From 9650740fd19ce89f4fa296bad2c3baf8836b6564 Mon Sep 17 00:00:00 2001 From: Patrick Spek Date: Thu, 24 Aug 2023 10:01:57 +0200 Subject: Add Argo Workflows --- .../tyilnet/cicd-system/argo-events/event-bus.yaml | 20 +++++ .../cicd-system/argo-events/helm-chart.yaml | 14 ++++ .../cicd-system/argo-workflows/helm-chart.yaml | 51 ++++++++++++ .../tyilnet/cicd-system/auth-proxy.yaml | 29 +++++++ .../cicd-system/resources/event-bus/default.yaml | 20 +++++ .../resources/event-sources/webhook.yaml | 18 +++++ .../resources/workflow-templates/fetch-git.yaml | 46 +++++++++++ .../workflow-templates/project-bashtard.yaml | 92 ++++++++++++++++++++++ .../resources/workflow-templates/qa-reuse.yaml | 31 ++++++++ .../k3s-master/manifests.d/tyilnet/namespaces.yaml | 6 ++ 10 files changed, 327 insertions(+) create mode 100644 data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/event-bus.yaml create mode 100644 data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml create mode 100644 data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-workflows/helm-chart.yaml create mode 100644 data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml create mode 100644 data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-bus/default.yaml create mode 100644 data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml create mode 100644 data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml create mode 100644 data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml create mode 100644 data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/qa-reuse.yaml diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/event-bus.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/event-bus.yaml new file mode 100644 index 0000000..20143b6 --- /dev/null +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/event-bus.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: EventBus +metadata: + name: default + namespace: cicd-system +spec: + nats: + native: + replicas: 3 + containerTemplate: + resources: + requests: + cpu: "10m" + memory: "64Mi" + persistence: + storageClassName: longhorn + accessMode: ReadWriteOnce + volumeSize: 10Gi +... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml new file mode 100644 index 0000000..65d7253 --- /dev/null +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-events/helm-chart.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: argo-events + namespace: cicd-system +spec: + repo: https://argoproj.github.io/argo-helm + chart: argo-events + valuesContent: |- + controller: + rbac: + namespaced: true +... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-workflows/helm-chart.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-workflows/helm-chart.yaml new file mode 100644 index 0000000..77fdc6d --- /dev/null +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/argo-workflows/helm-chart.yaml @@ -0,0 +1,51 @@ +--- +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: argo-workflows + namespace: cicd-system +spec: + repo: https://argoproj.github.io/argo-helm + chart: argo-workflows + valuesContent: |- + artifactRepository: + archiveLogs: true + s3: + bucket: argo + endpoint: 10.57.101.1:3900 + insecure: true + accessKeySecret: + name: garage-creds-argo + key: accessKey + secretKeySecret: + name: garage-creds-argo + key: secretKey + controller: + workflowDefaults: + spec: + entrypoint: main + serviceAccountName: "argo-workflow" + ttlStrategy: + secondsAfterCompletion: 300 + podGC: + strategy: OnPodCompletion + singleNamespace: true + server: + extraArgs: + - "--auth-mode=server" + ingress: + enabled: false + ingressClassName: traefik + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd + tls: + - secretName: tls-nl.tyil.ci + hosts: + - ci.tyil.nl + hosts: + - ci.tyil.nl + workflow: + serviceAccount: + create: true +... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml new file mode 100644 index 0000000..3627b53 --- /dev/null +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/auth-proxy.yaml @@ -0,0 +1,29 @@ +--- +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: auth-proxy-ci + namespace: cicd-system +spec: + chart: https://git.tyil.nl/helm/oauth2-proxy/snapshot/oauth2-proxy-497a618778ead59ce985b81031a863dda9ff2126.tar.gz + valuesContent: |- + secret: + enabled: false + envFrom: + secretRef: + - name: auth-proxy-ci + ingress: + enabled: true + ingressClassName: traefik + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd + tls: + - secretName: tls-nl.tyil.ci + hosts: + - ci.tyil.nl + hosts: + - host: ci.tyil.nl + paths: + - path: / + pathType: Prefix diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-bus/default.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-bus/default.yaml new file mode 100644 index 0000000..20143b6 --- /dev/null +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-bus/default.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: EventBus +metadata: + name: default + namespace: cicd-system +spec: + nats: + native: + replicas: 3 + containerTemplate: + resources: + requests: + cpu: "10m" + memory: "64Mi" + persistence: + storageClassName: longhorn + accessMode: ReadWriteOnce + volumeSize: 10Gi +... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml new file mode 100644 index 0000000..cc46d43 --- /dev/null +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/event-sources/webhook.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: EventSource +metadata: + name: webhook + namespace: cicd-system +spec: + service: + ports: + - port: 12000 + targetPort: 12000 + webhook: + example: + endpoint: /example + method: POST + port: "12000" + url: https://ci.tyil.nl +... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml new file mode 100644 index 0000000..785028d --- /dev/null +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/fetch-git.yaml @@ -0,0 +1,46 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: WorkflowTemplate +metadata: + name: fetch-git + namespace: cicd-system +spec: + arguments: + parameters: + - name: repo + value: "" + - name: ref + value: master + - name: path + value: "/usr/src" + templates: + - name: main + inputs: + parameters: + - name: repo + value: "{{workflow.parameters.repo}}" + - name: ref + value: "{{workflow.parameters.ref}}" + - name: path + value: "{{workflow.parameters.path}}" + outputs: + artifacts: + - name: src + path: "{{inputs.parameters.path}}" + script: + image: debian + command: + - dash + source: | + export DEBIAN_FRONTEND=noninteractive + export GIT_WORK_TREE="{{inputs.parameters.path}}" + export GIT_DIR="$(mktemp -d)" + mkdir -pv -- "$GIT_WORK_TREE" + + apt update && apt install -y git + + git init + git remote add origin "{{inputs.parameters.repo}}" + git fetch origin -a + git reset --hard "origin/{{inputs.parameters.ref}}" +... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml new file mode 100644 index 0000000..e2b399d --- /dev/null +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/project-bashtard.yaml @@ -0,0 +1,92 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: WorkflowTemplate +metadata: + name: project-bashtard + namespace: cicd-system +spec: + podGC: + deleteDelayDuration: 1h + arguments: + parameters: + - name: ref + value: master + templates: + - name: main + steps: + - - name: fetch + templateRef: + name: fetch-git + template: main + arguments: + parameters: + - name: ref + value: "{{workflow.parameters.ref}}" + - name: repo + value: "https://git.tyil.nl/bashtard" + - - name: qa-reuse + templateRef: + name: qa-reuse + template: main + arguments: + artifacts: + - name: src + from: "{{steps.fetch.outputs.artifacts.src}}" + - name: qa-shellcheck + template: qa-shellcheck + arguments: + artifacts: + - name: src + from: "{{steps.fetch.outputs.artifacts.src}}" + - - name: dist-tar-gz + template: dist + arguments: + artifacts: + - name: src + from: "{{steps.fetch.outputs.artifacts.src}}" + parameters: + - name: format + value: targz + - name: dist-deb + template: dist + arguments: + artifacts: + - name: src + from: "{{steps.fetch.outputs.artifacts.src}}" + parameters: + - name: format + value: debian + + - name: qa-shellcheck + inputs: + artifacts: + - name: src + path: "/code" + script: + image: pipelinecomponents/shellcheck + command: + - bash + source: |- + shellcheck -s sh bin/bashtard + shellcheck -x -s bash **/*.bash + + - name: dist + inputs: + artifacts: + - name: src + path: "/usr/src/bashtard-{{workflow.parameters.ref}}" + parameters: + - name: format + value: "targz" + script: + image: debian + command: + - dash + source: |- + export DEBIAN_FRONTEND=noninteractive + + cd -- "/usr/src/bashtard-{{workflow.parameters.ref}}" + + apt update && apt install -y make + make pkg-{{inputs.parameters.format}} +... diff --git a/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/qa-reuse.yaml b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/qa-reuse.yaml new file mode 100644 index 0000000..7c7d455 --- /dev/null +++ b/data.d/k3s-master/manifests.d/tyilnet/cicd-system/resources/workflow-templates/qa-reuse.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: WorkflowTemplate +metadata: + name: qa-reuse + namespace: cicd-system +spec: + arguments: + parameters: + - name: path + value: "/usr/src" + artifacts: + - name: src + from: "" + templates: + - name: main + inputs: + parameters: + - name: path + value: "{{workflow.parameters.path}}" + artifacts: + - name: src + path: "{{workflow.artifacts.path}}" + container: + image: fsfe/reuse + workdir: "{{inputs.parameters.path}}" + command: + - reuse + args: + - lint +... diff --git a/data.d/k3s-master/manifests.d/tyilnet/namespaces.yaml b/data.d/k3s-master/manifests.d/tyilnet/namespaces.yaml index 42cc6a3..bc0f4ad 100644 --- a/data.d/k3s-master/manifests.d/tyilnet/namespaces.yaml +++ b/data.d/k3s-master/manifests.d/tyilnet/namespaces.yaml @@ -8,6 +8,12 @@ metadata: apiVersion: v1 kind: Namespace metadata: + name: cicd-system +... +--- +apiVersion: v1 +kind: Namespace +metadata: name: base-system ... --- -- cgit v1.1