🚀 tf-controller

2025-09-17 18:24:14 +02:00 · 2023-09-13 17:28:18 +02:00
parent 7cf84432f1
commit fb9caacc1c
11 changed files with 187 additions and 7 deletions
--- a/kubernetes/apps/flux-system/tf-controller/app/externalsecret.yaml
+++ b/kubernetes/apps/flux-system/tf-controller/app/externalsecret.yaml
@@ -0,0 +1,38 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: tf-controller-sops
+  namespace: flux-system
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: onepassword-connect
+  target:
+    name: tf-controller-sops-secret
+    creationPolicy: Owner
+  data:
+    - secretKey: keys.txt
+      remoteRef:
+        key: tf-controller
+        property: sops_key
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: tf-controller-op
+  namespace: flux-system
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: onepassword-connect
+  target:
+    name: tf-controller-op-secret
+    creationPolicy: Owner
+  data:
+    - secretKey: OP_CONNECT_TOKEN
+      remoteRef:
+        key: tf-controller
+        property: 1password_connect_token
--- a/kubernetes/apps/flux-system/tf-controller/app/helmrelease.yaml
+++ b/kubernetes/apps/flux-system/tf-controller/app/helmrelease.yaml
@@ -0,0 +1,33 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/helm.toolkit.fluxcd.io/helmrelease_v2beta1.json
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: tf-controller
+  namespace: flux-system
+spec:
+  interval: 30m
+  chart:
+    spec:
+      chart: tf-controller
+      version: 0.15.1
+      sourceRef:
+        kind: HelmRepository
+        name: weaveworks
+        namespace: flux-system
+  maxHistory: 2
+  install:
+    remediation:
+      retries: 3
+  upgrade:
+    cleanupOnFail: true
+    remediation:
+      retries: 3
+  uninstall:
+    keepHistory: false
+  values:
+    installCRDs: true
+    metrics:
+      enabled: true
+      serviceMonitor:
+        enabled: true
--- a/kubernetes/apps/flux-system/tf-controller/app/kustomization.yaml
+++ b/kubernetes/apps/flux-system/tf-controller/app/kustomization.yaml
@@ -0,0 +1,8 @@
+---
+# yaml-language-server: $schema=https://json.schemastore.org/kustomization
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: flux-system
+resources:
+  - ./externalsecret.yaml
+  - ./helmrelease.yaml