alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Activity

Compare commits

base: alexlebens:manifests
Branches Tags
alexlebens:main alexlebens:renovate/major-unified-vault-unseal alexlebens:renovate/unified-cilium alexlebens:manifests alexlebens:tmp/eraser
..
compare: alexlebens:ff4bbf0fbd20d3980a1d04493b07ac69edb9cc32
Branches Tags
alexlebens:renovate/major-unified-vault-unseal alexlebens:renovate/unified-cilium alexlebens:main alexlebens:manifests alexlebens:tmp/eraser

1 Commits
manifests ... ff4bbf0fbd

Author SHA1 Message Date
gitea-bot
ff4bbf0fbd chore: Update manifests after change 2026-03-18 16:59:49 +00:00
1491 changed files with 12303 additions and 29525 deletions
Expand all files Collapse all files

9
clusters/cl01tl/manifests/actual/Deployment-actual.yaml
View File

@@ -35,9 +35,10 @@ spec:
dnsPolicy: ClusterFirst
containers:
- env:
- name: ACTUAL_PORT
value: "5006"
image: ghcr.io/actualbudget/actual:26.4.0@sha256:b0e732e2c41b3dc468a71548e88ef76d3f0c157fc43d15fa05d14ec1c5747e1e
- name: TZ
value: US/Central
image: ghcr.io/actualbudget/actual:26.3.0
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
@@ -54,7 +55,7 @@ spec:
resources:
requests:
cpu: 10m
memory: 50Mi
memory: 128Mi
volumeMounts:
- mountPath: /data
name: data

2
clusters/cl01tl/manifests/actual/HTTPRoute-actual.yaml
View File

@@ -23,7 +23,7 @@ spec:
name: actual
namespace: actual
port: 80
weight: 1
weight: 100
matches:
- path:
type: PathPrefix

2
clusters/cl01tl/manifests/actual/PersistentVolumeClaim-actual-data.yaml
View File

@@ -7,6 +7,8 @@ metadata:
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: actual
helm.sh/chart: actual-4.6.2
annotations:
helm.sh/resource-policy: keep
namespace: actual
spec:
accessModes:

30
clusters/cl01tl/manifests/paperless-ngx/Cluster-paperless-ngx-postgresql-18-cluster.yaml → clusters/cl01tl/manifests/argo-workflows/Cluster-argo-workflows-postgresql-18-cluster.yaml
View File

@@ -1,14 +1,14 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: paperless-ngx-postgresql-18-cluster
namespace: paperless-ngx
name: argo-workflows-postgresql-18-cluster
namespace: argo-workflows
labels:
app.kubernetes.io/name: paperless-ngx-postgresql-18-cluster
helm.sh/chart: postgres-18-cluster-7.11.2
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
app.kubernetes.io/version: "7.11.2"
app.kubernetes.io/name: argo-workflows-postgresql-18-cluster
helm.sh/chart: postgres-18-cluster-7.10.0
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "7.10.0"
app.kubernetes.io/managed-by: Helm
spec:
instances: 3
@@ -26,8 +26,8 @@ spec:
limits:
hugepages-2Mi: 256Mi
requests:
cpu: 20m
memory: 80Mi
cpu: 100m
memory: 256Mi
affinity:
enablePodAntiAffinity: true
topologyKey: kubernetes.io/hostname
@@ -49,18 +49,18 @@ spec:
enabled: true
isWALArchiver: true
parameters:
barmanObjectName: "paperless-ngx-postgresql-18-backup-garage-local"
serverName: "paperless-ngx-postgresql-18-backup-1"
barmanObjectName: "argo-workflows-postgresql-18-backup-garage-local"
serverName: "argo-workflows-postgresql-18-backup-1"
bootstrap:
recovery:
database: app
source: paperless-ngx-postgresql-18-backup-1
source: argo-workflows-postgresql-18-backup-1
externalClusters:
- name: paperless-ngx-postgresql-18-backup-1
- name: argo-workflows-postgresql-18-backup-1
plugin:
name: barman-cloud.cloudnative-pg.io
enabled: true
isWALArchiver: false
parameters:
barmanObjectName: "paperless-ngx-postgresql-18-recovery"
serverName: paperless-ngx-postgresql-18-backup-1
barmanObjectName: "argo-workflows-postgresql-18-recovery"
serverName: argo-workflows-postgresql-18-backup-1

67
clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-events-webhook.yaml Normal file
View File

@@ -0,0 +1,67 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argo-events-webhook
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-events-webhook
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- create
- update
- delete
- patch
- watch
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- apps
resources:
- deployments
verbs:
- get
- list
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
verbs:
- get
- list
- create
- update
- delete
- patch
- watch
- apiGroups:
- argoproj.io
resources:
- eventbus
- eventsources
- sensors
verbs:
- get
- list
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterroles
verbs:
- get
- list

42
clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-admin.yaml Normal file
View File

@@ -0,0 +1,42 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argo-workflows-admin
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: server
app: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:
- apiGroups:
- argoproj.io
resources:
- workflows
- workflows/finalizers
- workfloweventbindings
- workfloweventbindings/finalizers
- workflowtemplates
- workflowtemplates/finalizers
- cronworkflows
- cronworkflows/finalizers
- clusterworkflowtemplates
- clusterworkflowtemplates/finalizers
- workflowtasksets
- workflowtasksets/finalizers
- workflowtaskresults
- workflowtaskresults/finalizers
- workflowartifactgctasks
- workflowartifactgctasks/finalizers
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch

92
clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-argo-events-controller-manager.yaml Normal file
View File

@@ -0,0 +1,92 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argo-workflows-argo-events-controller-manager
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-controller-manager
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: controller-manager
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- argoproj.io
resources:
- sensors
- sensors/finalizers
- sensors/status
- eventsources
- eventsources/finalizers
- eventsources/status
- eventbus
- eventbus/finalizers
- eventbus/status
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods
- pods/exec
- configmaps
- services
- persistentvolumeclaims
verbs:
- create
- get
- list
- watch
- update
- patch
- delete
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- get
- list
- update
- patch
- delete
- apiGroups:
- apps
resources:
- deployments
- statefulsets
verbs:
- create
- get
- list
- watch
- update
- patch
- delete

20
clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-crd-install.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argo-workflows-crd-install
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-crd-install
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: crds
app: crds
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-10"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
rules:
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["create", "get", "list", "patch", "update"]

42
clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-edit.yaml Normal file
View File

@@ -0,0 +1,42 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argo-workflows-edit
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: server
app: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rules:
- apiGroups:
- argoproj.io
resources:
- workflows
- workflows/finalizers
- workfloweventbindings
- workfloweventbindings/finalizers
- workflowtemplates
- workflowtemplates/finalizers
- cronworkflows
- cronworkflows/finalizers
- clusterworkflowtemplates
- clusterworkflowtemplates/finalizers
- workflowtasksets
- workflowtasksets/finalizers
- workflowtaskresults
- workflowtaskresults/finalizers
- workflowartifactgctasks
- workflowartifactgctasks/finalizers
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch

25
clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-server-cluster-template.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argo-workflows-server-cluster-template
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: server
app: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
rules:
- apiGroups:
- argoproj.io
resources:
- clusterworkflowtemplates
verbs:
- get
- list
- watch
- create
- update
- patch
- delete

92
clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-server.yaml Normal file
View File

@@ -0,0 +1,92 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argo-workflows-server
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: server
app: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
rules:
- apiGroups:
- ""
resources:
- configmaps
- events
verbs:
- get
- watch
- list
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- watch
- delete
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- list
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- sso
verbs:
- get
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- apiGroups:
- ""
resources:
- events
verbs:
- watch
- create
- patch
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- argo-workflows-postgresql-18-cluster-app
- argo-workflows-postgresql-18-cluster-app
verbs:
- get
- apiGroups:
- argoproj.io
resources:
- eventsources
- sensors
- workflows
- workfloweventbindings
- workflowtemplates
- cronworkflows
verbs:
- create
- get
- list
- watch
- update
- patch
- delete

37
clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-view.yaml Normal file
View File

@@ -0,0 +1,37 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argo-workflows-view
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
rbac.authorization.k8s.io/aggregate-to-view: "true"
rules:
- apiGroups:
- argoproj.io
resources:
- workflows
- workflows/finalizers
- workfloweventbindings
- workfloweventbindings/finalizers
- workflowtemplates
- workflowtemplates/finalizers
- cronworkflows
- cronworkflows/finalizers
- clusterworkflowtemplates
- clusterworkflowtemplates/finalizers
- workflowtasksets
- workflowtasksets/finalizers
- workflowtaskresults
- workflowtaskresults/finalizers
- workflowartifactgctasks
- workflowartifactgctasks/finalizers
verbs:
- get
- list
- watch

22
clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-workflow-controller-cluster-template.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argo-workflows-workflow-controller-cluster-template
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
rules:
- apiGroups:
- argoproj.io
resources:
- clusterworkflowtemplates
- clusterworkflowtemplates/finalizers
verbs:
- get
- list
- watch

155
clusters/cl01tl/manifests/argo-workflows/ClusterRole-argo-workflows-workflow-controller.yaml Normal file
View File

@@ -0,0 +1,155 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argo-workflows-workflow-controller
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- create
- get
- list
- watch
- update
- patch
- delete
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
- apiGroups:
- ""
resources:
- configmaps
- namespaces
verbs:
- get
- watch
- list
- apiGroups:
- ""
resources:
- persistentvolumeclaims
- persistentvolumeclaims/finalizers
verbs:
- create
- update
- delete
- get
- apiGroups:
- argoproj.io
resources:
- workflows
- workflows/finalizers
- workflowtasksets
- workflowtasksets/finalizers
- workflowtasksets/status
- workflowartifactgctasks
verbs:
- get
- list
- watch
- update
- patch
- delete
- create
- apiGroups:
- argoproj.io
resources:
- workflowtemplates
- workflowtemplates/finalizers
verbs:
- get
- list
- watch
- apiGroups:
- argoproj.io
resources:
- workflowtaskresults
- workflowtaskresults/finalizers
verbs:
- list
- watch
- deletecollection
- apiGroups:
- argoproj.io
resources:
- cronworkflows
- cronworkflows/finalizers
verbs:
- get
- list
- watch
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- ""
resources:
- serviceaccounts
verbs:
- get
- list
- apiGroups:
- "policy"
resources:
- poddisruptionbudgets
verbs:
- create
- get
- delete
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- argo-workflows-postgresql-18-cluster-app
- argo-workflows-postgresql-18-cluster-app
verbs:
- get
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- apiGroups:
- coordination.k8s.io
resources:
- leases
resourceNames:
- workflow-controller
- workflow-controller-lease
verbs:
- get
- watch
- update
- patch
- delete
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
resourceNames:
- argo-workflows-agent-ca-certificates

19
clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-argo-events-controller-manager.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argo-workflows-argo-events-controller-manager
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-controller-manager
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: controller-manager
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: argo-workflows-argo-events-controller-manager
subjects:
- kind: ServiceAccount
name: argo-workflows-argo-events-controller-manager
namespace: "argo-workflows"

18
clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-argo-events-events-webhook.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argo-workflows-argo-events-events-webhook
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-events-webhook
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: argo-events-webhook
subjects:
- kind: ServiceAccount
name: argo-workflows-argo-events-events-webhook
namespace: "argo-workflows"

24
clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-crd-install.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argo-workflows-crd-install
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-crd-install
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: crds
app: crds
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-10"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
subjects:
- kind: ServiceAccount
name: argo-workflows-crd-install
namespace: argo-workflows
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: argo-workflows-crd-install

20
clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-server-cluster-template.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argo-workflows-server-cluster-template
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: server
app: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: argo-workflows-server-cluster-template
subjects:
- kind: ServiceAccount
name: argo-workflows-server
namespace: "argo-workflows"

20
clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-server.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argo-workflows-server
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: server
app: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: argo-workflows-server
subjects:
- kind: ServiceAccount
name: argo-workflows-server
namespace: "argo-workflows"

20
clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-workflow-controller-cluster-template.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argo-workflows-workflow-controller-cluster-template
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: argo-workflows-workflow-controller-cluster-template
subjects:
- kind: ServiceAccount
name: argo-workflows-workflow-controller
namespace: "argo-workflows"

20
clusters/cl01tl/manifests/argo-workflows/ClusterRoleBinding-argo-workflows-workflow-controller.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argo-workflows-workflow-controller
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: argo-workflows-workflow-controller
subjects:
- kind: ServiceAccount
name: argo-workflows-workflow-controller
namespace: "argo-workflows"

84
clusters/cl01tl/manifests/argo-workflows/ConfigMap-argo-workflows-argo-events-controller-manager.yaml Normal file
View File

@@ -0,0 +1,84 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: argo-workflows-argo-events-controller-manager
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-controller-manager
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
data:
controller-config.yaml: |
eventBus:
nats:
versions:
- version: latest
natsStreamingImage: nats-streaming:latest
metricsExporterImage: natsio/prometheus-nats-exporter:latest
- version: 0.22.1
natsStreamingImage: nats-streaming:0.22.1
metricsExporterImage: natsio/prometheus-nats-exporter:0.8.0
jetstream:
# Default JetStream settings, could be overridden by EventBus JetStream specs
settings: |
# https://docs.nats.io/running-a-nats-service/configuration#jetstream
# Only configure "max_memory_store" or "max_file_store", do not set "store_dir" as it has been hardcoded.
max_memory_store: -1
max_file_store: -1
# The default properties of the streams to be created in this JetStream service
streamConfig: |
maxMsgs: 1e+06
maxAge: 72h
maxBytes: 1GB
replicas: 3
duplicates: 300s
retention: 0
discard: 0
versions:
- version: latest
natsImage: nats:2.10.10
metricsExporterImage: natsio/prometheus-nats-exporter:0.14.0
configReloaderImage: natsio/nats-server-config-reloader:0.14.0
startCommand: /nats-server
- version: 2.8.1
natsImage: nats:2.8.1
metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1
configReloaderImage: natsio/nats-server-config-reloader:0.7.0
startCommand: /nats-server
- version: 2.8.1-alpine
natsImage: nats:2.8.1-alpine
metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1
configReloaderImage: natsio/nats-server-config-reloader:0.7.0
startCommand: nats-server
- version: 2.8.2
natsImage: nats:2.8.2
metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1
configReloaderImage: natsio/nats-server-config-reloader:0.7.0
startCommand: /nats-server
- version: 2.8.2-alpine
natsImage: nats:2.8.2-alpine
metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1
configReloaderImage: natsio/nats-server-config-reloader:0.7.0
startCommand: nats-server
- version: 2.9.1
natsImage: nats:2.9.1
metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1
configReloaderImage: natsio/nats-server-config-reloader:0.7.0
startCommand: /nats-server
- version: 2.9.12
natsImage: nats:2.9.12
metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1
configReloaderImage: natsio/nats-server-config-reloader:0.7.0
startCommand: /nats-server
- version: 2.9.16
natsImage: nats:2.9.16
metricsExporterImage: natsio/prometheus-nats-exporter:0.9.1
configReloaderImage: natsio/nats-server-config-reloader:0.7.0
startCommand: /nats-server
- version: 2.10.10
natsImage: nats:2.10.10
metricsExporterImage: natsio/prometheus-nats-exporter:0.14.0
configReloaderImage: natsio/nats-server-config-reloader:0.14.0
startCommand: /nats-server

59
clusters/cl01tl/manifests/argo-workflows/ConfigMap-argo-workflows-workflow-controller-configmap.yaml Normal file
View File

@@ -0,0 +1,59 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: argo-workflows-workflow-controller-configmap
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-cm
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
data:
config: |
metricsConfig:
enabled: true
path: /metrics
port: 9090
ignoreErrors: false
secure: false
persistence:
archive: true
connectionPool:
maxIdleConns: 100
maxOpenConns: 0
nodeStatusOffLoad: true
postgresql:
database: app
host: argo-workflows-postgresql-18-cluster-rw
passwordSecret:
key: password
name: argo-workflows-postgresql-18-cluster-app
port: 5432
ssl: false
sslMode: disable
tableName: app
userNameSecret:
key: username
name: argo-workflows-postgresql-18-cluster-app
sso:
issuer: https://authentik.alexlebens.net/application/o/argo-workflows/
clientId:
name: argo-workflows-oidc-secret
key: client
clientSecret:
name: argo-workflows-oidc-secret
key: secret
redirectUrl: "https://argo-workflows.alexlebens.net/oauth2/callback"
rbac:
enabled: false
scopes:
- openid
- email
- profile
nodeEvents:
enabled: true
workflowEvents:
enabled: true

41
clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-eventbus.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,41 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: eventbus.argoproj.io
annotations:
"helm.sh/resource-policy": keep
spec:
group: argoproj.io
names:
kind: EventBus
listKind: EventBusList
plural: eventbus
shortNames:
- eb
singular: eventbus
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

41
clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-eventsources.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,41 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: eventsources.argoproj.io
annotations:
"helm.sh/resource-policy": keep
spec:
group: argoproj.io
names:
kind: EventSource
listKind: EventSourceList
plural: eventsources
shortNames:
- es
singular: eventsource
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

41
clusters/cl01tl/manifests/argo-workflows/CustomResourceDefinition-sensors.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,41 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: sensors.argoproj.io
annotations:
"helm.sh/resource-policy": keep
spec:
group: argoproj.io
names:
kind: Sensor
listKind: SensorList
plural: sensors
shortNames:
- sn
singular: sensor
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

83
clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-argo-events-controller-manager.yaml Normal file
View File

@@ -0,0 +1,83 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: argo-workflows-argo-events-controller-manager
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-controller-manager
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: controller-manager
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
app.kubernetes.io/version: "v1.9.10"
spec:
selector:
matchLabels:
app.kubernetes.io/name: argo-events-controller-manager
app.kubernetes.io/instance: argo-workflows
revisionHistoryLimit: 5
replicas: 1
template:
metadata:
annotations:
checksum/config: 24732be38752faf20ed2282b13be0303398dc62ae15f3a9522d809bbd81e729a
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-controller-manager
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: controller-manager
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
app.kubernetes.io/version: "v1.9.10"
spec:
containers:
- name: controller-manager
image: quay.io/argoproj/argo-events:v1.9.10
imagePullPolicy: IfNotPresent
args:
- controller
env:
- name: ARGO_EVENTS_IMAGE
value: quay.io/argoproj/argo-events:v1.9.10
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: config
mountPath: /etc/argo-events
ports:
- name: metrics
containerPort: 7777
protocol: TCP
- name: probe
containerPort: 8081
protocol: TCP
livenessProbe:
httpGet:
port: probe
path: /healthz
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
port: probe
path: /readyz
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
resources:
requests:
cpu: 10m
memory: 128Mi
serviceAccountName: argo-workflows-argo-events-controller-manager
volumes:
- name: config
configMap:
name: argo-workflows-argo-events-controller-manager

88
clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-server.yaml Normal file
View File

@@ -0,0 +1,88 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: argo-workflows-server
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: server
app: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "v4.0.2"
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
template:
metadata:
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: server
app: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "v4.0.2"
annotations:
checksum/cm: db4ab0f942dba3d65db57efee732f4130b7911f0d27012328c0ba0579407969f
spec:
serviceAccountName: argo-workflows-server
containers:
- name: argo-server
image: "quay.io/argoproj/argocli:v4.0.2"
imagePullPolicy: Always
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: false
runAsNonRoot: true
args:
- server
- --configmap=argo-workflows-workflow-controller-configmap
- "--auth-mode=sso"
- "--secure=false"
- "--loglevel"
- "info"
- "--gloglevel"
- "0"
- "--log-format"
- "text"
ports:
- name: web
containerPort: 2746
readinessProbe:
httpGet:
path: /
port: 2746
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 20
env:
- name: IN_CLUSTER
value: "true"
- name: ARGO_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: ARGO_BASE_HREF
value: "/"
resources: {}
volumeMounts:
- name: tmp
mountPath: /tmp
terminationGracePeriodSeconds: 30
volumes:
- name: tmp
emptyDir: {}
nodeSelector:
kubernetes.io/os: linux

96
clusters/cl01tl/manifests/argo-workflows/Deployment-argo-workflows-workflow-controller.yaml Normal file
View File

@@ -0,0 +1,96 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: argo-workflows-workflow-controller
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "v4.0.2"
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
template:
metadata:
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "v4.0.2"
spec:
serviceAccountName: argo-workflows-workflow-controller
containers:
- name: controller
image: "quay.io/argoproj/workflow-controller:v4.0.2"
imagePullPolicy: Always
command: ["workflow-controller"]
args:
- "--configmap"
- "argo-workflows-workflow-controller-configmap"
- "--executor-image"
- "quay.io/argoproj/argoexec:v4.0.2"
- "--loglevel"
- "info"
- "--gloglevel"
- "0"
- "--log-format"
- "text"
- "--workflow-workers"
- "2"
- "--workflow-ttl-workers"
- "1"
- "--pod-cleanup-workers"
- "1"
- "--cron-workflow-workers"
- "1"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
env:
- name: ARGO_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: LEADER_ELECTION_IDENTITY
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: LEADER_ELECTION_DISABLE
value: "true"
resources:
requests:
cpu: 10m
memory: 128Mi
ports:
- name: metrics
containerPort: 9090
- containerPort: 6060
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 6060
initialDelaySeconds: 90
periodSeconds: 60
timeoutSeconds: 30
nodeSelector:
kubernetes.io/os: linux

69
clusters/cl01tl/manifests/argo-workflows/Deployment-events-webhook.yaml Normal file
View File

@@ -0,0 +1,69 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: events-webhook
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-events-webhook
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: events-webhook
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
app.kubernetes.io/version: "v1.9.10"
spec:
selector:
matchLabels:
app.kubernetes.io/name: argo-events-events-webhook
app.kubernetes.io/instance: argo-workflows
revisionHistoryLimit: 5
replicas: 1
template:
metadata:
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-events-webhook
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: events-webhook
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
app.kubernetes.io/version: "v1.9.10"
spec:
containers:
- name: events-webhook
image: quay.io/argoproj/argo-events:v1.9.10
imagePullPolicy: IfNotPresent
args:
- webhook-service
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: PORT
value: "443"
ports:
- name: webhook
containerPort: 443
protocol: TCP
livenessProbe:
tcpSocket:
port: webhook
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe:
tcpSocket:
port: webhook
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
resources:
requests:
cpu: 10m
memory: 128Mi
serviceAccountName: argo-workflows-argo-events-events-webhook

28
clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-oidc-secret.yaml Normal file
View File

@@ -0,0 +1,28 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: argo-workflows-oidc-secret
namespace: argo-workflows
labels:
app.kubernetes.io/name: argo-workflows-oidc-secret
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/part-of: argo-workflows
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: secret
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/argo-workflows
metadataPolicy: None
property: secret
- secretKey: client
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/argo-workflows
metadataPolicy: None
property: client

14
clusters/cl01tl/manifests/paperless-ngx/ExternalSecret-paperless-ngx-postgresql-18-backup-garage-local-secret.yaml → clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-postgresql-18-backup-garage-local-secret.yaml
View File

@@ -1,14 +1,14 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: paperless-ngx-postgresql-18-backup-garage-local-secret
namespace: paperless-ngx
name: argo-workflows-postgresql-18-backup-garage-local-secret
namespace: argo-workflows
labels:
app.kubernetes.io/name: paperless-ngx-postgresql-18-backup-garage-local-secret
helm.sh/chart: postgres-18-cluster-7.11.2
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
app.kubernetes.io/version: "7.11.2"
app.kubernetes.io/name: argo-workflows-postgresql-18-backup-garage-local-secret
helm.sh/chart: postgres-18-cluster-7.10.0
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "7.10.0"
app.kubernetes.io/managed-by: Helm
spec:
secretStoreRef:

14
clusters/cl01tl/manifests/paperless-ngx/ExternalSecret-paperless-ngx-postgresql-18-recovery-secret.yaml → clusters/cl01tl/manifests/argo-workflows/ExternalSecret-argo-workflows-postgresql-18-recovery-secret.yaml
View File

@@ -1,15 +1,15 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: paperless-ngx-postgresql-18-recovery-secret
namespace: paperless-ngx
name: argo-workflows-postgresql-18-recovery-secret
namespace: argo-workflows
labels:
helm.sh/chart: postgres-18-cluster-7.11.2
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
app.kubernetes.io/version: "7.11.2"
helm.sh/chart: postgres-18-cluster-7.10.0
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "7.10.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: paperless-ngx-postgresql-18-recovery-secret
app.kubernetes.io/name: argo-workflows-postgresql-18-recovery-secret
spec:
secretStoreRef:
kind: ClusterSecretStore

28
clusters/cl01tl/manifests/argo-workflows/HTTPRoute-argo-workflows.yaml Normal file
View File

@@ -0,0 +1,28 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: argo-workflows
namespace: argo-workflows
labels:
app.kubernetes.io/name: argo-workflows
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/part-of: argo-workflows
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: traefik-gateway
namespace: traefik
hostnames:
- argo-workflows.alexlebens.net
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ''
kind: Service
name: argo-workflows-server
port: 2746
weight: 100

57
clusters/cl01tl/manifests/argo-workflows/Job-argo-workflows-crd-install.yaml Normal file
View File

@@ -0,0 +1,57 @@
apiVersion: batch/v1
kind: Job
metadata:
name: argo-workflows-crd-install
namespace: argo-workflows
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-crd-install
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: crds
app: crds
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
spec:
template:
metadata:
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-crd-install
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: crds
app: crds
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
spec:
serviceAccountName: argo-workflows-crd-install
containers:
- name: apply
image: "registry.k8s.io/kubectl:v1.35.2"
env:
command:
- kubectl
- apply
- --server-side
- --force-conflicts
- -f
- "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.2/charts/argo-workflows/files/crds/full/argoproj.io_clusterworkflowtemplates.yaml"
- -f
- "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.2/charts/argo-workflows/files/crds/full/argoproj.io_cronworkflows.yaml"
- -f
- "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.2/charts/argo-workflows/files/crds/full/argoproj.io_workflowartifactgctasks.yaml"
- -f
- "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.2/charts/argo-workflows/files/crds/full/argoproj.io_workfloweventbindings.yaml"
- -f
- "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.2/charts/argo-workflows/files/crds/full/argoproj.io_workflows.yaml"
- -f
- "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.2/charts/argo-workflows/files/crds/full/argoproj.io_workflowtaskresults.yaml"
- -f
- "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.2/charts/argo-workflows/files/crds/full/argoproj.io_workflowtasksets.yaml"
- -f
- "https://raw.githubusercontent.com/argoproj/argo-helm/argo-workflows-1.0.2/charts/argo-workflows/files/crds/full/argoproj.io_workflowtemplates.yaml"
restartPolicy: Never
backoffLimit: 3

33
clusters/cl01tl/manifests/argo-workflows/ObjectStore-argo-workflows-postgresql-18-backup-garage-local.yaml Normal file
View File

@@ -0,0 +1,33 @@
apiVersion: barmancloud.cnpg.io/v1
kind: ObjectStore
metadata:
name: argo-workflows-postgresql-18-backup-garage-local
namespace: argo-workflows
labels:
app.kubernetes.io/name: argo-workflows-postgresql-18-backup-garage-local
helm.sh/chart: postgres-18-cluster-7.10.0
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "7.10.0"
app.kubernetes.io/managed-by: Helm
spec:
retentionPolicy: 7d
instanceSidecarConfiguration:
env:
- name: AWS_REQUEST_CHECKSUM_CALCULATION
value: when_required
- name: AWS_RESPONSE_CHECKSUM_VALIDATION
value: when_required
configuration:
destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster
endpointURL: http://garage-main.garage:3900
s3Credentials:
accessKeyId:
name: argo-workflows-postgresql-18-backup-garage-local-secret
key: ACCESS_KEY_ID
secretAccessKey:
name: argo-workflows-postgresql-18-backup-garage-local-secret
key: ACCESS_SECRET_KEY
region:
name: argo-workflows-postgresql-18-backup-garage-local-secret
key: ACCESS_REGION

32
clusters/cl01tl/manifests/argo-workflows/ObjectStore-argo-workflows-postgresql-18-recovery.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: barmancloud.cnpg.io/v1
kind: ObjectStore
metadata:
name: "argo-workflows-postgresql-18-recovery"
namespace: argo-workflows
labels:
helm.sh/chart: postgres-18-cluster-7.10.0
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "7.10.0"
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: "argo-workflows-postgresql-18-recovery"
spec:
configuration:
destinationPath: s3://postgres-backups/cl01tl/argo-workflows/argo-workflows-postgresql-18-cluster
endpointURL: http://garage-main.garage:3900
wal:
compression: snappy
maxParallel: 1
data:
compression: snappy
jobs: 1
s3Credentials:
accessKeyId:
name: argo-workflows-postgresql-18-recovery-secret
key: ACCESS_KEY_ID
secretAccessKey:
name: argo-workflows-postgresql-18-recovery-secret
key: ACCESS_SECRET_KEY
region:
name: argo-workflows-postgresql-18-recovery-secret
key: ACCESS_REGION

144
clusters/cl01tl/manifests/paperless-ngx/PrometheusRule-paperless-ngx-postgresql-18-alert-rules.yaml → clusters/cl01tl/manifests/argo-workflows/PrometheusRule-argo-workflows-postgresql-18-alert-rules.yaml
View File

@@ -1,18 +1,18 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: paperless-ngx-postgresql-18-alert-rules
namespace: paperless-ngx
name: argo-workflows-postgresql-18-alert-rules
namespace: argo-workflows
labels:
app.kubernetes.io/name: paperless-ngx-postgresql-18-alert-rules
helm.sh/chart: postgres-18-cluster-7.11.2
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
app.kubernetes.io/version: "7.11.2"
app.kubernetes.io/name: argo-workflows-postgresql-18-alert-rules
helm.sh/chart: postgres-18-cluster-7.10.0
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "7.10.0"
app.kubernetes.io/managed-by: Helm
spec:
groups:
- name: cloudnative-pg/paperless-ngx-postgresql-18
- name: cloudnative-pg/argo-workflows-postgresql-18
rules:
- alert: CNPGClusterBackendsWaitingWarning
annotations:
@@ -21,12 +21,12 @@ spec:
Pod {{ $labels.pod }}
has been waiting for longer than 5 minutes
expr: |
cnpg_backends_waiting_total{namespace="paperless-ngx"} > 300
cnpg_backends_waiting_total{namespace="argo-workflows"} > 300
for: 1m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterDatabaseDeadlockConflictsWarning
annotations:
summary: CNPG Cluster has over 10 deadlock conflicts.
@@ -34,12 +34,12 @@ spec:
There are over 10 deadlock conflicts in
{{ $labels.pod }}
expr: |
cnpg_pg_stat_database_deadlocks{namespace="paperless-ngx"} > 10
cnpg_pg_stat_database_deadlocks{namespace="argo-workflows"} > 10
for: 1m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterHACritical
annotations:
summary: CNPG Cluster has no standby replicas!
@@ -57,12 +57,12 @@ spec:
case you may want to silence it.
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHACritical.md
expr: |
max by (job) (cnpg_pg_replication_streaming_replicas{namespace="paperless-ngx"} - cnpg_pg_replication_is_wal_receiver_up{namespace="paperless-ngx"}) < 1
max by (job) (cnpg_pg_replication_streaming_replicas{namespace="argo-workflows"} - cnpg_pg_replication_is_wal_receiver_up{namespace="argo-workflows"}) < 1
for: 5m
labels:
severity: critical
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterHAWarning
annotations:
summary: CNPG Cluster less than 2 standby replicas.
@@ -78,72 +78,72 @@ spec:
In this case you may want to silence it.
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHAWarning.md
expr: |
max by (job) (cnpg_pg_replication_streaming_replicas{namespace="paperless-ngx"} - cnpg_pg_replication_is_wal_receiver_up{namespace="paperless-ngx"}) < 2
max by (job) (cnpg_pg_replication_streaming_replicas{namespace="argo-workflows"} - cnpg_pg_replication_is_wal_receiver_up{namespace="argo-workflows"}) < 2
for: 5m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterHighConnectionsCritical
annotations:
summary: CNPG Instance maximum number of connections critical!
description: |-
CloudNativePG Cluster "paperless-ngx/paperless-ngx-postgresql-18-cluster" instance {{`{{`}} $labels.pod {{`}}`}} is using {{`{{`}} $value {{`}}`}}% of
CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" instance {{`{{`}} $labels.pod {{`}}`}} is using {{`{{`}} $value {{`}}`}}% of
the maximum number of connections.
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHighConnectionsCritical.md
expr: |
sum by (pod) (cnpg_backends_total{namespace="paperless-ngx", pod=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"}) / max by (pod) (cnpg_pg_settings_setting{name="max_connections", namespace="paperless-ngx", pod=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"}) * 100 > 95
sum by (pod) (cnpg_backends_total{namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) / max by (pod) (cnpg_pg_settings_setting{name="max_connections", namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) * 100 > 95
for: 5m
labels:
severity: critical
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterHighConnectionsWarning
annotations:
summary: CNPG Instance is approaching the maximum number of connections.
description: |-
CloudNativePG Cluster "paperless-ngx/paperless-ngx-postgresql-18-cluster" instance {{`{{`}} $labels.pod {{`}}`}} is using {{`{{`}} $value {{`}}`}}% of
CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" instance {{`{{`}} $labels.pod {{`}}`}} is using {{`{{`}} $value {{`}}`}}% of
the maximum number of connections.
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHighConnectionsWarning.md
expr: |
sum by (pod) (cnpg_backends_total{namespace="paperless-ngx", pod=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"}) / max by (pod) (cnpg_pg_settings_setting{name="max_connections", namespace="paperless-ngx", pod=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"}) * 100 > 80
sum by (pod) (cnpg_backends_total{namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) / max by (pod) (cnpg_pg_settings_setting{name="max_connections", namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) * 100 > 80
for: 5m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterHighReplicationLag
annotations:
summary: CNPG Cluster high replication lag
description: |-
CloudNativePG Cluster "paperless-ngx/paperless-ngx-postgresql-18-cluster" is experiencing a high replication lag of
CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" is experiencing a high replication lag of
{{`{{`}} $value {{`}}`}}ms.
High replication lag indicates network issues, busy instances, slow queries or suboptimal configuration.
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterHighReplicationLag.md
expr: |
max(cnpg_pg_replication_lag{namespace="paperless-ngx",pod=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"}) * 1000 > 1000
max(cnpg_pg_replication_lag{namespace="argo-workflows",pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) * 1000 > 1000
for: 5m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterInstancesOnSameNode
annotations:
summary: CNPG Cluster instances are located on the same node.
description: |-
CloudNativePG Cluster "paperless-ngx/paperless-ngx-postgresql-18-cluster" has {{`{{`}} $value {{`}}`}}
CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" has {{`{{`}} $value {{`}}`}}
instances on the same node {{`{{`}} $labels.node {{`}}`}}.
A failure or scheduled downtime of a single node will lead to a potential service disruption and/or data loss.
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterInstancesOnSameNode.md
expr: |
count by (node) (kube_pod_info{namespace="paperless-ngx", pod=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"}) > 1
count by (node) (kube_pod_info{namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) > 1
for: 5m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterLongRunningTransactionWarning
annotations:
summary: CNPG Cluster query is taking longer than 5 minutes.
@@ -151,70 +151,70 @@ spec:
CloudNativePG Cluster Pod {{ $labels.pod }}
is taking more than 5 minutes (300 seconds) for a query.
expr: |-
cnpg_backends_max_tx_duration_seconds{namespace="paperless-ngx"} > 300
cnpg_backends_max_tx_duration_seconds{namespace="argo-workflows"} > 300
for: 1m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterLowDiskSpaceCritical
annotations:
summary: CNPG Instance is running out of disk space!
description: |-
CloudNativePG Cluster "paperless-ngx/paperless-ngx-postgresql-18-cluster" is running extremely low on disk space. Check attached PVCs!
CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" is running extremely low on disk space. Check attached PVCs!
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterLowDiskSpaceCritical.md
expr: |
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"} / kubelet_volume_stats_capacity_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"})) > 0.9 OR
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$-wal"} / kubelet_volume_stats_capacity_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$-wal"})) > 0.9 OR
max(sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_used_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"} / kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"})) > 0.9 OR
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-wal"} / kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-wal"})) > 0.9 OR
max(sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_used_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
/
sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_capacity_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
*
on(namespace, persistentvolumeclaim) group_left(volume)
kube_pod_spec_volumes_persistentvolumeclaims_info{pod=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"}
kube_pod_spec_volumes_persistentvolumeclaims_info{pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}
) > 0.9
for: 5m
labels:
severity: critical
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterLowDiskSpaceWarning
annotations:
summary: CNPG Instance is running out of disk space.
description: |-
CloudNativePG Cluster "paperless-ngx/paperless-ngx-postgresql-18-cluster" is running low on disk space. Check attached PVCs.
CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" is running low on disk space. Check attached PVCs.
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterLowDiskSpaceWarning.md
expr: |
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"} / kubelet_volume_stats_capacity_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"})) > 0.7 OR
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$-wal"} / kubelet_volume_stats_capacity_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$-wal"})) > 0.7 OR
max(sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_used_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"} / kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"})) > 0.7 OR
max(max by(persistentvolumeclaim) (1 - kubelet_volume_stats_available_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-wal"} / kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-wal"})) > 0.7 OR
max(sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_used_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
/
sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_capacity_bytes{namespace="paperless-ngx", persistentvolumeclaim=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
sum by (namespace,persistentvolumeclaim) (kubelet_volume_stats_capacity_bytes{namespace="argo-workflows", persistentvolumeclaim=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$-tbs.*"})
*
on(namespace, persistentvolumeclaim) group_left(volume)
kube_pod_spec_volumes_persistentvolumeclaims_info{pod=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"}
kube_pod_spec_volumes_persistentvolumeclaims_info{pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}
) > 0.7
for: 5m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterOffline
annotations:
summary: CNPG Cluster has no running instances!
description: |-
CloudNativePG Cluster "paperless-ngx/paperless-ngx-postgresql-18-cluster" has no ready instances.
CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" has no ready instances.
Having an offline cluster means your applications will not be able to access the database, leading to
potential service disruption and/or data loss.
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterOffline.md
expr: |
(count(cnpg_collector_up{namespace="paperless-ngx",pod=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"}) OR on() vector(0)) == 0
(count(cnpg_collector_up{namespace="argo-workflows",pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"}) OR on() vector(0)) == 0
for: 5m
labels:
severity: critical
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterPGDatabaseXidAgeWarning
annotations:
summary: CNPG Cluster has a number of transactions from the frozen XID to the current one.
@@ -222,24 +222,24 @@ spec:
Over 300,000,000 transactions from frozen xid
on pod {{ $labels.pod }}
expr: |
cnpg_pg_database_xid_age{namespace="paperless-ngx"} > 300000000
cnpg_pg_database_xid_age{namespace="argo-workflows"} > 300000000
for: 1m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterPGReplicationWarning
annotations:
summary: CNPG Cluster standby is lagging behind the primary.
description: |-
Standby is lagging behind by over 300 seconds (5 minutes)
expr: |
cnpg_pg_replication_lag{namespace="paperless-ngx"} > 300
cnpg_pg_replication_lag{namespace="argo-workflows"} > 300
for: 1m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterReplicaFailingReplicationWarning
annotations:
summary: CNPG Cluster has a replica is failing to replicate.
@@ -247,24 +247,24 @@ spec:
Replica {{ $labels.pod }}
is failing to replicate
expr: |
cnpg_pg_replication_in_recovery{namespace="paperless-ngx"} > cnpg_pg_replication_is_wal_receiver_up{namespace="paperless-ngx"}
cnpg_pg_replication_in_recovery{namespace="argo-workflows"} > cnpg_pg_replication_is_wal_receiver_up{namespace="argo-workflows"}
for: 1m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster
- alert: CNPGClusterZoneSpreadWarning
annotations:
summary: CNPG Cluster instances in the same zone.
description: |-
CloudNativePG Cluster "paperless-ngx/paperless-ngx-postgresql-18-cluster" has instances in the same availability zone.
CloudNativePG Cluster "argo-workflows/argo-workflows-postgresql-18-cluster" has instances in the same availability zone.
A disaster in one availability zone will lead to a potential service disruption and/or data loss.
runbook_url: https://github.com/cloudnative-pg/charts/blob/main/charts/cluster/docs/runbooks/CNPGClusterZoneSpreadWarning.md
expr: |
3 > count(count by (label_topology_kubernetes_io_zone) (kube_pod_info{namespace="paperless-ngx", pod=~"paperless-ngx-postgresql-18-cluster-([1-9][0-9]*)$"} * on(node,instance) group_left(label_topology_kubernetes_io_zone) kube_node_labels)) < 3
3 > count(count by (label_topology_kubernetes_io_zone) (kube_pod_info{namespace="argo-workflows", pod=~"argo-workflows-postgresql-18-cluster-([1-9][0-9]*)$"} * on(node,instance) group_left(label_topology_kubernetes_io_zone) kube_node_labels)) < 3
for: 5m
labels:
severity: warning
namespace: paperless-ngx
cnpg_cluster: paperless-ngx-postgresql-18-cluster
namespace: argo-workflows
cnpg_cluster: argo-workflows-postgresql-18-cluster

21
clusters/cl01tl/manifests/argo-workflows/Role-argo-workflows-workflow.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argo-workflows-workflow
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
namespace: argo-workflows
rules:
- apiGroups:
- argoproj.io
resources:
- workflowtaskresults
verbs:
- create
- patch

21
clusters/cl01tl/manifests/argo-workflows/RoleBinding-argo-workflows-workflow.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: argo-workflows-workflow
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
namespace: argo-workflows
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argo-workflows-workflow
subjects:
- kind: ServiceAccount
name: argo-workflow
namespace: argo-workflows

24
clusters/cl01tl/manifests/argo-workflows/ScheduledBackup-argo-workflows-postgresql-18-scheduled-backup-live-backup.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: postgresql.cnpg.io/v1
kind: ScheduledBackup
metadata:
name: "argo-workflows-postgresql-18-scheduled-backup-live-backup"
namespace: argo-workflows
labels:
app.kubernetes.io/name: "argo-workflows-postgresql-18-scheduled-backup-live-backup"
helm.sh/chart: postgres-18-cluster-7.10.0
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "7.10.0"
app.kubernetes.io/managed-by: Helm
spec:
immediate: true
suspend: false
schedule: "0 0 14 * * *"
backupOwnerReference: self
cluster:
name: argo-workflows-postgresql-18-cluster
method: plugin
pluginConfiguration:
name: barman-cloud.cloudnative-pg.io
parameters:
barmanObjectName: "argo-workflows-postgresql-18-backup-garage-local"

21
clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-argo-events-controller-manager-metrics.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: v1
kind: Service
metadata:
name: argo-workflows-argo-events-controller-manager-metrics
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-controller-manager-metrics
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: controller-manager
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
spec:
ports:
- name: metrics
protocol: TCP
port: 8082
targetPort: metrics
selector:
app.kubernetes.io/name: argo-events-controller-manager
app.kubernetes.io/instance: argo-workflows

23
clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-server.yaml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: v1
kind: Service
metadata:
name: argo-workflows-server
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: server
app: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "v4.0.2"
spec:
ports:
- port: 2746
targetPort: 2746
selector:
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
sessionAffinity: None
type: ClusterIP

25
clusters/cl01tl/manifests/argo-workflows/Service-argo-workflows-workflow-controller.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: v1
kind: Service
metadata:
name: argo-workflows-workflow-controller
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
app.kubernetes.io/version: "v4.0.2"
spec:
ports:
- name: metrics
port: 8080
protocol: TCP
targetPort: 9090
selector:
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
sessionAffinity: None
type: ClusterIP

18
clusters/cl01tl/manifests/argo-workflows/Service-events-webhook.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: events-webhook
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-events-webhook
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
spec:
ports:
- port: 443
targetPort: webhook
selector:
app.kubernetes.io/name: argo-events-events-webhook
app.kubernetes.io/instance: argo-workflows

13
clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-argo-events-controller-manager.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: true
metadata:
name: argo-workflows-argo-events-controller-manager
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-controller-manager
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: controller-manager
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events

13
clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-argo-events-events-webhook.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: true
metadata:
name: argo-workflows-argo-events-events-webhook
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-events-webhook
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: events-webhook
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events

17
clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-crd-install.yaml Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: argo-workflows-crd-install
namespace: argo-workflows
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-crd-install
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: crds
app: crds
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-10"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded

13
clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-server.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: argo-workflows-server
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-server
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: server
app: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows

13
clusters/cl01tl/manifests/argo-workflows/ServiceAccount-argo-workflows-workflow-controller.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: argo-workflows-workflow-controller
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-workflows-1.0.2
app.kubernetes.io/name: argo-workflows-workflow-controller
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: workflow-controller
app: workflow-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-workflows

25
clusters/cl01tl/manifests/argo-workflows/ServiceMonitor-argo-workflows-argo-events-controller-manager.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: argo-workflows-argo-events-controller-manager
namespace: "argo-workflows"
labels:
helm.sh/chart: argo-events-2.4.20
app.kubernetes.io/name: argo-events-controller-manager
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: controller-manager
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argo-events
spec:
endpoints:
- port: metrics
interval: 30s
path: /metrics
namespaceSelector:
matchNames:
- "argo-workflows"
selector:
matchLabels:
app.kubernetes.io/name: argo-events-controller-manager-metrics
app.kubernetes.io/instance: argo-workflows
app.kubernetes.io/component: controller-manager

4
clusters/cl01tl/manifests/argocd/ClusterRole-argocd-application-controller.yaml
View File

@@ -3,13 +3,13 @@ kind: ClusterRole
metadata:
name: argocd-application-controller
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-application-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: application-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
rules:
- apiGroups:
- '*'

4
clusters/cl01tl/manifests/argocd/ClusterRole-argocd-notifications-controller.yaml
View File

@@ -3,13 +3,13 @@ kind: ClusterRole
metadata:
name: argocd-notifications-controller
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-notifications-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: notifications-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
rules:
- apiGroups:
- argoproj.io

4
clusters/cl01tl/manifests/argocd/ClusterRole-argocd-server.yaml
View File

@@ -3,13 +3,13 @@ kind: ClusterRole
metadata:
name: argocd-server
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
rules:
- apiGroups:
- '*'

4
clusters/cl01tl/manifests/argocd/ClusterRoleBinding-argocd-application-controller.yaml
View File

@@ -3,13 +3,13 @@ kind: ClusterRoleBinding
metadata:
name: argocd-application-controller
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-application-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: application-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/argocd/ClusterRoleBinding-argocd-notifications-controller.yaml
View File

@@ -3,13 +3,13 @@ kind: ClusterRoleBinding
metadata:
name: argocd-notifications-controller
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-notifications-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: notifications-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

4
clusters/cl01tl/manifests/argocd/ClusterRoleBinding-argocd-server.yaml
View File

@@ -3,13 +3,13 @@ kind: ClusterRoleBinding
metadata:
name: argocd-server
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole

6
clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cm.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-cm
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-cm
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
data:
accounts.homepage: apiKey
admin.enabled: "true"
@@ -127,6 +127,6 @@ data:
statusbadge.enabled: "true"
statusbadge.url: https://argocd.alexlebens.net/
timeout.hard.reconciliation: 0s
timeout.reconciliation: 120s
timeout.reconciliation: 100s
timeout.reconciliation.jitter: 60s
url: https://argocd.alexlebens.net

4
clusters/cl01tl/manifests/argocd/ConfigMap-argocd-cmd-params-cm.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-cmd-params-cm
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-cmd-params-cm
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
data:
applicationsetcontroller.enable.leader.election: "true"
applicationsetcontroller.log.format: text

4
clusters/cl01tl/manifests/argocd/ConfigMap-argocd-gpg-keys-cm.yaml
View File

@@ -4,9 +4,9 @@ metadata:
name: argocd-gpg-keys-cm
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-gpg-keys-cm
app.kubernetes.io/instance: argocd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"

5
clusters/cl01tl/manifests/argocd/ConfigMap-argocd-notifications-cm.yaml
View File

@@ -4,15 +4,16 @@ metadata:
name: argocd-notifications-cm
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-notifications-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: notifications-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
data:
context: |
argocdUrl: https://argocd.example.com
argocdUrl: https://argocd.alexlebens.net
service.webhook.ntfy: |
url: http://ntfy.ntfy/

4
clusters/cl01tl/manifests/argocd/ConfigMap-argocd-rbac-cm.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-rbac-cm
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-rbac-cm
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
data:
policy.csv: |
g, ArgoCD Admins, role:admin

4
clusters/cl01tl/manifests/argocd/ConfigMap-argocd-ssh-known-hosts-cm.yaml
View File

@@ -4,12 +4,12 @@ metadata:
name: argocd-ssh-known-hosts-cm
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-ssh-known-hosts-cm
app.kubernetes.io/instance: argocd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
data:
ssh_known_hosts: |
[ssh.github.com]:443 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=

4
clusters/cl01tl/manifests/argocd/ConfigMap-argocd-tls-certs-cm.yaml
View File

@@ -4,9 +4,9 @@ metadata:
name: argocd-tls-certs-cm
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-tls-certs-cm
app.kubernetes.io/instance: argocd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"

29
clusters/cl01tl/manifests/argocd/Deployment-argocd-applicationset-controller.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-applicationset-controller
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-applicationset-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: applicationset-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
replicas: 2
revisionHistoryLimit: 3
@@ -21,22 +21,22 @@ spec:
template:
metadata:
annotations:
checksum/cmd-params: 063b9be4f32c11b210d7d5946b35c6037f7641d950fa499f234c60747adfe431
checksum/cmd-params: 33859ae5e365758d9afa226ebd4dd3190a4a5e470b009cc9f60732a191c6c299
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-applicationset-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: applicationset-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
terminationGracePeriodSeconds: 30
serviceAccountName: argocd-applicationset-controller
automountServiceAccountToken: true
containers:
- name: applicationset-controller
image: quay.io/argoproj/argocd:v3.3.6
image: quay.io/argoproj/argocd:v3.3.4
imagePullPolicy: IfNotPresent
args:
- /usr/local/bin/argocd-applicationset-controller
@@ -223,23 +223,20 @@ spec:
livenessProbe:
tcpSocket:
port: probe
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 5
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe:
tcpSocket:
port: probe
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 5
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
resources:
requests:
cpu: 10m
memory: 50Mi
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:

24
clusters/cl01tl/manifests/argocd/Deployment-argocd-dex-server.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-dex-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-dex-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: dex-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
replicas: 1
revisionHistoryLimit: 3
@@ -21,16 +21,16 @@ spec:
template:
metadata:
annotations:
checksum/cmd-params: 063b9be4f32c11b210d7d5946b35c6037f7641d950fa499f234c60747adfe431
checksum/cm: a06810634afd59812852e7c2753f0e0041610c9e2bb0686bb671a6d4eb6f918f
checksum/cmd-params: 33859ae5e365758d9afa226ebd4dd3190a4a5e470b009cc9f60732a191c6c299
checksum/cm: da83ef9d2a6b579aff8ece72bbc4c0c05d612f665e951eaaccb282e034b058a5
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-dex-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: dex-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
terminationGracePeriodSeconds: 30
serviceAccountName: argocd-dex-server
@@ -98,10 +98,7 @@ spec:
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
resources:
requests:
cpu: 1m
memory: 64Mi
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
@@ -121,7 +118,7 @@ spec:
mountPath: /tls
initContainers:
- name: copyutil
image: quay.io/argoproj/argocd:v3.3.6
image: quay.io/argoproj/argocd:v3.3.4
imagePullPolicy: IfNotPresent
command:
- /bin/cp
@@ -133,10 +130,7 @@ spec:
name: static-files
- mountPath: /tmp
name: dexconfig
resources:
requests:
cpu: 1m
memory: 64Mi
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:

17
clusters/cl01tl/manifests/argocd/Deployment-argocd-notifications-controller.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-notifications-controller
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-notifications-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: notifications-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
replicas: 1
revisionHistoryLimit: 3
@@ -23,22 +23,22 @@ spec:
template:
metadata:
annotations:
checksum/cmd-params: 063b9be4f32c11b210d7d5946b35c6037f7641d950fa499f234c60747adfe431
checksum/cmd-params: 33859ae5e365758d9afa226ebd4dd3190a4a5e470b009cc9f60732a191c6c299
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-notifications-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: notifications-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
terminationGracePeriodSeconds: 30
serviceAccountName: argocd-notifications-controller
automountServiceAccountToken: true
containers:
- name: notifications-controller
image: quay.io/argoproj/argocd:v3.3.6
image: quay.io/argoproj/argocd:v3.3.4
imagePullPolicy: IfNotPresent
args:
- /usr/local/bin/argocd-notifications
@@ -103,10 +103,7 @@ spec:
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
resources:
requests:
cpu: 2m
memory: 50Mi
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:

12
clusters/cl01tl/manifests/argocd/Deployment-argocd-redis-ha-haproxy.yaml
View File

@@ -28,6 +28,9 @@ spec:
component: haproxy
app.kubernetes.io/name: argocd-redis-ha-haproxy
annotations:
prometheus.io/port: "9101"
prometheus.io/scrape: "true"
prometheus.io/path: "/metrics"
checksum/config: 41729c8b600983b574147eb778eb317992f0a620e163e58b070b159548c3f8e6
spec:
serviceAccountName: argocd-redis-ha-haproxy
@@ -49,7 +52,7 @@ spec:
topologyKey: kubernetes.io/hostname
initContainers:
- name: config-init
image: haproxy:3.3.6-alpine@sha256:744be2dca649a44d490a4c565d36968d19482dd387f1bdd44c168f4322bc6b1e
image: ecr-public.aws.com/docker/library/haproxy:3.0.8-alpine
imagePullPolicy: IfNotPresent
resources: {}
command:
@@ -73,7 +76,7 @@ spec:
mountPath: /data
containers:
- name: haproxy
image: haproxy:3.3.6-alpine@sha256:744be2dca649a44d490a4c565d36968d19482dd387f1bdd44c168f4322bc6b1e
image: ecr-public.aws.com/docker/library/haproxy:3.0.8-alpine
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
@@ -103,10 +106,7 @@ spec:
containerPort: 6379
- name: metrics-port
containerPort: 9101
resources:
requests:
cpu: 5m
memory: 90Mi
resources: {}
volumeMounts:
- name: data
mountPath: /usr/local/etc/haproxy

38
clusters/cl01tl/manifests/argocd/Deployment-argocd-repo-server.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-repo-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-repo-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: repo-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
replicas: 2
revisionHistoryLimit: 3
@@ -21,23 +21,23 @@ spec:
template:
metadata:
annotations:
checksum/cmd-params: 063b9be4f32c11b210d7d5946b35c6037f7641d950fa499f234c60747adfe431
checksum/cm: a06810634afd59812852e7c2753f0e0041610c9e2bb0686bb671a6d4eb6f918f
checksum/cmd-params: 33859ae5e365758d9afa226ebd4dd3190a4a5e470b009cc9f60732a191c6c299
checksum/cm: da83ef9d2a6b579aff8ece72bbc4c0c05d612f665e951eaaccb282e034b058a5
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-repo-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: repo-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
terminationGracePeriodSeconds: 30
serviceAccountName: argocd-repo-server
automountServiceAccountToken: true
containers:
- name: repo-server
image: quay.io/argoproj/argocd:v3.3.6
image: quay.io/argoproj/argocd:v3.3.4
imagePullPolicy: IfNotPresent
args:
- /usr/local/bin/argocd-repo-server
@@ -332,24 +332,21 @@ spec:
httpGet:
path: /healthz?full=true
port: metrics
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 5
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /healthz
port: metrics
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 5
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
resources:
requests:
cpu: 1m
memory: 50Mi
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
@@ -365,13 +362,10 @@ spec:
- '-c'
args:
- /bin/cp --update=none /usr/local/bin/argocd /var/run/argocd/argocd && /bin/ln -sf /var/run/argocd/argocd /var/run/argocd/argocd-cmp-server
image: quay.io/argoproj/argocd:v3.3.6
image: quay.io/argoproj/argocd:v3.3.4
imagePullPolicy: IfNotPresent
name: copyutil
resources:
requests:
cpu: 1m
memory: 50Mi
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:

48
clusters/cl01tl/manifests/argocd/Deployment-argocd-server.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
replicas: 2
revisionHistoryLimit: 3
@@ -21,23 +21,23 @@ spec:
template:
metadata:
annotations:
checksum/cmd-params: 063b9be4f32c11b210d7d5946b35c6037f7641d950fa499f234c60747adfe431
checksum/cm: a06810634afd59812852e7c2753f0e0041610c9e2bb0686bb671a6d4eb6f918f
checksum/cmd-params: 33859ae5e365758d9afa226ebd4dd3190a4a5e470b009cc9f60732a191c6c299
checksum/cm: da83ef9d2a6b579aff8ece72bbc4c0c05d612f665e951eaaccb282e034b058a5
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
terminationGracePeriodSeconds: 30
serviceAccountName: argocd-server
automountServiceAccountToken: true
containers:
- name: server
image: quay.io/argoproj/argocd:v3.3.6
image: quay.io/argoproj/argocd:v3.3.4
imagePullPolicy: IfNotPresent
args:
- /usr/local/bin/argocd-server
@@ -369,6 +369,8 @@ spec:
name: tmp
- name: argocd-cmd-params-cm
mountPath: /home/argocd/params
- mountPath: /tmp/extensions
name: extensions
ports:
- name: server
containerPort: 8080
@@ -394,10 +396,7 @@ spec:
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
resources:
requests:
cpu: 20m
memory: 80Mi
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
@@ -407,6 +406,31 @@ spec:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
initContainers:
- name: extension-trivy
image: quay.io/argoprojlabs/argocd-extension-installer:v0.0.9
imagePullPolicy: IfNotPresent
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
volumeMounts:
- name: extensions
mountPath: /tmp/extensions/
- name: tmp
mountPath: /tmp
env:
- name: EXTENSION_URL
value: https://github.com/mziyabo/argocd-trivy-extension/releases/download/v0.2.0/extension-trivy.tar
- name: EXTENSION_CHECKSUM_URL
value: https://github.com/mziyabo/argocd-trivy-extension/releases/download/v0.2.0/extension-trivy_checksums.txt
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
@@ -419,6 +443,8 @@ spec:
nodeSelector:
kubernetes.io/os: linux
volumes:
- name: extensions
emptyDir: {}
- name: plugins-home
emptyDir: {}
- name: tmp

9
clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-gitea-repo-infrastructure-secret.yaml
View File

@@ -14,13 +14,22 @@ spec:
data:
- secretKey: type
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/argocd/credentials/repo/infrastructure
metadataPolicy: None
property: type
- secretKey: url
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/argocd/credentials/repo/infrastructure
metadataPolicy: None
property: url
- secretKey: sshPrivateKey
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/argocd/credentials/repo/infrastructure
metadataPolicy: None
property: sshPrivateKey

3
clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-notifications-secret.yaml
View File

@@ -14,5 +14,8 @@ spec:
data:
- secretKey: ntfy-token
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /ntfy/user/cl01tl
metadataPolicy: None
property: token

6
clusters/cl01tl/manifests/argocd/ExternalSecret-argocd-oidc-secret.yaml
View File

@@ -14,9 +14,15 @@ spec:
data:
- secretKey: secret
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/argocd
metadataPolicy: None
property: secret
- secretKey: client
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/argocd
metadataPolicy: None
property: client

4
clusters/cl01tl/manifests/argocd/HTTPRoute-argocd-server.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
parentRefs:
- group: gateway.networking.k8s.io

2
clusters/cl01tl/manifests/argocd/Pod-argocd-redis-ha-service-test.yaml
View File

@@ -15,7 +15,7 @@ spec:
tolerations: []
containers:
- name: "argocd-service-test"
image: redis:8.6.2-alpine@sha256:81b6f81d6a6c5b9019231a2e8eb10085e3a139a34f833dcc965a8a959b040b72
image: ecr-public.aws.com/docker/library/redis:8.2.3-alpine
command:
- sh
- -c

37
clusters/cl01tl/manifests/argocd/PrometheusRule-argocd-application-controller.yaml
View File

@@ -1,37 +0,0 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: argocd-application-controller
namespace: "argocd"
labels:
helm.sh/chart: argo-cd-9.5.0
app.kubernetes.io/name: argocd-application-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: application-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
spec:
groups:
- name: argocd
rules:
- alert: ArgoAppMissing
annotations:
description: |
Argo CD has not reported any applications data for the past 15 minutes which means that it must be down or not functioning properly. This needs to be resolved for this cloud to continue to maintain state.
summary: '[Argo CD] No reported applications'
expr: |
absent(argocd_app_info) == 1
for: 15m
labels:
severity: critical
- alert: ArgoAppNotSynced
annotations:
description: |
The application [{{`{{$labels.name}}`}} has not been synchronized for over 12 hours which means that the state of this cloud has drifted away from the state inside Git.
summary: '[{{`{{$labels.name}}`}}] Application not synchronized'
expr: |
argocd_app_info{sync_status!="Synced"} == 1
for: 12h
labels:
severity: warning

18
clusters/cl01tl/manifests/argocd/PrometheusRule-argocd-redis-ha.yaml
View File

@@ -1,18 +0,0 @@
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: argocd-redis-ha
spec:
groups:
- name: argocd-redis-ha
interval: 30s
rules:
- alert: RedisPodDown
annotations:
description: Redis pod {{ $labels.pod }} is down
summary: Redis pod {{ $labels.pod }} is down
expr: |
redis_up{job="argocd-redis-ha"} == 0
for: 5m
labels:
severity: critical

4
clusters/cl01tl/manifests/argocd/Role-argocd-application-controller.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-application-controller
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-application-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: application-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
rules:
- apiGroups:
- ""

4
clusters/cl01tl/manifests/argocd/Role-argocd-applicationset-controller.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-applicationset-controller
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-applicationset-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: applicationset-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
rules:
- apiGroups:
- argoproj.io

4
clusters/cl01tl/manifests/argocd/Role-argocd-dex-server.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-dex-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-dex-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: dex-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
rules:
- apiGroups:
- ""

4
clusters/cl01tl/manifests/argocd/Role-argocd-notifications-controller.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-notifications-controller
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-notifications-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: notifications-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
rules:
- apiGroups:
- argoproj.io

4
clusters/cl01tl/manifests/argocd/Role-argocd-repo-server.yaml
View File

@@ -4,11 +4,11 @@ metadata:
name: argocd-repo-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-repo-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: repo-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
rules:

4
clusters/cl01tl/manifests/argocd/Role-argocd-server.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
rules:
- apiGroups:
- ""

4
clusters/cl01tl/manifests/argocd/RoleBinding-argocd-application-controller.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-application-controller
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-application-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: application-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

4
clusters/cl01tl/manifests/argocd/RoleBinding-argocd-applicationset-controller.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-applicationset-controller
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-applicationset-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: applicationset-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

4
clusters/cl01tl/manifests/argocd/RoleBinding-argocd-dex-server.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-dex-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-dex-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: dex-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

4
clusters/cl01tl/manifests/argocd/RoleBinding-argocd-notifications-controller.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-notifications-controller
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-notifications-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: notifications-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

4
clusters/cl01tl/manifests/argocd/RoleBinding-argocd-repo-server.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-repo-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-repo-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: repo-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

4
clusters/cl01tl/manifests/argocd/RoleBinding-argocd-server.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

4
clusters/cl01tl/manifests/argocd/Secret-argocd-secret.yaml
View File

@@ -4,11 +4,11 @@ metadata:
name: argocd-secret
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-secret
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
type: Opaque

4
clusters/cl01tl/manifests/argocd/Service-argocd-application-controller-metrics.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-application-controller-metrics
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-metrics
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: application-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
type: ClusterIP
ports:

4
clusters/cl01tl/manifests/argocd/Service-argocd-applicationset-controller-metrics.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-applicationset-controller-metrics
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-metrics
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: applicationset-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
type: ClusterIP
ports:

4
clusters/cl01tl/manifests/argocd/Service-argocd-applicationset-controller.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-applicationset-controller
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-applicationset-controller
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: applicationset-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
type: ClusterIP
ports:

4
clusters/cl01tl/manifests/argocd/Service-argocd-dex-server.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-dex-server
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-dex-server
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: dex-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
ports:
- name: http

4
clusters/cl01tl/manifests/argocd/Service-argocd-notifications-controller-metrics.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-notifications-controller-metrics
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-metrics
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: notifications-controller
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
type: ClusterIP
selector:

4
clusters/cl01tl/manifests/argocd/Service-argocd-redis-ha-announce-0.yaml
View File

@@ -21,10 +21,6 @@ spec:
port: 26379
protocol: TCP
targetPort: sentinel
- name: http-exporter
port: 9121
protocol: TCP
targetPort: exporter-port
selector:
release: argocd
app: redis-ha

4
clusters/cl01tl/manifests/argocd/Service-argocd-redis-ha-announce-1.yaml
View File

@@ -21,10 +21,6 @@ spec:
port: 26379
protocol: TCP
targetPort: sentinel
- name: http-exporter
port: 9121
protocol: TCP
targetPort: exporter-port
selector:
release: argocd
app: redis-ha

4
clusters/cl01tl/manifests/argocd/Service-argocd-redis-ha-announce-2.yaml
View File

@@ -21,10 +21,6 @@ spec:
port: 26379
protocol: TCP
targetPort: sentinel
- name: http-exporter
port: 9121
protocol: TCP
targetPort: exporter-port
selector:
release: argocd
app: redis-ha

5
clusters/cl01tl/manifests/argocd/Service-argocd-redis-ha.yaml
View File

@@ -8,7 +8,6 @@ metadata:
heritage: "Helm"
release: "argocd"
chart: redis-ha-4.34.11
exporter: enabled
annotations:
spec:
type: ClusterIP
@@ -22,10 +21,6 @@ spec:
port: 26379
protocol: TCP
targetPort: sentinel
- name: http-exporter-port
port: 9121
protocol: TCP
targetPort: exporter-port
selector:
release: argocd
app: redis-ha

4
clusters/cl01tl/manifests/argocd/Service-argocd-repo-server-metrics.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: argocd-repo-server-metrics
namespace: argocd
labels:
helm.sh/chart: argo-cd-9.5.0
helm.sh/chart: argo-cd-9.4.12
app.kubernetes.io/name: argocd-repo-server-metrics
app.kubernetes.io/instance: argocd
app.kubernetes.io/component: repo-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: argocd
app.kubernetes.io/version: "v3.3.6"
app.kubernetes.io/version: "v3.3.4"
spec:
type: ClusterIP
ports:

Some files were not shown because too many files have changed in this diff Show More