From 31fbde46fab0dbed8c572573dfbc75593d9b3702 Mon Sep 17 00:00:00 2001 From: Max Resnick Date: Mon, 15 Apr 2024 20:54:53 -0700 Subject: feat: kubernetes deployment manifests adds deployment manifests for cgit and go-git-server --- manifests/base/cm.yaml | 25 +++++++++++++++++ manifests/base/deploy.yaml | 57 +++++++++++++++++++++++++++++++++++++++ manifests/base/kustomization.yaml | 14 ++++++++++ manifests/base/pvc.yaml | 14 ++++++++++ manifests/base/svc.yaml | 12 +++++++++ 5 files changed, 122 insertions(+) create mode 100644 manifests/base/cm.yaml create mode 100644 manifests/base/deploy.yaml create mode 100644 manifests/base/kustomization.yaml create mode 100644 manifests/base/pvc.yaml create mode 100644 manifests/base/svc.yaml (limited to 'manifests/base') diff --git a/manifests/base/cm.yaml b/manifests/base/cm.yaml new file mode 100644 index 0000000..18423be --- /dev/null +++ b/manifests/base/cm.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +data: + policy.csv: | + g, role:admin, role:maintainers + g, uid:admin, role:admin + g, uid:grumps, role:maintainers + g, aid:argo, role:bots + auth_model.ini: | + [request_definition] + r = sub, obj, act + + [policy_definition] + p = sub, obj, act + + [role_definition] + g = _, _ + + [policy_effect] + e = some(where (p.eft == allow)) + + [matchers] + m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act +kind: ConfigMap +metadata: + name: go-git-policy diff --git a/manifests/base/deploy.yaml b/manifests/base/deploy.yaml new file mode 100644 index 0000000..f7ad0bf --- /dev/null +++ b/manifests/base/deploy.yaml @@ -0,0 +1,57 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + deployment.kubernetes.io/revision: "3" + labels: + app: go-git-server + name: go-git-server + namespace: default +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: go-git-server + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: go-git-server + spec: + containers: + - image: go-git-registry:5000/go-git-server:latest + imagePullPolicy: Always + name: go-git-server + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tokens + name: go-git-server-tokens + readOnly: true + - mountPath: /opt/repos + name: go-git-storage + - mountPath: /opt/app/etc + name: go-git-policy + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: go-git-policy + name: go-git-policy + - name: go-git-storage + persistentVolumeClaim: + claimName: go-git-storage + - name: go-git-server-tokens + secret: + defaultMode: 420 + secretName: go-git-server diff --git a/manifests/base/kustomization.yaml b/manifests/base/kustomization.yaml new file mode 100644 index 0000000..952446b --- /dev/null +++ b/manifests/base/kustomization.yaml @@ -0,0 +1,14 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +metadata: + name: go-git-server + +commonLabels: + app: go-git-server + +resources: +- cm.yaml +- svc.yaml +- pvc.yaml +- deploy.yaml + diff --git a/manifests/base/pvc.yaml b/manifests/base/pvc.yaml new file mode 100644 index 0000000..1a47dc5 --- /dev/null +++ b/manifests/base/pvc.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: go-git-storage + annotations: + volumeType: local +spec: + accessModes: + - ReadWriteOnce + storageClassName: local-path + resources: + requests: + storage: 512Mi + diff --git a/manifests/base/svc.yaml b/manifests/base/svc.yaml new file mode 100644 index 0000000..7305255 --- /dev/null +++ b/manifests/base/svc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: go-git-server + name: go-git-server +spec: + ports: + - name: http + port: 8080 + selector: + app: go-git-server -- cgit v1.2.3