alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 3 Actions 1 Activity

Compare commits

base: alexlebens:main
Branches Tags
alexlebens:main alexlebens:manifests alexlebens:auto/update-manifests alexlebens:renovate/cilium-1.x alexlebens:renovate/unified-binwiederhierntfy
..
compare: alexlebens:753d0bf754170737231bd2f3d0f1b039678f9503
Branches Tags
alexlebens:manifests alexlebens:main alexlebens:auto/update-manifests alexlebens:renovate/cilium-1.x alexlebens:renovate/unified-binwiederhierntfy

1 Commits
main ... 753d0bf754

Author SHA1 Message Date
Renovate Bot
753d0bf754 chore(deps): update helm release mariadb-operator to v26
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 17s
Details
render-manifests-automerge / render-manifests-automerge (pull_request) Has been skipped
Details
render-manifests-merge / render-manifests-merge (pull_request) Successful in 26s
Details
2026-03-14 23:23:11 +00:00
83 changed files with 583 additions and 1571 deletions
Expand all files Collapse all files

79
.gitea/workflows/lint-test-docker.yaml
View File

@@ -14,7 +14,7 @@ on:
- 'hosts/**' - 'hosts/**'
env: env:
BASE_BRANCH: "origin/${{ github.base_ref }}" BASE_BRANCH: "origin/${{ gitea.base_ref }}"
jobs: jobs:
lint-docker-compose: lint-docker-compose:
@@ -36,20 +36,19 @@ jobs:
id: branch-exists id: branch-exists
if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request' if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request'
run: | run: |
if [ "${{ github.event_name }}" == "push" ]; then if [ ${{ github.event_name == 'push' }} ]; then
echo ">> Action is from a push event, will continue with linting" echo ">> Action is from a push event, will continue with linting"
else else
echo ">> Branch ${{ github.base_ref }} exists, will continue with linting" echo ">> Branch ${{ gitea.base_ref }} exists, will continue with linting"
fi fi
echo ""
echo "----" echo "----"
echo "exists=true" >> $GITHUB_OUTPUT echo "exists=true" >> $GITEA_OUTPUT
- name: Set Up Node.js - name: Set up Node.js
if: steps.branch-exists.outputs.exists == 'true' if: steps.branch-exists.outputs.exists == 'true'
uses: actions/setup-node@v6 uses: actions/setup-node@v6
with: with:
@@ -59,48 +58,58 @@ jobs:
id: check-dir-changes id: check-dir-changes
if: steps.branch-exists.outputs.exists == 'true' if: steps.branch-exists.outputs.exists == 'true'
run: | run: |
CHANGED_COMPOSE=()
echo ">> Target branch for diff is: ${BASE_BRANCH}" echo ">> Target branch for diff is: ${BASE_BRANCH}"
if [ "${{ github.event_name }}" == "pull_request" ]; then if [ "${{ github.event_name }}" == "pull_request" ]; then
DIFF_TARGET="${BASE_BRANCH}"
echo "" echo ""
echo ">> Checking for changes in a pull request ..." echo ">> Checking for changes in a pull request ..."
GIT_DIFF=$(git diff --name-only "${BASE_BRANCH}" | xargs -I {} dirname {} | sort -u)
else else
DIFF_TARGET="${{ github.event.before }}..HEAD"
echo "" echo ""
echo ">> Checking for changes from a push ..." echo ">> Checking for changes from a push ..."
GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u)
fi fi
CHANGED_COMPOSE=$(git diff --name-only "${DIFF_TARGET}" | grep -E "^hosts/[^/]+/[^/]+/" | cut -d/ -f1,2,3 | sort -u || true) if [ -n "${GIT_DIFF}" ]; then
echo ""
echo ">> Changes detected:"
echo "$GIT_DIFF"
for path in $GIT_DIFF; do
if echo "$path" | grep -q -E "hosts/[^/]+/[^/]+"; then
echo ""
echo ">> Adding path: $path"
CHANGED_COMPOSE+=$(echo "$path")
CHANGED_COMPOSE+=$(echo " ")
fi
done
else
echo ""
echo ">> No changes detected"
fi
if [ -n "${CHANGED_COMPOSE}" ]; then if [ -n "${CHANGED_COMPOSE}" ]; then
echo "" echo ""
echo ">> Compose to Lint:" echo ">> Compose to Lint:"
echo "" echo "$(echo "${CHANGED_COMPOSE}" | sort -u)"
echo "${CHANGED_COMPOSE}"
CHANGED_COMPOSE_CSV=$(echo "$CHANGED_COMPOSE" | paste -sd ',' -)
echo ""
echo "----" echo "----"
echo "changes-detected=true" >> $GITHUB_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
echo "compose-dir-csv=${CHANGED_COMPOSE_CSV}" >> $GITHUB_OUTPUT echo "compose-dir<<EOF" >> $GITEA_OUTPUT
echo "compose-dir<<EOF" >> $GITHUB_OUTPUT echo "$(echo "${CHANGED_COMPOSE}" | sort -u)" >> $GITEA_OUTPUT
echo "${CHANGED_COMPOSE}" >> $GITHUB_OUTPUT echo "EOF" >> $GITEA_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
else else
echo "" echo ""
echo ">> Did not find any docker compose files to lint" echo ">> Did not find any docker compose files to lint"
echo ""
echo "----" echo "----"
echo "changes-detected=false" >> $GITHUB_OUTPUT echo "changes-detected=false" >> $GITEA_OUTPUT
fi fi
- name: Lint Docker Compose - name: Lint Docker Compose
@@ -108,27 +117,25 @@ jobs:
env: env:
CHANGED_COMPOSE: ${{ steps.check-dir-changes.outputs.compose-dir }} CHANGED_COMPOSE: ${{ steps.check-dir-changes.outputs.compose-dir }}
run: | run: |
echo ">> Running dclint on changed compose files ..." echo ">> Running dclint on changed compose files:"
echo "$CHANGED_COMPOSE"
for COMPOSE in $CHANGED_COMPOSE; do
echo ">> Linting ${COMPOSE} ..."
npx dclint ${COMPOSE}
for compose in $CHANGED_COMPOSE; do
echo ">> Linting $compose ..."
npx dclint $compose
done done
echo ""
echo "----"
- name: ntfy Failed - name: ntfy Failed
uses: niniyas/ntfy-action@master uses: niniyas/ntfy-action@master
if: failure() if: failure()
with: with:
url: '${{ secrets.NTFY_URL }}' url: '${{ secrets.NTFY_URL }}'
topic: '${{ secrets.NTFY_TOPIC }}' topic: '${{ secrets.NTFY_TOPIC }}'
title: 'Docker Compose Test Failure' title: 'Test Failure - Infrastructure'
priority: 3 priority: 3
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}' headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,failed tags: action,failed
details: "Docker linting for compose dirs: ${{ steps.check-dir-changes.outputs.compose-dir-csv }}" details: 'Docker linting on Pull Request for Infrastructure has failed!'
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png' icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
actions: '[{"action": "view", "label": "View Logs", "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]' actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=lint-test-docker-pull.yaml", "clear": true}]'
image: true

303
.gitea/workflows/lint-test-helm.yaml
View File

@@ -15,17 +15,11 @@ on:
env: env:
CLUSTER: cl01tl CLUSTER: cl01tl
BASE_BRANCH: "origin/${{ github.base_ref }}" BASE_BRANCH: "origin/${{ gitea.base_ref }}"
# renovate: datasource=github-releases depName=yannh/kubeconform
KUBECONFORM_VERSION: "v0.6.7"
jobs: jobs:
lint-helm: lint-helm:
runs-on: ubuntu-js runs-on: ubuntu-js
outputs:
chart-dir: ${{ steps.check-dir-changes.outputs.chart-dir }}
chart-dir-csv: ${{ steps.check-dir-changes.outputs.chart-dir-csv }}
changes-detected: ${{ steps.check-dir-changes.outputs.changes-detected }}
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v6 uses: actions/checkout@v6
@@ -37,91 +31,88 @@ jobs:
if: github.event_name == 'pull_request' if: github.event_name == 'pull_request'
uses: GuillaumeFalourd/branch-exists@v1.1 uses: GuillaumeFalourd/branch-exists@v1.1
with: with:
branch: ${{ github.base_ref }} branch: ${{ gitea.base_ref }}
- name: Report Branch Exists - name: Report Branch Exists
id: branch-exists id: branch-exists
if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request' if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request'
run: | run: |
if [ "${{ github.event_name }}" == "push" ]; then if [ ${{ github.event_name == 'push' }} ]; then
echo ">> Action is from a push event, will continue with linting" echo ">> Action is from a push event, will continue with linting"
else else
echo ">> Branch ${{ github.base_ref }} exists, will continue with linting" echo ">> Branch ${{ gitea.base_ref }} exists, will continue with linting"
fi fi
echo ""
echo "----" echo "----"
echo "exists=true" >> $GITHUB_OUTPUT echo "exists=true" >> $GITEA_OUTPUT
- name: Set Up Helm - name: Set up Helm
if: steps.branch-exists.outputs.exists == 'true' if: steps.branch-exists.outputs.exists == 'true'
uses: azure/setup-helm@v4 uses: azure/setup-helm@v4
with: with:
token: ${{ secrets.GITEA_TOKEN }} token: ${{ secrets.GITEA_TOKEN }}
# renovate: datasource=github-releases depName=helm/helm version: v3.19.2
version: v4.1.3
cache: true cache: true
- name: Cache Helm Dependencies
if: steps.branch-exists.outputs.exists == 'true'
uses: actions/cache@v5
with:
path: |
~/.cache/helm
~/.config/helm
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
restore-keys: |
helm-cache-${{ runner.os }}-
- name: Check Directories for Changes - name: Check Directories for Changes
id: check-dir-changes id: check-dir-changes
if: steps.branch-exists.outputs.exists == 'true' if: steps.branch-exists.outputs.exists == 'true'
run: | run: |
CHANGED_CHARTS=()
echo ">> Target branch for diff is: ${BASE_BRANCH}" echo ">> Target branch for diff is: ${BASE_BRANCH}"
if [ "${{ github.event_name }}" == "pull_request" ]; then if [ "${{ github.event_name }}" == "pull_request" ]; then
DIFF_TARGET="${BASE_BRANCH}"
echo "" echo ""
echo ">> Checking for changes in a pull request ..." echo ">> Checking for changes in a pull request ..."
GIT_DIFF=$(git diff --name-only "${BASE_BRANCH}" | xargs -I {} dirname {} | sort -u)
else else
DIFF_TARGET="${{ github.event.before }}..HEAD"
echo "" echo ""
echo ">> Checking for changes from a push ..." echo ">> Checking for changes from a push ..."
GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u)
fi fi
CHANGED_CHARTS=$(git diff --name-only "${DIFF_TARGET}" | grep -E "^clusters/${CLUSTER}/helm/" | awk -F '/' '{print $4}' | sort -u || true) if [ -n "${GIT_DIFF}" ]; then
echo ""
echo ">> Changes detected:"
echo "$GIT_DIFF"
for path in $GIT_DIFF; do
if echo "$path" | grep -q -E "clusters/[^/]+/helm/[^/]+"; then
echo ""
echo ">> Adding path: $path"
CHANGED_CHARTS+=$(echo "$path" | awk -F '/' '{print $4}')
CHANGED_CHARTS+=$(echo "\n")
fi
done
else
echo ""
echo ">> No changes detected"
fi
if [ -n "${CHANGED_CHARTS}" ]; then if [ -n "${CHANGED_CHARTS}" ]; then
echo "" echo ""
echo ">> Chart to Lint:" echo ">> Chart to Lint:"
echo "" echo "$(echo "${CHANGED_CHARTS}" | sort -u)"
echo "${CHANGED_CHARTS}"
CHANGED_CHARTS_CSV=$(echo "$CHANGED_CHARTS" | paste -sd ',' -)
echo ""
echo "----" echo "----"
echo "changes-detected=true" >> $GITHUB_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
echo "chart-dir-csv=${CHANGED_CHARTS_CSV}" >> $GITHUB_OUTPUT echo "chart-dir<<EOF" >> $GITEA_OUTPUT
echo "chart-dir<<EOF" >> $GITHUB_OUTPUT echo "$(echo "${CHANGED_CHARTS}" | sort -u)" >> $GITEA_OUTPUT
echo "${CHANGED_CHARTS}" >> $GITHUB_OUTPUT echo "EOF" >> $GITEA_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
else else
echo "" echo ""
echo ">> Did not find any helm charts files to lint" echo ">> Did not find any helm charts files to lint"
echo ""
echo "----" echo "----"
echo "changes-detected=false" >> $GITHUB_OUTPUT echo "changes-detected=false" >> $GITEA_OUTPUT
fi fi
- name: Add Repositories - name: Add Repositories
@@ -130,238 +121,68 @@ jobs:
CHANGED_CHARTS: ${{ steps.check-dir-changes.outputs.chart-dir }} CHANGED_CHARTS: ${{ steps.check-dir-changes.outputs.chart-dir }}
run: | run: |
echo ">> Adding repositories for chart dependencies ..." echo ">> Adding repositories for chart dependencies ..."
echo "" for dir in ${CHANGED_CHARTS}; do
helm dependency list --max-col-width 120 clusters/${CLUSTER}/helm/$dir 2> /dev/null \
for DIR in ${CHANGED_CHARTS}; do | tail +2 | head -n -1 \
helm dependency list --max-col-width 120 clusters/${CLUSTER}/helm/${DIR} 2> /dev/null \ | awk '{ print "helm repo add " $1 " " $3 }' \
| tail -n +2 \ | while read cmd; do
| awk 'NF > 0 { print $1, $3 }' \ if [[ "$cmd" == "*oci://*" ]]; then
| while read -r REPO_NAME REPO_URL; do echo ">> Ignoring OCI repo"
if [[ "${REPO_URL}" == oci://* ]]; then else
echo ">> Ignoring OCI repo: ${REPO_URL}" echo ">> Command: $cmd"
echo "$cmd" | sh;
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
helm repo add "${REPO_NAME}" "${REPO_URL}"
fi fi
done || true done || true
done done
if helm repo list > /dev/null 2>&1; then if helm repo list | tail +2 | read -r; then
echo "" echo ""
echo ">> Update repository cache ..." echo ">> Update repository cache ..."
helm repo update helm repo update
fi fi
echo ""
echo "----" echo "----"
- name: Lint Helm Chart - name: Lint Helm Chart
id: lint
if: steps.check-dir-changes.outputs.changes-detected == 'true' if: steps.check-dir-changes.outputs.changes-detected == 'true'
env: env:
CHANGED_CHARTS: ${{ steps.check-dir-changes.outputs.chart-dir }} CHANGED_CHARTS: ${{ steps.check-dir-changes.outputs.chart-dir }}
run: | run: |
EXIT_CODE=0
FAILED_CHARTS=""
echo ">> Running linting on changed charts ..." echo ">> Running linting on changed charts ..."
for DIR in ${CHANGED_CHARTS}; do for dir in ${CHANGED_CHARTS}; do
CHART_PATH="clusters/${CLUSTER}/helm/${DIR}" chart_path=clusters/${CLUSTER}/helm/$dir
CHART_NAME=$(basename "${CHART_PATH}") chart_name=$(basename "$chart_path")
if [ -f "${CHART_PATH}/Chart.yaml" ]; then if [ -f "$chart_path/Chart.yaml" ]; then
echo "" cd $chart_path
echo ">> Building helm dependency for ${CHART_NAME} ..."
helm dependency build "${CHART_PATH}" --skip-refresh
echo "" echo ""
echo ">> Linting helm chart ${CHART_NAME} ..." echo ">> Building helm dependency ..."
helm dependency build --skip-refresh
if ! helm lint "${CHART_PATH}" --namespace "default"; then echo ""
EXIT_CODE=1 echo ">> Linting helm ..."
helm lint --namespace "$chart_name"
if [ -z "${FAILED_CHARTS}" ]; then
FAILED_CHARTS="${DIR}"
else
FAILED_CHARTS="${FAILED_CHARTS}, ${DIR}"
fi
fi
else else
echo "" echo ""
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..." echo ">> Directory $chart_path does not contain a Chart.yaml. Skipping ..."
echo ""
fi fi
done done
echo ""
echo "----"
echo "failed-charts=${FAILED_CHARTS}" >> "$GITHUB_OUTPUT"
exit $EXIT_CODE
- name: ntfy Failed - name: ntfy Failed
uses: niniyas/ntfy-action@master uses: niniyas/ntfy-action@master
if: failure() if: failure()
with: with:
url: '${{ secrets.NTFY_URL }}' url: '${{ secrets.NTFY_URL }}'
topic: '${{ secrets.NTFY_TOPIC }}' topic: '${{ secrets.NTFY_TOPIC }}'
title: 'Helm Test Failure' title: 'Test Failure - Infrastructure'
priority: 3 priority: 3
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}' headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,failed tags: action,failed
details: "Helm linting for cluster '${CLUSTER}' failed on charts: ${{ steps.lint.outputs.failed-charts }}" details: 'Helm linting on Pull Request for Infrastructure has failed!'
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png' icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
actions: '[{"action": "view", "label": "View Run", "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]' actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=lint-test-helm-pull.yaml", "clear": true}]'
image: true
validate-kubeconform:
needs: lint-helm
runs-on: ubuntu-js
if: |
needs.lint-helm.result == 'success' &&
needs.lint-helm.outputs.changes-detected == 'true' &&
github.event_name == 'pull_request'
steps:
- name: Checkout
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Install Kubeconform
run: |
echo ">> Downloading Kubeconform ${{ env.KUBECONFORM_VERSION }} ..."
wget -q https://github.com/yannh/kubeconform/releases/download/${{ env.KUBECONFORM_VERSION }}/kubeconform-linux-amd64.tar.gz
echo ""
echo ">> Extracting Kubeconform ..."
tar xf kubeconform-linux-amd64.tar.gz
echo ""
echo ">> Installing Kubeconform ..."
sudo mv kubeconform /usr/local/bin/
echo ""
echo ">> Verifying installation ..."
kubeconform -v
echo ""
echo "----"
- name: Set Up Helm
uses: azure/setup-helm@v4
with:
token: ${{ secrets.GITEA_TOKEN }}
# renovate: datasource=github-releases depName=helm/helm
version: v4.1.3
cache: true
- name: Cache Helm Dependencies
uses: actions/cache@v5
with:
path: |
~/.cache/helm
~/.config/helm
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
restore-keys: |
helm-cache-${{ runner.os }}-
- name: Add Repositories
env:
CHANGED_CHARTS: ${{ needs.lint-helm.outputs.chart-dir }}
run: |
echo ">> Adding repositories for chart dependencies ..."
echo ""
for DIR in ${CHANGED_CHARTS}; do
helm dependency list --max-col-width 120 clusters/${CLUSTER}/helm/${DIR} 2> /dev/null \
| tail -n +2 \
| awk 'NF > 0 { print $1, $3 }' \
| while read -r REPO_NAME REPO_URL; do
if [[ "${REPO_URL}" == oci://* ]]; then
echo ">> Ignoring OCI repo: ${REPO_URL}"
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
helm repo add "${REPO_NAME}" "${REPO_URL}"
fi
done || true
done
if helm repo list > /dev/null 2>&1; then
echo ""
echo ">> Update repository cache ..."
helm repo update
fi
echo ""
echo "----"
- name: Validate Rendered Templates
id: validate
env:
CHANGED_CHARTS: ${{ needs.lint-helm.outputs.chart-dir }}
run: |
SCHEMA_LOCATIONS="-schema-location default -schema-location https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json"
EXIT_CODE=0
FAILED_CHARTS=""
for DIR in ${CHANGED_CHARTS}; do
CHART_PATH="clusters/${CLUSTER}/helm/${DIR}"
echo ""
echo ">> Validating: ${DIR}"
helm dependency build "${CHART_PATH}" --skip-refresh
if ! helm template "${DIR}" "${CHART_PATH}" --include-crds --namespace default --api-versions "gateway.networking.k8s.io/v1/HTTPRoute" | \
kubeconform \
${SCHEMA_LOCATIONS} \
-ignore-missing-schemas \
-strict \
-summary; then
EXIT_CODE=1
if [ -z "${FAILED_CHARTS}" ]; then
FAILED_CHARTS="${DIR}"
else
FAILED_CHARTS="${FAILED_CHARTS}, ${DIR}"
fi
fi
done
echo ""
echo "----"
echo "failed-charts=${FAILED_CHARTS}" >> "$GITHUB_OUTPUT"
exit $EXIT_CODE
- name: ntfy Failed
uses: niniyas/ntfy-action@master
if: failure()
with:
url: '${{ secrets.NTFY_URL }}'
topic: '${{ secrets.NTFY_TOPIC }}'
title: 'Kubeconform Test Failure'
priority: 3
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,failed
details: "Kubeconform for cluster '${CLUSTER}' failed on charts: ${{ steps.validate.outputs.failed-charts }}"
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
actions: '[{"action": "view", "label": "View Run", "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]'
image: true image: true

193
.gitea/workflows/render-manifests-automerge.yaml
View File

@@ -1,14 +1,13 @@
name: render-manifests-automerge name: render-manifests-automerge
on: on:
workflow_dispatch: pull_request:
# pull_request: branches:
# branches: - main
# - main paths:
# paths: - 'clusters/cl01tl/helm/**'
# - 'clusters/cl01tl/helm/**' types:
# types: - closed
# - closed
env: env:
CLUSTER: cl01tl CLUSTER: cl01tl
@@ -47,16 +46,6 @@ jobs:
method: kubeconfig method: kubeconfig
kubeconfig: ${{ secrets.KUBECONFIG }} kubeconfig: ${{ secrets.KUBECONFIG }}
- name: Cache Helm Dependencies
uses: actions/cache@v5
with:
path: |
~/.cache/helm
~/.config/helm
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
restore-keys: |
helm-cache-${{ runner.os }}-
- name: Prepare Manifest Branch - name: Prepare Manifest Branch
id: prepare-manifest-branch id: prepare-manifest-branch
run: | run: |
@@ -64,12 +53,10 @@ jobs:
BRANCH_NAME="${BRANCH_NAME_BASE}-$(date +%Y%m%d%H%M%S)" BRANCH_NAME="${BRANCH_NAME_BASE}-$(date +%Y%m%d%H%M%S)"
echo ""
echo ">> Configure git to use gitea-bot as user ..." echo ">> Configure git to use gitea-bot as user ..."
git config user.name "gitea-bot" git config user.name "gitea-bot"
git config user.email "gitea-bot@alexlebens.net" git config user.email "gitea-bot@alexlebens.net"
echo ""
echo ">> Creating branch ..." echo ">> Creating branch ..."
git checkout -b $BRANCH_NAME git checkout -b $BRANCH_NAME
@@ -80,31 +67,38 @@ jobs:
- name: Check which Directories have Changes - name: Check which Directories have Changes
id: check-dir-changes id: check-dir-changes
run: | run: |
cd "${MAIN_DIR}" cd ${MAIN_DIR}
RENDER_DIR=()
echo ""
echo ">> Checking for changes from HEAD^..HEAD ..." echo ">> Checking for changes from HEAD^..HEAD ..."
GIT_DIFF=$(git diff --name-only HEAD^..HEAD | xargs -I {} dirname {} | sort -u | grep -E "clusters/[^/]+/helm/[^/]+")
# Extract the chart names from the git diff if [ -n "${GIT_DIFF}" ]; then
RENDER_DIR=$(git diff --name-only HEAD^..HEAD | grep -E "^clusters/${CLUSTER}/helm/" | awk -F '/' '{print $4}' | sort -u || true) echo ">> Changes detected:"
echo "$GIT_DIFF"
for path in $GIT_DIFF; do
RENDER_DIR+=$(echo "$path" | awk -F '/' '{print $4}')
RENDER_DIR+=$(echo " ")
done
else
echo ">> No changes detected"
fi
if [ -n "${RENDER_DIR}" ]; then if [ -n "${RENDER_DIR}" ]; then
echo ""
echo ">> Directories to Render:" echo ">> Directories to Render:"
echo "${RENDER_DIR}" echo "$(echo "${RENDER_DIR}" | sort -u)"
echo "----" echo "----"
echo "changes-detected=true" >> "$GITEA_OUTPUT" echo "changes-detected=true" >> $GITEA_OUTPUT
echo "render-dir<<EOF" >> "$GITEA_OUTPUT" echo "render-dir<<EOF" >> $GITEA_OUTPUT
echo "${RENDER_DIR}" >> "$GITEA_OUTPUT" echo "$(echo "${RENDER_DIR}" | sort -u)" >> $GITEA_OUTPUT
echo "EOF" >> "$GITEA_OUTPUT" echo "EOF" >> $GITEA_OUTPUT
else else
echo "" echo "changes-detected=false" >> $GITEA_OUTPUT
echo ">> No chart changes detected"
echo "changes-detected=false" >> "$GITEA_OUTPUT"
fi fi
- name: Add Repositories - name: Add Repositories
@@ -112,31 +106,25 @@ jobs:
env: env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }} RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: | run: |
cd "${MAIN_DIR}" cd ${MAIN_DIR}
echo ""
echo ">> Adding repositories for chart dependencies ..." echo ">> Adding repositories for chart dependencies ..."
for DIR in ${RENDER_DIR}; do for dir in ${RENDER_DIR}; do
helm dependency list --max-col-width 120 "${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" 2> /dev/null \ helm dependency list --max-col-width 120 ${MAIN_DIR}/clusters/${CLUSTER}/helm/$dir 2> /dev/null \
| tail -n +2 \ | tail +2 | head -n -1 \
| awk 'NF > 0 { print $1, $3 }' \ | awk '{ print "helm repo add " $1 " " $3 }' \
| while read -r REPO_NAME REPO_URL; do | while read cmd; do
if [[ "${REPO_URL}" == oci://* ]]; then if [[ "$cmd" == "*oci://*" ]]; then
echo "" echo ">> Ignoring OCI repo"
echo ">> Ignoring OCI repo: ${REPO_URL}" else
echo "$cmd" | sh;
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
helm repo add "${REPO_NAME}" "${REPO_URL}"
fi fi
done || true done || true
done done
if helm repo list > /dev/null 2>&1; then if helm repo list | tail +2 | read -r; then
echo ""
echo ">> Update repository cache ..." echo ">> Update repository cache ..."
helm repo update helm repo update
fi fi
echo "----" echo "----"
@@ -146,16 +134,15 @@ jobs:
env: env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }} RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
echo ""
echo ">> Remove manfiest files and rebuild from source ..." echo ">> Remove manfiest files and rebuild from source ..."
for DIR in ${RENDER_DIR}; do for dir in ${RENDER_DIR}; do
CHART_PATH=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${DIR} chart_path=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$dir
echo "${CHART_PATH}" echo "$chart_path"
rm -rf ${CHART_PATH}/* rm -rf $chart_path/*
done done
echo "----" echo "----"
@@ -168,57 +155,60 @@ jobs:
run: | run: |
cd ${MAIN_DIR} cd ${MAIN_DIR}
echo ""
echo ">> Rendering Manifests ..." echo ">> Rendering Manifests ..."
render_chart() { for dir in ${RENDER_DIR}; do
local DIR="$1" chart_path=${MAIN_DIR}/clusters/${CLUSTER}/helm/$dir
local CHART_PATH="${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" chart_name=$(basename "$chart_path")
local CHART_NAME=$(basename "${CHART_PATH}")
echo "" echo ""
echo ">> Rendering ..." echo ""
echo ">> Chart: ${CHART_NAME}" echo ">> Rendering chart: $chart_name"
echo ">> Path: ${CHART_PATH}" echo ">> Chart path $chart_path"
if [ -f "${CHART_PATH}/Chart.yaml" ]; then if [ -f "$chart_path/Chart.yaml" ]; then
local OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${CHART_NAME}/" OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$chart_name/"
TEMPLATE=""
mkdir -p "${OUTPUT_FOLDER}" mkdir -p ${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$chart_name
cd "${CHART_PATH}"
cd $chart_path
echo "" echo ""
echo ">> Updating helm dependencies ..." echo ">> Updating helm dependency ..."
helm dependency update --skip-refresh > /dev/null helm dependency update --skip-refresh
echo "" echo ""
echo ">> Linting helm chart ..." echo ">> Building helm dependency ..."
helm lint --namespace "${CHART_NAME}" --quiet helm dependency build --skip-refresh
local NAMESPACE="${CHART_NAME}" echo ""
case "${CHART_NAME}" in echo ">> Linting helm ..."
helm lint --namespace "$chart_name"
echo ""
echo ">> Rendering templates ..."
case "$chart_name" in
"stack") "stack")
NAMESPACE="argocd"
echo "" echo ""
echo ">> Special Rendering into 'argocd' namespace ..." echo ">> Special Rendering for stack into argocd namespace ..."
TEMPLATE=$(helm template $chart_name ./ --namespace argocd --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;; ;;
"cilium" | "coredns" | "metrics-server" |"prometheus-operator-crds") "cilium" | "coredns" | "metrics-server" |"prometheus-operator-crds")
NAMESPACE="kube-system"
echo "" echo ""
echo ">> Special Rendering for ${CHART_NAME} into 'kube-system' namespace ..." echo ">> Special Rendering for $chart_name into kube-system namespace ..."
TEMPLATE=$(helm template $chart_name ./ --namespace kube-system --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;; ;;
*) *)
echo "" echo ""
echo ">> Standard Rendering for ${CHART_NAME} ..." echo ">> Standard Rendering for $chart_name ..."
TEMPLATE=$(helm template "$chart_name" ./ --namespace "$chart_name" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;;
esac esac
echo "" echo ""
echo ">> Formating rendered template ..." echo ">> Formating rendered template ..."
local TEMPLATE echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
# Format and split rendered template
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
# Strip comments again to ensure formatting correctness # Strip comments again to ensure formatting correctness
for file in "$OUTPUT_FOLDER"/*; do for file in "$OUTPUT_FOLDER"/*; do
@@ -226,23 +216,15 @@ jobs:
done done
echo "" echo ""
echo ">> Manifests for ${CHART_NAME} rendered to ${OUTPUT_FOLDER}:" echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
ls $OUTPUT_FOLDER ls $OUTPUT_FOLDER
echo "" echo ""
else else
echo "" echo ""
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..." echo ">> Directory $chart_path does not contain a Chart.yaml. Skipping ..."
echo "" echo ""
fi fi
} done
export -f render_chart
export MAIN_DIR CLUSTER MANIFEST_DIR
# Run rendering in parallel
for DIR in ${RENDER_DIR}; do
echo "${DIR}"
done | xargs -n 1 -P 4 -I {} bash -c 'render_chart "$@"' _ {}
echo "----" echo "----"
@@ -250,18 +232,16 @@ jobs:
id: check-changes id: check-changes
if: steps.check-dir-changes.outputs.changes-detected == 'true' if: steps.check-dir-changes.outputs.changes-detected == 'true'
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
GIT_CHANGES=$(git status --porcelain) GIT_CHANGES=$(git status --porcelain)
if [ -n "${GIT_CHANGES}" ]; then if [ -n "$GIT_CHANGES" ]; then
echo ""
echo ">> Changes detected" echo ">> Changes detected"
git status --porcelain git status --porcelain
echo "changes-detected=true" >> $GITEA_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
else else
echo ""
echo ">> No changes detected, skipping PR creation" echo ">> No changes detected, skipping PR creation"
fi fi
@@ -274,22 +254,19 @@ jobs:
env: env:
BRANCH_NAME: ${{ steps.prepare-manifest-branch.outputs.BRANCH_NAME }} BRANCH_NAME: ${{ steps.prepare-manifest-branch.outputs.BRANCH_NAME }}
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
echo ""
echo ">> Commiting changes to ${BRANCH_NAME} ..." echo ">> Commiting changes to ${BRANCH_NAME} ..."
git add . git add .
git commit -m "chore: Update manifests after automerge" git commit -m "chore: Update manifests after automerge"
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}" REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
echo "" echo ">> Pushing changes to $REPO_URL ..."
echo ">> Pushing changes to ${REPO_URL} ..." git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@$(echo $REPO_URL | sed -e 's|https://||')" ${BRANCH_NAME}
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@${REPO_URL#*://}" "${BRANCH_NAME}"
echo "----" echo "----"
echo "push=true" >> "$GITEA_OUTPUT" echo "push=true" >> $GITEA_OUTPUT
- name: Create Pull Request - name: Create Pull Request
id: create-pull-request id: create-pull-request

193
.gitea/workflows/render-manifests-dispatch.yaml
View File

@@ -1,11 +1,10 @@
name: render-manifests-dispatch name: render-manifests-dispatch
on: on:
workflow_dispatch: schedule:
# schedule: - cron: '0 3 * * *'
# - cron: '0 15 * * *'
# workflow_dispatch: workflow_dispatch:
env: env:
CLUSTER: cl01tl CLUSTER: cl01tl
@@ -44,39 +43,24 @@ jobs:
method: kubeconfig method: kubeconfig
kubeconfig: ${{ secrets.KUBECONFIG }} kubeconfig: ${{ secrets.KUBECONFIG }}
- name: Cache Helm Dependencies
uses: actions/cache@v5
with:
path: |
~/.cache/helm
~/.config/helm
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
restore-keys: |
helm-cache-${{ runner.os }}-
- name: Prepare Manifest Branch - name: Prepare Manifest Branch
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
echo ""
echo ">> Configure git to use gitea-bot as user ..." echo ">> Configure git to use gitea-bot as user ..."
git config user.name "gitea-bot" git config user.name "gitea-bot"
git config user.email "gitea-bot@alexlebens.net" git config user.email "gitea-bot@alexlebens.net"
echo ""
echo ">> Checking if PR branch exists ..." echo ">> Checking if PR branch exists ..."
if git ls-remote --exit-code --heads origin "${BRANCH_NAME}" > /dev/null 2>&1; then if [[ $(git ls-remote --heads origin "${BRANCH_NAME}" | wc -l) -gt 0 ]]; then
echo ""
echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..." echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..."
git fetch origin "${BRANCH_NAME}" git fetch origin "${BRANCH_NAME}"
git checkout "${BRANCH_NAME}" git checkout "${BRANCH_NAME}"
git pull --rebase git pull --rebase
else else
echo ""
echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..." echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..."
git checkout -b "${BRANCH_NAME}" git checkout -b $BRANCH_NAME
fi fi
echo "----" echo "----"
@@ -84,29 +68,25 @@ jobs:
- name: Check which Directories have Changes - name: Check which Directories have Changes
id: check-dir-changes id: check-dir-changes
run: | run: |
cd "${MAIN_DIR}" cd ${MAIN_DIR}
RENDER_DIR=()
echo ""
echo ">> Triggered on dispatch, will check all paths ..." echo ">> Triggered on dispatch, will check all paths ..."
RENDER_DIR+=$(ls clusters/cl01tl/helm/)
# Extract names of charts
RENDER_DIR=$(find "clusters/${CLUSTER}/helm" -mindepth 1 -maxdepth 1 -type d -exec basename {} \; | sort -u)
if [ -n "${RENDER_DIR}" ]; then if [ -n "${RENDER_DIR}" ]; then
echo ""
echo ">> Directories to Render:" echo ">> Directories to Render:"
echo "${RENDER_DIR}" echo "$(echo "${RENDER_DIR}" | sort -u)"
echo "----" echo "----"
echo "changes-detected=true" >> "$GITEA_OUTPUT" echo "changes-detected=true" >> $GITEA_OUTPUT
echo "render-dir<<EOF" >> "$GITEA_OUTPUT" echo "render-dir<<EOF" >> $GITEA_OUTPUT
echo "${RENDER_DIR}" >> "$GITEA_OUTPUT" echo "$(echo "${RENDER_DIR}" | sort -u)" >> $GITEA_OUTPUT
echo "EOF" >> "$GITEA_OUTPUT" echo "EOF" >> $GITEA_OUTPUT
else else
echo ">> No directories found" echo "changes-detected=false" >> $GITEA_OUTPUT
echo "changes-detected=false" >> "$GITEA_OUTPUT"
fi fi
- name: Add Repositories - name: Add Repositories
@@ -114,54 +94,29 @@ jobs:
env: env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }} RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: | run: |
cd "${MAIN_DIR}" cd ${MAIN_DIR}
echo ""
echo ">> Adding repositories for chart dependencies ..." echo ">> Adding repositories for chart dependencies ..."
for DIR in ${RENDER_DIR}; do for dir in ${RENDER_DIR}; do
helm dependency list --max-col-width 120 "${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" 2> /dev/null \ helm dependency list --max-col-width 120 ${MAIN_DIR}/clusters/${CLUSTER}/helm/$dir 2> /dev/null \
| tail -n +2 \ | tail +2 | head -n -1 \
| awk 'NF > 0 { print $1, $3 }' \ | awk '{ print "helm repo add " $1 " " $3 }' \
| while read -r REPO_NAME REPO_URL; do | while read cmd; do
if [[ "${REPO_URL}" == oci://* ]]; then if [[ "$cmd" == "*oci://*" ]]; then
echo "" echo ">> Ignoring OCI repo"
echo ">> Ignoring OCI repo: ${REPO_URL}" else
echo "$cmd" | sh;
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
helm repo add "${REPO_NAME}" "${REPO_URL}"
fi fi
done || true done || true
done done
if helm repo list > /dev/null 2>&1; then if helm repo list | tail +2 | read -r; then
echo ""
echo ">> Update repository cache ..." echo ">> Update repository cache ..."
helm repo update helm repo update
fi fi
echo "----" echo "----"
- name: Remove Changed Manifest Files
if: steps.check-dir-changes.outputs.changes-detected == 'true'
env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: |
cd "${MANIFEST_DIR}"
echo ""
echo ">> Remove manfiest files and rebuild from source ..."
for DIR in ${RENDER_DIR}; do
CHART_PATH=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${DIR}
echo "${CHART_PATH}"
rm -rf ${CHART_PATH}/*
done
echo "----"
- name: Render Helm Manifests - name: Render Helm Manifests
id: render-manifests id: render-manifests
if: steps.check-dir-changes.outputs.changes-detected == 'true' if: steps.check-dir-changes.outputs.changes-detected == 'true'
@@ -170,57 +125,60 @@ jobs:
run: | run: |
cd ${MAIN_DIR} cd ${MAIN_DIR}
echo ""
echo ">> Rendering Manifests ..." echo ">> Rendering Manifests ..."
render_chart() { for dir in ${RENDER_DIR}; do
local DIR="$1" chart_path=${MAIN_DIR}/clusters/${CLUSTER}/helm/$dir
local CHART_PATH="${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" chart_name=$(basename "$chart_path")
local CHART_NAME=$(basename "${CHART_PATH}")
echo "" echo ""
echo ">> Rendering ..." echo ""
echo ">> Chart: ${CHART_NAME}" echo ">> Rendering chart: $chart_name"
echo ">> Path: ${CHART_PATH}" echo ">> Chart path $chart_path"
if [ -f "${CHART_PATH}/Chart.yaml" ]; then if [ -f "$chart_path/Chart.yaml" ]; then
local OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${CHART_NAME}/" OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$chart_name/"
TEMPLATE=""
mkdir -p "${OUTPUT_FOLDER}" mkdir -p ${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$chart_name
cd "${CHART_PATH}"
cd $chart_path
echo "" echo ""
echo ">> Updating helm dependencies ..." echo ">> Updating helm dependency ..."
helm dependency update --skip-refresh > /dev/null helm dependency update --skip-refresh
echo "" echo ""
echo ">> Linting helm chart ..." echo ">> Building helm dependency ..."
helm lint --namespace "${CHART_NAME}" --quiet helm dependency build --skip-refresh
local NAMESPACE="${CHART_NAME}" echo ""
case "${CHART_NAME}" in echo ">> Linting helm ..."
helm lint --namespace "$chart_name"
echo ""
echo ">> Rendering templates ..."
case "$chart_name" in
"stack") "stack")
NAMESPACE="argocd"
echo "" echo ""
echo ">> Special Rendering into 'argocd' namespace ..." echo ">> Special Rendering for stack into argocd namespace ..."
TEMPLATE=$(helm template $chart_name ./ --namespace argocd --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;; ;;
"cilium" | "coredns" | "metrics-server" |"prometheus-operator-crds") "cilium" | "coredns" | "metrics-server" |"prometheus-operator-crds")
NAMESPACE="kube-system"
echo "" echo ""
echo ">> Special Rendering for ${CHART_NAME} into 'kube-system' namespace ..." echo ">> Special Rendering for $chart_name into kube-system namespace ..."
TEMPLATE=$(helm template $chart_name ./ --namespace kube-system --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;; ;;
*) *)
echo "" echo ""
echo ">> Standard Rendering for ${CHART_NAME} ..." echo ">> Standard Rendering for $chart_name ..."
TEMPLATE=$(helm template "$chart_name" ./ --namespace "$chart_name" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;;
esac esac
echo "" echo ""
echo ">> Formating rendered template ..." echo ">> Formating rendered template ..."
local TEMPLATE echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
# Format and split rendered template
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
# Strip comments again to ensure formatting correctness # Strip comments again to ensure formatting correctness
for file in "$OUTPUT_FOLDER"/*; do for file in "$OUTPUT_FOLDER"/*; do
@@ -228,23 +186,15 @@ jobs:
done done
echo "" echo ""
echo ">> Manifests for ${CHART_NAME} rendered to ${OUTPUT_FOLDER}:" echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
ls $OUTPUT_FOLDER ls $OUTPUT_FOLDER
echo "" echo ""
else else
echo "" echo ""
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..." echo ">> Directory $chart_path does not contain a Chart.yaml. Skipping ..."
echo "" echo ""
fi fi
} done
export -f render_chart
export MAIN_DIR CLUSTER MANIFEST_DIR
# Run rendering in parallel
for DIR in ${RENDER_DIR}; do
echo "${DIR}"
done | xargs -n 1 -P 4 -I {} bash -c 'render_chart "$@"' _ {}
echo "----" echo "----"
@@ -252,18 +202,16 @@ jobs:
id: check-changes id: check-changes
if: steps.check-dir-changes.outputs.changes-detected == 'true' if: steps.check-dir-changes.outputs.changes-detected == 'true'
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
GIT_CHANGES=$(git status --porcelain) GIT_CHANGES=$(git status --porcelain)
if [ -n "${GIT_CHANGES}" ]; then if [ -n "$GIT_CHANGES" ]; then
echo ""
echo ">> Changes detected" echo ">> Changes detected"
git status --porcelain git status --porcelain
echo "changes-detected=true" >> $GITEA_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
else else
echo ""
echo ">> No changes detected, skipping PR creation" echo ">> No changes detected, skipping PR creation"
fi fi
@@ -274,23 +222,20 @@ jobs:
id: commit-push id: commit-push
if: steps.check-changes.outputs.changes-detected == 'true' if: steps.check-changes.outputs.changes-detected == 'true'
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
echo ""
echo ">> Commiting changes to ${BRANCH_NAME} ..." echo ">> Commiting changes to ${BRANCH_NAME} ..."
git add . git add .
git commit -m "chore: Update manifests after change" git commit -m "chore: Update manifests after change"
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}" REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
echo "" echo ">> Pushing changes to $REPO_URL ..."
echo ">> Pushing changes to ${REPO_URL} ..." git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@$(echo $REPO_URL | sed -e 's|https://||')" ${BRANCH_NAME}
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@${REPO_URL#*://}" "${BRANCH_NAME}"
echo "----" echo "----"
echo "HEAD_BRANCH=${BRANCH_NAME}" >> "$GITEA_OUTPUT" echo "HEAD_BRANCH=${BRANCH_NAME}" >> $GITEA_OUTPUT
echo "push=true" >> "$GITEA_OUTPUT" echo "push=true" >> $GITEA_OUTPUT
- name: Check for Pull Request - name: Check for Pull Request
id: check-for-pull-requst id: check-for-pull-requst

204
.gitea/workflows/render-manifests-merge.yaml
View File

@@ -1,14 +1,13 @@
name: render-manifests-merge name: render-manifests-merge
on: on:
workflow_dispatch: pull_request:
# pull_request: branches:
# branches: - main
# - main paths:
# paths: - 'clusters/cl01tl/helm/**'
# - 'clusters/cl01tl/helm/**' types:
# types: - closed
# - closed
env: env:
CLUSTER: cl01tl CLUSTER: cl01tl
@@ -48,39 +47,24 @@ jobs:
method: kubeconfig method: kubeconfig
kubeconfig: ${{ secrets.KUBECONFIG }} kubeconfig: ${{ secrets.KUBECONFIG }}
- name: Cache Helm Dependencies
uses: actions/cache@v5
with:
path: |
~/.cache/helm
~/.config/helm
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
restore-keys: |
helm-cache-${{ runner.os }}-
- name: Prepare Manifest Branch - name: Prepare Manifest Branch
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
echo ""
echo ">> Configure git to use gitea-bot as user ..." echo ">> Configure git to use gitea-bot as user ..."
git config user.name "gitea-bot" git config user.name "gitea-bot"
git config user.email "gitea-bot@alexlebens.net" git config user.email "gitea-bot@alexlebens.net"
echo ""
echo ">> Checking if PR branch exists ..." echo ">> Checking if PR branch exists ..."
if git ls-remote --exit-code --heads origin "${BRANCH_NAME}" > /dev/null 2>&1; then if [[ $(git ls-remote --heads origin "${BRANCH_NAME}" | wc -l) -gt 0 ]]; then
echo ""
echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..." echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..."
git fetch origin "${BRANCH_NAME}" git fetch origin "${BRANCH_NAME}"
git checkout "${BRANCH_NAME}" git checkout "${BRANCH_NAME}"
git pull --rebase git pull --rebase
else else
echo ""
echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..." echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..."
git checkout -b "${BRANCH_NAME}" git checkout -b $BRANCH_NAME
fi fi
echo "----" echo "----"
@@ -88,31 +72,38 @@ jobs:
- name: Check which Directories have Changes - name: Check which Directories have Changes
id: check-dir-changes id: check-dir-changes
run: | run: |
cd "${MAIN_DIR}" cd ${MAIN_DIR}
RENDER_DIR=()
echo ""
echo ">> Checking for changes from HEAD^..HEAD ..." echo ">> Checking for changes from HEAD^..HEAD ..."
GIT_DIFF=$(git diff --name-only HEAD^..HEAD | xargs -I {} dirname {} | sort -u | grep -E "clusters/[^/]+/helm/[^/]+")
# Extract the chart names from the git diff if [ -n "${GIT_DIFF}" ]; then
RENDER_DIR=$(git diff --name-only HEAD^..HEAD | grep -E "^clusters/${CLUSTER}/helm/" | awk -F '/' '{print $4}' | sort -u || true) echo ">> Changes detected:"
echo "$GIT_DIFF"
for path in $GIT_DIFF; do
RENDER_DIR+=$(echo "$path" | awk -F '/' '{print $4}')
RENDER_DIR+=$(echo " ")
done
else
echo ">> No changes detected"
fi
if [ -n "${RENDER_DIR}" ]; then if [ -n "${RENDER_DIR}" ]; then
echo ""
echo ">> Directories to Render:" echo ">> Directories to Render:"
echo "${RENDER_DIR}" echo "$(echo "${RENDER_DIR}" | sort -u)"
echo "----" echo "----"
echo "changes-detected=true" >> "$GITEA_OUTPUT" echo "changes-detected=true" >> $GITEA_OUTPUT
echo "render-dir<<EOF" >> "$GITEA_OUTPUT" echo "render-dir<<EOF" >> $GITEA_OUTPUT
echo "${RENDER_DIR}" >> "$GITEA_OUTPUT" echo "$(echo "${RENDER_DIR}" | sort -u)" >> $GITEA_OUTPUT
echo "EOF" >> "$GITEA_OUTPUT" echo "EOF" >> $GITEA_OUTPUT
else else
echo "" echo "changes-detected=false" >> $GITEA_OUTPUT
echo ">> No chart changes detected"
echo "changes-detected=false" >> "$GITEA_OUTPUT"
fi fi
- name: Add Repositories - name: Add Repositories
@@ -120,31 +111,25 @@ jobs:
env: env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }} RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: | run: |
cd "${MAIN_DIR}" cd ${MAIN_DIR}
echo ""
echo ">> Adding repositories for chart dependencies ..." echo ">> Adding repositories for chart dependencies ..."
for DIR in ${RENDER_DIR}; do for dir in ${RENDER_DIR}; do
helm dependency list --max-col-width 120 "${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" 2> /dev/null \ helm dependency list --max-col-width 120 ${MAIN_DIR}/clusters/${CLUSTER}/helm/$dir 2> /dev/null \
| tail -n +2 \ | tail +2 | head -n -1 \
| awk 'NF > 0 { print $1, $3 }' \ | awk '{ print "helm repo add " $1 " " $3 }' \
| while read -r REPO_NAME REPO_URL; do | while read cmd; do
if [[ "${REPO_URL}" == oci://* ]]; then if [[ "$cmd" == "*oci://*" ]]; then
echo "" echo ">> Ignoring OCI repo"
echo ">> Ignoring OCI repo: ${REPO_URL}" else
echo "$cmd" | sh;
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
helm repo add "${REPO_NAME}" "${REPO_URL}"
fi fi
done || true done || true
done done
if helm repo list > /dev/null 2>&1; then if helm repo list | tail +2 | read -r; then
echo ""
echo ">> Update repository cache ..." echo ">> Update repository cache ..."
helm repo update helm repo update
fi fi
echo "----" echo "----"
@@ -154,16 +139,15 @@ jobs:
env: env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }} RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
echo ""
echo ">> Remove manfiest files and rebuild from source ..." echo ">> Remove manfiest files and rebuild from source ..."
for DIR in ${RENDER_DIR}; do for dir in ${RENDER_DIR}; do
CHART_PATH=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${DIR} chart_path=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$dir
echo "${CHART_PATH}" echo "$chart_path"
rm -rf ${CHART_PATH}/* rm -rf $chart_path/*
done done
echo "----" echo "----"
@@ -176,57 +160,60 @@ jobs:
run: | run: |
cd ${MAIN_DIR} cd ${MAIN_DIR}
echo ""
echo ">> Rendering Manifests ..." echo ">> Rendering Manifests ..."
render_chart() { for dir in ${RENDER_DIR}; do
local DIR="$1" chart_path=${MAIN_DIR}/clusters/${CLUSTER}/helm/$dir
local CHART_PATH="${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" chart_name=$(basename "$chart_path")
local CHART_NAME=$(basename "${CHART_PATH}")
echo "" echo ""
echo ">> Rendering ..." echo ""
echo ">> Chart: ${CHART_NAME}" echo ">> Rendering chart: $chart_name"
echo ">> Path: ${CHART_PATH}" echo ">> Chart path $chart_path"
if [ -f "${CHART_PATH}/Chart.yaml" ]; then if [ -f "$chart_path/Chart.yaml" ]; then
local OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${CHART_NAME}/" OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$chart_name/"
TEMPLATE=""
mkdir -p "${OUTPUT_FOLDER}" mkdir -p ${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$chart_name
cd "${CHART_PATH}"
cd $chart_path
echo "" echo ""
echo ">> Updating helm dependencies ..." echo ">> Updating helm dependency ..."
helm dependency update --skip-refresh > /dev/null helm dependency update --skip-refresh
echo "" echo ""
echo ">> Linting helm chart ..." echo ">> Building helm dependency ..."
helm lint --namespace "${CHART_NAME}" --quiet helm dependency build --skip-refresh
local NAMESPACE="${CHART_NAME}" echo ""
case "${CHART_NAME}" in echo ">> Linting helm ..."
helm lint --namespace "$chart_name"
echo ""
echo ">> Rendering templates ..."
case "$chart_name" in
"stack") "stack")
NAMESPACE="argocd"
echo "" echo ""
echo ">> Special Rendering into 'argocd' namespace ..." echo ">> Special Rendering for stack into argocd namespace ..."
TEMPLATE=$(helm template $chart_name ./ --namespace argocd --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;; ;;
"cilium" | "coredns" | "metrics-server" |"prometheus-operator-crds") "cilium" | "coredns" | "metrics-server" |"prometheus-operator-crds")
NAMESPACE="kube-system"
echo "" echo ""
echo ">> Special Rendering for ${CHART_NAME} into 'kube-system' namespace ..." echo ">> Special Rendering for $chart_name into kube-system namespace ..."
TEMPLATE=$(helm template $chart_name ./ --namespace kube-system --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;; ;;
*) *)
echo "" echo ""
echo ">> Standard Rendering for ${CHART_NAME} ..." echo ">> Standard Rendering for $chart_name ..."
TEMPLATE=$(helm template "$chart_name" ./ --namespace "$chart_name" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;;
esac esac
echo "" echo ""
echo ">> Formating rendered template ..." echo ">> Formating rendered template ..."
local TEMPLATE echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
# Format and split rendered template
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
# Strip comments again to ensure formatting correctness # Strip comments again to ensure formatting correctness
for file in "$OUTPUT_FOLDER"/*; do for file in "$OUTPUT_FOLDER"/*; do
@@ -234,23 +221,15 @@ jobs:
done done
echo "" echo ""
echo ">> Manifests for ${CHART_NAME} rendered to ${OUTPUT_FOLDER}:" echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
ls $OUTPUT_FOLDER ls $OUTPUT_FOLDER
echo "" echo ""
else else
echo "" echo ""
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..." echo ">> Directory $chart_path does not contain a Chart.yaml. Skipping ..."
echo "" echo ""
fi fi
} done
export -f render_chart
export MAIN_DIR CLUSTER MANIFEST_DIR
# Run rendering in parallel
for DIR in ${RENDER_DIR}; do
echo "${DIR}"
done | xargs -n 1 -P 4 -I {} bash -c 'render_chart "$@"' _ {}
echo "----" echo "----"
@@ -258,18 +237,16 @@ jobs:
id: check-changes id: check-changes
if: steps.check-dir-changes.outputs.changes-detected == 'true' if: steps.check-dir-changes.outputs.changes-detected == 'true'
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
GIT_CHANGES=$(git status --porcelain) GIT_CHANGES=$(git status --porcelain)
if [ -n "${GIT_CHANGES}" ]; then if [ -n "$GIT_CHANGES" ]; then
echo ""
echo ">> Changes detected" echo ">> Changes detected"
git status --porcelain git status --porcelain
echo "changes-detected=true" >> $GITEA_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
else else
echo ""
echo ">> No changes detected, skipping PR creation" echo ">> No changes detected, skipping PR creation"
fi fi
@@ -280,23 +257,20 @@ jobs:
id: commit-push id: commit-push
if: steps.check-changes.outputs.changes-detected == 'true' if: steps.check-changes.outputs.changes-detected == 'true'
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
echo ""
echo ">> Commiting changes to ${BRANCH_NAME} ..." echo ">> Commiting changes to ${BRANCH_NAME} ..."
git add . git add .
git commit -m "chore: Update manifests after change" git commit -m "chore: Update manifests after change"
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}" REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
echo "" echo ">> Pushing changes to $REPO_URL ..."
echo ">> Pushing changes to ${REPO_URL} ..." git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@$(echo $REPO_URL | sed -e 's|https://||')" ${BRANCH_NAME}
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@${REPO_URL#*://}" "${BRANCH_NAME}"
echo "----" echo "----"
echo "HEAD_BRANCH=${BRANCH_NAME}" >> "$GITEA_OUTPUT" echo "HEAD_BRANCH=${BRANCH_NAME}" >> $GITEA_OUTPUT
echo "push=true" >> "$GITEA_OUTPUT" echo "push=true" >> $GITEA_OUTPUT
- name: Check for Pull Request - name: Check for Pull Request
id: check-for-pull-requst id: check-for-pull-requst

200
.gitea/workflows/render-manifests-push.yaml
View File

@@ -1,12 +1,11 @@
name: render-manifests-push name: render-manifests-push
on: on:
workflow_dispatch: push:
# push: branches:
# branches: - main
# - main paths:
# paths: - 'clusters/cl01tl/helm/**'
# - 'clusters/cl01tl/helm/**'
env: env:
CLUSTER: cl01tl CLUSTER: cl01tl
@@ -46,38 +45,24 @@ jobs:
method: kubeconfig method: kubeconfig
kubeconfig: ${{ secrets.KUBECONFIG }} kubeconfig: ${{ secrets.KUBECONFIG }}
- name: Cache Helm Dependencies
uses: actions/cache@v5
with:
path: |
~/.cache/helm
~/.config/helm
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
restore-keys: |
helm-cache-${{ runner.os }}-
- name: Prepare Manifest Branch - name: Prepare Manifest Branch
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
echo ""
echo ">> Configure git to use gitea-bot as user ..." echo ">> Configure git to use gitea-bot as user ..."
git config user.name "gitea-bot" git config user.name "gitea-bot"
git config user.email "gitea-bot@alexlebens.net" git config user.email "gitea-bot@alexlebens.net"
echo ">> Checking if PR branch exists ..." echo ">> Checking if PR branch exists ..."
if git ls-remote --exit-code --heads origin "${BRANCH_NAME}" > /dev/null 2>&1; then if [[ $(git ls-remote --heads origin "${BRANCH_NAME}" | wc -l) -gt 0 ]]; then
echo ""
echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..." echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..."
git fetch origin "${BRANCH_NAME}" git fetch origin "${BRANCH_NAME}"
git checkout "${BRANCH_NAME}" git checkout "${BRANCH_NAME}"
git pull --rebase git pull --rebase
else else
echo ""
echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..." echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..."
git checkout -b "${BRANCH_NAME}" git checkout -b $BRANCH_NAME
fi fi
echo "----" echo "----"
@@ -85,31 +70,38 @@ jobs:
- name: Check which Directories have Changes - name: Check which Directories have Changes
id: check-dir-changes id: check-dir-changes
run: | run: |
cd "${MAIN_DIR}" cd ${MAIN_DIR}
RENDER_DIR=()
echo ""
echo ">> Checking for changes ..." echo ">> Checking for changes ..."
GIT_DIFF=$(git diff --name-only ${{ gitea.event.before }}..HEAD | xargs -I {} dirname {} | sort -u | grep -E "clusters/[^/]+/helm/[^/]+")
# Extract the chart names from the git diff if [ -n "${GIT_DIFF}" ]; then
RENDER_DIR=$(git diff --name-only ${{ gitea.event.before }}..HEAD | grep -E "^clusters/${CLUSTER}/helm/" | awk -F '/' '{print $4}' | sort -u || true) echo ">> Changes detected:"
echo "$GIT_DIFF"
for path in $GIT_DIFF; do
RENDER_DIR+=$(echo "$path" | awk -F '/' '{print $4}')
RENDER_DIR+=$(echo " ")
done
else
echo ">> No changes detected"
fi
if [ -n "${RENDER_DIR}" ]; then if [ -n "${RENDER_DIR}" ]; then
echo ""
echo ">> Directories to Render:" echo ">> Directories to Render:"
echo "${RENDER_DIR}" echo "$(echo "${RENDER_DIR}" | sort -u)"
echo "----" echo "----"
echo "changes-detected=true" >> "$GITEA_OUTPUT" echo "changes-detected=true" >> $GITEA_OUTPUT
echo "render-dir<<EOF" >> "$GITEA_OUTPUT" echo "render-dir<<EOF" >> $GITEA_OUTPUT
echo "${RENDER_DIR}" >> "$GITEA_OUTPUT" echo "$(echo "${RENDER_DIR}" | sort -u)" >> $GITEA_OUTPUT
echo "EOF" >> "$GITEA_OUTPUT" echo "EOF" >> $GITEA_OUTPUT
else else
echo "" echo "changes-detected=false" >> $GITEA_OUTPUT
echo ">> No chart changes detected"
echo "changes-detected=false" >> "$GITEA_OUTPUT"
fi fi
- name: Add Repositories - name: Add Repositories
@@ -117,31 +109,25 @@ jobs:
env: env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }} RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: | run: |
cd "${MAIN_DIR}" cd ${MAIN_DIR}
echo ""
echo ">> Adding repositories for chart dependencies ..." echo ">> Adding repositories for chart dependencies ..."
for DIR in ${RENDER_DIR}; do for dir in ${RENDER_DIR}; do
helm dependency list --max-col-width 120 "${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" 2> /dev/null \ helm dependency list --max-col-width 120 ${MAIN_DIR}/clusters/${CLUSTER}/helm/$dir 2> /dev/null \
| tail -n +2 \ | tail +2 | head -n -1 \
| awk 'NF > 0 { print $1, $3 }' \ | awk '{ print "helm repo add " $1 " " $3 }' \
| while read -r REPO_NAME REPO_URL; do | while read cmd; do
if [[ "${REPO_URL}" == oci://* ]]; then if [[ "$cmd" == "*oci://*" ]]; then
echo "" echo ">> Ignoring OCI repo"
echo ">> Ignoring OCI repo: ${REPO_URL}" else
echo "$cmd" | sh;
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
helm repo add "${REPO_NAME}" "${REPO_URL}"
fi fi
done || true done || true
done done
if helm repo list > /dev/null 2>&1; then if helm repo list | tail +2 | read -r; then
echo ""
echo ">> Update repository cache ..." echo ">> Update repository cache ..."
helm repo update helm repo update
fi fi
echo "----" echo "----"
@@ -151,17 +137,15 @@ jobs:
env: env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }} RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
echo ""
echo ">> Remove manfiest files and rebuild from source ..." echo ">> Remove manfiest files and rebuild from source ..."
for DIR in ${RENDER_DIR}; do for dir in ${RENDER_DIR}; do
CHART_PATH=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${DIR} chart_path=${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$dir
echo "" echo "$chart_path"
echo "${CHART_PATH}" rm -rf $chart_path/*
rm -rf ${CHART_PATH}/*
done done
echo "----" echo "----"
@@ -174,57 +158,60 @@ jobs:
run: | run: |
cd ${MAIN_DIR} cd ${MAIN_DIR}
echo ""
echo ">> Rendering Manifests ..." echo ">> Rendering Manifests ..."
render_chart() { for dir in ${RENDER_DIR}; do
local DIR="$1" chart_path=${MAIN_DIR}/clusters/${CLUSTER}/helm/$dir
local CHART_PATH="${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" chart_name=$(basename "$chart_path")
local CHART_NAME=$(basename "${CHART_PATH}")
echo "" echo ""
echo ">> Rendering ..." echo ""
echo ">> Chart: ${CHART_NAME}" echo ">> Rendering chart: $chart_name"
echo ">> Path: ${CHART_PATH}" echo ">> Chart path $chart_path"
if [ -f "${CHART_PATH}/Chart.yaml" ]; then if [ -f "$chart_path/Chart.yaml" ]; then
local OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${CHART_NAME}/" OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$chart_name/"
TEMPLATE=""
mkdir -p "${OUTPUT_FOLDER}" mkdir -p ${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/$chart_name
cd "${CHART_PATH}"
cd $chart_path
echo "" echo ""
echo ">> Updating helm dependencies ..." echo ">> Updating helm dependency ..."
helm dependency update --skip-refresh > /dev/null helm dependency update --skip-refresh
echo "" echo ""
echo ">> Linting helm chart ..." echo ">> Building helm dependency ..."
helm lint --namespace "${CHART_NAME}" --quiet helm dependency build --skip-refresh
local NAMESPACE="${CHART_NAME}" echo ""
case "${CHART_NAME}" in echo ">> Linting helm ..."
helm lint --namespace "$chart_name"
echo ""
echo ">> Rendering templates ..."
case "$chart_name" in
"stack") "stack")
NAMESPACE="argocd"
echo "" echo ""
echo ">> Special Rendering into 'argocd' namespace ..." echo ">> Special Rendering for stack into argocd namespace ..."
TEMPLATE=$(helm template $chart_name ./ --namespace argocd --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;; ;;
"cilium" | "coredns" | "metrics-server" |"prometheus-operator-crds") "cilium" | "coredns" | "metrics-server" |"prometheus-operator-crds")
NAMESPACE="kube-system"
echo "" echo ""
echo ">> Special Rendering for ${CHART_NAME} into 'kube-system' namespace ..." echo ">> Special Rendering for $chart_name into kube-system namespace ..."
TEMPLATE=$(helm template $chart_name ./ --namespace kube-system --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;; ;;
*) *)
echo "" echo ""
echo ">> Standard Rendering for ${CHART_NAME} ..." echo ">> Standard Rendering for $chart_name ..."
TEMPLATE=$(helm template "$chart_name" ./ --namespace "$chart_name" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
;;
esac esac
echo "" echo ""
echo ">> Formating rendered template ..." echo ">> Formating rendered template ..."
local TEMPLATE echo "$TEMPLATE" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"$OUTPUT_FOLDER"'" + .kind + "-" + .metadata.name + ".yaml"'
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
# Format and split rendered template
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
# Strip comments again to ensure formatting correctness # Strip comments again to ensure formatting correctness
for file in "$OUTPUT_FOLDER"/*; do for file in "$OUTPUT_FOLDER"/*; do
@@ -232,23 +219,15 @@ jobs:
done done
echo "" echo ""
echo ">> Manifests for ${CHART_NAME} rendered to ${OUTPUT_FOLDER}:" echo ">> Manifests for $chart_name rendered to $OUTPUT_FOLDER"
ls $OUTPUT_FOLDER ls $OUTPUT_FOLDER
echo "" echo ""
else else
echo "" echo ""
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..." echo ">> Directory $chart_path does not contain a Chart.yaml. Skipping ..."
echo "" echo ""
fi fi
} done
export -f render_chart
export MAIN_DIR CLUSTER MANIFEST_DIR
# Run rendering in parallel
for DIR in ${RENDER_DIR}; do
echo "${DIR}"
done | xargs -n 1 -P 4 -I {} bash -c 'render_chart "$@"' _ {}
echo "----" echo "----"
@@ -256,18 +235,16 @@ jobs:
id: check-changes id: check-changes
if: steps.check-dir-changes.outputs.changes-detected == 'true' if: steps.check-dir-changes.outputs.changes-detected == 'true'
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
GIT_CHANGES=$(git status --porcelain) GIT_CHANGES=$(git status --porcelain)
if [ -n "${GIT_CHANGES}" ]; then if [ -n "$GIT_CHANGES" ]; then
echo ""
echo ">> Changes detected" echo ">> Changes detected"
git status --porcelain git status --porcelain
echo "changes-detected=true" >> $GITEA_OUTPUT echo "changes-detected=true" >> $GITEA_OUTPUT
else else
echo ""
echo ">> No changes detected, skipping PR creation" echo ">> No changes detected, skipping PR creation"
fi fi
@@ -278,23 +255,20 @@ jobs:
id: commit-push id: commit-push
if: steps.check-changes.outputs.changes-detected == 'true' if: steps.check-changes.outputs.changes-detected == 'true'
run: | run: |
cd "${MANIFEST_DIR}" cd ${MANIFEST_DIR}
echo ""
echo ">> Commiting changes to ${BRANCH_NAME} ..." echo ">> Commiting changes to ${BRANCH_NAME} ..."
git add . git add .
git commit -m "chore: Update manifests after change" git commit -m "chore: Update manifests after change"
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}" REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
echo "" echo ">> Pushing changes to $REPO_URL ..."
echo ">> Pushing changes to ${REPO_URL} ..." git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@$(echo $REPO_URL | sed -e 's|https://||')" ${BRANCH_NAME}
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@${REPO_URL#*://}" "${BRANCH_NAME}"
echo "----" echo "----"
echo "HEAD_BRANCH=${BRANCH_NAME}" >> "$GITEA_OUTPUT" echo "HEAD_BRANCH=${BRANCH_NAME}" >> $GITEA_OUTPUT
echo "push=true" >> "$GITEA_OUTPUT" echo "push=true" >> $GITEA_OUTPUT
- name: Check for Pull Request - name: Check for Pull Request
id: check-for-pull-requst id: check-for-pull-requst

636
.gitea/workflows/render-manifests.yaml
View File

@@ -1,636 +0,0 @@
name: render-manifests
on:
schedule:
- cron: '0 15 * * *'
workflow_dispatch:
push:
branches:
- main
paths:
- 'clusters/cl01tl/helm/**'
pull_request:
branches:
- main
paths:
- 'clusters/cl01tl/helm/**'
types:
- closed
env:
CLUSTER: cl01tl
BASE_BRANCH: manifests
BRANCH_NAME_BASE: auto/update-manifests
ASSIGNEE: alexlebens
MAIN_DIR: /workspace/alexlebens/infrastructure/infrastructure
MANIFEST_DIR: /workspace/alexlebens/infrastructure/infrastructure-manifests
jobs:
render-manifests:
runs-on: ubuntu-js
if: >-
github.event_name == 'schedule' ||
github.event_name == 'workflow_dispatch' ||
(github.event_name == 'push' && github.actor != 'renovate-bot') ||
(github.event_name == 'pull_request' && github.event.pull_request.merged == true)
steps:
- name: Checkout Main
uses: actions/checkout@v6
with:
path: infrastructure
fetch-depth: 0
- name: Checkout Manifests
uses: actions/checkout@v6
with:
ref: manifests
path: infrastructure-manifests
- name: Set Up Helm
uses: azure/setup-helm@v4
with:
token: ${{ secrets.GITEA_TOKEN }}
version: v3.17.2 # Pending https://github.com/helm/helm/pull/30743
cache: true
- name: Configure Kubeconfig
uses: azure/k8s-set-context@v4
with:
method: kubeconfig
kubeconfig: ${{ secrets.KUBECONFIG }}
- name: Cache Helm Dependencies
uses: actions/cache@v5
with:
path: |
~/.cache/helm
~/.config/helm
key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }}
restore-keys: |
helm-cache-${{ runner.os }}-
- name: Determine Workflow Mode
id: mode
run: |
IS_AUTOMERGE="false"
RENDER_ALL="false"
DIFF_TARGET=""
if [[ "${{ github.event_name }}" == "schedule" || "${{ github.event_name }}" == "workflow_dispatch" ]]; then
echo ">> Mode: Dispatch/Schedule (Render All)"
RENDER_ALL="true"
elif [[ "${{ github.event_name }}" == "pull_request" ]]; then
if [[ "${{ contains(github.event.pull_request.labels.*.name, 'automerge') }}" == "true" ]]; then
echo ">> Mode: PR Merged (Automerge)"
IS_AUTOMERGE="true"
else
echo ">> Mode: PR Merged (Standard)"
fi
DIFF_TARGET="HEAD^..HEAD"
elif [[ "${{ github.event_name }}" == "push" ]]; then
echo ">> Mode: Push (Standard)"
DIFF_TARGET="${{ github.event.before }}..HEAD"
fi
echo ""
echo "----"
echo "is-automerge=${IS_AUTOMERGE}" >> "$GITHUB_OUTPUT"
echo "render-all=${RENDER_ALL}" >> "$GITHUB_OUTPUT"
echo "diff-target=${DIFF_TARGET}" >> "$GITHUB_OUTPUT"
- name: Prepare Manifest Branch
id: prepare-manifest-branch
env:
IS_AUTOMERGE: ${{ steps.mode.outputs.is-automerge }}
run: |
cd "${MANIFEST_DIR}"
echo ">> Configure git to use gitea-bot as user ..."
git config user.name "gitea-bot"
git config user.email "gitea-bot@alexlebens.net"
if [[ "$IS_AUTOMERGE" == "true" ]]; then
echo ""
echo ">> Creating branch ${BRANCH_NAME} ..."
BRANCH_NAME="${BRANCH_NAME_BASE}-automerge-$(date +%Y%m%d%H%M%S)"
git checkout -b "$BRANCH_NAME"
else
echo ""
echo ">> Checking if PR branch exists ..."
BRANCH_NAME="${BRANCH_NAME_BASE}"
if git ls-remote --exit-code --heads origin "${BRANCH_NAME}" > /dev/null 2>&1; then
echo ""
echo ">> Branch '${BRANCH_NAME}' exists, pulling changes ..."
git fetch origin "${BRANCH_NAME}"
git checkout "${BRANCH_NAME}"
git pull --rebase
else
echo ""
echo ">> Branch '${BRANCH_NAME}' does not exist, creating ..."
git checkout -b "${BRANCH_NAME}"
fi
fi
echo ""
echo "----"
echo "branch-name=${BRANCH_NAME}" >> "$GITHUB_OUTPUT"
- name: Check Which Directories Have Changes
id: check-dir-changes
env:
RENDER_ALL: ${{ steps.mode.outputs.render-all }}
DIFF_TARGET: ${{ steps.mode.outputs.diff-target }}
run: |
cd "${MAIN_DIR}"
if [[ "$RENDER_ALL" == "true" ]]; then
echo ">> Triggered on dispatch, will check all paths ..."
RENDER_DIR=$(find "clusters/${CLUSTER}/helm" -mindepth 1 -maxdepth 1 -type d -exec basename {} \; | sort -u)
else
echo ">> Checking for changes from ${DIFF_TARGET} ..."
RENDER_DIR=$(git diff --name-only "${DIFF_TARGET}" | grep -E "^clusters/${CLUSTER}/helm/" | awk -F '/' '{print $4}' | sort -u || true)
fi
if [ -n "${RENDER_DIR}" ]; then
echo ""
echo ">> Directories to Render:"
echo ""
echo "${RENDER_DIR}"
echo ""
echo "----"
echo "changes-detected=true" >> "$GITHUB_OUTPUT"
echo "render-dir<<EOF" >> "$GITHUB_OUTPUT"
echo "${RENDER_DIR}" >> "$GITHUB_OUTPUT"
echo "EOF" >> "$GITHUB_OUTPUT"
else
echo ""
echo ">> No chart changes detected"
echo ""
echo "----"
echo "changes-detected=false" >> "$GITHUB_OUTPUT"
fi
- name: Add Repositories
if: steps.check-dir-changes.outputs.changes-detected == 'true'
env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: |
cd "${MAIN_DIR}"
echo ">> Adding repositories for chart dependencies ..."
echo ""
for DIR in ${RENDER_DIR}; do
helm dependency list --max-col-width 120 "${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}" 2> /dev/null \
| tail -n +2 \
| awk 'NF > 0 { print $1, $3 }' \
| while read -r REPO_NAME REPO_URL; do
if [[ "${REPO_URL}" == oci://* ]]; then
echo ">> Ignoring OCI repo: ${REPO_URL}"
elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then
helm repo add "${REPO_NAME}" "${REPO_URL}"
fi
done || true
done
if helm repo list > /dev/null 2>&1; then
echo ""
echo ">> Update repository cache ..."
helm repo update
fi
echo ""
echo "----"
- name: Remove Changed Manifest Files
if: steps.check-dir-changes.outputs.changes-detected == 'true'
env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: |
cd "${MANIFEST_DIR}"
echo ">> Remove manifest files and rebuild from source ..."
echo ""
for DIR in ${RENDER_DIR}; do
CHART_PATH="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${DIR}"
echo "${CHART_PATH}"
rm -rf "${CHART_PATH}"/*
done
echo ""
echo "----"
- name: Render Helm Manifests
id: render-manifests
if: steps.check-dir-changes.outputs.changes-detected == 'true'
env:
RENDER_DIR: ${{ steps.check-dir-changes.outputs.render-dir }}
run: |
cd "${MAIN_DIR}"
echo ">> Rendering Manifests ..."
render_chart() {
local DIR="$1"
local CHART_PATH="${MAIN_DIR}/clusters/${CLUSTER}/helm/${DIR}"
local CHART_NAME=$(basename "${CHART_PATH}")
echo ""
echo ">> Rendering chart: ${CHART_NAME}"
if [ -f "${CHART_PATH}/Chart.yaml" ]; then
local OUTPUT_FOLDER="${MANIFEST_DIR}/clusters/${CLUSTER}/manifests/${CHART_NAME}/"
mkdir -p "${OUTPUT_FOLDER}"
cd "${CHART_PATH}"
helm dependency update --skip-refresh > /dev/null
helm lint --namespace "${CHART_NAME}" --quiet
local NAMESPACE="${CHART_NAME}"
case "${CHART_NAME}" in
"stack")
NAMESPACE="argocd"
echo ">> Special Rendering into 'argocd' namespace ..."
;;
"cilium" | "coredns" | "metrics-server" | "prometheus-operator-crds")
NAMESPACE="kube-system"
echo ">> Special Rendering for ${CHART_NAME} into 'kube-system' namespace ..."
;;
*)
echo ">> Standard Rendering ..."
esac
echo ">> Formating rendered template ..."
local TEMPLATE
TEMPLATE=$(helm template "${CHART_NAME}" ./ --namespace "${NAMESPACE}" --include-crds --dry-run=server --api-versions "gateway.networking.k8s.io/v1/HTTPRoute")
# Format and split rendered template
echo "${TEMPLATE}" | yq '... comments=""' | yq 'select(. != null)' | yq -s '"'"${OUTPUT_FOLDER}"'" + .kind + "-" + .metadata.name + ".yaml"'
# Strip comments again to ensure formatting correctness
for file in "$OUTPUT_FOLDER"/*; do
yq -i '... comments=""' $file
done
echo ">> Manifests for ${CHART_NAME} rendered successfully to $OUTPUT_FOLDER:"
echo ""
ls $OUTPUT_FOLDER
echo ""
else
echo ""
echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..."
fi
}
export -f render_chart
export MAIN_DIR CLUSTER MANIFEST_DIR
# Run rendering in parallel
for DIR in ${RENDER_DIR}; do
echo "${DIR}"
done | xargs -P 4 -I {} bash -c 'OUT=$(render_chart "$@" 2>&1); printf "%s\n" "$OUT"' _ {}
echo ""
echo "----"
- name: Check for Changes
id: check-changes
if: steps.check-dir-changes.outputs.changes-detected == 'true'
run: |
cd "${MANIFEST_DIR}"
GIT_CHANGES=$(git status --porcelain)
if [ -n "${GIT_CHANGES}" ]; then
echo ">> Changes detected"
git status --porcelain
CHANGED_CHARTS=$(echo "$GIT_CHANGES" | grep -oE "clusters/${CLUSTER}/manifests/[^/]+" | awk -F '/' '{print $4}' | sort -u | paste -sd ',' -)
echo ""
echo "----"
echo "changes-detected=true" >> "$GITHUB_OUTPUT"
echo "changed-charts-csv=${CHANGED_CHARTS}" >> "$GITHUB_OUTPUT"
else
echo ">> No changes detected, skipping PR creation"
echo ""
echo "----"
fi
- name: Commit and Push Changes
id: commit-push
if: steps.check-changes.outputs.changes-detected == 'true'
env:
BRANCH_NAME: ${{ steps.prepare-manifest-branch.outputs.branch-name }}
IS_AUTOMERGE: ${{ steps.mode.outputs.is-automerge }}
run: |
cd "${MANIFEST_DIR}"
MSG="chore: Update manifests after change"
if [[ "$IS_AUTOMERGE" == "true" ]]; then
MSG="chore: Update manifests after automerge"
fi
echo ">> Commiting changes to ${BRANCH_NAME} ..."
git add .
git commit -m "${MSG}"
REPO_URL="${{ secrets.REPO_URL }}/${{ gitea.repository }}"
echo ""
echo ">> Pushing changes to ${REPO_URL} ..."
git push -u "https://oauth2:${{ secrets.BOT_TOKEN }}@${REPO_URL#*://}" "${BRANCH_NAME}"
echo ""
echo "----"
echo "push=true" >> "$GITHUB_OUTPUT"
echo "head-branch=${BRANCH_NAME}" >> "$GITHUB_OUTPUT"
- name: Check for Pull Request
id: check-for-pull-request
if: steps.commit-push.outputs.push == 'true' && steps.mode.outputs.is-automerge == 'false'
env:
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
GITEA_URL: ${{ secrets.REPO_URL }}
HEAD_BRANCH: ${{ steps.commit-push.outputs.head-branch }}
run: |
cd "${MANIFEST_DIR}"
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls?base_branch=${BASE_BRANCH}&state=open&page=1"
echo ">> Checking if PR from branch ${HEAD_BRANCH} into ${BASE_BRANCH}"
echo ">> With Endpoint of:"
echo "$API_ENDPOINT"
HTTP_STATUS=$(curl -X GET -s -w '%{http_code}' -o response_body.json -H "Authorization: token ${GITEA_TOKEN}" -H "Content-Type: application/json" "$API_ENDPOINT")
if [ "$HTTP_STATUS" == "200" ] && [ "$(cat response_body.json | jq -r .[0].state)" == "open" ]; then
echo ""
echo ">> Pull Request has been found open, will update"
echo ""
echo "----"
echo "pull-request-exists=$(cat response_body.json | jq -r .[0].number)" >> "$GITHUB_OUTPUT"
echo "pull-request-url=$(cat response_body.json | jq -r .[0].html_url)" >> "$GITHUB_OUTPUT"
else
echo ""
echo ">> Pull Request not found"
echo ""
echo "----"
echo "pull-request-exists=false" >> "$GITHUB_OUTPUT"
fi
- name: Create Pull Request
id: create-pull-request
if: steps.commit-push.outputs.push == 'true' && (steps.mode.outputs.is-automerge == 'true' || steps.check-for-pull-request.outputs.pull-request-exists == 'false')
env:
IS_AUTOMERGE: ${{ steps.mode.outputs.is-automerge }}
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
GITEA_URL: ${{ secrets.REPO_URL }}
HEAD_BRANCH: ${{ steps.commit-push.outputs.head-branch }}
CHARTS: ${{ steps.check-changes.outputs.changed-charts-csv }}
EVENT_NAME: ${{ github.event_name }}
ACTOR: ${{ github.actor }}
SHA: ${{ github.sha }}
REF: ${{ github.ref_name }}
run: |
cd "${MANIFEST_DIR}"
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls"
BODY=$(printf "This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow.\n\n### Details\n- **Trigger**: \`%s\` by \`@%s\`\n- **Commit**: \`%s\` (on \`%s\`)\n- **Charts Updated**: \`%s\`" "${EVENT_NAME}" "${ACTOR}" "${SHA:0:7}" "${REF}" "${CHARTS}")
if [[ "$IS_AUTOMERGE" == "true" ]]; then
TITLE="Automated Manifest Update - Automerge"
BODY=$(printf "%s\n\n_This PR is expected to be automerged._" "${BODY}")
else
TITLE="Automated Manifest Update"
fi
PAYLOAD=$(jq -n --arg head "${HEAD_BRANCH}" --arg base "${BASE_BRANCH}" --arg assignee "${ASSIGNEE}" --arg title "${TITLE}" --arg body "${BODY}" '{head: $head, base: $base, assignee: $assignee, title: $title, body: $body}')
HTTP_STATUS=$(curl -X POST -s -w '%{http_code}' -o response_body.json --data "$PAYLOAD" -H "Authorization: token ${GITEA_TOKEN}" -H "Content-Type: application/json" "$API_ENDPOINT")
if [ "$HTTP_STATUS" == "201" ]; then
echo ">> Pull Request created successfully!"
echo ""
echo "----"
echo "pull-request-url=$(jq -r .html_url response_body.json)" >> "$GITHUB_OUTPUT"
echo "pull-request-id=$(jq -r .id response_body.json)" >> "$GITHUB_OUTPUT"
echo "pull-request-number=$(jq -r .number response_body.json)" >> "$GITHUB_OUTPUT"
echo "pull-request-operation=created" >> "$GITHUB_OUTPUT"
elif [[ "$HTTP_STATUS" == "422" || "$HTTP_STATUS" == "409" ]]; then
echo ""
echo ">> Failed to create PR (Already exists)"
echo ""
echo "----"
else
echo ""
echo ">> Failed to create PR, HTTP status code: $HTTP_STATUS"
echo ""
echo "----"
exit 1
fi
- name: Update Pull Request
id: update-pull-request
if: steps.commit-push.outputs.push == 'true' && steps.check-for-pull-request.outputs.pull-request-exists != 'false' && steps.mode.outputs.is-automerge == 'false'
env:
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
GITEA_URL: ${{ secrets.REPO_URL }}
PR_NUMBER: ${{ steps.check-for-pull-request.outputs.pull-request-exists }}
CHARTS: ${{ steps.check-changes.outputs.changed-charts-csv }}
EVENT_NAME: ${{ github.event_name }}
ACTOR: ${{ github.actor }}
SHA: ${{ github.sha }}
REF: ${{ github.ref_name }}
run: |
cd "${MANIFEST_DIR}"
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls/${PR_NUMBER}"
EXISTING_BODY=$(jq -r '.[0].body' response_body.json)
NEW_DETAILS=$(printf "### Update Details (%s)\n- **Trigger**: \`%s\` by \`@%s\`\n- **Commit**: \`%s\` (on \`%s\`)\n- **Charts Updated**: \`%s\`" "$(date -u +'%Y-%m-%d %H:%M UTC')" "${EVENT_NAME}" "${ACTOR}" "${SHA:0:7}" "${REF}" "${CHARTS}")
UPDATED_BODY=$(printf "%s\n\n%s" "${EXISTING_BODY}" "${NEW_DETAILS}")
PAYLOAD=$(jq -n --arg body "${UPDATED_BODY}" '{body: $body}')
HTTP_STATUS=$(curl -X PATCH -s -w '%{http_code}' -o update_response.json --data "$PAYLOAD" -H "Authorization: token ${GITEA_TOKEN}" -H "Content-Type: application/json" "$API_ENDPOINT")
if [ "$HTTP_STATUS" == "201" ] || [ "$HTTP_STATUS" == "200" ]; then
echo ">> Pull Request updated successfully!"
echo ""
echo "----"
echo "pull-request-operation=updated" >> "$GITHUB_OUTPUT"
else
echo ">> Failed to update PR, HTTP status code: $HTTP_STATUS"; exit 1
echo ""
echo "----"
fi
- name: Merge Changes
id: merge-changes
if: steps.commit-push.outputs.push == 'true' && steps.mode.outputs.is-automerge == 'true'
env:
GITEA_TOKEN: ${{ secrets.BOT_TOKEN }}
GITEA_URL: ${{ secrets.REPO_URL }}
PR_NUMBER: ${{ steps.create-pull-request.outputs.pull-request-number }}
run: |
cd "${MANIFEST_DIR}"
API_ENDPOINT="${GITEA_URL}/api/v1/repos/${{ gitea.repository }}/pulls/${PR_NUMBER}/merge"
PAYLOAD=$(jq -n --arg Do "merge" '{Do: $Do}')
HTTP_STATUS=$(curl -X POST -s -w '%{http_code}' -o response_body.json --data "$PAYLOAD" -H "Authorization: token ${GITEA_TOKEN}" -H "Content-Type: application/json" "$API_ENDPOINT")
if [ "$HTTP_STATUS" == "200" ]; then
echo ">> Pull Request merged successfully!"
echo ""
echo "----"
echo "pull-request-operation=merged" >> "$GITHUB_OUTPUT"
else
echo ">> Failed to merge PR, HTTP status code: $HTTP_STATUS"; exit 1
echo ""
echo "----"
fi
- name: Cleanup Branch
if: failure() && steps.mode.outputs.is-automerge == 'true'
env:
BRANCH_NAME: ${{ steps.prepare-manifest-branch.outputs.branch-name }}
run: |
cd "${MANIFEST_DIR}"
echo ">> Removing branch: ${BRANCH_NAME}"
git push origin --delete "${BRANCH_NAME}" || true
echo ""
echo "----"
- name: ntfy Created
uses: niniyas/ntfy-action@master
if: steps.create-pull-request.outputs.pull-request-operation == 'created' && steps.mode.outputs.is-automerge == 'false'
with:
url: "${{ secrets.NTFY_URL }}"
topic: "${{ secrets.NTFY_TOPIC }}"
title: "Manifest Render - Open PR"
priority: 3
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,successfully,completed
details: "Created renderd manifests for cluster '${CLUSTER}' with charts: ${{ steps.check-changes.outputs.changed-charts-csv }}"
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
actions: '[{"action": "view", "label": "View PR", "url": "${{ steps.create-pull-request.outputs.pull-request-url }}", "clear": true}]'
- name: ntfy Updated
uses: niniyas/ntfy-action@master
if: steps.commit-push.outputs.push == 'true' && steps.check-for-pull-request.outputs.pull-request-exists != 'false' && steps.mode.outputs.is-automerge == 'false'
with:
url: "${{ secrets.NTFY_URL }}"
topic: "${{ secrets.NTFY_TOPIC }}"
title: "Manifest Render - PR Updated"
priority: 3
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,successfully,completed
details: "Updated rendered manifests PR for cluster '${CLUSTER}' with charts: ${{ steps.check-changes.outputs.changed-charts-csv }}"
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
actions: '[{"action": "view", "label": "View PR", "url": "${{ steps.check-for-pull-request.outputs.pull-request-url }}", "clear": true}]'
- name: ntfy Merged
uses: niniyas/ntfy-action@master
if: steps.merge-changes.outputs.pull-request-operation == 'merged'
with:
url: "${{ secrets.NTFY_URL }}"
topic: "${{ secrets.NTFY_TOPIC }}"
title: "Manifest Render - Automerged"
priority: 3
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,successfully,completed
details: "Automerged manifest rendering for cluster '${CLUSTER}' with charts: ${{ steps.check-changes.outputs.changed-charts-csv }}"
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
actions: '[{"action": "view", "label": "View PR", "url": "${{ steps.create-pull-request.outputs.pull-request-url }}", "clear": true}]'
- name: ntfy Failed
uses: niniyas/ntfy-action@master
if: failure()
with:
url: "${{ secrets.NTFY_URL }}"
topic: "${{ secrets.NTFY_TOPIC }}"
title: "Manifest Render Failure"
priority: 4
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
tags: action,failed
details: "Manifest rendering for Infrastructure has failed!"
icon: "https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png"
actions: '[{"action": "view", "label": "View Logs", "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "clear": true}]'

8
clusters/cl01tl/helm/argo-workflows/Chart.lock
View File

@@ -1,12 +1,12 @@
dependencies: dependencies:
- name: argo-workflows - name: argo-workflows
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
version: 1.0.2 version: 0.47.5
- name: argo-events - name: argo-events
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
version: 2.4.20 version: 2.4.20
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
digest: sha256:8d1c2dd011a360d930ed5ff186462f163407077d36ae633898ec5d6ba30a4e8d digest: sha256:5b7f498040dd93f99a00c708c80fcefdb64dcdf473cfd3edcf8a94255b80b3b4
generated: "2026-03-15T20:04:18.080966008Z" generated: "2026-03-12T13:02:52.109982708Z"

4
clusters/cl01tl/helm/argo-workflows/Chart.yaml
View File

@@ -18,14 +18,14 @@ maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
- name: argo-workflows - name: argo-workflows
version: 1.0.2 version: 0.47.5
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
- name: argo-events - name: argo-events
version: 2.4.20 version: 2.4.20
repository: https://argoproj.github.io/argo-helm repository: https://argoproj.github.io/argo-helm
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/argo-cd.png
# renovate: datasource=github-releases depName=argoproj/argo-workflows # renovate: datasource=github-releases depName=argoproj/argo-workflows

10
clusters/cl01tl/helm/argo-workflows/values.yaml
View File

@@ -1,14 +1,4 @@
argo-workflows: argo-workflows:
crds:
install: true
keep: true
# -- Use full CRDs with complete OpenAPI schemas. When false, uses minified CRDs with x-kubernetes-preserve-unknown-fields.
# Full CRDs are very large and are installed via a pre-install/pre-upgrade hook Job that uses server-side apply.
full: true
upgradeJob:
image:
repository: registry.k8s.io/kubectl
tag: v1.35.2
controller: controller:
metricsConfig: metricsConfig:
enabled: true enabled: true

6
clusters/cl01tl/helm/authentik/Chart.lock
View File

@@ -7,9 +7,9 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
digest: sha256:8c353c5dad4c3d04d518c1445497f0d1cb64261a4201ae17a2c0874454b807a7 digest: sha256:abb34b7bb54393236e695453aa1940497cb4def3d3a56a45ca004a22f8e05648
generated: "2026-03-15T20:04:35.99407071Z" generated: "2026-03-11T22:55:49.936164674Z"

2
clusters/cl01tl/helm/authentik/Chart.yaml
View File

@@ -28,7 +28,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey

2
clusters/cl01tl/helm/bazarr/Chart.yaml
View File

@@ -6,7 +6,7 @@ keywords:
- bazarr - bazarr
- servarr - servarr
- subtitles - subtitles
home: https://wiki.alexlebens.dev/s/ home: https://wiki.alexlebens.dev/s/92784d53-1d43-42fd-b509-f42c73454226
sources: sources:
- https://github.com/morpheus65535/bazarr - https://github.com/morpheus65535/bazarr
- https://github.com/linuxserver/docker-bazarr - https://github.com/linuxserver/docker-bazarr

6
clusters/cl01tl/helm/booklore/Chart.lock
View File

@@ -4,12 +4,12 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: mariadb-cluster - name: mariadb-cluster
repository: https://helm.mariadb.com/mariadb-operator repository: https://helm.mariadb.com/mariadb-operator
version: 26.3.0 version: 25.10.4
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:e65fa008c652092da5431e9780eb2a87c944298a12e58e432efad61c9e826da5 digest: sha256:d4c7bf75f72f7eab4ad968bf9f55daac9392c9b2df08f8a27c5dc4f8fffb5f57
generated: "2026-03-14T23:57:22.721295098Z" generated: "2026-03-06T01:06:05.696573273Z"

4
clusters/cl01tl/helm/booklore/Chart.yaml
View File

@@ -18,7 +18,7 @@ dependencies:
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
version: 4.6.2 version: 4.6.2
- name: mariadb-cluster - name: mariadb-cluster
version: 26.3.0 version: 25.10.4
repository: https://helm.mariadb.com/mariadb-operator repository: https://helm.mariadb.com/mariadb-operator
- name: volsync-target - name: volsync-target
alias: volsync-target-config alias: volsync-target-config
@@ -30,4 +30,4 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/booklore.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/booklore.png
# renovate: datasource=github-releases depName=booklore-app/BookLore # renovate: datasource=github-releases depName=booklore-app/BookLore
appVersion: v2.2.1 appVersion: v2.2.0

2
clusters/cl01tl/helm/booklore/values.yaml
View File

@@ -9,7 +9,7 @@ booklore:
main: main:
image: image:
repository: ghcr.io/booklore-app/booklore repository: ghcr.io/booklore-app/booklore
tag: v2.2.1 tag: v2.2.0
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: TZ - name: TZ

2
clusters/cl01tl/helm/coredns/Chart.yaml
View File

@@ -7,7 +7,7 @@ keywords:
- dns - dns
- network - network
- kubernetes - kubernetes
home: https://wiki.alexlebens.dev/s/ home: https://wiki.alexlebens.dev/s/43947ec6-a034-449f-8c76-982ac493b072
sources: sources:
- https://github.com/coredns/coredns - https://github.com/coredns/coredns
- https://github.com/coredns/helm - https://github.com/coredns/helm

2
clusters/cl01tl/helm/coredns/values.yaml
View File

@@ -1,7 +1,7 @@
coredns: coredns:
image: image:
repository: registry.k8s.io/coredns/coredns repository: registry.k8s.io/coredns/coredns
tag: v1.14.2 tag: v1.14.1
replicaCount: 3 replicaCount: 3
resources: resources:
requests: requests:

6
clusters/cl01tl/helm/dawarich/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
digest: sha256:7584c2a1613454bbd83b66df46170fd0157df5186842844d483e2dd131398574 digest: sha256:9524709cf393c01f28b0d073ef6870a2f1afd46f3bc5f564e73c55450aba8dd0
generated: "2026-03-15T20:04:49.68456485Z" generated: "2026-03-11T22:56:11.749729235Z"

2
clusters/cl01tl/helm/dawarich/Chart.yaml
View File

@@ -18,7 +18,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey

6
clusters/cl01tl/helm/directus/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
digest: sha256:dfcb5d35e03ecdc4206227d206d36509319f0dcdaed54363840d71337debb3f7 digest: sha256:0b50b4938669a7210930d6ee86a9602611b54cd13774f3386dbad04b4771e7f4
generated: "2026-03-15T20:05:03.156596646Z" generated: "2026-03-11T22:56:26.818980186Z"

2
clusters/cl01tl/helm/directus/Chart.yaml
View File

@@ -23,7 +23,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey

6
clusters/cl01tl/helm/freshrss/Chart.lock
View File

@@ -7,9 +7,9 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:a7bdbecd50433fedd65d3043102fe3c9e366dc98953c37eb0cfe762bce833e8e digest: sha256:a3703e245881145524304af8a03c89d309c602479be3f7f8953c2fba120bf341
generated: "2026-03-15T20:05:14.085780861Z" generated: "2026-03-11T22:56:41.856429843Z"

2
clusters/cl01tl/helm/freshrss/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-data alias: volsync-target-data

6
clusters/cl01tl/helm/gatus/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 1.5.0 version: 1.5.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:83ec84774e0cc708f1cb5d83d657180159bfb75c9928784ebf0280e224b1cbca digest: sha256:2fe7c088e99a11e0c6dd09fe48bb1e292eb58e22d9f8ff681bb6c6790945d54e
generated: "2026-03-15T20:05:27.625292422Z" generated: "2026-03-11T22:56:56.957400817Z"

2
clusters/cl01tl/helm/gatus/Chart.yaml
View File

@@ -22,7 +22,7 @@ dependencies:
version: 1.5.0 version: 1.5.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-data alias: volsync-target-data

6
clusters/cl01tl/helm/generic-device-plugin/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies: dependencies:
- name: generic-device-plugin - name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.22 version: 0.20.21
digest: sha256:14e5aa3f02ce6a1271dadc3f76997c739fc9434e669b05655c079d0b873c56ca digest: sha256:4f1359a01b8b85722ab1805426a86f3ea64d0134513ce14fe9c55f3f918a21fb
generated: "2026-03-15T20:35:40.676997293Z" generated: "2026-03-09T23:02:42.799515974Z"

2
clusters/cl01tl/helm/generic-device-plugin/Chart.yaml
View File

@@ -15,6 +15,6 @@ maintainers:
dependencies: dependencies:
- name: generic-device-plugin - name: generic-device-plugin
repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm repository: https://gitea.alexlebens.dev/api/packages/alexlebens/helm
version: 0.20.22 version: 0.20.21
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/kubernetes.png
appVersion: 1.0.0 appVersion: 1.0.0

6
clusters/cl01tl/helm/gitea/Chart.lock
View File

@@ -13,7 +13,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
@@ -23,5 +23,5 @@ dependencies:
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:095caf06888cd4663eb5d389399ebad167861007b604016fc4907308474558ab digest: sha256:8f243465537fe443e97a8813e23e95d3608a6a2898b93209d03cf43f4ca8cc5d
generated: "2026-03-15T20:05:41.388335307Z" generated: "2026-03-11T22:57:17.026946319Z"

2
clusters/cl01tl/helm/gitea/Chart.yaml
View File

@@ -40,7 +40,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey-gitea alias: valkey-gitea

1
clusters/cl01tl/helm/gitea/values.yaml
View File

@@ -57,7 +57,6 @@ gitea:
ROOT_URL: https://gitea.alexlebens.dev ROOT_URL: https://gitea.alexlebens.dev
LOCAL_ROOT_URL: http://gitea-http.gitea.svc.cluster.local:3000 LOCAL_ROOT_URL: http://gitea-http.gitea.svc.cluster.local:3000
START_SSH_SERVER: true START_SSH_SERVER: true
HTTP_PORT: 3000
SSH_DOMAIN: gitea.alexlebens.net SSH_DOMAIN: gitea.alexlebens.net
SSH_PORT: 22 SSH_PORT: 22
SSH_LISTEN_PORT: 22 SSH_LISTEN_PORT: 22

6
clusters/cl01tl/helm/grafana-operator/Chart.lock
View File

@@ -4,12 +4,12 @@ dependencies:
version: 5.22.1 version: 5.22.1
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
digest: sha256:9cbba52d093e40b20917af87263e1fb0e478912440f660543f3527e70452edc7 digest: sha256:932d9b24ad52ab2a28311f522714ecbad2bedea512ce48d26fcb95cc74b51af9
generated: "2026-03-15T20:05:59.855514102Z" generated: "2026-03-14T19:50:53.708173087Z"

2
clusters/cl01tl/helm/grafana-operator/Chart.yaml
View File

@@ -21,7 +21,7 @@ dependencies:
repository: https://grafana.github.io/helm-charts repository: https://grafana.github.io/helm-charts
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey-unified-alerting alias: valkey-unified-alerting

6
clusters/cl01tl/helm/harbor/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 1.18.2 version: 1.18.2
- name: postgres-cluster - name: postgres-cluster
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
digest: sha256:14c2b7d09631dbb573e9c9d4613ebe52e330146662da0da15f74c31ec519ed15 digest: sha256:898f51eabee5959b9e7ebe90640cb915cb2dee446e6a6649a29499fecab8b6c7
generated: "2026-03-15T20:06:13.615175051Z" generated: "2026-03-11T22:58:00.955579445Z"

2
clusters/cl01tl/helm/harbor/Chart.yaml
View File

@@ -21,7 +21,7 @@ dependencies:
repository: https://helm.goharbor.io repository: https://helm.goharbor.io
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm repository: https://gitea.alexlebens.net/api/packages/alexlebens/helm
- name: valkey - name: valkey
alias: valkey alias: valkey

6
clusters/cl01tl/helm/immich/Chart.lock
View File

@@ -4,12 +4,12 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:b79ea8c506f0172deed820247a33c79329f34426435c8b5eb27b206ac8831b13 digest: sha256:b886b0a1555ea75fbff52a58ccbf1659acbda20e933107bcbab9b00192aa25bd
generated: "2026-03-15T20:06:27.091094433Z" generated: "2026-03-11T22:58:20.294240859Z"

2
clusters/cl01tl/helm/immich/Chart.yaml
View File

@@ -20,7 +20,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey

6
clusters/cl01tl/helm/jellystat/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:f779185ce82045b47fc75bf95c4a8215acbd387f44a4bdb764486406d9b03748 digest: sha256:29b92b08c230d5f3abc13949b299acccd1e9f8ff7df1f691a5dec41df5405595
generated: "2026-03-15T20:06:38.720993367Z" generated: "2026-03-11T22:58:35.766813121Z"

2
clusters/cl01tl/helm/jellystat/Chart.yaml
View File

@@ -21,7 +21,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-data alias: volsync-target-data

6
clusters/cl01tl/helm/komodo/Chart.lock
View File

@@ -4,6 +4,6 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
digest: sha256:a6f33512d929c5a1b70bde6c3294902f5d707855aabbaa815f32e23aa54b266f digest: sha256:833a88f82c14f78d63abea99244f2473bee2f5124a533a898a34844956f62b27
generated: "2026-03-15T20:06:49.233053802Z" generated: "2026-03-11T22:58:51.287064579Z"

2
clusters/cl01tl/helm/komodo/Chart.yaml
View File

@@ -23,7 +23,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgresql-17-fdb-cluster alias: postgresql-17-fdb-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/komodo.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/komodo.png
# renovate: datasource=github-releases depName=moghtech/komodo # renovate: datasource=github-releases depName=moghtech/komodo

6
clusters/cl01tl/helm/lidarr/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:0f1a2923a7042b364a817edc64729d5e1c18b0552555c035d974de626f372692 digest: sha256:d43b95fa1fc70c93541b9d73180406b31059c6cc45aa57a0cc8d9386c64833c3
generated: "2026-03-15T20:07:00.750754951Z" generated: "2026-03-11T22:59:07.151659257Z"

2
clusters/cl01tl/helm/lidarr/Chart.yaml
View File

@@ -24,7 +24,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-config alias: volsync-target-config

2
clusters/cl01tl/helm/mariadb-operator/Chart.yaml
View File

@@ -22,4 +22,4 @@ dependencies:
repository: https://helm.mariadb.com/mariadb-operator repository: https://helm.mariadb.com/mariadb-operator
icon: https://mariadb-operator.github.io/mariadb-operator/assets/mariadb_profile.svg icon: https://mariadb-operator.github.io/mariadb-operator/assets/mariadb_profile.svg
# renovate: datasource=github-releases depName=mariadb-operator/mariadb-operator # renovate: datasource=github-releases depName=mariadb-operator/mariadb-operator
appVersion: 26.3.0 appVersion: 25.10.4

6
clusters/cl01tl/helm/matrix-synapse/Chart.lock
View File

@@ -19,7 +19,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
@@ -38,5 +38,5 @@ dependencies:
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:1578e2c48447f217e72bffb3afcb6f1f15c427a4acce5dbca830cdd7045b1348 digest: sha256:fb87880d3de281064519117d8046d7de14f41450ec8ff8c3c603f0179004768e
generated: "2026-03-15T20:07:12.751000922Z" generated: "2026-03-12T11:03:45.232564538Z"

2
clusters/cl01tl/helm/matrix-synapse/Chart.yaml
View File

@@ -53,7 +53,7 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey-matrix-synapse alias: valkey-matrix-synapse

6
clusters/cl01tl/helm/ollama/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:d0f47712bf5d2bab8136c43f1d5bac41860f067b53c741282a4647ce93a7cd93 digest: sha256:a3201fc53ddfbaeb5a81d08e9d20135fb59174879e20f0b4986b1b8540011e03
generated: "2026-03-15T20:07:27.179378683Z" generated: "2026-03-11T22:59:44.389634096Z"

2
clusters/cl01tl/helm/ollama/Chart.yaml
View File

@@ -23,7 +23,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-data alias: volsync-target-data

6
clusters/cl01tl/helm/outline/Chart.lock
View File

@@ -7,12 +7,12 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:02780454fad48c10e95851e73e45e8a98091596d9dce8ada9e361e7212e581df digest: sha256:1f2e4e46e3ae2985ff3e7708c7d75a36f506f0402e02921d95f797ea0403db93
generated: "2026-03-15T20:07:38.818063491Z" generated: "2026-03-11T23:00:00.871137498Z"

4
clusters/cl01tl/helm/outline/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey
@@ -39,4 +39,4 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/outline.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/outline.png
# renovate: datasource=github-releases depName=outline/outline # renovate: datasource=github-releases depName=outline/outline
appVersion: 1.6.0 appVersion: 1.5.0

2
clusters/cl01tl/helm/outline/values.yaml
View File

@@ -12,7 +12,7 @@ outline:
main: main:
image: image:
repository: outlinewiki/outline repository: outlinewiki/outline
tag: 1.6.0 tag: 1.5.0
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: NODE_ENV - name: NODE_ENV

6
clusters/cl01tl/helm/photoview/Chart.lock
View File

@@ -4,6 +4,6 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
digest: sha256:fe266f506edd672979091e0ad12379d6ad7dddd2c982e196e602dcda268d6f76 digest: sha256:e9b0673f31b8309beb326635e784964c41bafc10f3bde7eb17ea316d83076854
generated: "2026-03-15T20:07:52.831926834Z" generated: "2026-03-11T23:00:19.541959816Z"

2
clusters/cl01tl/helm/photoview/Chart.yaml
View File

@@ -20,7 +20,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/photoview.png icon: https://cdn.jsdelivr.net/gh/selfhst/icons/png/photoview.png
# renovate: datasource=github-releases depName=photoview/photoview # renovate: datasource=github-releases depName=photoview/photoview

6
clusters/cl01tl/helm/postiz/Chart.lock
View File

@@ -7,7 +7,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
@@ -17,5 +17,5 @@ dependencies:
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:de3fb540df1cf7385a19316741854d01e002740c0bf346f3da0ff3a809b1fc3d digest: sha256:cf9b71f29450c69550b0f59d792193788f9dd7ffa2c623db27eb423c0f6e3109
generated: "2026-03-15T20:08:06.855136249Z" generated: "2026-03-11T23:00:37.739141183Z"

2
clusters/cl01tl/helm/postiz/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey

2
clusters/cl01tl/helm/qbittorrent/values.yaml
View File

@@ -28,7 +28,7 @@ qbittorrent:
qbittorrent: qbittorrent:
image: image:
repository: ghcr.io/linuxserver/qbittorrent repository: ghcr.io/linuxserver/qbittorrent
tag: 5.1.4@sha256:855e5f4805ac218f406a5ae989a62a77e03f7e5f70128335b7970550a58c96e1 tag: 5.1.4@sha256:6a7ffbfff04dd109bff37c474bfee00aa08dea5edb78c670439be3ed242b70fa
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: TZ - name: TZ

6
clusters/cl01tl/helm/radarr-4k/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:d76563fe1a7a9f8ceaf6937831bd0c5511eb7369abb8eb54110dfb69e6dce224 digest: sha256:7e873c90668a70b423efb04d4f2683d25022e8982248ba32a8e5820e323f9b7d
generated: "2026-03-15T20:08:21.236792423Z" generated: "2026-03-11T23:00:55.780623797Z"

2
clusters/cl01tl/helm/radarr-4k/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-config alias: volsync-target-config

6
clusters/cl01tl/helm/radarr-anime/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:21bde3a8778fb94e40f2177383ca418123e69f3f3f463b31d35e9f9bf83dfa9d digest: sha256:0a7ae6aa3062beedc4b4bcba61edb9f70d441dab0146e5b9559583fa12a319a8
generated: "2026-03-15T20:08:35.497440433Z" generated: "2026-03-11T23:01:12.399079707Z"

2
clusters/cl01tl/helm/radarr-anime/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-config alias: volsync-target-config

6
clusters/cl01tl/helm/radarr-standup/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:ebd25d2a12ca1924b66c62d6dd2c69476ae4526825020796198b65c2ebd2c6eb digest: sha256:600685215060deb3d8bb6530fa0df437c0ed3d9d6bad2792cedcce959207c7e6
generated: "2026-03-15T20:08:49.811429784Z" generated: "2026-03-11T23:01:28.449666027Z"

2
clusters/cl01tl/helm/radarr-standup/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-config alias: volsync-target-config

6
clusters/cl01tl/helm/radarr/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:05ce0d746d9c42a00338df5e6673fde8baeefa6f598ef8c85a32e6bc393b94ca digest: sha256:fdad6659ae4ef46c46d62b4213d7fcf85dbb478809e094bbe7de4a86a98589f2
generated: "2026-03-15T20:09:03.538226001Z" generated: "2026-03-11T23:01:46.420629722Z"

2
clusters/cl01tl/helm/radarr/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-config alias: volsync-target-config

6
clusters/cl01tl/helm/roundcube/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:755aa4db5c7142d46af4a80c9fce49c3c558cc81042c9a00a0bdcd607276e856 digest: sha256:5cfad7a46f5671378adac77c3e39df224430a7481aeb16f7d3713f134e5d1dab
generated: "2026-03-15T20:09:18.053504671Z" generated: "2026-03-11T23:02:03.844844518Z"

2
clusters/cl01tl/helm/roundcube/Chart.yaml
View File

@@ -21,7 +21,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-data alias: volsync-target-data

6
clusters/cl01tl/helm/rybbit/Chart.lock
View File

@@ -7,9 +7,9 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:9342eb966ec3e8020aa6b1d6d2ac72d2c4a46c4ed70c5cf52c16ff25d2f2b0fa digest: sha256:4cc27a45f60df729db0cff4780bfb49655db739fdd35f6a46eb3a0489efdc88f
generated: "2026-03-15T20:09:33.800790437Z" generated: "2026-03-11T23:02:21.670318334Z"

2
clusters/cl01tl/helm/rybbit/Chart.yaml
View File

@@ -23,7 +23,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-clickhouse-data alias: volsync-target-clickhouse-data

6
clusters/cl01tl/helm/sonarr-4k/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:27cc019786592c0e7fce9509543792c9f281a4e676c463ce5d6ba2a6df05e3b2 digest: sha256:487799d20d30d26443b4b7ffdd31dcba61e27e01067a6a0d7f3f265097a9d9af
generated: "2026-03-15T20:09:49.767646568Z" generated: "2026-03-11T23:02:43.378419214Z"

2
clusters/cl01tl/helm/sonarr-4k/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-config alias: volsync-target-config

6
clusters/cl01tl/helm/sonarr-anime/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:0f8016577e9fedaf8e5bd36688da2bf19b51185bc8100b817b64ce48ec87433b digest: sha256:b2899ddbca96333330da52c7819c54d010691894d085b9f21a8ebd8d679a9823
generated: "2026-03-15T20:10:04.000906771Z" generated: "2026-03-11T23:03:04.501966653Z"

2
clusters/cl01tl/helm/sonarr-anime/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-config alias: volsync-target-config

6
clusters/cl01tl/helm/sonarr/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:a20b4dd7e2f0c8777ed2be1bd2c702bc4d7cfeb51e4a29d781c041c555821aa1 digest: sha256:828d3934111d24f54e39bb433da9d8a3aeeec21dcd8228737a6e496852fb6b5f
generated: "2026-03-15T20:10:17.242764683Z" generated: "2026-03-11T23:03:21.968129945Z"

2
clusters/cl01tl/helm/sonarr/Chart.yaml
View File

@@ -26,7 +26,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-config alias: volsync-target-config

6
clusters/cl01tl/helm/stalwart/Chart.lock
View File

@@ -4,12 +4,12 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:6ffe4bd6af377f2ba5134389027e86085928d5e1108bb5ecf0d4b1e4cc908b67 digest: sha256:aef9a2c62df9bf44adf02d84b032ccd198c34cee56ff8d86d7200e9f5b21a5c1
generated: "2026-03-15T20:10:31.966910173Z" generated: "2026-03-11T23:03:39.658857007Z"

2
clusters/cl01tl/helm/stalwart/Chart.yaml
View File

@@ -23,7 +23,7 @@ dependencies:
repository: https://bjw-s-labs.github.io/helm-charts/ repository: https://bjw-s-labs.github.io/helm-charts/
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey

3
clusters/cl01tl/helm/tailscale-operator/templates/dns-config.yaml
View File

@@ -11,5 +11,4 @@ spec:
nameserver: nameserver:
image: image:
repo: tailscale/k8s-nameserver repo: tailscale/k8s-nameserver
# renovate: datasource=docker depName=tailscale/k8s-nameserver tag: unstable-v1.93.44
tag: v1.94.2

2
clusters/cl01tl/helm/tdarr/values.yaml
View File

@@ -48,7 +48,7 @@ tdarr:
main: main:
image: image:
repository: ghcr.io/haveagitgat/tdarr_node repository: ghcr.io/haveagitgat/tdarr_node
tag: 2.63.01 tag: 2.62.01
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
- name: TZ - name: TZ

6
clusters/cl01tl/helm/vaultwarden/Chart.lock
View File

@@ -7,9 +7,9 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:6f78b41937412c1db5e0f612287d29ea81c1d9169b8a0efd98a0dd4be3e532d1 digest: sha256:1d6f670bfe76dbc3d59a2ff762cb5536be8d1f5ce0ed12b44bd9792076607bed
generated: "2026-03-15T20:10:47.852109985Z" generated: "2026-03-11T23:03:57.367242959Z"

2
clusters/cl01tl/helm/vaultwarden/Chart.yaml
View File

@@ -27,7 +27,7 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-data alias: volsync-target-data

6
clusters/cl01tl/helm/yamtrack/Chart.lock
View File

@@ -4,9 +4,9 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.9.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.4.0
digest: sha256:71da007e1cef75e45b1678caa51b0d2317cb8f4dfdf7df675d534194f03650aa digest: sha256:e2398649941bcdbcba86bf8b7fbeaf5187e2ba29c5046d28be62ab9f37494c7e
generated: "2026-03-15T20:11:03.591727143Z" generated: "2026-03-11T23:04:20.045077529Z"

2
clusters/cl01tl/helm/yamtrack/Chart.yaml
View File

@@ -22,7 +22,7 @@ dependencies:
version: 4.6.2 version: 4.6.2
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.9.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey alias: valkey

44
renovate.json
View File

@@ -7,50 +7,14 @@
], ],
"customManagers": [ "customManagers": [
{ {
"description": "Update appVersion in Chart.yaml",
"customType": "regex", "customType": "regex",
"managerFilePatterns": [ "managerFilePatterns": [
"/(^|/)Chart\\.yaml$/" "/(^|/)Chart\\.yaml$/"
], ],
"matchStrings": [ "matchStrings": [
"#\\s*renovate:\\s*datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+appVersion:\\s*[\"']?(?<currentValue>[^\"'\\s]+)[\"']?" "#\\s*renovate:\\s*datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+appVersion:\\s*[\"']?(?<currentValue>[^\"'\\s]+)[\"']?"
]
},
{
"description": "Update images in templates",
"customType": "regex",
"managerFilePatterns": [
"/(^|/)templates/.*\\.yaml$/"
], ],
"matchStrings": [ "datasourceTemplate": "github-releases"
"# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s+tag: (?<currentValue>.*)"
]
},
{
"description": "Update Helm CLI version in GitHub Actions",
"customType": "regex",
"managerFilePatterns": [
"/^\\.github/workflows/.*\\.ya?ml$/"
],
"matchStrings": [
"uses: azure/setup-helm@v4[\\s\\S]*?version: (?<currentValue>v?\\d+\\.\\d+\\.\\d+)"
],
"depNameTemplate": "helm/helm",
"datasourceTemplate": "github-releases",
"versioningTemplate": "semver"
},
{
"description": "Update Kubeconform version in GitHub Actions env",
"customType": "regex",
"managerFilePatterns": [
"/^\\.github/workflows/.*\\.ya?ml$/"
],
"matchStrings": [
"KUBECONFORM_VERSION: \"(?<currentValue>v?\\d+\\.\\d+\\.\\d+)\""
],
"depNameTemplate": "yannh/kubeconform",
"datasourceTemplate": "github-releases",
"versioningTemplate": "semver"
} }
], ],
"timezone": "US/Central", "timezone": "US/Central",
@@ -101,8 +65,7 @@
{ {
"description": "Label images, helm", "description": "Label images, helm",
"matchManagers": [ "matchManagers": [
"custom.regex", "custom.regex", "helm-values"
"helm-values"
], ],
"groupName": "{{#if packageName}}{{{replace 'ghcr.io/' '' (replace 'docker.io/' '' packageName)}}}{{else}}{{{replace 'ghcr.io/' '' (replace 'docker.io/' '' depName)}}}{{/if}}", "groupName": "{{#if packageName}}{{{replace 'ghcr.io/' '' (replace 'docker.io/' '' packageName)}}}{{else}}{{{replace 'ghcr.io/' '' (replace 'docker.io/' '' depName)}}}{{/if}}",
"groupSlug": "unified-{{{groupName}}}", "groupSlug": "unified-{{{groupName}}}",
@@ -128,8 +91,7 @@
"digest" "digest"
], ],
"matchManagers": [ "matchManagers": [
"custom.regex", "custom.regex", "helm-values"
"helm-values"
], ],
"groupName": "{{#if packageName}}{{{replace 'ghcr.io/' '' (replace 'docker.io/' '' packageName)}}}{{else}}{{{replace 'ghcr.io/' '' (replace 'docker.io/' '' depName)}}}{{/if}}", "groupName": "{{#if packageName}}{{{replace 'ghcr.io/' '' (replace 'docker.io/' '' packageName)}}}{{else}}{{{replace 'ghcr.io/' '' (replace 'docker.io/' '' depName)}}}{{/if}}",
"groupSlug": "unified-{{{groupName}}}", "groupSlug": "unified-{{{groupName}}}",