diff --git a/apps/base/artifactapi/artifactapi-deployment.yaml b/apps/base/artifactapi/artifactapi-deployment.yaml new file mode 100644 index 0000000..d0d5713 --- /dev/null +++ b/apps/base/artifactapi/artifactapi-deployment.yaml @@ -0,0 +1,73 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: artifactapi-deployment + namespace: artifactapi + annotations: + reloader.stakater.com/auto: "true" +spec: + replicas: 2 + selector: + matchLabels: + app: artifactapi + strategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + template: + spec: + automountServiceAccountToken: true + containers: + - name: artifactapi + image: git.unkin.net/unkin/almalinux9-artifactapi:latest + imagePullPolicy: Always + ports: + - containerPort: 8000 + name: http + protocol: TCP + envFrom: + - configMapRef: + name: artifactapi-env + optional: false + - secretRef: + name: environment + optional: false + livenessProbe: + failureThreshold: 3 + httpGet: + path: /health + port: http + scheme: HTTP + initialDelaySeconds: 30 + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + failureThreshold: 3 + httpGet: + path: /health + port: http + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: "1" + memory: 4Gi + requests: + cpu: 100m + memory: 256Mi + volumeMounts: + - mountPath: /app/remotes.yaml + mountPropagation: None + name: remotes-config + subPath: remotes.yaml + restartPolicy: Always + volumes: + - configMap: + name: remotes-config + optional: false + name: remotes-config diff --git a/apps/base/artifactapi/artifactapi-hpa.yaml b/apps/base/artifactapi/artifactapi-hpa.yaml new file mode 100644 index 0000000..4627fae --- /dev/null +++ b/apps/base/artifactapi/artifactapi-hpa.yaml @@ -0,0 +1,41 @@ +--- +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: artifactapi-hpa + namespace: artifactapi +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: artifactapi-deployment + minReplicas: 2 + maxReplicas: 10 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 60 + behavior: + scaleUp: + stabilizationWindowSeconds: 0 + selectPolicy: Max + policies: + - type: Percent + value: 100 + periodSeconds: 30 + - type: Pods + value: 4 + periodSeconds: 30 + scaleDown: + stabilizationWindowSeconds: 300 + selectPolicy: Min + policies: + - type: Percent + value: 10 + periodSeconds: 60 + - type: Pods + value: 2 + periodSeconds: 60 diff --git a/apps/base/artifactapi/configmap.yaml b/apps/base/artifactapi/configmap.yaml new file mode 100644 index 0000000..68c3468 --- /dev/null +++ b/apps/base/artifactapi/configmap.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: artifactapi-env + namespace: artifactapi +data: + CONFIG_PATH: /app/remotes.yaml + DBHOST: postgres-service + DBNAME: artifacts + DBPORT: "5432" + DBUSER: artifacts + MINIO_BUCKET: artifactapi + MINIO_ENDPOINT: radosgw.service.consul + MINIO_SECURE: "true" + REDIS_URL: redis://redis-service:6379 + REQUESTS_CA_BUNDLE: /etc/pki/tls/certs/ca-bundle.crt + SSL_CERT_FILE: /etc/pki/tls/certs/ca-bundle.crt +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: postgres-env + namespace: artifactapi +data: + POSTGRES_DB: artifacts + POSTGRES_USER: artifacts diff --git a/apps/base/artifactapi/ingress.yaml b/apps/base/artifactapi/ingress.yaml new file mode 100644 index 0000000..0f1bff9 --- /dev/null +++ b/apps/base/artifactapi/ingress.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + cert-manager.io/cluster-issuer: vault-issuer + cert-manager.io/common-name: artifactapi.k8s.syd1.au.unkin.net + cert-manager.io/private-key-size: "4096" + external-dns.alpha.kubernetes.io/hostname: artifactapi.k8s.syd1.au.unkin.net + external-dns.alpha.kubernetes.io/target: 198.18.200.0 + nginx.ingress.kubernetes.io/proxy-body-size: 10g + nginx.ingress.kubernetes.io/proxy-read-timeout: "600" + nginx.ingress.kubernetes.io/ssl-redirect: "false" + name: artifactapi-ingress + namespace: artifactapi +spec: + ingressClassName: nginx + rules: + - host: artifactapi.k8s.syd1.au.unkin.net + http: + paths: + - backend: + service: + name: artifactapi-api + port: + number: 80 + path: / + pathType: Prefix + tls: + - hosts: + - artifactapi.k8s.syd1.au.unkin.net + secretName: artifactapi-tls diff --git a/apps/base/artifactapi/kustomization.yaml b/apps/base/artifactapi/kustomization.yaml new file mode 100644 index 0000000..8833144 --- /dev/null +++ b/apps/base/artifactapi/kustomization.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - artifactapi-deployment.yaml + - artifactapi-hpa.yaml + - configmap.yaml + - ingress.yaml + - namespace.yaml + - postgres-deployment.yaml + - pvc.yaml + - redis-deployment.yaml + - services.yaml + - vaultauth.yaml + - vaultstaticsecret.yaml + +configMapGenerator: + - name: remotes-config + files: + - resources/remotes.yaml diff --git a/apps/base/artifactapi/namespace.yaml b/apps/base/artifactapi/namespace.yaml new file mode 100644 index 0000000..83852cf --- /dev/null +++ b/apps/base/artifactapi/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: artifactapi diff --git a/apps/base/artifactapi/postgres-deployment.yaml b/apps/base/artifactapi/postgres-deployment.yaml new file mode 100644 index 0000000..ab81b4b --- /dev/null +++ b/apps/base/artifactapi/postgres-deployment.yaml @@ -0,0 +1,76 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres-deployment + namespace: artifactapi + annotations: + reloader.stakater.com/auto: "true" +spec: + replicas: 1 + selector: + matchLabels: + app: postgres + strategy: + type: Recreate + template: + spec: + automountServiceAccountToken: true + containers: + - name: postgres + image: postgres:15-alpine + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5432 + name: postgres + protocol: TCP + envFrom: + - configMapRef: + name: postgres-env + optional: false + - secretRef: + name: postgres-password + optional: false + readinessProbe: + exec: + command: + - pg_isready + - -U + - artifacts + - -d + - artifacts + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + livenessProbe: + exec: + command: + - pg_isready + - -U + - artifacts + - -d + - artifacts + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 500m + memory: 1Gi + requests: + cpu: 50m + memory: 128Mi + volumeMounts: + - mountPath: /var/lib/postgresql/data + mountPropagation: None + name: pgdata + subPath: pgdata + restartPolicy: Always + volumes: + - name: pgdata + persistentVolumeClaim: + claimName: artifactapi-postgres-pgdata diff --git a/apps/base/artifactapi/pvc.yaml b/apps/base/artifactapi/pvc.yaml new file mode 100644 index 0000000..c5b2a1e --- /dev/null +++ b/apps/base/artifactapi/pvc.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: artifactapi-postgres-pgdata + namespace: artifactapi +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: cephrbd-fast-delete + volumeMode: Filesystem +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: artifactapi-redis-data + namespace: artifactapi +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + storageClassName: cephrbd-fast-delete + volumeMode: Filesystem diff --git a/apps/base/artifactapi/redis-deployment.yaml b/apps/base/artifactapi/redis-deployment.yaml new file mode 100644 index 0000000..d01c188 --- /dev/null +++ b/apps/base/artifactapi/redis-deployment.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + deployment.kubernetes.io/revision: "1" + name: redis-deployment + namespace: artifactapi +spec: + replicas: 1 + selector: + matchLabels: + app: redis + strategy: + type: Recreate + template: + spec: + containers: + - name: redis + image: redis:7-alpine + imagePullPolicy: IfNotPresent + command: + - redis-server + - --save + - "20" + - "1" + ports: + - containerPort: 6379 + name: redis + protocol: TCP + livenessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - redis-cli + - ping + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 50m + memory: 128Mi + volumeMounts: + - mountPath: /data + mountPropagation: None + name: data + restartPolicy: Always + volumes: + - name: data + persistentVolumeClaim: + claimName: artifactapi-redis-data diff --git a/apps/base/artifactapi/resources/remotes.yaml b/apps/base/artifactapi/resources/remotes.yaml new file mode 100644 index 0000000..8b1084f --- /dev/null +++ b/apps/base/artifactapi/resources/remotes.yaml @@ -0,0 +1,262 @@ +remotes: + github: + base_url: "https://github.com" + type: "remote" + package: "generic" + description: "GitHub releases and files" + include_patterns: + - "apple/foundationdb/.*/libfdb_c.x86_64.so$" + - "astral-sh/ruff/.*/ruff-x86_64-unknown-linux-gnu.tar.gz$" + - "astral-sh/uv/.*/uv-x86_64-unknown-linux-gnu.tar.gz$" + - "camptocamp/prometheus-puppetdb-exporter/.*/prometheus-puppetdb-exporter-.*.linux-amd64.tar.gz$" + - "containernetworking/plugins/.*/cni-plugins-linux-amd64-.*.tgz" + - "ducaale/xh/.*/xh-.*-x86_64-unknown-linux-musl.tar.gz$" + - "etcd-io/etcd/.*/etcd-.*-linux-amd64.tar.gz$" + - "grafana/jsonnet-language-server/.*/jsonnet-language-server_.*_linux_amd64$" + - "gruntwork-io/boilerplate/.*/boilerplate_linux_amd64$" + - "gruntwork-io/terragrunt/.*terragrunt_linux_amd64.*" + - "helmfile/helmfile/.*/helmfile_.*_linux_amd64.tar.gz$" + - "helmfile/vals/.*/vals_.*_linux_amd64.tar.gz$" + - "lxc/incus/.*.tar.gz$" + - "nzbgetcom/nzbget/.*/nzbget-.*.x86_64.rpm$" + - "onedr0p/exportarr/.*/exportarr_.*_linux_amd64.tar.gz$" + - "openbao/openbao-plugins/.*/openbao-plugin-secrets-consul_linux_amd64_.*.tar.gz$" + - "openbao/openbao-plugins/.*/openbao-plugin-secrets-nomad_linux_amd64_.*.tar.gz$" + - "prometheus/node_exporter/.*/node_exporter-.*.linux-amd64.tar.gz$" + - "prometheus-community/bind_exporter/.*/bind_exporter-.*.linux-amd64.tar.gz$" + - "prometheus-community/pgbouncer_exporter/.*/pgbouncer_exporter-.*.linux-amd64.tar.gz$" + - "prometheus-community/postgres_exporter/.*/postgres_exporter-.*.linux-amd64.tar.gz$" + - "rancher/rke2/.*/rke2-images.linux-amd64.tar.zst$" + - "stalwartlabs/stalwart/.*/stalwart-cli-x86_64-unknown-linux-gnu.tar.gz$" + - "stalwartlabs/stalwart/.*/stalwart-foundationdb-x86_64-unknown-linux-gnu.tar.gz$" + - "stalwartlabs/stalwart/.*/stalwart-x86_64-unknown-linux-gnu.tar.gz$" + - "terraform-linters/tflint/.*/tflint_linux_amd64.zip$" + - "tynany/frr_exporter/.*/frr_exporter-.*.linux-amd64.tar.gz$" + - "VictoriaMetrics/VictoriaLogs/.*/victoria-logs-linux-amd64-.*.tar.gz$" + - "VictoriaMetrics/VictoriaLogs/.*/vlutils-linux-amd64-.*.tar.gz$" + - "VictoriaMetrics/VictoriaMetrics/.*/victoria-logs-linux-amd64-.*.tar.gz$" + - "VictoriaMetrics/VictoriaMetrics/.*/victoria-metrics-linux-amd64-.*-cluster.tar.gz$" + - "VictoriaMetrics/VictoriaMetrics/.*/vlutils-linux-amd64-.*.tar.gz$" + - "VictoriaMetrics/VictoriaMetrics/.*/vmutils-linux-amd64-.*.tar.gz$" + - "xorpaul/g10k/.*/g10k-.*-linux-amd64.zip$" + cache: + file_ttl: 0 + index_ttl: 0 + + gitea-dl: + base_url: "https://dl.gitea.com" + type: "remote" + package: "generic" + description: "Gitea download site" + include_patterns: + - "act_runner/.*/act_runner-.*-linux-amd64$" + cache: + file_ttl: 0 + index_ttl: 0 + + hashicorp-releases: + base_url: "https://releases.hashicorp.com" + type: "remote" + package: "generic" + description: "HashiCorp product releases" + include_patterns: + - "terraform/.*terraform_.*_linux_amd64\\.zip$" + - "terraform/.*terraform_.*_windows_amd64\\.zip$" + - "terraform/.*terraform_.*_darwin_amd64\\.zip$" + - "vault/.*vault_.*_linux_amd64\\.zip$" + - "vault/.*vault_.*_windows_amd64\\.zip$" + - "vault/.*vault_.*_darwin_amd64\\.zip$" + - "consul-cni/.*/consul-cni_.*_linux_amd64\\.zip$" + - "consul/.*/consul_.*_linux_amd64\\.zip$" + - "nomad-autoscaler/.*/nomad-autoscaler_.*_linux_amd64\\.zip$" + - "nomad/.*/nomad_.*_linux_amd64\\.zip$" + - "packer/.*/packer_.*_linux_amd64\\.zip$" + cache: + file_ttl: 0 + index_ttl: 0 + + alpine: + base_url: "https://dl-cdn.alpinelinux.org" + type: "remote" + package: "alpine" + description: "Alpine Linux APK package repository" + include_patterns: + - ".*/x86_64/.*\\.apk$" + cache: + file_ttl: 0 + index_ttl: 7200 + + almalinux: + base_url: "https://gsl-syd.mm.fcix.net/almalinux" + type: "remote" + package: "rpm" + description: "AlmaLinux RPM package repository" + include_patterns: + - ".*/x86_64/.*\\.rpm$" + - ".*/noarch/.*\\.rpm$" + - ".*/repodata/.*\\.sqlite.*$" + - ".*/repodata/.*\\.xml.*$" + - ".*/repodata/.*\\.yaml.*$" + - ".*/install.img" + - ".*/squashfs.img" + - ".*/updates.img" + - ".*/RPM-GPG-KEY-.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + ceph-reef: + base_url: "https://download.ceph.com/rpm-reef/" + type: "remote" + package: "rpm" + description: "Ceph Reef 18" + include_patterns: + - ".*/x86_64/.*\\.rpm$" + - ".*/noarch/.*\\.rpm$" + - ".*/repodata/.*\\.xml.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + ceph-squid: + base_url: "https://download.ceph.com/rpm-squid/" + type: "remote" + package: "rpm" + description: "Ceph Squid 19" + include_patterns: + - ".*/x86_64/.*\\.rpm$" + - ".*/noarch/.*\\.rpm$" + - ".*/repodata/.*\\.xml.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + ceph-tentacle: + base_url: "https://download.ceph.com/rpm-tentacle/" + type: "remote" + package: "rpm" + description: "Ceph Tentacle 20" + include_patterns: + - ".*/x86_64/.*\\.rpm$" + - ".*/noarch/.*\\.rpm$" + - ".*/repodata/.*\\.xml.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + epel: + base_url: "https://gsl-syd.mm.fcix.net/epel" + type: "remote" + package: "rpm" + description: "EPEL (Extra Packages for Enterprise Linux)" + include_patterns: + - ".*/Everything/x86_64/.*\\.rpm$" + - ".*/noarch/.*\\.rpm$" + - ".*/repodata/.*\\.sqlite.*$" + - ".*/repodata/.*\\.xml.*$" + - ".*/repodata/.*\\.yaml.*$" + - "RPM-GPG-KEY-.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + fedora: + base_url: "https://gsl-syd.mm.fcix.net/fedora/linux" + type: "remote" + package: "rpm" + description: "Fedora Linux RPM package repository" + include_patterns: + - "releases/.*/Everything/x86_64/.*\\.rpm$" + - "updates/.*/Everything/x86_64/.*\\.rpm$" + - "development/.*/Everything/x86_64/.*\\.rpm$" + - ".*/noarch/.*\\.rpm$" + - ".*/repodata/.*\\.xml.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + frr: + base_url: "https://rpm.frrouting.org/repo" + type: "remote" + package: "rpm" + description: "FRR RPM package repository" + include_patterns: + - ".*\\.rpm$" + - ".*/repodata/.*\\.xml.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + mariadb: + base_url: "http://mariadb.mirror.digitalpacific.com.au/yum" + type: "remote" + package: "rpm" + description: "MariaDB RPM package repository" + include_patterns: + - ".*\\.rpm$" + - ".*/repodata/.*\\.xml.*$" + - ".*/RPM-GPG-KEY-.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + openvox: + base_url: "https://yum.voxpupuli.org" + type: "remote" + package: "rpm" + description: "OpenVox RPM package repository" + include_patterns: + - ".*\\.rpm$" + - ".*/repodata/.*\\.xml.*$" + - "GPG-KEY-.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + postgresql: + base_url: "https://download.postgresql.org/pub/repos/yum" + type: "remote" + package: "rpm" + description: "PostgreSQL RPM package repository" + include_patterns: + - ".*\\.rpm$" + - ".*/repodata/.*\\.xml.*$" + - ".*/RPM-GPG-KEY-.*$" + - ".*/PGDG-RPM-GPG-KEY-.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + rke2: + base_url: "https://rpm.rancher.io" + type: "remote" + package: "rpm" + description: "RKE2 RPM package repository" + include_patterns: + - ".*\\.rpm$" + - ".*/repodata/.*\\.xml.*$" + - "public.key$" + cache: + file_ttl: 0 + index_ttl: 7200 + + zfs: + base_url: "http://download.zfsonlinux.org" + type: "remote" + package: "rpm" + description: "ZFS RPM package repository" + include_patterns: + - ".*\\.rpm$" + - ".*/repodata/.*\\.xml.*$" + cache: + file_ttl: 0 + index_ttl: 7200 + + + local-generic: + type: "local" + package: "generic" + description: "Local generic file repository" + cache: + file_ttl: 0 + index_ttl: 0 diff --git a/apps/base/artifactapi/services.yaml b/apps/base/artifactapi/services.yaml new file mode 100644 index 0000000..f598cac --- /dev/null +++ b/apps/base/artifactapi/services.yaml @@ -0,0 +1,51 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: artifactapi-api + namespace: artifactapi +spec: + internalTrafficPolicy: Cluster + ports: + - name: http + port: 80 + protocol: TCP + targetPort: http + selector: + app: artifactapi + sessionAffinity: None + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + name: postgres-service + namespace: artifactapi +spec: + internalTrafficPolicy: Cluster + ports: + - name: postgres + port: 5432 + protocol: TCP + targetPort: postgres + selector: + app: postgres + sessionAffinity: None + type: ClusterIP +--- +apiVersion: v1 +kind: Service +metadata: + name: redis-service + namespace: artifactapi +spec: + internalTrafficPolicy: Cluster + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app: redis + sessionAffinity: None + type: ClusterIP diff --git a/apps/base/artifactapi/vaultauth.yaml b/apps/base/artifactapi/vaultauth.yaml new file mode 100644 index 0000000..d14cf54 --- /dev/null +++ b/apps/base/artifactapi/vaultauth.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: secrets.hashicorp.com/v1beta1 +kind: VaultAuth +metadata: + name: default + namespace: woodpecker +spec: + allowedNamespaces: + - woodpecker + kubernetes: + audiences: + - vault + role: woodpecker + serviceAccount: default + tokenExpirationSeconds: 600 + method: kubernetes + mount: k8s/au/syd1 + vaultConnectionRef: vso-system/default diff --git a/apps/base/artifactapi/vaultstaticsecret.yaml b/apps/base/artifactapi/vaultstaticsecret.yaml new file mode 100644 index 0000000..68c1af5 --- /dev/null +++ b/apps/base/artifactapi/vaultstaticsecret.yaml @@ -0,0 +1,34 @@ +--- +apiVersion: secrets.hashicorp.com/v1beta1 +kind: VaultStaticSecret +metadata: + name: environment + namespace: artifactapi +spec: + destination: + create: true + name: environment + overwrite: false + hmacSecretData: true + mount: kv + path: service/artifactapi/environment + refreshAfter: 5m + type: kv-v2 + vaultAuthRef: default +--- +apiVersion: secrets.hashicorp.com/v1beta1 +kind: VaultStaticSecret +metadata: + name: postgres-password + namespace: artifactapi +spec: + destination: + create: true + name: postgres-password + overwrite: true + hmacSecretData: true + mount: kv + path: service/artifactapi/postgres-password + refreshAfter: 5m + type: kv-v2 + vaultAuthRef: default diff --git a/apps/overlays/au-syd1/artifactapi/kustomization.yaml b/apps/overlays/au-syd1/artifactapi/kustomization.yaml new file mode 100644 index 0000000..ffd86a5 --- /dev/null +++ b/apps/overlays/au-syd1/artifactapi/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../../../base/artifactapi diff --git a/argocd/applicationsets/platform.yaml b/argocd/applicationsets/platform.yaml index 10cfb31..77eec55 100644 --- a/argocd/applicationsets/platform.yaml +++ b/argocd/applicationsets/platform.yaml @@ -10,6 +10,7 @@ spec: repoURL: https://git.unkin.net/unkin/argocd-apps revision: HEAD directories: + - path: apps/overlays/*/artifactapi - path: apps/overlays/*/reflector-system - path: apps/overlays/*/reloader-system - path: apps/overlays/*/jfrog diff --git a/argocd/projects/platform.yaml b/argocd/projects/platform.yaml index 73a9510..d9928b5 100644 --- a/argocd/projects/platform.yaml +++ b/argocd/projects/platform.yaml @@ -13,6 +13,8 @@ spec: destinations: - namespace: '*-system' server: https://kubernetes.default.svc + - namespace: 'artifactapi' + server: https://kubernetes.default.svc - namespace: 'jfrog' server: https://kubernetes.default.svc - namespace: 'woodpecker'