body.json
|
||||
echo "----"
|
||||
cat response_headers.txt
|
||||
echo "----"
|
||||
cat response_errors.txt
|
||||
echo "----"
|
||||
|
||||
if [ "$HTTP_STATUS" == "200" ] && [ "$(cat response_body.json | jq -r .[0].state)" == "open" ]; then
|
||||
echo ">> Pull Request has been found open, will update"
|
||||
PR_INDEX=$(cat response_body.json | jq -r .[0].number)
|
||||
echo "pull-request-exists=${PR_INDEX}" >> $GITEA_OUTPUT
|
||||
echo "pull-request-index=true" >> $GITEA_OUTPUT
|
||||
|
||||
elif [ "$HTTP_STATUS" == "200" ] && [ "$(cat response_body.json | jq -r .[0].state)" == "closed" ]; then
|
||||
echo ">> Pull Request found, but was closed"
|
||||
echo "pull-request-exists=false" >> $GITEA_OUTPUT
|
||||
|
||||
else
|
||||
echo ">> Pull Request not found"
|
||||
echo "pull-request-exists=false" >> $GITEA_OUTPUT
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Create Pull Request
|
||||
id: create-pull-request
|
||||
if: steps.commit-push.outputs.push == 'true' && steps.check-for-pull-requst.outputs.pull-request-exists == 'false'
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls"
|
||||
|
||||
PAYLOAD=$( jq -n \
|
||||
--arg head "${HEAD_BRANCH}" \
|
||||
--arg base "${BASE_BRANCH}" \
|
||||
--arg assignee "${ASSIGNEE}" \
|
||||
--arg title "Automated Manifest Update" \
|
||||
--arg body "This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow." \
|
||||
'{head: $head, base: $base, assignee: $assignee, title: $title, body: $body}' )
|
||||
|
||||
echo ">> Creating PR from branch ${HEAD_BRANCH} into ${BASE_BRANCH}"
|
||||
echo ">> With Endpoint of:"
|
||||
echo "$API_ENDPOINT"
|
||||
echo ">> With Payload of:"
|
||||
echo "$PAYLOAD"
|
||||
|
||||
HTTP_STATUS=$(
|
||||
curl -X POST \
|
||||
--silent \
|
||||
--write-out '%{http_code}' \
|
||||
--output response_body.json \
|
||||
--dump-header response_headers.txt \
|
||||
--data "$PAYLOAD" \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
"$API_ENDPOINT" 2> response_errors.txt
|
||||
)
|
||||
|
||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
||||
echo ">> Response Output ..."
|
||||
echo "----"
|
||||
cat response_body.json
|
||||
echo "----"
|
||||
cat response_headers.txt
|
||||
echo "----"
|
||||
cat response_errors.txt
|
||||
echo "----"
|
||||
|
||||
if [ "$HTTP_STATUS" == "201" ]; then
|
||||
echo ">> Pull Request created successfully!"
|
||||
PR_URL=$(cat response_body.json | jq -r .html_url)
|
||||
echo "pull-request-url=${PR_URL}" >> $GITEA_OUTPUT
|
||||
PR_ID=$(cat response_body.json | jq -r .id)
|
||||
echo "pull-request-id=${PR_ID}" >> $GITEA_OUTPUT
|
||||
echo "pull-request-operation=created" >> $GITEA_OUTPUT
|
||||
|
||||
elif [ "$HTTP_STATUS" == "422" ]; then
|
||||
echo ">> Failed to create PR (HTTP 422: Unprocessable Entity), PR may already exist"
|
||||
|
||||
elif [ "$HTTP_STATUS" == "409" ]; then
|
||||
echo ">> Failed to create PR (HTTP 409: Conflict), PR already exists"
|
||||
|
||||
else
|
||||
echo ">> Failed to create PR, HTTP status code: $HTTP_STATUS"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: ntfy Created
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: steps.create-pull-request.outputs.pull-request-operation == 'created'
|
||||
with:
|
||||
url: "${{ secrets.NTFY_URL }}"
|
||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
||||
title: "Manifest Render PR Created - Infrastructure"
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: "Manifest rendering for Infrastructure has created a new Pull Request with ID: ${{ steps.create-pull-request.outputs.pull-request-id }}!"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "${{ steps.create-pull-request.outputs.pull-request-url }}", "clear": true}]'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: "${{ secrets.NTFY_URL }}"
|
||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
||||
title: "Manifest Render Failure - Infrastructure"
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: "Manifest rendering for Infrastructure has failed!"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=render-manifests.yaml", "clear": true}]'
|
||||
image: true
|
||||
@@ -1,451 +0,0 @@
|
||||
name: render-manifests-merge
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
# pull_request:
|
||||
# branches:
|
||||
# - main
|
||||
# paths:
|
||||
# - 'clusters/cl01tl/helm/**'
|
||||
# types:
|
||||
# - closed
|
||||
|
||||
env:
|
||||
CLUSTER: cl01tl
|
||||
BASE_BRANCH: manifests
|
||||
BRANCH_NAME: auto/update-manifests
|
||||
ASSIGNEE: alexlebens
|
||||
MAIN_DIR: /workspace/alexlebens/infrastructure/infrastructure
|
||||
MANIFEST_DIR: /workspace/alexlebens/infrastructure/infrastructure-manifests
|
||||
|
||||
jobs:
|
||||
render-manifests-merge:
|
||||
runs-on: ubuntu-js
|
||||
if: ${{ (github.event.pull_request.merged == true) && !(contains(github.event.pull_request.labels.*.name, 'automerge')) }}
|
||||
steps:
|
||||
- name: Checkout Main
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
path: infrastructure
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Checkout Manifests
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
ref: manifests
|
||||
path: infrastructure-manifests
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
|
||||
cache: true
|
||||
|
||||
- name: Configure Kubeconfig
|
||||
uses: azure/k8s-set-context@v4
|
||||
with:
|
||||
method: kubeconfig
|
||||
kubeconfig: ${{ secrets.KUBECONFIG }}
|
||||
|
||||
- name: Cache Helm Dependencies
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/.cache/helm
|
||||
~/.config/helm
|
||||
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
|
||||
restore-keys: |
|
||||
helm-cache-${{ runner.os }}-
|
||||
|
||||
- name: Prepare Manifest Branch
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Configure git to use gitea-bot as user ..."
|
||||
git config user.name "gitea-bot"
|
||||
git config user.email "gitea-bot@alexlebens.net"
|
||||
|
||||
echo ""
|
||||
echo ">> Checking if PR branch exists ..."
|
||||
if git ls-remote --exit-code --heads origin "${BRANCH_NAME}" > /dev/null 2>&1; then
|
||||
echo ""
|
||||
echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..."
|
||||
git fetch origin "${BRANCH_NAME}"
|
||||
git checkout "${BRANCH_NAME}"
|
||||
git pull --rebase
|
||||
|
||||
else
|
||||
echo ""
|
||||
echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..."
|
||||
git checkout -b "${BRANCH_NAME}"
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Check which Directories have Changes
|
||||
id: check-dir-changes
|
||||
run: |
|
||||
cd "${MAIN_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Checking for changes from HEAD^..HEAD ..."
|
||||
|
||||
# Extract the chart names from the git diff
|
||||
RENDER_DIR=$(git diff --name-only HEAD^..HEAD | grep -E "^clusters/${CLUSTER}/helm/" | awk -F '/' '{print $4}' | sort -u || true)
|
||||
|
||||
if [ -n "${RENDER_DIR}" ]; then
|
||||
echo ""
|
||||
echo ">> Directories to Render:"
|
||||
echo "${RENDER_DIR}"
|
||||
|
||||
echo "----"
|
||||
|
||||
echo "changes-detected=true" >> "$GITEA_OUTPUT"
|
||||
echo "render-dir<<EOF" >> "$GITEA_OUTPUT"
|
||||
echo "${RENDER_DIR}" >> "$GITEA_OUTPUT"
|
||||
echo "EOF" >> "$GITEA_OUTPUT"
|
||||
|
||||
else
|
||||
echo ""
|
||||
echo ">> No chart changes detected"
|
||||
echo "changes-detected=false" >> "$GITEA_OUTPUT"
|
||||
|
||||
fi
|
||||
|
||||
- name: Add Repositories
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd "${MAIN_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Adding repositories for chart dependencies ..."
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
helm dependency list --max-col-width 120 "${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" 2> /dev/null \
|
||||
| tail -n +2 \
|
||||
| awk 'NF > 0 { print $1, $3 }' \
|
||||
| while read -r REPO_NAME REPO_URL; do
|
||||
if [[ "${REPO_URL}" == oci://* ]]; then
|
||||
echo ""
|
||||
echo ">> Ignoring OCI repo: ${REPO_URL}"
|
||||
|
||||
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
|
||||
helm repo add "${REPO_NAME}" "${REPO_URL}"
|
||||
|
||||
fi
|
||||
done || true
|
||||
done
|
||||
|
||||
if helm repo list > /dev/null 2>&1; then
|
||||
echo ""
|
||||
echo ">> Update repository cache ..."
|
||||
helm repo update
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Remove Changed Manifest Files
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Remove manfiest files and rebuild from source ..."
|
||||
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
CHART_PATH=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${DIR}
|
||||
|
||||
echo "${CHART_PATH}"
|
||||
rm -rf ${CHART_PATH}/*
|
||||
done
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Render Helm Manifests
|
||||
id: render-manifests
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd ${MAIN_DIR}
|
||||
|
||||
echo ""
|
||||
echo ">> Rendering Manifests ..."
|
||||
|
||||
render_chart() {
|
||||
local DIR="$1"
|
||||
local CHART_PATH="${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}"
|
||||
local CHART_NAME=$(basename "${CHART_PATH}")
|
||||
|
||||
echo ""
|
||||
echo ">> Rendering ..."
|
||||
echo ">> Chart: ${CHART_NAME}"
|
||||
echo ">> Path: ${CHART_PATH}"
|
||||
|
||||
if [ -f "${CHART_PATH}/Chart.yaml" ]; then
|
||||
local OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${CHART_NAME}/"
|
||||
|
||||
mkdir -p "${OUTPUT_FOLDER}"
|
||||
cd "${CHART_PATH}"
|
||||
|
||||
echo ""
|
||||
echo ">> Updating helm dependencies ..."
|
||||
helm dependency update --skip-refresh > /dev/null
|
||||
|
||||
echo ""
|
||||
echo ">> Linting helm chart ..."
|
||||
helm lint --namespace "${CHART_NAME}" --quiet
|
||||
|
||||
local NAMESPACE="${CHART_NAME}"
|
||||
case "${CHART_NAME}" in
|
||||
"stack")
|
||||
NAMESPACE="argocd"
|
||||
echo ""
|
||||
echo ">> Special Rendering into 'argocd' namespace ..."
|
||||
;;
|
||||
"cilium" | "coredns" | "metrics-server" | "prometheus-operator-crds")
|
||||
NAMESPACE="kube-system"
|
||||
echo ""
|
||||
echo ">> Special Rendering for ${CHART_NAME} into 'kube-system' namespace ..."
|
||||
;;
|
||||
*)
|
||||
echo ""
|
||||
echo ">> Standard Rendering for ${CHART_NAME} ..."
|
||||
esac
|
||||
|
||||
echo ""
|
||||
echo ">> Formating rendered template ..."
|
||||
local TEMPLATE
|
||||
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
|
||||
|
||||
# Format and split rendered template
|
||||
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
|
||||
|
||||
# Strip comments again to ensure formatting correctness
|
||||
for file in "$OUTPUT_FOLDER"/*; do
|
||||
yq -i '... comments=""' $file
|
||||
done
|
||||
|
||||
echo ""
|
||||
echo ">> Manifests for ${CHART_NAME} rendered to ${OUTPUT_FOLDER}:"
|
||||
ls $OUTPUT_FOLDER
|
||||
echo ""
|
||||
else
|
||||
echo ""
|
||||
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..."
|
||||
echo ""
|
||||
fi
|
||||
}
|
||||
|
||||
export -f render_chart
|
||||
export MAIN_DIR CLUSTER MANIFEST_DIR
|
||||
|
||||
# Run rendering in parallel
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
echo "${DIR}"
|
||||
done | xargs -n 1 -P 4 -I {} bash -c 'render_chart "$@"' _ {}
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Check for Changes
|
||||
id: check-changes
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
GIT_CHANGES=$(git status --porcelain)
|
||||
|
||||
if [ -n "${GIT_CHANGES}" ]; then
|
||||
echo ""
|
||||
echo ">> Changes detected"
|
||||
git status --porcelain
|
||||
echo "changes-detected=true" >> $GITEA_OUTPUT
|
||||
|
||||
else
|
||||
echo ""
|
||||
echo ">> No changes detected, skipping PR creation"
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Commit and Push Changes
|
||||
id: commit-push
|
||||
if: steps.check-changes.outputs.changes-detected == 'true'
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Commiting changes to ${BRANCH_NAME} ..."
|
||||
git add .
|
||||
git commit -m "chore: Update manifests after change"
|
||||
|
||||
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
|
||||
echo ""
|
||||
echo ">> Pushing changes to ${REPO_URL} ..."
|
||||
|
||||
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@${REPO_URL#*://}" "${BRANCH_NAME}"
|
||||
|
||||
echo "----"
|
||||
|
||||
echo "HEAD_BRANCH=${BRANCH_NAME}" >> "$GITEA_OUTPUT"
|
||||
echo "push=true" >> "$GITEA_OUTPUT"
|
||||
|
||||
- name: Check for Pull Request
|
||||
id: check-for-pull-requst
|
||||
if: steps.commit-push.outputs.push == 'true'
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls?base_branch=${BASE_BRANCH}&state=open&page=1"
|
||||
|
||||
echo ">> Checking if PR from branch ${HEAD_BRANCH} into ${BASE_BRANCH}"
|
||||
echo ">> With Endpoint of:"
|
||||
echo "$API_ENDPOINT"
|
||||
|
||||
HTTP_STATUS=$(
|
||||
curl -X GET \
|
||||
--silent \
|
||||
--write-out '%{http_code}' \
|
||||
--output response_body.json \
|
||||
--dump-header response_headers.txt \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
"$API_ENDPOINT" 2> response_errors.txt
|
||||
)
|
||||
|
||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
||||
echo ">> Response Output ..."
|
||||
echo "----"
|
||||
cat response_body.json
|
||||
echo "----"
|
||||
cat response_headers.txt
|
||||
echo "----"
|
||||
cat response_errors.txt
|
||||
echo "----"
|
||||
|
||||
if [ "$HTTP_STATUS" == "200" ] && [ "$(cat response_body.json | jq -r .[0].state)" == "open" ]; then
|
||||
echo ">> Pull Request has been found open, will update"
|
||||
PR_INDEX=$(cat response_body.json | jq -r .[0].number)
|
||||
echo "pull-request-exists=${PR_INDEX}" >> $GITEA_OUTPUT
|
||||
echo "pull-request-index=true" >> $GITEA_OUTPUT
|
||||
|
||||
elif [ "$HTTP_STATUS" == "200" ] && [ "$(cat response_body.json | jq -r .[0].state)" == "closed" ]; then
|
||||
echo ">> Pull Request found, but was closed"
|
||||
echo "pull-request-exists=false" >> $GITEA_OUTPUT
|
||||
|
||||
else
|
||||
echo ">> Pull Request not found"
|
||||
echo "pull-request-exists=false" >> $GITEA_OUTPUT
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Create Pull Request
|
||||
id: create-pull-request
|
||||
if: steps.commit-push.outputs.push == 'true' && steps.check-for-pull-requst.outputs.pull-request-exists == 'false'
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls"
|
||||
|
||||
PAYLOAD=$( jq -n \
|
||||
--arg head "${HEAD_BRANCH}" \
|
||||
--arg base "${BASE_BRANCH}" \
|
||||
--arg assignee "${ASSIGNEE}" \
|
||||
--arg title "Automated Manifest Update" \
|
||||
--arg body "This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow." \
|
||||
'{head: $head, base: $base, assignee: $assignee, title: $title, body: $body}' )
|
||||
|
||||
echo ">> Creating PR from branch ${HEAD_BRANCH} into ${BASE_BRANCH}"
|
||||
echo ">> With Endpoint of:"
|
||||
echo "$API_ENDPOINT"
|
||||
echo ">> With Payload of:"
|
||||
echo "$PAYLOAD"
|
||||
|
||||
HTTP_STATUS=$(
|
||||
curl -X POST \
|
||||
--silent \
|
||||
--write-out '%{http_code}' \
|
||||
--output response_body.json \
|
||||
--dump-header response_headers.txt \
|
||||
--data "$PAYLOAD" \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
"$API_ENDPOINT" 2> response_errors.txt
|
||||
)
|
||||
|
||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
||||
echo ">> Response Output ..."
|
||||
echo "----"
|
||||
cat response_body.json
|
||||
echo "----"
|
||||
cat response_headers.txt
|
||||
echo "----"
|
||||
cat response_errors.txt
|
||||
echo "----"
|
||||
|
||||
if [ "$HTTP_STATUS" == "201" ]; then
|
||||
echo ">> Pull Request created successfully!"
|
||||
PR_URL=$(cat response_body.json | jq -r .html_url)
|
||||
echo "pull-request-url=${PR_URL}" >> $GITEA_OUTPUT
|
||||
PR_ID=$(cat response_body.json | jq -r .id)
|
||||
echo "pull-request-id=${PR_ID}" >> $GITEA_OUTPUT
|
||||
echo "pull-request-operation=created" >> $GITEA_OUTPUT
|
||||
|
||||
elif [ "$HTTP_STATUS" == "422" ]; then
|
||||
echo ">> Failed to create PR (HTTP 422: Unprocessable Entity), PR may already exist"
|
||||
|
||||
elif [ "$HTTP_STATUS" == "409" ]; then
|
||||
echo ">> Failed to create PR (HTTP 409: Conflict), PR already exists"
|
||||
|
||||
else
|
||||
echo ">> Failed to create PR, HTTP status code: $HTTP_STATUS"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: ntfy Created
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: steps.create-pull-request.outputs.pull-request-operation == 'created'
|
||||
with:
|
||||
url: "${{ secrets.NTFY_URL }}"
|
||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
||||
title: "Manifest Render PR Created - Infrastructure"
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: "Manifest rendering for Infrastructure has created a new Pull Request with ID: ${{ steps.create-pull-request.outputs.pull-request-id }}!"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "${{ steps.create-pull-request.outputs.pull-request-url }}", "clear": true}]'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: "${{ secrets.NTFY_URL }}"
|
||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
||||
title: "Manifest Render Failure - Infrastructure"
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: "Manifest rendering for Infrastructure has failed!"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=render-manifests.yaml", "clear": true}]'
|
||||
image: true
|
||||
@@ -1,449 +0,0 @@
|
||||
name: render-manifests-push
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
# push:
|
||||
# branches:
|
||||
# - main
|
||||
# paths:
|
||||
# - 'clusters/cl01tl/helm/**'
|
||||
|
||||
env:
|
||||
CLUSTER: cl01tl
|
||||
BASE_BRANCH: manifests
|
||||
BRANCH_NAME: auto/update-manifests
|
||||
ASSIGNEE: alexlebens
|
||||
MAIN_DIR: /workspace/alexlebens/infrastructure/infrastructure
|
||||
MANIFEST_DIR: /workspace/alexlebens/infrastructure/infrastructure-manifests
|
||||
|
||||
jobs:
|
||||
render-manifests-push:
|
||||
runs-on: ubuntu-js
|
||||
if: gitea.event.commits[0].author.username != 'renovate-bot'
|
||||
steps:
|
||||
- name: Checkout Main
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
path: infrastructure
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Checkout Manifests
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
ref: manifests
|
||||
path: infrastructure-manifests
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
|
||||
cache: true
|
||||
|
||||
- name: Configure Kubeconfig
|
||||
uses: azure/k8s-set-context@v4
|
||||
with:
|
||||
method: kubeconfig
|
||||
kubeconfig: ${{ secrets.KUBECONFIG }}
|
||||
|
||||
- name: Cache Helm Dependencies
|
||||
uses: actions/cache@v5
|
||||
with:
|
||||
path: |
|
||||
~/.cache/helm
|
||||
~/.config/helm
|
||||
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
|
||||
restore-keys: |
|
||||
helm-cache-${{ runner.os }}-
|
||||
|
||||
- name: Prepare Manifest Branch
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Configure git to use gitea-bot as user ..."
|
||||
git config user.name "gitea-bot"
|
||||
git config user.email "gitea-bot@alexlebens.net"
|
||||
|
||||
echo ">> Checking if PR branch exists ..."
|
||||
if git ls-remote --exit-code --heads origin "${BRANCH_NAME}" > /dev/null 2>&1; then
|
||||
echo ""
|
||||
echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..."
|
||||
git fetch origin "${BRANCH_NAME}"
|
||||
git checkout "${BRANCH_NAME}"
|
||||
git pull --rebase
|
||||
|
||||
else
|
||||
echo ""
|
||||
echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..."
|
||||
git checkout -b "${BRANCH_NAME}"
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Check which Directories have Changes
|
||||
id: check-dir-changes
|
||||
run: |
|
||||
cd "${MAIN_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Checking for changes ..."
|
||||
|
||||
# Extract the chart names from the git diff
|
||||
RENDER_DIR=$(git diff --name-only ${{ gitea.event.before }}..HEAD | grep -E "^clusters/${CLUSTER}/helm/" | awk -F '/' '{print $4}' | sort -u || true)
|
||||
|
||||
if [ -n "${RENDER_DIR}" ]; then
|
||||
echo ""
|
||||
echo ">> Directories to Render:"
|
||||
echo "${RENDER_DIR}"
|
||||
|
||||
echo "----"
|
||||
|
||||
echo "changes-detected=true" >> "$GITEA_OUTPUT"
|
||||
echo "render-dir<<EOF" >> "$GITEA_OUTPUT"
|
||||
echo "${RENDER_DIR}" >> "$GITEA_OUTPUT"
|
||||
echo "EOF" >> "$GITEA_OUTPUT"
|
||||
|
||||
else
|
||||
echo ""
|
||||
echo ">> No chart changes detected"
|
||||
echo "changes-detected=false" >> "$GITEA_OUTPUT"
|
||||
|
||||
fi
|
||||
|
||||
- name: Add Repositories
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd "${MAIN_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Adding repositories for chart dependencies ..."
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
helm dependency list --max-col-width 120 "${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" 2> /dev/null \
|
||||
| tail -n +2 \
|
||||
| awk 'NF > 0 { print $1, $3 }' \
|
||||
| while read -r REPO_NAME REPO_URL; do
|
||||
if [[ "${REPO_URL}" == oci://* ]]; then
|
||||
echo ""
|
||||
echo ">> Ignoring OCI repo: ${REPO_URL}"
|
||||
|
||||
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
|
||||
helm repo add "${REPO_NAME}" "${REPO_URL}"
|
||||
|
||||
fi
|
||||
done || true
|
||||
done
|
||||
|
||||
if helm repo list > /dev/null 2>&1; then
|
||||
echo ""
|
||||
echo ">> Update repository cache ..."
|
||||
helm repo update
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Remove Changed Manifest Files
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Remove manfiest files and rebuild from source ..."
|
||||
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
CHART_PATH=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${DIR}
|
||||
|
||||
echo ""
|
||||
echo "${CHART_PATH}"
|
||||
rm -rf ${CHART_PATH}/*
|
||||
done
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Render Helm Manifests
|
||||
id: render-manifests
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
env:
|
||||
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
|
||||
run: |
|
||||
cd ${MAIN_DIR}
|
||||
|
||||
echo ""
|
||||
echo ">> Rendering Manifests ..."
|
||||
|
||||
render_chart() {
|
||||
local DIR="$1"
|
||||
local CHART_PATH="${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}"
|
||||
local CHART_NAME=$(basename "${CHART_PATH}")
|
||||
|
||||
echo ""
|
||||
echo ">> Rendering ..."
|
||||
echo ">> Chart: ${CHART_NAME}"
|
||||
echo ">> Path: ${CHART_PATH}"
|
||||
|
||||
if [ -f "${CHART_PATH}/Chart.yaml" ]; then
|
||||
local OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${CHART_NAME}/"
|
||||
|
||||
mkdir -p "${OUTPUT_FOLDER}"
|
||||
cd "${CHART_PATH}"
|
||||
|
||||
echo ""
|
||||
echo ">> Updating helm dependencies ..."
|
||||
helm dependency update --skip-refresh > /dev/null
|
||||
|
||||
echo ""
|
||||
echo ">> Linting helm chart ..."
|
||||
helm lint --namespace "${CHART_NAME}" --quiet
|
||||
|
||||
local NAMESPACE="${CHART_NAME}"
|
||||
case "${CHART_NAME}" in
|
||||
"stack")
|
||||
NAMESPACE="argocd"
|
||||
echo ""
|
||||
echo ">> Special Rendering into 'argocd' namespace ..."
|
||||
;;
|
||||
"cilium" | "coredns" | "metrics-server" | "prometheus-operator-crds")
|
||||
NAMESPACE="kube-system"
|
||||
echo ""
|
||||
echo ">> Special Rendering for ${CHART_NAME} into 'kube-system' namespace ..."
|
||||
;;
|
||||
*)
|
||||
echo ""
|
||||
echo ">> Standard Rendering for ${CHART_NAME} ..."
|
||||
esac
|
||||
|
||||
echo ""
|
||||
echo ">> Formating rendered template ..."
|
||||
local TEMPLATE
|
||||
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
|
||||
|
||||
# Format and split rendered template
|
||||
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
|
||||
|
||||
# Strip comments again to ensure formatting correctness
|
||||
for file in "$OUTPUT_FOLDER"/*; do
|
||||
yq -i '... comments=""' $file
|
||||
done
|
||||
|
||||
echo ""
|
||||
echo ">> Manifests for ${CHART_NAME} rendered to ${OUTPUT_FOLDER}:"
|
||||
ls $OUTPUT_FOLDER
|
||||
echo ""
|
||||
else
|
||||
echo ""
|
||||
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..."
|
||||
echo ""
|
||||
fi
|
||||
}
|
||||
|
||||
export -f render_chart
|
||||
export MAIN_DIR CLUSTER MANIFEST_DIR
|
||||
|
||||
# Run rendering in parallel
|
||||
for DIR in ${RENDER_DIR}; do
|
||||
echo "${DIR}"
|
||||
done | xargs -n 1 -P 4 -I {} bash -c 'render_chart "$@"' _ {}
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Check for Changes
|
||||
id: check-changes
|
||||
if: steps.check-dir-changes.outputs.changes-detected == 'true'
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
GIT_CHANGES=$(git status --porcelain)
|
||||
|
||||
if [ -n "${GIT_CHANGES}" ]; then
|
||||
echo ""
|
||||
echo ">> Changes detected"
|
||||
git status --porcelain
|
||||
echo "changes-detected=true" >> $GITEA_OUTPUT
|
||||
|
||||
else
|
||||
echo ""
|
||||
echo ">> No changes detected, skipping PR creation"
|
||||
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Commit and Push Changes
|
||||
id: commit-push
|
||||
if: steps.check-changes.outputs.changes-detected == 'true'
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
|
||||
echo ""
|
||||
echo ">> Commiting changes to ${BRANCH_NAME} ..."
|
||||
git add .
|
||||
git commit -m "chore: Update manifests after change"
|
||||
|
||||
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
|
||||
echo ""
|
||||
echo ">> Pushing changes to ${REPO_URL} ..."
|
||||
|
||||
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@${REPO_URL#*://}" "${BRANCH_NAME}"
|
||||
|
||||
echo "----"
|
||||
|
||||
echo "HEAD_BRANCH=${BRANCH_NAME}" >> "$GITEA_OUTPUT"
|
||||
echo "push=true" >> "$GITEA_OUTPUT"
|
||||
|
||||
- name: Check for Pull Request
|
||||
id: check-for-pull-requst
|
||||
if: steps.commit-push.outputs.push == 'true'
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls?base_branch=${BASE_BRANCH}&state=open&page=1"
|
||||
|
||||
echo ">> Checking if PR from branch ${HEAD_BRANCH} into ${BASE_BRANCH}"
|
||||
echo ">> With Endpoint of:"
|
||||
echo "$API_ENDPOINT"
|
||||
|
||||
HTTP_STATUS=$(
|
||||
curl -X GET \
|
||||
--silent \
|
||||
--write-out '%{http_code}' \
|
||||
--output response_body.json \
|
||||
--dump-header response_headers.txt \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
"$API_ENDPOINT" 2> response_errors.txt
|
||||
)
|
||||
|
||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
||||
echo ">> Response Output ..."
|
||||
echo "----"
|
||||
cat response_body.json
|
||||
echo "----"
|
||||
cat response_headers.txt
|
||||
echo "----"
|
||||
cat response_errors.txt
|
||||
echo "----"
|
||||
|
||||
if [ "$HTTP_STATUS" == "200" ] && [ "$(cat response_body.json | jq -r .[0].state)" == "open" ]; then
|
||||
echo ">> Pull Request has been found open, will update"
|
||||
PR_INDEX=$(cat response_body.json | jq -r .[0].number)
|
||||
echo "pull-request-exists=${PR_INDEX}" >> $GITEA_OUTPUT
|
||||
echo "pull-request-index=true" >> $GITEA_OUTPUT
|
||||
|
||||
elif [ "$HTTP_STATUS" == "200" ] && [ "$(cat response_body.json | jq -r .[0].state)" == "closed" ]; then
|
||||
echo ">> Pull Request found, but was closed"
|
||||
echo "pull-request-exists=false" >> $GITEA_OUTPUT
|
||||
|
||||
else
|
||||
echo ">> Pull Request not found"
|
||||
echo "pull-request-exists=false" >> $GITEA_OUTPUT
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: Create Pull Request
|
||||
id: create-pull-request
|
||||
if: steps.commit-push.outputs.push == 'true' && steps.check-for-pull-requst.outputs.pull-request-exists == 'false'
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
GITEA_URL: ${{ secrets.REPO_URL }}
|
||||
HEAD_BRANCH: ${{ steps.commit-push.outputs.HEAD_BRANCH }}
|
||||
run: |
|
||||
cd ${MANIFEST_DIR}
|
||||
|
||||
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls"
|
||||
|
||||
PAYLOAD=$( jq -n \
|
||||
--arg head "${HEAD_BRANCH}" \
|
||||
--arg base "${BASE_BRANCH}" \
|
||||
--arg assignee "${ASSIGNEE}" \
|
||||
--arg title "Automated Manifest Update" \
|
||||
--arg body "This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow." \
|
||||
'{head: $head, base: $base, assignee: $assignee, title: $title, body: $body}' )
|
||||
|
||||
echo ">> Creating PR from branch ${HEAD_BRANCH} into ${BASE_BRANCH}"
|
||||
echo ">> With Endpoint of:"
|
||||
echo "$API_ENDPOINT"
|
||||
echo ">> With Payload of:"
|
||||
echo "$PAYLOAD"
|
||||
|
||||
HTTP_STATUS=$(
|
||||
curl -X POST \
|
||||
--silent \
|
||||
--write-out '%{http_code}' \
|
||||
--output response_body.json \
|
||||
--dump-header response_headers.txt \
|
||||
--data "$PAYLOAD" \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
"$API_ENDPOINT" 2> response_errors.txt
|
||||
)
|
||||
|
||||
echo ">> HTTP Status Code: $HTTP_STATUS"
|
||||
echo ">> Response Output ..."
|
||||
echo "----"
|
||||
cat response_body.json
|
||||
echo "----"
|
||||
cat response_headers.txt
|
||||
echo "----"
|
||||
cat response_errors.txt
|
||||
echo "----"
|
||||
|
||||
if [ "$HTTP_STATUS" == "201" ]; then
|
||||
echo ">> Pull Request created successfully!"
|
||||
PR_URL=$(cat response_body.json | jq -r .html_url)
|
||||
echo "pull-request-url=${PR_URL}" >> $GITEA_OUTPUT
|
||||
PR_ID=$(cat response_body.json | jq -r .id)
|
||||
echo "pull-request-id=${PR_ID}" >> $GITEA_OUTPUT
|
||||
echo "pull-request-operation=created" >> $GITEA_OUTPUT
|
||||
|
||||
elif [ "$HTTP_STATUS" == "422" ]; then
|
||||
echo ">> Failed to create PR (HTTP 422: Unprocessable Entity), PR may already exist"
|
||||
|
||||
elif [ "$HTTP_STATUS" == "409" ]; then
|
||||
echo ">> Failed to create PR (HTTP 409: Conflict), PR already exists"
|
||||
|
||||
else
|
||||
echo ">> Failed to create PR, HTTP status code: $HTTP_STATUS"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "----"
|
||||
|
||||
- name: ntfy Created
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: steps.create-pull-request.outputs.pull-request-operation == 'created'
|
||||
with:
|
||||
url: "${{ secrets.NTFY_URL }}"
|
||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
||||
title: "Manifest Render PR Created - Infrastructure"
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: "Manifest rendering for Infrastructure has created a new Pull Request with ID: ${{ steps.create-pull-request.outputs.pull-request-id }}!"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "${{ steps.create-pull-request.outputs.pull-request-url }}", "clear": true}]'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: "${{ secrets.NTFY_URL }}"
|
||||
topic: "${{ secrets.NTFY_TOPIC }}"
|
||||
title: "Manifest Render Failure - Infrastructure"
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: "Manifest rendering for Infrastructure has failed!"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=render-manifests.yaml", "clear": true}]'
|
||||
image: true
|
||||
@@ -6,12 +6,6 @@ on:
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- 'clusters/cl01tl/helm/**'
|
||||
|
||||
pull_request:
|
||||
branches:
|
||||
- main
|
||||
@@ -34,7 +28,6 @@ jobs:
|
||||
if: >-
|
||||
github.event_name == 'schedule' ||
|
||||
github.event_name == 'workflow_dispatch' ||
|
||||
(github.event_name == 'push' && github.actor != 'renovate-bot') ||
|
||||
(github.event_name == 'pull_request' && github.event.pull_request.merged == true)
|
||||
steps:
|
||||
- name: Checkout Main
|
||||
@@ -95,10 +88,6 @@ jobs:
|
||||
|
||||
DIFF_TARGET="HEAD^..HEAD"
|
||||
|
||||
elif [[ "${{ github.event_name }}" == "push" ]]; then
|
||||
echo ">> Mode: Push (Standard)"
|
||||
DIFF_TARGET="${{ github.event.before }}..HEAD"
|
||||
|
||||
fi
|
||||
|
||||
echo ""
|
||||
@@ -111,6 +100,7 @@ jobs:
|
||||
- name: Prepare Manifest Branch
|
||||
id: prepare-manifest-branch
|
||||
env:
|
||||
PR_NUMBER: ${{ github.event.pull_request.number }}
|
||||
IS_AUTOMERGE: ${{ steps.mode.outputs.is-automerge }}
|
||||
run: |
|
||||
cd "${MANIFEST_DIR}"
|
||||
@@ -120,10 +110,10 @@ jobs:
|
||||
git config user.email "gitea-bot@alexlebens.net"
|
||||
|
||||
if [[ "$IS_AUTOMERGE" == "true" ]]; then
|
||||
BRANCH_NAME="${BRANCH_NAME_BASE}-automerge-${PR_NUMBER}"
|
||||
echo ""
|
||||
echo ">> Creating branch ${BRANCH_NAME} ..."
|
||||
BRANCH_NAME="${BRANCH_NAME_BASE}-automerge-$(date +%Y%m%d%H%M%S)"
|
||||
git checkout -b "$BRANCH_NAME"
|
||||
git checkout -B "$BRANCH_NAME"
|
||||
|
||||
else
|
||||
echo ""
|
||||
@@ -416,7 +406,6 @@ jobs:
|
||||
echo "----"
|
||||
|
||||
echo "pull-request-exists=$(cat response_body.json | jq -r .[0].number)" >> "$GITHUB_OUTPUT"
|
||||
echo "pull-request-url=$(cat response_body.json | jq -r .[0].html_url)" >> "$GITHUB_OUTPUT"
|
||||
|
||||
else
|
||||
echo ""
|
||||
@@ -468,7 +457,6 @@ jobs:
|
||||
echo ""
|
||||
echo "----"
|
||||
|
||||
echo "pull-request-url=$(jq -r .html_url response_body.json)" >> "$GITHUB_OUTPUT"
|
||||
echo "pull-request-id=$(jq -r .id response_body.json)" >> "$GITHUB_OUTPUT"
|
||||
echo "pull-request-number=$(jq -r .number response_body.json)" >> "$GITHUB_OUTPUT"
|
||||
echo "pull-request-operation=created" >> "$GITHUB_OUTPUT"
|
||||
@@ -589,9 +577,9 @@ jobs:
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: "Created renderd manifests for cluster '${CLUSTER}' with charts: ${{ steps.check-changes.outputs.changed-charts-csv }}"
|
||||
details: "Created renderd manifests for cluster '${{ env.CLUSTER }}' with charts: ${{ steps.check-changes.outputs.changed-charts-csv }}"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "View PR", "url": "${{ steps.create-pull-request.outputs.pull-request-url }}", "clear": true}]'
|
||||
actions: '[{"action": "view", "label": "View PR", "url": "${{ vars.USER_URL }}/${{ github.repository }}/pulls/${{ steps.create-pull-request.outputs.pull-request-number }}", "clear": true}]'
|
||||
|
||||
- name: ntfy Updated
|
||||
uses: niniyas/ntfy-action@master
|
||||
@@ -603,9 +591,9 @@ jobs:
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: "Updated rendered manifests PR for cluster '${CLUSTER}' with charts: ${{ steps.check-changes.outputs.changed-charts-csv }}"
|
||||
details: "Updated rendered manifests PR for cluster '${{ env.CLUSTER }}' with charts: ${{ steps.check-changes.outputs.changed-charts-csv }}"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "View PR", "url": "${{ steps.check-for-pull-request.outputs.pull-request-url }}", "clear": true}]'
|
||||
actions: '[{"action": "view", "label": "View PR", "url": "${{ vars.USER_URL }}/${{ github.repository }}/pulls/${{ steps.create-pull-request.outputs.pull-request-number }}", "clear": true}]'
|
||||
|
||||
- name: ntfy Merged
|
||||
uses: niniyas/ntfy-action@master
|
||||
@@ -617,9 +605,9 @@ jobs:
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: "Automerged manifest rendering for cluster '${CLUSTER}' with charts: ${{ steps.check-changes.outputs.changed-charts-csv }}"
|
||||
details: "Automerged manifest rendering for cluster '${{ env.CLUSTER }}' with charts: ${{ steps.check-changes.outputs.changed-charts-csv }}"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "View PR", "url": "${{ steps.create-pull-request.outputs.pull-request-url }}", "clear": true}]'
|
||||
actions: '[{"action": "view", "label": "View PR", "url": "${{ vars.USER_URL }}/${{ github.repository }}/pulls/${{ steps.create-pull-request.outputs.pull-request-number }}", "clear": true}]'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
@@ -633,4 +621,4 @@ jobs:
|
||||
tags: action,failed
|
||||
details: "Manifest rendering for Infrastructure has failed!"
|
||||
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
|
||||
actions: '[{"action": "view", "label": "View Logs", "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]'
|
||||
actions: '[{"action": "view", "label": "View Logs", "url": "${{ vars.USER_URL }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]'
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
repos:
|
||||
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||
rev: v2.3.0
|
||||
rev: v6.0.0
|
||||
hooks:
|
||||
- id: end-of-file-fixer
|
||||
- id: trailing-whitespace
|
||||
@@ -9,7 +9,9 @@ repos:
|
||||
exclude: '^.*\/templates\/.*$'
|
||||
args:
|
||||
- --multi
|
||||
- id: check-merge-conflict
|
||||
- id: check-json
|
||||
- repo: https://github.com/IamTheFij/docker-pre-commit
|
||||
rev: v2.0.0
|
||||
rev: v3.0.1
|
||||
hooks:
|
||||
- id: docker-compose-check
|
||||
|
||||
@@ -7,6 +7,6 @@ dependencies:
|
||||
version: 2.4.20
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
digest: sha256:31596af063744c13afac459184cd027d922d927f4191446eef63646bada28f8f
|
||||
generated: "2026-03-14T21:07:58.491981-05:00"
|
||||
version: 7.10.0
|
||||
digest: sha256:8d1c2dd011a360d930ed5ff186462f163407077d36ae633898ec5d6ba30a4e8d
|
||||
generated: "2026-03-15T20:04:18.080966008Z"
|
||||
|
||||
@@ -25,7 +25,7 @@ dependencies:
|
||||
repository: https://argoproj.github.io/argo-helm
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
|
||||
# renovate: datasource=github-releases depName=argoproj/argo-workflows
|
||||
|
||||
@@ -7,9 +7,9 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
digest: sha256:abb34b7bb54393236e695453aa1940497cb4def3d3a56a45ca004a22f8e05648
|
||||
generated: "2026-03-11T22:55:49.936164674Z"
|
||||
digest: sha256:8c353c5dad4c3d04d518c1445497f0d1cb64261a4201ae17a2c0874454b807a7
|
||||
generated: "2026-03-15T20:04:35.99407071Z"
|
||||
|
||||
@@ -28,7 +28,7 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
digest: sha256:9524709cf393c01f28b0d073ef6870a2f1afd46f3bc5f564e73c55450aba8dd0
|
||||
generated: "2026-03-11T22:56:11.749729235Z"
|
||||
digest: sha256:7584c2a1613454bbd83b66df46170fd0157df5186842844d483e2dd131398574
|
||||
generated: "2026-03-15T20:04:49.68456485Z"
|
||||
|
||||
@@ -18,7 +18,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
@@ -26,4 +26,4 @@ dependencies:
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons@main/png/dawarich.png
|
||||
# renovate: datasource=github-releases depName=Freika/dawarich
|
||||
appVersion: 1.3.3
|
||||
appVersion: 1.3.4
|
||||
|
||||
@@ -9,7 +9,7 @@ dawarich:
|
||||
main:
|
||||
image:
|
||||
repository: freikin/dawarich
|
||||
tag: 1.3.3
|
||||
tag: 1.3.4
|
||||
pullPolicy: IfNotPresent
|
||||
command: ["web-entrypoint.sh"]
|
||||
args: ["bin/rails", "server", "-p", "3000", "-b", "::"]
|
||||
@@ -106,7 +106,7 @@ dawarich:
|
||||
sidekiq:
|
||||
image:
|
||||
repository: freikin/dawarich
|
||||
tag: 1.3.3
|
||||
tag: 1.3.4
|
||||
pullPolicy: IfNotPresent
|
||||
command: ["sidekiq-entrypoint.sh"]
|
||||
args: ["sidekiq"]
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
digest: sha256:0b50b4938669a7210930d6ee86a9602611b54cd13774f3386dbad04b4771e7f4
|
||||
generated: "2026-03-11T22:56:26.818980186Z"
|
||||
digest: sha256:dfcb5d35e03ecdc4206227d206d36509319f0dcdaed54363840d71337debb3f7
|
||||
generated: "2026-03-15T20:05:03.156596646Z"
|
||||
|
||||
@@ -23,7 +23,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
|
||||
@@ -7,9 +7,9 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:a3703e245881145524304af8a03c89d309c602479be3f7f8953c2fba120bf341
|
||||
generated: "2026-03-11T22:56:41.856429843Z"
|
||||
digest: sha256:a7bdbecd50433fedd65d3043102fe3c9e366dc98953c37eb0cfe762bce833e8e
|
||||
generated: "2026-03-15T20:05:14.085780861Z"
|
||||
|
||||
@@ -26,7 +26,7 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 1.5.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:2fe7c088e99a11e0c6dd09fe48bb1e292eb58e22d9f8ff681bb6c6790945d54e
|
||||
generated: "2026-03-11T22:56:56.957400817Z"
|
||||
digest: sha256:83ec84774e0cc708f1cb5d83d657180159bfb75c9928784ebf0280e224b1cbca
|
||||
generated: "2026-03-15T20:05:27.625292422Z"
|
||||
|
||||
@@ -22,7 +22,7 @@ dependencies:
|
||||
version: 1.5.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
dependencies:
|
||||
- name: generic-device-plugin
|
||||
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
|
||||
version: 0.20.21
|
||||
digest: sha256:4f1359a01b8b85722ab1805426a86f3ea64d0134513ce14fe9c55f3f918a21fb
|
||||
generated: "2026-03-09T23:02:42.799515974Z"
|
||||
version: 0.20.22
|
||||
digest: sha256:14e5aa3f02ce6a1271dadc3f76997c739fc9434e669b05655c079d0b873c56ca
|
||||
generated: "2026-03-15T20:35:40.676997293Z"
|
||||
|
||||
@@ -15,6 +15,6 @@ maintainers:
|
||||
dependencies:
|
||||
- name: generic-device-plugin
|
||||
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
|
||||
version: 0.20.21
|
||||
version: 0.20.22
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
|
||||
appVersion: 1.0.0
|
||||
|
||||
@@ -7,13 +7,13 @@ dependencies:
|
||||
version: 0.0.3
|
||||
- name: meilisearch
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
version: 0.27.0
|
||||
version: 0.28.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
@@ -23,5 +23,5 @@ dependencies:
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:8f243465537fe443e97a8813e23e95d3608a6a2898b93209d03cf43f4ca8cc5d
|
||||
generated: "2026-03-11T22:57:17.026946319Z"
|
||||
digest: sha256:238b7653c9d12c4886a56350b6d66217dbe7ecbb76078a846c7cc2c8cb450eb3
|
||||
generated: "2026-03-16T15:56:55.197735783Z"
|
||||
|
||||
@@ -33,14 +33,14 @@ dependencies:
|
||||
repository: https://dl.gitea.com/charts/
|
||||
version: 0.0.3
|
||||
- name: meilisearch
|
||||
version: 0.27.0
|
||||
version: 0.28.0
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey-gitea
|
||||
|
||||
@@ -4,12 +4,12 @@ dependencies:
|
||||
version: 5.22.1
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
digest: sha256:932d9b24ad52ab2a28311f522714ecbad2bedea512ce48d26fcb95cc74b51af9
|
||||
generated: "2026-03-14T19:50:53.708173087Z"
|
||||
digest: sha256:9cbba52d093e40b20917af87263e1fb0e478912440f660543f3527e70452edc7
|
||||
generated: "2026-03-15T20:05:59.855514102Z"
|
||||
|
||||
@@ -21,7 +21,7 @@ dependencies:
|
||||
repository: https://grafana.github.io/helm-charts
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey-unified-alerting
|
||||
|
||||
@@ -358,6 +358,25 @@ spec:
|
||||
resyncPeriod: 1h
|
||||
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/traefik.json
|
||||
|
||||
---
|
||||
apiVersion: grafana.integreatly.org/v1beta1
|
||||
kind: GrafanaDashboard
|
||||
metadata:
|
||||
name: grafana-dashboard-tdarr
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: grafana-dashboard-tdarr
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
instanceSelector:
|
||||
matchLabels:
|
||||
app: grafana-main
|
||||
contentCacheDuration: 1h
|
||||
folderUID: grafana-folder-service
|
||||
resyncPeriod: 1h
|
||||
url: http://gitea-http.gitea:3000/alexlebens/grafana-dashboards/raw/branch/main/dashboards/service/tdarr.json
|
||||
|
||||
---
|
||||
apiVersion: grafana.integreatly.org/v1beta1
|
||||
kind: GrafanaDashboard
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 1.18.2
|
||||
- name: postgres-cluster
|
||||
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
digest: sha256:898f51eabee5959b9e7ebe90640cb915cb2dee446e6a6649a29499fecab8b6c7
|
||||
generated: "2026-03-11T22:58:00.955579445Z"
|
||||
digest: sha256:14c2b7d09631dbb573e9c9d4613ebe52e330146662da0da15f74c31ec519ed15
|
||||
generated: "2026-03-15T20:06:13.615175051Z"
|
||||
|
||||
@@ -21,7 +21,7 @@ dependencies:
|
||||
repository: https://helm.goharbor.io
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
|
||||
@@ -4,12 +4,12 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:b886b0a1555ea75fbff52a58ccbf1659acbda20e933107bcbab9b00192aa25bd
|
||||
generated: "2026-03-11T22:58:20.294240859Z"
|
||||
digest: sha256:b79ea8c506f0172deed820247a33c79329f34426435c8b5eb27b206ac8831b13
|
||||
generated: "2026-03-15T20:06:27.091094433Z"
|
||||
|
||||
@@ -20,7 +20,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: meilisearch
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
version: 0.27.0
|
||||
version: 0.28.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:ca384647a640ae717ac874a2627f00ac9a1e5c97ff5eeb8f326ebdd471ab1623
|
||||
generated: "2026-03-09T15:04:08.648165537Z"
|
||||
digest: sha256:57b007c6e19dda1300f5025332d9e8104bfb9a50cd7124260bfa68ce2432628b
|
||||
generated: "2026-03-16T15:57:13.466372254Z"
|
||||
|
||||
@@ -25,7 +25,7 @@ dependencies:
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.6.2
|
||||
- name: meilisearch
|
||||
version: 0.27.0
|
||||
version: 0.28.0
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:29b92b08c230d5f3abc13949b299acccd1e9f8ff7df1f691a5dec41df5405595
|
||||
generated: "2026-03-11T22:58:35.766813121Z"
|
||||
digest: sha256:f779185ce82045b47fc75bf95c4a8215acbd387f44a4bdb764486406d9b03748
|
||||
generated: "2026-03-15T20:06:38.720993367Z"
|
||||
|
||||
@@ -21,7 +21,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
|
||||
@@ -4,12 +4,12 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: meilisearch
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
version: 0.27.0
|
||||
version: 0.28.0
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 2.4.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:75f92316d4b6229d00e3dfa39ed5026ad39a28f833321cd3887a2048cdac34c7
|
||||
generated: "2026-03-09T22:04:48.630821646Z"
|
||||
digest: sha256:49e37e17dc859927048c6474ce27cb063a020f291d6d2d24876d0427eddc3656
|
||||
generated: "2026-03-16T15:57:28.156797159Z"
|
||||
|
||||
@@ -22,7 +22,7 @@ dependencies:
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.6.2
|
||||
- name: meilisearch
|
||||
version: 0.27.0
|
||||
version: 0.28.0
|
||||
repository: https://meilisearch.github.io/meilisearch-kubernetes
|
||||
- name: cloudflared
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
digest: sha256:833a88f82c14f78d63abea99244f2473bee2f5124a533a898a34844956f62b27
|
||||
generated: "2026-03-11T22:58:51.287064579Z"
|
||||
version: 7.10.0
|
||||
digest: sha256:a6f33512d929c5a1b70bde6c3294902f5d707855aabbaa815f32e23aa54b266f
|
||||
generated: "2026-03-15T20:06:49.233053802Z"
|
||||
|
||||
@@ -23,7 +23,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgresql-17-fdb-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/komodo.png
|
||||
# renovate: datasource=github-releases depName=moghtech/komodo
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
dependencies:
|
||||
- name: kube-prometheus-stack
|
||||
repository: oci://ghcr.io/prometheus-community/charts
|
||||
version: 82.10.3
|
||||
version: 82.10.4
|
||||
- name: app-template
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.6.2
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
digest: sha256:37ffa4a21ed29703cae9c9f3fb029566a1dd6af6e0fe8cc3862a2226d6644114
|
||||
generated: "2026-03-10T19:02:41.11005238Z"
|
||||
digest: sha256:d6bbbfdd1a781b5eb82c2dc8571836a43d23bf8526eac1bcd40f38030be642db
|
||||
generated: "2026-03-15T20:38:11.961621853Z"
|
||||
|
||||
@@ -20,7 +20,7 @@ maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: kube-prometheus-stack
|
||||
version: 82.10.3
|
||||
version: 82.10.4
|
||||
repository: oci://ghcr.io/prometheus-community/charts
|
||||
- name: app-template
|
||||
alias: ntfy-alertmanager
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:d43b95fa1fc70c93541b9d73180406b31059c6cc45aa57a0cc8d9386c64833c3
|
||||
generated: "2026-03-11T22:59:07.151659257Z"
|
||||
digest: sha256:0f1a2923a7042b364a817edc64729d5e1c18b0552555c035d974de626f372692
|
||||
generated: "2026-03-15T20:07:00.750754951Z"
|
||||
|
||||
@@ -24,7 +24,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
|
||||
@@ -19,7 +19,7 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
@@ -38,5 +38,5 @@ dependencies:
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:fb87880d3de281064519117d8046d7de14f41450ec8ff8c3c603f0179004768e
|
||||
generated: "2026-03-12T11:03:45.232564538Z"
|
||||
digest: sha256:1578e2c48447f217e72bffb3afcb6f1f15c427a4acce5dbca830cdd7045b1348
|
||||
generated: "2026-03-15T20:07:12.751000922Z"
|
||||
|
||||
@@ -53,7 +53,7 @@ dependencies:
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey-matrix-synapse
|
||||
|
||||
@@ -20,4 +20,4 @@ dependencies:
|
||||
version: 4.6.2
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/ntfy.png
|
||||
# renovate: datasource=github-releases depName=binwiederhier/ntfy
|
||||
appVersion: 2.18.0
|
||||
appVersion: 2.19.0
|
||||
|
||||
@@ -9,7 +9,7 @@ ntfy:
|
||||
main:
|
||||
image:
|
||||
repository: binwiederhier/ntfy
|
||||
tag: v2.18.0
|
||||
tag: v2.19.0
|
||||
pullPolicy: IfNotPresent
|
||||
args: ["serve"]
|
||||
env:
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:a3201fc53ddfbaeb5a81d08e9d20135fb59174879e20f0b4986b1b8540011e03
|
||||
generated: "2026-03-11T22:59:44.389634096Z"
|
||||
digest: sha256:d0f47712bf5d2bab8136c43f1d5bac41860f067b53c741282a4647ce93a7cd93
|
||||
generated: "2026-03-15T20:07:27.179378683Z"
|
||||
|
||||
@@ -23,7 +23,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
|
||||
@@ -7,12 +7,12 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:1f2e4e46e3ae2985ff3e7708c7d75a36f506f0402e02921d95f797ea0403db93
|
||||
generated: "2026-03-11T23:00:00.871137498Z"
|
||||
digest: sha256:02780454fad48c10e95851e73e45e8a98091596d9dce8ada9e361e7212e581df
|
||||
generated: "2026-03-15T20:07:38.818063491Z"
|
||||
|
||||
@@ -27,7 +27,7 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
@@ -39,4 +39,4 @@ dependencies:
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/outline.png
|
||||
# renovate: datasource=github-releases depName=outline/outline
|
||||
appVersion: 1.5.0
|
||||
appVersion: 1.6.0
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
digest: sha256:e9b0673f31b8309beb326635e784964c41bafc10f3bde7eb17ea316d83076854
|
||||
generated: "2026-03-11T23:00:19.541959816Z"
|
||||
version: 7.10.0
|
||||
digest: sha256:fe266f506edd672979091e0ad12379d6ad7dddd2c982e196e602dcda268d6f76
|
||||
generated: "2026-03-15T20:07:52.831926834Z"
|
||||
|
||||
@@ -20,7 +20,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/photoview.png
|
||||
# renovate: datasource=github-releases depName=photoview/photoview
|
||||
|
||||
@@ -9,7 +9,7 @@ plex:
|
||||
main:
|
||||
image:
|
||||
repository: ghcr.io/linuxserver/plex
|
||||
tag: 1.43.0@sha256:79dfc89947410ec120a3e34cf68f746f6f154de20772e6f27b9998ca9bd65a5e
|
||||
tag: 1.43.0@sha256:84f8646e799f6636876ab4f283d9fc8f6c51d56098ea74cba82bfb85074b68df
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: TZ
|
||||
|
||||
@@ -7,7 +7,7 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
@@ -17,5 +17,5 @@ dependencies:
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:cf9b71f29450c69550b0f59d792193788f9dd7ffa2c623db27eb423c0f6e3109
|
||||
generated: "2026-03-11T23:00:37.739141183Z"
|
||||
digest: sha256:de3fb540df1cf7385a19316741854d01e002740c0bf346f3da0ff3a809b1fc3d
|
||||
generated: "2026-03-15T20:08:06.855136249Z"
|
||||
|
||||
@@ -26,7 +26,7 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:7e873c90668a70b423efb04d4f2683d25022e8982248ba32a8e5820e323f9b7d
|
||||
generated: "2026-03-11T23:00:55.780623797Z"
|
||||
digest: sha256:d76563fe1a7a9f8ceaf6937831bd0c5511eb7369abb8eb54110dfb69e6dce224
|
||||
generated: "2026-03-15T20:08:21.236792423Z"
|
||||
|
||||
@@ -27,7 +27,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:0a7ae6aa3062beedc4b4bcba61edb9f70d441dab0146e5b9559583fa12a319a8
|
||||
generated: "2026-03-11T23:01:12.399079707Z"
|
||||
digest: sha256:21bde3a8778fb94e40f2177383ca418123e69f3f3f463b31d35e9f9bf83dfa9d
|
||||
generated: "2026-03-15T20:08:35.497440433Z"
|
||||
|
||||
@@ -27,7 +27,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:600685215060deb3d8bb6530fa0df437c0ed3d9d6bad2792cedcce959207c7e6
|
||||
generated: "2026-03-11T23:01:28.449666027Z"
|
||||
digest: sha256:ebd25d2a12ca1924b66c62d6dd2c69476ae4526825020796198b65c2ebd2c6eb
|
||||
generated: "2026-03-15T20:08:49.811429784Z"
|
||||
|
||||
@@ -26,7 +26,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:fdad6659ae4ef46c46d62b4213d7fcf85dbb478809e094bbe7de4a86a98589f2
|
||||
generated: "2026-03-11T23:01:46.420629722Z"
|
||||
digest: sha256:05ce0d746d9c42a00338df5e6673fde8baeefa6f598ef8c85a32e6bc393b94ca
|
||||
generated: "2026-03-15T20:09:03.538226001Z"
|
||||
|
||||
@@ -26,7 +26,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:5cfad7a46f5671378adac77c3e39df224430a7481aeb16f7d3713f134e5d1dab
|
||||
generated: "2026-03-11T23:02:03.844844518Z"
|
||||
digest: sha256:755aa4db5c7142d46af4a80c9fce49c3c558cc81042c9a00a0bdcd607276e856
|
||||
generated: "2026-03-15T20:09:18.053504671Z"
|
||||
|
||||
@@ -21,7 +21,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
|
||||
@@ -7,9 +7,9 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:4cc27a45f60df729db0cff4780bfb49655db739fdd35f6a46eb3a0489efdc88f
|
||||
generated: "2026-03-11T23:02:21.670318334Z"
|
||||
digest: sha256:9342eb966ec3e8020aa6b1d6d2ac72d2c4a46c4ed70c5cf52c16ff25d2f2b0fa
|
||||
generated: "2026-03-15T20:09:33.800790437Z"
|
||||
|
||||
@@ -23,7 +23,7 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-clickhouse-data
|
||||
|
||||
@@ -11,7 +11,7 @@ site-documentation:
|
||||
main:
|
||||
image:
|
||||
repository: harbor.alexlebens.net/images/site-documentation
|
||||
tag: 0.2.0
|
||||
tag: 0.3.0
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -11,7 +11,7 @@ site-profile:
|
||||
main:
|
||||
image:
|
||||
repository: harbor.alexlebens.net/images/site-profile
|
||||
tag: 3.12.1
|
||||
tag: 3.13.0
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:487799d20d30d26443b4b7ffdd31dcba61e27e01067a6a0d7f3f265097a9d9af
|
||||
generated: "2026-03-11T23:02:43.378419214Z"
|
||||
digest: sha256:27cc019786592c0e7fce9509543792c9f281a4e676c463ce5d6ba2a6df05e3b2
|
||||
generated: "2026-03-15T20:09:49.767646568Z"
|
||||
|
||||
@@ -27,7 +27,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:b2899ddbca96333330da52c7819c54d010691894d085b9f21a8ebd8d679a9823
|
||||
generated: "2026-03-11T23:03:04.501966653Z"
|
||||
digest: sha256:0f8016577e9fedaf8e5bd36688da2bf19b51185bc8100b817b64ce48ec87433b
|
||||
generated: "2026-03-15T20:10:04.000906771Z"
|
||||
|
||||
@@ -26,7 +26,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:828d3934111d24f54e39bb433da9d8a3aeeec21dcd8228737a6e496852fb6b5f
|
||||
generated: "2026-03-11T23:03:21.968129945Z"
|
||||
digest: sha256:a20b4dd7e2f0c8777ed2be1bd2c702bc4d7cfeb51e4a29d781c041c555821aa1
|
||||
generated: "2026-03-15T20:10:17.242764683Z"
|
||||
|
||||
@@ -26,7 +26,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-config
|
||||
|
||||
@@ -4,12 +4,12 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:aef9a2c62df9bf44adf02d84b032ccd198c34cee56ff8d86d7200e9f5b21a5c1
|
||||
generated: "2026-03-11T23:03:39.658857007Z"
|
||||
digest: sha256:6ffe4bd6af377f2ba5134389027e86085928d5e1108bb5ecf0d4b1e4cc908b67
|
||||
generated: "2026-03-15T20:10:31.966910173Z"
|
||||
|
||||
@@ -23,7 +23,7 @@ dependencies:
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
|
||||
@@ -165,6 +165,7 @@ tdarr:
|
||||
tdarr-exporter:
|
||||
image:
|
||||
name: homeylab/tdarr-exporter
|
||||
# renovate: datasource=docker depName=homeylab/tdarr-exporter
|
||||
tag: 1.4.2
|
||||
metrics:
|
||||
serviceMonitor:
|
||||
|
||||
@@ -4,6 +4,6 @@ dependencies:
|
||||
version: 39.0.5
|
||||
- name: traefik-crds
|
||||
repository: https://traefik.github.io/charts
|
||||
version: 1.14.0
|
||||
digest: sha256:8ae6a524708becb7af3a30d2ca4e671c92b7627842f6c6917656526298e2eba5
|
||||
generated: "2026-03-09T17:04:21.522089828Z"
|
||||
version: 1.15.0
|
||||
digest: sha256:8edf8d2dcabdba2c2b8d6a9508f001ba5ef4bec205423f864b92f2adedd73b60
|
||||
generated: "2026-03-16T15:32:49.364653199Z"
|
||||
|
||||
@@ -18,7 +18,7 @@ dependencies:
|
||||
version: 39.0.5
|
||||
repository: https://traefik.github.io/charts
|
||||
- name: traefik-crds
|
||||
version: 1.14.0
|
||||
version: 1.15.0
|
||||
repository: https://traefik.github.io/charts
|
||||
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/webp/traefik.webp
|
||||
# renovate: datasource=github-releases depName=traefik/traefik
|
||||
|
||||
6
clusters/cl01tl/helm/trivy/Chart.lock
Normal file
6
clusters/cl01tl/helm/trivy/Chart.lock
Normal file
@@ -0,0 +1,6 @@
|
||||
dependencies:
|
||||
- name: trivy-operator
|
||||
repository: https://aquasecurity.github.io/helm-charts/
|
||||
version: 0.32.1
|
||||
digest: sha256:7e25850fc3115f52e6c65151c76668929eee6713228e935862d9f156397c2ede
|
||||
generated: "2026-03-15T17:21:41.373519-05:00"
|
||||
23
clusters/cl01tl/helm/trivy/Chart.yaml
Normal file
23
clusters/cl01tl/helm/trivy/Chart.yaml
Normal file
@@ -0,0 +1,23 @@
|
||||
apiVersion: v2
|
||||
name: trivy
|
||||
version: 1.0.0
|
||||
description: Trivy
|
||||
keywords:
|
||||
- trivy
|
||||
- vulnerability
|
||||
- monitoring
|
||||
- kubernetes
|
||||
home: https://wiki.alexlebens.dev/s/
|
||||
sources:
|
||||
- https://github.com/aquasecurity/trivy
|
||||
- https://github.com/aquasecurity/trivy-operator
|
||||
- https://github.com/aquasecurity/trivy-operator/tree/main/deploy/helm
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: trivy-operator
|
||||
version: 0.32.1
|
||||
repository: https://aquasecurity.github.io/helm-charts/
|
||||
icon: https://raw.githubusercontent.com/aquasecurity/trivy/main/docs/imgs/logo.png
|
||||
# renovate: github=aquasecurity/trivy
|
||||
appVersion: 0.32.1
|
||||
11
clusters/cl01tl/helm/trivy/templates/namespace.yaml
Normal file
11
clusters/cl01tl/helm/trivy/templates/namespace.yaml
Normal file
@@ -0,0 +1,11 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: trivy
|
||||
labels:
|
||||
app.kubernetes.io/name: trivy
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
pod-security.kubernetes.io/audit: privileged
|
||||
pod-security.kubernetes.io/enforce: privileged
|
||||
pod-security.kubernetes.io/warn: privileged
|
||||
87
clusters/cl01tl/helm/trivy/values.yaml
Normal file
87
clusters/cl01tl/helm/trivy/values.yaml
Normal file
@@ -0,0 +1,87 @@
|
||||
trivy-operator:
|
||||
targetWorkloads: "pod,replicaset,replicationcontroller,statefulset,daemonset,cronjob,job"
|
||||
operator:
|
||||
replicas: 1
|
||||
scanJobsConcurrentLimit: 3
|
||||
vulnerabilityScannerEnabled: true
|
||||
sbomGenerationEnabled: true
|
||||
clusterSbomCacheEnabled: true
|
||||
configAuditScannerEnabled: true
|
||||
rbacAssessmentScannerEnabled: true
|
||||
infraAssessmentScannerEnabled: true
|
||||
clusterComplianceEnabled: false
|
||||
vulnerabilityScannerScanOnlyCurrentRevisions: true
|
||||
accessGlobalSecretsAndServiceAccount: true
|
||||
metricsFindingsEnabled: true
|
||||
exposedSecretScannerEnabled: true
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
trivy:
|
||||
createConfig: true
|
||||
image:
|
||||
registry: mirror.gcr.io
|
||||
repository: aquasec/trivy
|
||||
tag: 0.69.3
|
||||
storageClassEnabled: true
|
||||
storageClassName: ceph-block
|
||||
storageSize: "10Gi"
|
||||
registry:
|
||||
mirror:
|
||||
"registry-1.docker.io": proxy-registry-1.docker.io
|
||||
"quay.io": proxy-quay.io
|
||||
"registry.k8s.io": proxy-registry.k8s
|
||||
"gcr.io": proxy-gcr.io
|
||||
"ghcr.io": proxy-ghcr.io
|
||||
"hub.docker": proxy-hub.docker
|
||||
severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
|
||||
slow: true
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128M
|
||||
supportedConfigAuditKinds: "Workload,Service,Role,ClusterRole,NetworkPolicy,Ingress,LimitRange,ResourceQuota"
|
||||
server:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 200m
|
||||
memory: 512Mi
|
||||
replicas: 1
|
||||
nodeCollector:
|
||||
volumeMounts:
|
||||
- name: var-lib-etcd
|
||||
mountPath: /var/lib/etcd
|
||||
readOnly: true
|
||||
- name: var-lib-kubelet
|
||||
mountPath: /var/lib/kubelet
|
||||
readOnly: true
|
||||
- name: var-lib-kube-scheduler
|
||||
mountPath: /var/lib/kube-scheduler
|
||||
readOnly: true
|
||||
- name: var-lib-kube-controller-manager
|
||||
mountPath: /var/lib/kube-controller-manager
|
||||
readOnly: true
|
||||
- name: etc-kubernetes
|
||||
mountPath: /etc/kubernetes
|
||||
readOnly: true
|
||||
- name: etc-cni-netd
|
||||
mountPath: /etc/cni/net.d/
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: var-lib-etcd
|
||||
hostPath:
|
||||
path: /var/lib/etcd
|
||||
- name: var-lib-kubelet
|
||||
hostPath:
|
||||
path: /var/lib/kubelet
|
||||
- name: var-lib-kube-scheduler
|
||||
hostPath:
|
||||
path: /var/lib/kube-scheduler
|
||||
- name: var-lib-kube-controller-manager
|
||||
hostPath:
|
||||
path: /var/lib/kube-controller-manager
|
||||
- name: etc-kubernetes
|
||||
hostPath:
|
||||
path: /etc/kubernetes
|
||||
- name: etc-cni-netd
|
||||
hostPath:
|
||||
path: /etc/cni/net.d/
|
||||
@@ -7,9 +7,9 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: volsync-target
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.8.0
|
||||
digest: sha256:1d6f670bfe76dbc3d59a2ff762cb5536be8d1f5ce0ed12b44bd9792076607bed
|
||||
generated: "2026-03-11T23:03:57.367242959Z"
|
||||
digest: sha256:6f78b41937412c1db5e0f612287d29ea81c1d9169b8a0efd98a0dd4be3e532d1
|
||||
generated: "2026-03-15T20:10:47.852109985Z"
|
||||
|
||||
@@ -27,7 +27,7 @@ dependencies:
|
||||
version: 2.4.0
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: volsync-target
|
||||
alias: volsync-target-data
|
||||
|
||||
@@ -4,9 +4,9 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
- name: valkey
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
version: 0.4.0
|
||||
digest: sha256:e2398649941bcdbcba86bf8b7fbeaf5187e2ba29c5046d28be62ab9f37494c7e
|
||||
generated: "2026-03-11T23:04:20.045077529Z"
|
||||
digest: sha256:71da007e1cef75e45b1678caa51b0d2317cb8f4dfdf7df675d534194f03650aa
|
||||
generated: "2026-03-15T20:11:03.591727143Z"
|
||||
|
||||
@@ -22,7 +22,7 @@ dependencies:
|
||||
version: 4.6.2
|
||||
- name: postgres-cluster
|
||||
alias: postgres-18-cluster
|
||||
version: 7.9.1
|
||||
version: 7.10.0
|
||||
repository: oci://harbor.alexlebens.net/helm-charts
|
||||
- name: valkey
|
||||
alias: valkey
|
||||
|
||||
@@ -57,6 +57,9 @@
|
||||
"labels": [],
|
||||
"prHourlyLimit": 0,
|
||||
"prConcurrentLimit": 0,
|
||||
"baseBranchPatterns": [
|
||||
"main"
|
||||
],
|
||||
"packageRules": [
|
||||
{
|
||||
"description": "Label charts",
|
||||
|
||||
Reference in New Issue
Block a user