diff --git a/.github/workflows/publish-schemas.yaml b/.github/workflows/publish-schemas.yaml deleted file mode 100644 index 23b4aa75f..000000000 --- a/.github/workflows/publish-schemas.yaml +++ /dev/null @@ -1,126 +0,0 @@ ---- -name: "Publish Schemas" - -on: - workflow_dispatch: - schedule: - - cron: "0 0 * * 0" - push: - branches: ["main"] - paths: [".github/workflows/publish-schemas.yaml"] - -jobs: - publish-manifests: - name: Publish Manifests - runs-on: ["arc-runner-set-home-ops"] - steps: - - name: Setup Flux - uses: fluxcd/flux2/action@a18d4f345021182d6516bf3e8e00210567f46ab5 # v2.1.2 - - - name: Setup Kube Tools - uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3 - with: - setup-tools: kubectl - - - name: Setup Python - uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 - with: - python-version: 3.x - - - name: Login to GitHub Container Registry - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - with: - registry: ghcr.io - username: "${{ github.actor }}" - password: "${{ secrets.GITHUB_TOKEN }}" - - - name: Setup crd-extractor - uses: robinraju/release-downloader@efa4cd07bd0195e6cc65e9e30c251b49ce4d3e51 # v1.8 - with: - repository: datreeio/CRDs-catalog - latest: true - fileName: crd-extractor.zip - - - name: Write kubeconfig - id: kubeconfig - uses: timheuer/base64-to-file@adaa40c0c581f276132199d4cf60afa07ce60eac # v1.2 - with: - encodedString: ${{ secrets.KUBECONFIG }} - fileName: kubeconfig - - - name: Run crd-extractor - env: - KUBECONFIG: ${{ steps.kubeconfig.outputs.filePath }} - shell: bash - run: | - unzip -j $GITHUB_WORKSPACE/crd-extractor.zip -d $GITHUB_WORKSPACE - bash $GITHUB_WORKSPACE/crd-extractor.sh - - - name: Generate tag - id: generate-tag - shell: bash - run: echo "tag=ghcr.io/${{ github.repository_owner }}/manifests/kubernetes-schemas:$(git rev-parse --short HEAD)" >> "${GITHUB_OUTPUT}" - - - name: Publish manifests - shell: bash - run: | - flux push artifact oci://${{ steps.generate-tag.outputs.tag }} \ - --path="/home/runner/.datree/crdSchemas" \ - --source="${{ github.repositoryUrl }}" \ - --revision="${{ github.ref_name }}@sha1:$(git rev-parse HEAD)" - - - name: Tag manifests - shell: bash - run: flux tag artifact oci://${{ steps.generate-tag.outputs.tag }} --tag main - - publish-web: - name: Publish Web - runs-on: ubuntu-latest - needs: ["publish-manifests"] - steps: - - name: Setup Flux - uses: fluxcd/flux2/action@a18d4f345021182d6516bf3e8e00210567f46ab5 # v2.1.2 - - - name: Setup QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - - - name: Setup Docker Buildx - id: buildx - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - - - name: Login to GitHub Container Registry - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - with: - registry: ghcr.io - username: "${{ github.actor }}" - password: "${{ secrets.GITHUB_TOKEN }}" - - - name: Pull manifests - shell: bash - run: | - mkdir -p /home/runner/crdSchemas - flux pull artifact oci://ghcr.io/${{ github.repository_owner }}/manifests/kubernetes-schemas:$(git rev-parse --short HEAD) --output /home/runner/crdSchemas - - - name: Write nginx-unprivileged Dockerfile - shell: bash - run: | - cat < /home/runner/crdSchemas/Dockerfile - FROM docker.io/nginxinc/nginx-unprivileged:latest - COPY --chown=nginx:nginx --chmod=755 . /usr/share/nginx/html - USER nginx - EOF - - - name: Publish web container - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 - with: - context: /home/runner/crdSchemas - platforms: linux/amd64,linux/arm64 - file: /home/runner/crdSchemas/Dockerfile - push: true - tags: | - ghcr.io/${{ github.repository_owner }}/kubernetes-schemas:latest - cache-from: type=gha - cache-to: type=gha,mode=max - labels: | - org.opencontainers.image.source="${{ github.repositoryUrl }}" - org.opencontainers.image.authors="Auricom " diff --git a/kubernetes/apps/default/kubernetes-schemas/app/README.md b/kubernetes/apps/default/kubernetes-schemas/app/README.md deleted file mode 100644 index 8e44472f0..000000000 --- a/kubernetes/apps/default/kubernetes-schemas/app/README.md +++ /dev/null @@ -1,19 +0,0 @@ -extract_ca_crt_from_secret -kubectl get secret kubernetes-schemas-sa -o json | jq -r '.data["ca.crt"]' | base64 -d > ca.crt - -get_user_token_from_secret -USER_TOKEN=$(kubectl get secret kubernetes-schemas-sa -o json | jq -r '.data["token"]' | base64 -d) - -Create token -context=$(kubectl config current-context) -CLUSTER_NAME=$(kubectl config get-contexts "$context" | awk '{print $3}' | tail -n 1) -ENDPOINT=$(kubectl config view -o jsonpath="{.clusters[?(@.name == \"${CLUSTER_NAME}\")].cluster.server}") -kubectl config set-cluster "${CLUSTER_NAME}" --kubeconfig=kubernetes-schemas-config --server="${ENDPOINT}" --certificate-authority="ca.crt" --embed-certs=true -kubectl config set-credentials "kubernetes-schemas-default-${CLUSTER_NAME}" --kubeconfig="kubernetes-schemas-config" --token="${USER_TOKEN}" -kubectl config set-context "kubernetes-schemas-default-${CLUSTER_NAME}" --kubeconfig="kubernetes-schemas-config" --cluster="${CLUSTER_NAME}" --user="kubernetes-schemas-default-${CLUSTER_NAME}" --namespace="default" -kubectl config use-context "kubernetes-schemas-default-${CLUSTER_NAME}" --kubeconfig="kubernetes-schemas-config" - -# Test - -KUBECONFIG=kubernetes-schemas-config kubectl get pods --all-namespaces -KUBECONFIG=kubernetes-schemas-config kubectl get crds diff --git a/kubernetes/apps/default/kubernetes-schemas/app/gatus.yaml b/kubernetes/apps/default/kubernetes-schemas/app/gatus.yaml deleted file mode 100644 index 4f985f239..000000000 --- a/kubernetes/apps/default/kubernetes-schemas/app/gatus.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: kubernetes-schemas-gatus-ep - namespace: default - labels: - gatus.io/enabled: "true" -data: - config.yaml: | - endpoints: - - name: kubernetes-schemas - group: external - url: https://kubernetes-schemas.${SECRET_CLUSTER_DOMAIN} - interval: 1m - client: - dns-resolver: tcp://1.1.1.1:53 - insecure: true - conditions: - - "[STATUS] == 200" - alerts: - - type: pushover diff --git a/kubernetes/apps/default/kubernetes-schemas/app/helmrelease.yaml b/kubernetes/apps/default/kubernetes-schemas/app/helmrelease.yaml deleted file mode 100644 index 392314cd8..000000000 --- a/kubernetes/apps/default/kubernetes-schemas/app/helmrelease.yaml +++ /dev/null @@ -1,66 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: &app kubernetes-schemas - namespace: default -spec: - interval: 30m - chart: - spec: - chart: app-template - version: 2.4.0 - sourceRef: - kind: HelmRepository - name: bjw-s - namespace: flux-system - maxHistory: 2 - install: - createNamespace: true - remediation: - retries: 3 - upgrade: - cleanupOnFail: true - remediation: - retries: 3 - uninstall: - keepHistory: false - values: - controllers: - main: - strategy: RollingUpdate - containers: - main: - image: - repository: ghcr.io/auricom/kubernetes-schemas - tag: latest@sha256:1a4f478a49e627d7d5d91277a04b84923fac0472a6e065609863f97339e1b94e - resources: - requests: - cpu: 10m - memory: 50Mi - limits: - memory: 100Mi - service: - main: - ports: - http: - port: 8080 - ingress: - main: - enabled: true - className: nginx - annotations: - external-dns.alpha.kubernetes.io/enabled: "true" - external-dns.alpha.kubernetes.io/target: services.${SECRET_DOMAIN}. - hajimari.io/enable: "false" - hosts: - - host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}" - paths: - - path: / - service: - name: main - port: http - tls: - - hosts: - - *host diff --git a/kubernetes/apps/default/kubernetes-schemas/app/kustomization.yaml b/kubernetes/apps/default/kubernetes-schemas/app/kustomization.yaml deleted file mode 100644 index c64161860..000000000 --- a/kubernetes/apps/default/kubernetes-schemas/app/kustomization.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: default -resources: - - ./helmrelease.yaml - - ./gatus.yaml - - ./rbac.yaml diff --git a/kubernetes/apps/default/kubernetes-schemas/app/rbac.yaml b/kubernetes/apps/default/kubernetes-schemas/app/rbac.yaml deleted file mode 100644 index 37a7562ec..000000000 --- a/kubernetes/apps/default/kubernetes-schemas/app/rbac.yaml +++ /dev/null @@ -1,41 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubernetes-schemas - namespace: default ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: kubernetes-schemas -rules: -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kubernetes-schemas -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kubernetes-schemas -subjects: -- kind: ServiceAccount - name: kubernetes-schemas - namespace: default ---- -apiVersion: v1 -kind: Secret -type: kubernetes.io/service-account-token -metadata: - name: kubernetes-schemas-sa - annotations: - kubernetes.io/service-account.name: "kubernetes-schemas" diff --git a/kubernetes/apps/default/kubernetes-schemas/ks.yaml b/kubernetes/apps/default/kubernetes-schemas/ks.yaml deleted file mode 100644 index 0698a6b29..000000000 --- a/kubernetes/apps/default/kubernetes-schemas/ks.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: cluster-apps-kubernetes-schemas - namespace: flux-system -spec: - path: ./kubernetes/apps/default/kubernetes-schemas/app - prune: true - sourceRef: - kind: GitRepository - name: home-ops-kubernetes - wait: false # no flux ks dependents - interval: 30m - retryInterval: 1m - timeout: 5m diff --git a/kubernetes/apps/default/kustomization.yaml b/kubernetes/apps/default/kustomization.yaml index 22de50e91..155f429e8 100644 --- a/kubernetes/apps/default/kustomization.yaml +++ b/kubernetes/apps/default/kustomization.yaml @@ -28,7 +28,6 @@ resources: - ./komf/ks.yaml - ./komga/ks.yaml - ./kresus/ks.yaml - - ./kubernetes-schemas/ks.yaml - ./libmedium/ks.yaml - ./lidarr/ks.yaml - ./linkding/ks.yaml