From ee2c57a2268ee4893c79f8a97babc7b11f795223 Mon Sep 17 00:00:00 2001 From: Laszlo Fogas Date: Tue, 16 Jan 2024 16:24:58 +0100 Subject: [PATCH] Deploy manifests --- deploy/helm/Readme.md | 3 ++ deploy/helm/onechart-helm-values.yaml | 10 ++++ deploy/k8s/manifest.yaml | 77 +++++++++++++++++++++++++++ deploy/k8s/rbac.yaml | 47 ++++++++++++++++ 4 files changed, 137 insertions(+) create mode 100644 deploy/helm/Readme.md create mode 100644 deploy/helm/onechart-helm-values.yaml create mode 100644 deploy/k8s/manifest.yaml create mode 100644 deploy/k8s/rbac.yaml diff --git a/deploy/helm/Readme.md b/deploy/helm/Readme.md new file mode 100644 index 0000000..89e2f24 --- /dev/null +++ b/deploy/helm/Readme.md @@ -0,0 +1,3 @@ +``` +helm install capacitor onechart/onechart -f deploy/helm/onechart-helm-values.yaml +``` \ No newline at end of file diff --git a/deploy/helm/onechart-helm-values.yaml b/deploy/helm/onechart-helm-values.yaml new file mode 100644 index 0000000..80be238 --- /dev/null +++ b/deploy/helm/onechart-helm-values.yaml @@ -0,0 +1,10 @@ +image: + repository: ghcr.io/gimlet-io/capacitor + tag: v0.1.0-rc.1 +containerPort: 9000 +probe: + enabled: true + path: / +resources: + ignoreLimits: true +serviceAccount: capacitor diff --git a/deploy/k8s/manifest.yaml b/deploy/k8s/manifest.yaml new file mode 100644 index 0000000..9ecf7ce --- /dev/null +++ b/deploy/k8s/manifest.yaml @@ -0,0 +1,77 @@ +--- +# Source: onechart/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: capacitor + namespace: infrastructure + labels: + helm.sh/chart: onechart-0.63.0 + app.kubernetes.io/name: onechart + app.kubernetes.io/instance: capacitor + app.kubernetes.io/managed-by: Helm +spec: + type: ClusterIP + ports: + - port: 9000 + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/name: onechart + app.kubernetes.io/instance: capacitor +--- +# Source: onechart/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: capacitor + namespace: infrastructure + labels: + helm.sh/chart: onechart-0.63.0 + app.kubernetes.io/name: onechart + app.kubernetes.io/instance: capacitor + app.kubernetes.io/managed-by: Helm + annotations: + kubectl.kubernetes.io/default-container: capacitor +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: onechart + app.kubernetes.io/instance: capacitor + template: + metadata: + annotations: + checksum/config: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 + labels: + app.kubernetes.io/name: onechart + app.kubernetes.io/instance: capacitor + spec: + containers: + - image: ghcr.io/gimlet-io/capacitor:v0.1.0-rc.1 + imagePullPolicy: IfNotPresent + name: capacitor + ports: + - containerPort: 9000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 9000 + scheme: HTTP + initialDelaySeconds: 0 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 3 + resources: + requests: + cpu: 200m + memory: 200Mi + securityContext: {} + initContainers: null + securityContext: + fsGroup: 999 + serviceAccountName: capacitor diff --git a/deploy/k8s/rbac.yaml b/deploy/k8s/rbac.yaml new file mode 100644 index 0000000..2f9b05b --- /dev/null +++ b/deploy/k8s/rbac.yaml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: capacitor + namespace: infrastructure +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: capacitor +rules: +- apiGroups: + - networking.k8s.io + - apps + - "" + - source.toolkit.fluxcd.io + - kustomize.toolkit.fluxcd.io + - helm.toolkit.fluxcd.io + resources: + - pods + - pods/log + - ingresses + - deployments + - services + - secrets + - events + - configmaps + - gitrepositories + - kustomizations + - helmreleases + verbs: + - get + - watch + - list +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: capacitor +subjects: + - kind: ServiceAccount + name: capacitor + namespace: infrastructure +roleRef: + kind: ClusterRole + name: capacitor + apiGroup: rbac.authorization.k8s.io