117 lines
3.6 KiB
YAML
117 lines
3.6 KiB
YAML
---
|
|
namePrefix: prod-
|
|
resources:
|
|
- ../minimal-base
|
|
|
|
# Prometheus, in a different namespace to the old cluster.
|
|
- inflated/prometheus/charts/prometheus-node-exporter/templates/daemonset.yaml
|
|
- inflated/prometheus/charts/prometheus-node-exporter/templates/serviceaccount.yaml
|
|
- inflated/prometheus/charts/prometheus-node-exporter/templates/service.yaml
|
|
- inflated/prometheus/charts/alertmanager/templates/serviceaccount.yaml
|
|
- inflated/prometheus/charts/alertmanager/templates/services.yaml
|
|
- inflated/prometheus/charts/alertmanager/templates/configmap.yaml
|
|
- inflated/prometheus/charts/alertmanager/templates/statefulset.yaml
|
|
- inflated/prometheus/charts/kube-state-metrics/templates/serviceaccount.yaml
|
|
- inflated/prometheus/charts/kube-state-metrics/templates/deployment.yaml
|
|
- inflated/prometheus/charts/kube-state-metrics/templates/role.yaml
|
|
- inflated/prometheus/charts/kube-state-metrics/templates/service.yaml
|
|
- inflated/prometheus/charts/kube-state-metrics/templates/clusterrolebinding.yaml
|
|
- inflated/prometheus/charts/prometheus-pushgateway/templates/serviceaccount.yaml
|
|
- inflated/prometheus/charts/prometheus-pushgateway/templates/deployment.yaml
|
|
- inflated/prometheus/charts/prometheus-pushgateway/templates/service.yaml
|
|
- inflated/prometheus/templates/serviceaccount.yaml
|
|
- inflated/prometheus/templates/service.yaml
|
|
- inflated/prometheus/templates/clusterrole.yaml
|
|
- inflated/prometheus/templates/cm.yaml
|
|
- inflated/prometheus/templates/deploy.yaml
|
|
- inflated/prometheus/templates/clusterrolebinding.yaml
|
|
- inflated/prometheus/templates/pvc.yaml
|
|
|
|
- clusterissuer.yaml
|
|
- cert-ingress-tls.yaml
|
|
- svc-db.yaml
|
|
- ingress.yaml
|
|
|
|
- statefulset-gitea.yaml
|
|
- svc-gitea.yaml
|
|
- ingress-route-gitea-ssh.yaml
|
|
|
|
|
|
configMapGenerator:
|
|
- name: gitea-scripts
|
|
files:
|
|
- init-directory-structure.sh=resources/gitea-init-directory-structure.sh
|
|
- setup.sh=resources/gitea-setup.sh
|
|
options:
|
|
labels:
|
|
app: gitea
|
|
- name: prometheus-server
|
|
namespace: prometheus
|
|
behavior: merge
|
|
files:
|
|
- prometheus.yml=resources/prometheus.yaml
|
|
- alerting_rules.yml=resources/prometheus-alerting-rules.yaml
|
|
options:
|
|
labels:
|
|
app: prometheus
|
|
- name: prometheus-alertmanager
|
|
namespace: prometheus
|
|
behavior: merge
|
|
files:
|
|
- alertmanager.yml=secrets/prometheus-alertmanager.yaml
|
|
options:
|
|
labels:
|
|
app: prometheus
|
|
- name: grafana
|
|
behavior: merge
|
|
files:
|
|
- grafana.ini=secrets/grafana-config.ini
|
|
- datasources.yaml=secrets/grafana-datasources.yaml
|
|
- contactpoints.yaml=resources/grafana-contactpoints.yaml
|
|
- rules.yaml=resources/grafana-rules.yaml
|
|
|
|
secretGenerator:
|
|
- name: prometheus-credentials
|
|
namespace: prometheus
|
|
files:
|
|
- secrets/exporter-password
|
|
- name: grafana-credentials
|
|
files:
|
|
- admin-user=secrets/grafana-admin-user
|
|
- admin-password=secrets/grafana-admin-password
|
|
- name: gitea-config
|
|
files:
|
|
- admin-username=secrets/gitea-admin-username
|
|
- admin-password=secrets/gitea-admin-password
|
|
- admin-email=secrets/gitea-admin-email
|
|
- config.ini=secrets/gitea-config.ini
|
|
options:
|
|
labels:
|
|
app: gitea
|
|
|
|
patches:
|
|
# Patch prometheus-server pod to mount the secrets volume.
|
|
- target:
|
|
kind: Deployment
|
|
name: prometheus-server
|
|
namespace: prometheus
|
|
patch: |-
|
|
- op: add
|
|
path: /spec/template/spec/volumes/-
|
|
value:
|
|
secret:
|
|
secretName: prod-prometheus-credentials
|
|
name: secrets-volume
|
|
- op: add
|
|
path: /spec/template/spec/containers/1/volumeMounts/-
|
|
value:
|
|
mountPath: /etc/secrets
|
|
name: secrets-volume
|
|
readOnly: true
|
|
|
|
# Patch Grafana deployment to inject PostgreSQL credentials:
|
|
- target:
|
|
kind: Deployment
|
|
name: grafana
|
|
path: deploy-grafana.yaml
|