diff --git a/kubernetes/main/apps/default/zigbee/exporter/externalsecret.yaml b/kubernetes/main/apps/default/zigbee/exporter/externalsecret.yaml new file mode 100644 index 0000000000000..482a07b07bc0f --- /dev/null +++ b/kubernetes/main/apps/default/zigbee/exporter/externalsecret.yaml @@ -0,0 +1,20 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: zigbee-exporter +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: zigbee-exporter-secret + template: + engineVersion: v2 + data: + MQTT_USERNAME: "{{ .X_EMQX_MQTT_USERNAME }}" + MQTT_PASSWORD: "{{ .X_EMQX_MQTT_PASSWORD }}" + dataFrom: + - extract: + key: emqx diff --git a/kubernetes/main/apps/default/zigbee/exporter/helmrelease.yaml b/kubernetes/main/apps/default/zigbee/exporter/helmrelease.yaml new file mode 100644 index 0000000000000..f6c0af4c3468f --- /dev/null +++ b/kubernetes/main/apps/default/zigbee/exporter/helmrelease.yaml @@ -0,0 +1,77 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app zigbee-exporter +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.6.0 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + dependsOn: + - name: zigbee + values: + controllers: + zigbee-exporter: + annotations: + reloader.stakater.com/auto: "true" + containers: + app: + image: + repository: ghcr.io/kpetremann/mqtt-exporter + tag: 1.6.1@sha256:e105467fe086f9b01de7da6aa25acf135d9262a270d35c3895dc813c154ddb22 + env: + MQTT_ADDRESS: emqx-listeners.default.svc.cluster.local + MQTT_TOPIC: zigbee2mqtt/# + MQTT_V5_PROTOCOL: true + PROMETHEUS_PORT: &port 80 + TZ: America/New_York + ZIGBEE2MQTT_AVAILABILITY: true + envFrom: + - secretRef: + name: zigbee-exporter-secret + probes: + liveness: + enabled: true + readiness: + enabled: true + resources: + requests: + cpu: 10m + limits: + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: [ALL] + defaultPodOptions: + securityContext: + runAsNonRoot: true + runAsUser: 1000 + runAsGroup: 1000 + service: + app: + controller: *app + ports: + http: + port: *port + serviceMonitor: + app: + serviceName: *app + endpoints: + - port: http diff --git a/kubernetes/main/apps/default/zigbee/exporter/kustomization.yaml b/kubernetes/main/apps/default/zigbee/exporter/kustomization.yaml new file mode 100644 index 0000000000000..4eed917b96fa1 --- /dev/null +++ b/kubernetes/main/apps/default/zigbee/exporter/kustomization.yaml @@ -0,0 +1,7 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./externalsecret.yaml + - ./helmrelease.yaml diff --git a/kubernetes/main/apps/default/zigbee/ks.yaml b/kubernetes/main/apps/default/zigbee/ks.yaml index 149a13a7971e0..99c3523b67e9c 100644 --- a/kubernetes/main/apps/default/zigbee/ks.yaml +++ b/kubernetes/main/apps/default/zigbee/ks.yaml @@ -26,3 +26,23 @@ spec: substitute: APP: *app VOLSYNC_CAPACITY: 1Gi +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app zigbee-exporter + namespace: flux-system +spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/main/apps/default/zigbee/exporter + prune: true + sourceRef: + kind: GitRepository + name: flux-system + wait: false + interval: 30m + timeout: 5m