diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111142553.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111142553.yaml new file mode 100644 index 0000000..f49a7bb --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111142553.yaml @@ -0,0 +1,19 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145410.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145410.yaml new file mode 100644 index 0000000..ff05253 --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145410.yaml @@ -0,0 +1,20 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145445.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145445.yaml new file mode 100644 index 0000000..f49a7bb --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145445.yaml @@ -0,0 +1,19 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145519.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145519.yaml new file mode 100644 index 0000000..740bc62 --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145519.yaml @@ -0,0 +1,21 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + + - ./basic/template.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145520.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145520.yaml new file mode 100644 index 0000000..8e7eff6 --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145520.yaml @@ -0,0 +1,21 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + + - ./basic/template2.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145522.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145522.yaml new file mode 100644 index 0000000..3bf5a42 --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145522.yaml @@ -0,0 +1,20 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + - ./basic/template2.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145551.yaml b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145551.yaml new file mode 100644 index 0000000..f49a7bb --- /dev/null +++ b/.history/ref-implementation/backstage-templates/entities/catalog-info_20241111145551.yaml @@ -0,0 +1,19 @@ +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-example-templates + description: A collection of example templates +spec: + targets: + - ./basic/template.yaml + - ./argo-workflows/template.yaml + - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/.history/ref-implementation/keycloak/manifests/install_20241111142553.yaml b/.history/ref-implementation/keycloak/manifests/install_20241111142553.yaml new file mode 100644 index 0000000..ed3b799 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241111142553.yaml @@ -0,0 +1,164 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125306.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125306.yaml new file mode 100644 index 0000000..7418140 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125306.yaml @@ -0,0 +1,165 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + type: LoadBalancer + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125311.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125311.yaml new file mode 100644 index 0000000..4e41c0a --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125311.yaml @@ -0,0 +1,165 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + type: LoadBalancer + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125315.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125315.yaml new file mode 100644 index 0000000..213df32 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125315.yaml @@ -0,0 +1,165 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + type: LoadBalancer + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125321.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125321.yaml new file mode 100644 index 0000000..b304101 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125321.yaml @@ -0,0 +1,164 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + type: LoadBalancer + selector: + app: keycloak +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125401.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125401.yaml new file mode 100644 index 0000000..80965f6 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125401.yaml @@ -0,0 +1,164 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + + selector: + app: keycloak +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/keycloak/manifests/install_20241112125405.yaml b/.history/ref-implementation/keycloak/manifests/install_20241112125405.yaml new file mode 100644 index 0000000..ed3b799 --- /dev/null +++ b/.history/ref-implementation/keycloak/manifests/install_20241112125405.yaml @@ -0,0 +1,164 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + name: keycloak + labels: + app: keycloak +spec: + ports: + - name: http + port: 8080 + targetPort: 8080 + selector: + app: keycloak + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: keycloak + name: keycloak + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "10" +spec: + replicas: 1 + selector: + matchLabels: + app: keycloak + template: + metadata: + labels: + app: keycloak + spec: + containers: + - args: + - start-dev + env: + - name: KEYCLOAK_ADMIN + value: cnoe-admin + - name: KEYCLOAK_LOGLEVEL + value: ALL + - name: QUARKUS_TRANSACTION_MANAGER_ENABLE_RECOVERY + value: 'true' + envFrom: + - secretRef: + name: keycloak-config + image: quay.io/keycloak/keycloak:22.0.3 + name: keycloak + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /keycloak/realms/master + port: 8080 + volumeMounts: + - mountPath: /opt/keycloak/conf + name: keycloak-config + readOnly: true + volumes: + - configMap: + name: keycloak-config + name: keycloak-config +--- +apiVersion: v1 +data: + keycloak.conf: | + # Database + # The database vendor. + db=postgres + + # The username of the database user. + db-url=jdbc:postgresql://postgresql.keycloak.svc.cluster.local:5432/postgres + + # The proxy address forwarding mode if the server is behind a reverse proxy. + proxy=edge + + # hostname configuration + hostname=cnoe.localtest.me + hostname-port=8443 + http-relative-path=keycloak + + # the admin url requires its own configuration to reflect correct url + hostname-admin=cnoe.localtest.me:8443 + + hostname-debug=true + + # this should only be allowed in development. NEVER in production. + hostname-strict=false + hostname-strict-backchannel=false + + +kind: ConfigMap +metadata: + name: keycloak-config + namespace: keycloak +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + clusterIP: None + ports: + - name: postgres + port: 5432 + selector: + app: postgresql +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + app: postgresql + name: postgresql + namespace: keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: postgresql + serviceName: service-postgresql + template: + metadata: + labels: + app: postgresql + spec: + containers: + - envFrom: + - secretRef: + name: keycloak-config + image: docker.io/library/postgres:15.3-alpine3.18 + name: postgres + ports: + - containerPort: 5432 + name: postgresdb + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 300Mi + volumeMounts: + - name: data + mountPath: /var/lib/postgresql/data + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "500Mi" + diff --git a/.history/ref-implementation/maniek_20241112110416.yml b/.history/ref-implementation/maniek_20241112110416.yml new file mode 100644 index 0000000..e69de29 diff --git a/.history/ref-implementation/maniek_20241112110417.yml b/.history/ref-implementation/maniek_20241112110417.yml new file mode 100644 index 0000000..81ab8ad --- /dev/null +++ b/.history/ref-implementation/maniek_20241112110417.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8080 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8080 + type: ClusterIP diff --git a/.history/ref-implementation/open-bao_20241111142831.yaml b/.history/ref-implementation/open-bao_20241111142831.yaml new file mode 100644 index 0000000..d279bc5 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142831.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: keycloak + namespace: argocd + labels: + example: ref-implementation +spec: + destination: + namespace: keycloak + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111142912.yaml b/.history/ref-implementation/open-bao_20241111142912.yaml new file mode 100644 index 0000000..0d8f748 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142912.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + example: ref-implementation +spec: + destination: + namespace: keycloak + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111142943.yaml b/.history/ref-implementation/open-bao_20241111142943.yaml new file mode 100644 index 0000000..38a34a4 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142943.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev + example: ref-implementation +spec: + destination: + namespace: keycloak + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111142944.yaml b/.history/ref-implementation/open-bao_20241111142944.yaml new file mode 100644 index 0000000..7249de0 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142944.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev + example: ref-implementation +spec: + destination: + namespace: keycloak + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/ref-implementation/coredns.yaml b/.history/ref-implementation/open-bao_20241111142947.yaml similarity index 80% rename from ref-implementation/coredns.yaml rename to .history/ref-implementation/open-bao_20241111142947.yaml index ca46cd9..3aa23e8 100644 --- a/ref-implementation/coredns.yaml +++ b/.history/ref-implementation/open-bao_20241111142947.yaml @@ -1,21 +1,21 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: coredns + name: open-bao namespace: argocd labels: env: dev spec: - project: default + destination: + namespace: keycloak + server: "https://kubernetes.default.svc" source: - repoURL: cnoe://coredns/manifests + repoURL: cnoe://keycloak/manifests targetRevision: HEAD path: "." - destination: - server: "https://kubernetes.default.svc" - namespace: kube-system + project: default syncPolicy: - syncOptions: - - CreateNamespace=true automated: selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111142957.yaml b/.history/ref-implementation/open-bao_20241111142957.yaml new file mode 100644 index 0000000..a557757 --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111142957.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: open-bao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/open-bao_20241111143101.yaml b/.history/ref-implementation/open-bao_20241111143101.yaml new file mode 100644 index 0000000..a132e8d --- /dev/null +++ b/.history/ref-implementation/open-bao_20241111143101.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: open-bao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130717.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130717.yaml new file mode 100644 index 0000000..e69de29 diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130720.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130720.yaml new file mode 100644 index 0000000..abaf181 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130720.yaml @@ -0,0 +1,30 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak-ingress-localhost + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "100" +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130742.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130742.yaml new file mode 100644 index 0000000..6abab23 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130742.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130743.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130743.yaml new file mode 100644 index 0000000..abaf181 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130743.yaml @@ -0,0 +1,30 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak-ingress-localhost + namespace: keycloak + annotations: + argocd.argoproj.io/sync-wave: "100" +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130751.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130751.yaml new file mode 100644 index 0000000..fb5aeb3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130751.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: keycloak-ingress-localhost + name: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130756.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130756.yaml new file mode 100644 index 0000000..35a4f35 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130756.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + name: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130759.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130759.yaml new file mode 100644 index 0000000..932955c --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130759.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130902.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130902.yaml new file mode 100644 index 0000000..f356af7 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130902.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: /openbao + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130904.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130904.yaml new file mode 100644 index 0000000..c4b8374 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130904.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: cnoe://openbao/manifests + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112130913.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112130913.yaml new file mode 100644 index 0000000..9bacafb --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112130913.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao +spec: + ingressClassName: "nginx" + rules: + - host: localhost + http: + paths: + - path: cnoe://openbao/manifests + pathType: ImplementationSpecific + backend: + service: + name: openbao + port: + name: http + - host: cnoe.localtest.me + http: + paths: + - path: /keycloak + pathType: ImplementationSpecific + backend: + service: + name: keycloak + port: + name: http diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132252.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132252.yaml new file mode 100644 index 0000000..31fff8f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132252.yaml @@ -0,0 +1,19 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: my-app-ingress + namespace: default + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132258.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132258.yaml new file mode 100644 index 0000000..9f706f3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132258.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: my-app-ingress + namespace: default + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132302.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132302.yaml new file mode 100644 index 0000000..9e9bfcb --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132302.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: my-app-ingress + namespace: o + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132304.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132304.yaml new file mode 100644 index 0000000..0e0d97a --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132304.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: my-app-ingress + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132310.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132310.yaml new file mode 100644 index 0000000..6f33ebd --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132310.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: open + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132312.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132312.yaml new file mode 100644 index 0000000..4849eba --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132312.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132315.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132315.yaml new file mode 100644 index 0000000..18f3315 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132315.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132318.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132318.yaml new file mode 100644 index 0000000..754343a --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132318.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-local + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132320.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132320.yaml new file mode 100644 index 0000000..7857781 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132320.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: my-app.local # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132340.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132340.yaml new file mode 100644 index 0000000..e7669f3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132340.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132445.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132445.yaml new file mode 100644 index 0000000..650ab4d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132445.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: my-app-service # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132617.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132617.yaml new file mode 100644 index 0000000..69be905 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132617.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao # Name of your service + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132620.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132620.yaml new file mode 100644 index 0000000..cc13074 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132620.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132622.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132622.yaml new file mode 100644 index 0000000..9615367 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132622.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112132648.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112132648.yaml new file mode 100644 index 0000000..9615367 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112132648.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112133726.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112133726.yaml new file mode 100644 index 0000000..e69de29 diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112133806.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112133806.yaml new file mode 100644 index 0000000..9615367 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112133806.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/ingress_20241112135400.yaml b/.history/ref-implementation/openbao/manifests/ingress_20241112135400.yaml new file mode 100644 index 0000000..f75a03d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/ingress_20241112135400.yaml @@ -0,0 +1,18 @@ +# apiVersion: networking.k8s.io/v1 +# kind: Ingress +# metadata: +# name: openbao-ingress-localhost +# namespace: openbao + +# spec: +# rules: +# - host: localhost # Change this to your domain or leave it as is for local development +# http: +# paths: +# - path: "" +# pathType: Exact +# backend: +# service: +# name: openbao +# port: +# number: 8200 # The port to forward to on your service diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110416.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110416.yml new file mode 100644 index 0000000..81ab8ad --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110416.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8080 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8080 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110859.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110859.yml new file mode 100644 index 0000000..d68ae99 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110859.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8080 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110906.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110906.yml new file mode 100644 index 0000000..3f9ba3f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110906.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110950.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110950.yml new file mode 100644 index 0000000..9fdb23b --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110950.yml @@ -0,0 +1,41 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110952.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110952.yml new file mode 100644 index 0000000..3f9ba3f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110952.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 80 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112110953.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112110953.yml new file mode 100644 index 0000000..8ec577d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112110953.yml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112112033.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112112033.yml new file mode 100644 index 0000000..1b22ab8 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112112033.yml @@ -0,0 +1,42 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112114625.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112114625.yml new file mode 100644 index 0000000..ad22ff4 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112114625.yml @@ -0,0 +1,43 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112114627.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112114627.yml new file mode 100644 index 0000000..cddcbef --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112114627.yml @@ -0,0 +1,43 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112114630.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112114630.yml new file mode 100644 index 0000000..aa8e5ea --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112114630.yml @@ -0,0 +1,45 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112121944.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112121944.yml new file mode 100644 index 0000000..badda3f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112121944.yml @@ -0,0 +1,46 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + - hostPort: 8200 + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112121955.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112121955.yml new file mode 100644 index 0000000..d20b7b3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112121955.yml @@ -0,0 +1,46 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + hostPort: 8200 + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125415.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125415.yml new file mode 100644 index 0000000..a656216 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125415.yml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + hostPort: 8200 + + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125417.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125417.yml new file mode 100644 index 0000000..47b44df --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125417.yml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125534.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125534.yml new file mode 100644 index 0000000..0f612be --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125534.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125538.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125538.yml new file mode 100644 index 0000000..4040f40 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125538.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125540.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125540.yml new file mode 100644 index 0000000..ca2a209 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125540.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125545.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125545.yml new file mode 100644 index 0000000..4e2f145 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125545.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125549.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125549.yml new file mode 100644 index 0000000..5607328 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125549.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125552.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125552.yml new file mode 100644 index 0000000..9c90d16 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125552.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125553.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125553.yml new file mode 100644 index 0000000..9ded5d1 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125553.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: LoadBalancer # or NodePort + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125604.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125604.yml new file mode 100644 index 0000000..47b44df --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125604.yml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125613.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125613.yml new file mode 100644 index 0000000..fc8bf8c --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125613.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125615.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125615.yml new file mode 100644 index 0000000..020d960 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125615.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125617.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125617.yml new file mode 100644 index 0000000..c152d38 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125617.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - po + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125618.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125618.yml new file mode 100644 index 0000000..7f08b85 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125618.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - port: + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125627.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125627.yml new file mode 100644 index 0000000..256cfb6 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125627.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCO + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125629.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125629.yml new file mode 100644 index 0000000..0a3e930 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125629.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + - containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112125633.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112125633.yml new file mode 100644 index 0000000..575777f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112125633.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133731.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133731.yml new file mode 100644 index 0000000..6d406a4 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133731.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + + + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133734.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133734.yml new file mode 100644 index 0000000..b07a1b7 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133734.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133738.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133738.yml new file mode 100644 index 0000000..2bb23c2 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133738.yml @@ -0,0 +1,52 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + + + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133739.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133739.yml new file mode 100644 index 0000000..04470a4 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133739.yml @@ -0,0 +1,70 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service + + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133740.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133740.yml new file mode 100644 index 0000000..04470a4 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133740.yml @@ -0,0 +1,70 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress-localhost + namespace: openbao + +spec: + rules: + - host: localhost # Change this to your domain or leave it as is for local development + http: + paths: + - path: "" + pathType: Exact + backend: + service: + name: openbao + port: + number: 8200 # The port to forward to on your service + + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133804.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133804.yml new file mode 100644 index 0000000..575777f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133804.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + env: + - name: BAO_ADDR + value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133833.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133833.yml new file mode 100644 index 0000000..6ddb3db --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133833.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112133859.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112133859.yml new file mode 100644 index 0000000..eeff542 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112133859.yml @@ -0,0 +1,48 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134239.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134239.yml new file mode 100644 index 0000000..9bf147d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134239.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134258.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134258.yml new file mode 100644 index 0000000..a4247b3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134258.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + # targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134322.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134322.yml new file mode 100644 index 0000000..9bf147d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134322.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134324.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134324.yml new file mode 100644 index 0000000..b81c1cf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134324.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134335.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134335.yml new file mode 100644 index 0000000..ce84f2e --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134335.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + # hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134407.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134407.yml new file mode 100644 index 0000000..bc183db --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134407.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + # hostPort: 8200 + containerPort:: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134409.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134409.yml new file mode 100644 index 0000000..0f65ec9 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134409.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + # hostPort: 8200 + containerPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134417.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134417.yml new file mode 100644 index 0000000..ce84f2e --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134417.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + port: 8200 + # hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134421.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134421.yml new file mode 100644 index 0000000..b81c1cf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134421.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134425.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134425.yml new file mode 100644 index 0000000..b81c1cf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134425.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + targetPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134434.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134434.yml new file mode 100644 index 0000000..f162211 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134434.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + port: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134440.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134440.yml new file mode 100644 index 0000000..572c07a --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134440.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + hos: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134443.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134443.yml new file mode 100644 index 0000000..8ffb033 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134443.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134912.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134912.yml new file mode 100644 index 0000000..f3a5b6f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134912.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: ClusterIP diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112134953.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112134953.yml new file mode 100644 index 0000000..470a458 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112134953.yml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135014.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135014.yml new file mode 100644 index 0000000..26f238d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135014.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + no + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135016.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135016.yml new file mode 100644 index 0000000..21d3812 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135016.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + NodePort: + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135019.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135019.yml new file mode 100644 index 0000000..f9e2ddd --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135019.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + NodePort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135021.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135021.yml new file mode 100644 index 0000000..f9e2ddd --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135021.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + NodePort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135022.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135022.yml new file mode 100644 index 0000000..f2ea0bd --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135022.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135048.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135048.yml new file mode 100644 index 0000000..84881db --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135048.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135059.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135059.yml new file mode 100644 index 0000000..f2ea0bd --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135059.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 8200 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135112.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135112.yml new file mode 100644 index 0000000..e3e69d3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135112.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135129.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135129.yml new file mode 100644 index 0000000..8da5307 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135129.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135138.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135138.yml new file mode 100644 index 0000000..2b5441b --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135138.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: LoadBalancer diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135826.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135826.yml new file mode 100644 index 0000000..056eceb --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135826.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: No diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135828.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135828.yml new file mode 100644 index 0000000..09680c7 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135828.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135835.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135835.yml new file mode 100644 index 0000000..8da5307 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135835.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135837.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135837.yml new file mode 100644 index 0000000..e3e69d3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135837.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241112135849.yml b/.history/ref-implementation/openbao/manifests/manifest_20241112135849.yml new file mode 100644 index 0000000..e3e69d3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241112135849.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093100.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093100.yml new file mode 100644 index 0000000..a9c388f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093100.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: HTTO + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093101.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093101.yml new file mode 100644 index 0000000..ff5a849 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093101.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: HTTP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093110.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093110.yml new file mode 100644 index 0000000..6c4856f --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093110.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: HTTP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: HTTP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093126.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093126.yml new file mode 100644 index 0000000..ff5a849 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093126.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: HTTP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093129.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093129.yml new file mode 100644 index 0000000..e3e69d3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093129.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093614.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093614.yml new file mode 100644 index 0000000..e3e69d3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093614.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093615.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093615.yml new file mode 100644 index 0000000..8da5307 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093615.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093618.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093618.yml new file mode 100644 index 0000000..9b7d979 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093618.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: Load diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093621.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093621.yml new file mode 100644 index 0000000..f11cbce --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093621.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: Loa diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093625.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093625.yml new file mode 100644 index 0000000..8da5307 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093625.yml @@ -0,0 +1,50 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: NodePort diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093821.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093821.yml new file mode 100644 index 0000000..2e0b80a --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093821.yml @@ -0,0 +1,52 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + type: NodePort + + diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093826.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093826.yml new file mode 100644 index 0000000..c5989b8 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093826.yml @@ -0,0 +1,52 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + + diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093827.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093827.yml new file mode 100644 index 0000000..89d123c --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093827.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093842.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093842.yml new file mode 100644 index 0000000..f59a0ac --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093842.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + + + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: +--- number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093847.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093847.yml new file mode 100644 index 0000000..f2e7b01 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093847.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + + --- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: +--- number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093851.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093851.yml new file mode 100644 index 0000000..376b905 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093851.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + + --- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093853.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093853.yml new file mode 100644 index 0000000..c8002fb --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093853.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113093944.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113093944.yml new file mode 100644 index 0000000..49eefae --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113093944.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094042.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094042.yml new file mode 100644 index 0000000..0cb99bc --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094042.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: "" + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094100.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094100.yml new file mode 100644 index 0000000..c8002fb --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094100.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: openbao.local # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094104.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094104.yml new file mode 100644 index 0000000..49eefae --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094104.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094154.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094154.yml new file mode 100644 index 0000000..f879eda --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094154.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094340.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094340.yml new file mode 100644 index 0000000..dbce7b6 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094340.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: localhost/openbao + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094401.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094401.yml new file mode 100644 index 0000000..f879eda --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094401.yml @@ -0,0 +1,73 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao # References the Service defined above + port: + number: 8200 # The port exposed by the Service \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113094647.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113094647.yml new file mode 100644 index 0000000..2b6727e --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113094647.yml @@ -0,0 +1,81 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +# 4. Ingress (optional for HTTP-based access) +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / # Ensures requests are rewritten to the root path +spec: + rules: + - host: localhost # Replace with your domain or host if you're using DNS + http: + paths: + - path: /ui + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 + # Optional: Redirect root `/` path to `/ui` + - path: / + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113095157.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113095157.yml new file mode 100644 index 0000000..335bdaf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113095157.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: localhost # Or replace with your custom hostname if using /etc/hosts + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113095238.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113095238.yml new file mode 100644 index 0000000..809d96c --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113095238.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: localhost # Or replace with your custom hostname if using /etc/hosts + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 30000 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113095247.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113095247.yml new file mode 100644 index 0000000..335bdaf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113095247.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: localhost # Or replace with your custom hostname if using /etc/hosts + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100517.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100517.yml new file mode 100644 index 0000000..2efa4bf --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100517.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: localhost + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100529.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100529.yml new file mode 100644 index 0000000..bb50907 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100529.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100645.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100645.yml new file mode 100644 index 0000000..ea5af0d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100645.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100725.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100725.yml new file mode 100644 index 0000000..6ae7008 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100725.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: ImplementationSpecific + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100745.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100745.yml new file mode 100644 index 0000000..ea5af0d --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100745.yml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + # hostPort: 8200 + # hostPort: 8200 + # type: LoadBalancer + # env: + # - name: BAO_ADDR + # value: "http://0.0.0.0:8200" + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100822.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100822.yml new file mode 100644 index 0000000..6d528b0 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100822.yml @@ -0,0 +1,66 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + +--- +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100829.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100829.yml new file mode 100644 index 0000000..a61d0b3 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100829.yml @@ -0,0 +1,67 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest # Replace with the actual image + ports: + - protocol: TCP + containerPort: 8200 + +--- + +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100833.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100833.yml new file mode 100644 index 0000000..6ed5ca2 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100833.yml @@ -0,0 +1,67 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest + ports: + - protocol: TCP + containerPort: 8200 + +--- + +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + nodePort: 30000 + type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113100902.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113100902.yml new file mode 100644 index 0000000..fa08302 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113100902.yml @@ -0,0 +1,67 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest + ports: + - protocol: TCP + containerPort: 8200 + +--- + +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + # nodePort: 30000 + # type: NodePort + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/manifests/manifest_20241113101113.yml b/.history/ref-implementation/openbao/manifests/manifest_20241113101113.yml new file mode 100644 index 0000000..d9f9c28 --- /dev/null +++ b/.history/ref-implementation/openbao/manifests/manifest_20241113101113.yml @@ -0,0 +1,65 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openbao + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openbao + namespace: openbao +spec: + replicas: 1 + selector: + matchLabels: + app: openbao + template: + metadata: + labels: + app: openbao + spec: + containers: + - name: openbao + image: openbao/openbao:latest + ports: + - protocol: TCP + containerPort: 8200 + +--- + +apiVersion: v1 +kind: Service +metadata: + name: openbao + namespace: openbao +spec: + selector: + app: openbao + ports: + - protocol: TCP + port: 8200 + targetPort: 8200 + +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: openbao-ingress + namespace: openbao + # annotations: + # nginx.ingress.kubernetes.io/rewrite-target: /ui +spec: + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /openbao + pathType: Prefix + backend: + service: + name: openbao + port: + number: 8200 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/values_20241113103308.yaml b/.history/ref-implementation/openbao/values_20241113103308.yaml new file mode 100644 index 0000000..e69de29 diff --git a/.history/ref-implementation/openbao/values_20241113103317.yaml b/.history/ref-implementation/openbao/values_20241113103317.yaml new file mode 100644 index 0000000..30d74d2 --- /dev/null +++ b/.history/ref-implementation/openbao/values_20241113103317.yaml @@ -0,0 +1 @@ +test \ No newline at end of file diff --git a/.history/ref-implementation/openbao/values_20241113103322.yaml b/.history/ref-implementation/openbao/values_20241113103322.yaml new file mode 100644 index 0000000..23f90b4 --- /dev/null +++ b/.history/ref-implementation/openbao/values_20241113103322.yaml @@ -0,0 +1 @@ +test:123 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/values_20241113103326.yaml b/.history/ref-implementation/openbao/values_20241113103326.yaml new file mode 100644 index 0000000..07fb25f --- /dev/null +++ b/.history/ref-implementation/openbao/values_20241113103326.yaml @@ -0,0 +1 @@ +test: 123 \ No newline at end of file diff --git a/.history/ref-implementation/openbao/values_20241113105141.yaml b/.history/ref-implementation/openbao/values_20241113105141.yaml new file mode 100644 index 0000000..623e208 --- /dev/null +++ b/.history/ref-implementation/openbao/values_20241113105141.yaml @@ -0,0 +1,2 @@ +global: + domain: cnoe.localtest.me \ No newline at end of file diff --git a/.history/ref-implementation/openbao/values_20241113105142.yaml b/.history/ref-implementation/openbao/values_20241113105142.yaml new file mode 100644 index 0000000..623e208 --- /dev/null +++ b/.history/ref-implementation/openbao/values_20241113105142.yaml @@ -0,0 +1,2 @@ +global: + domain: cnoe.localtest.me \ No newline at end of file diff --git a/.history/ref-implementation/openbao_20241111143100.yaml b/.history/ref-implementation/openbao_20241111143100.yaml new file mode 100644 index 0000000..a132e8d --- /dev/null +++ b/.history/ref-implementation/openbao_20241111143100.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: open-bao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: open-bao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241111143152.yaml b/.history/ref-implementation/openbao_20241111143152.yaml new file mode 100644 index 0000000..aa23be6 --- /dev/null +++ b/.history/ref-implementation/openbao_20241111143152.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: open-bao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241111143207.yaml b/.history/ref-implementation/openbao_20241111143207.yaml new file mode 100644 index 0000000..8a632d4 --- /dev/null +++ b/.history/ref-implementation/openbao_20241111143207.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241111150421.yaml b/.history/ref-implementation/openbao_20241111150421.yaml new file mode 100644 index 0000000..ecce75a --- /dev/null +++ b/.history/ref-implementation/openbao_20241111150421.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd + labels: + example: dev +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241111150423.yaml b/.history/ref-implementation/openbao_20241111150423.yaml new file mode 100644 index 0000000..8a632d4 --- /dev/null +++ b/.history/ref-implementation/openbao_20241111150423.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd + labels: + env: dev +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103833.yaml b/.history/ref-implementation/openbao_20241112103833.yaml new file mode 100644 index 0000000..d06ab5e --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103833.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103904.yaml b/.history/ref-implementation/openbao_20241112103904.yaml new file mode 100644 index 0000000..8bcfa6f --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103904.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103909.yaml b/.history/ref-implementation/openbao_20241112103909.yaml new file mode 100644 index 0000000..997633d --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103909.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103930.yaml b/.history/ref-implementation/openbao_20241112103930.yaml new file mode 100644 index 0000000..8d19f61 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103930.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103938.yaml b/.history/ref-implementation/openbao_20241112103938.yaml new file mode 100644 index 0000000..76b59a3 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103938.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112103940.yaml b/.history/ref-implementation/openbao_20241112103940.yaml new file mode 100644 index 0000000..8d19f61 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112103940.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110613.yaml b/.history/ref-implementation/openbao_20241112110613.yaml new file mode 100644 index 0000000..0ff12a4 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110613.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + //repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110615.yaml b/.history/ref-implementation/openbao_20241112110615.yaml new file mode 100644 index 0000000..dd920ca --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110615.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + # repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110641.yaml b/.history/ref-implementation/openbao_20241112110641.yaml new file mode 100644 index 0000000..8d19f61 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110641.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: 'https://github.com/openbao/openbao.git' + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110645.yaml b/.history/ref-implementation/openbao_20241112110645.yaml new file mode 100644 index 0000000..acc1c64 --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110645.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: main + path: "openbao" + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110651.yaml b/.history/ref-implementation/openbao_20241112110651.yaml new file mode 100644 index 0000000..627b1fd --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110651.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: main + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110747.yaml b/.history/ref-implementation/openbao_20241112110747.yaml new file mode 100644 index 0000000..e398adc --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110747.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://keycloak/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241112110753.yaml b/.history/ref-implementation/openbao_20241112110753.yaml new file mode 100644 index 0000000..d06ab5e --- /dev/null +++ b/.history/ref-implementation/openbao_20241112110753.yaml @@ -0,0 +1,19 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd +spec: + destination: + namespace: openbao + server: "https://kubernetes.default.svc" + source: + repoURL: cnoe://openbao/manifests + targetRevision: HEAD + path: "." + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/.history/ref-implementation/openbao_20241113102912.yaml b/.history/ref-implementation/openbao_20241113102912.yaml new file mode 100644 index 0000000..164c5fb --- /dev/null +++ b/.history/ref-implementation/openbao_20241113102912.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/argoproj/argo-helm + path: charts/argo-cd + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/argocd/values.yaml + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values diff --git a/.history/ref-implementation/openbao_20241113103006.yaml b/.history/ref-implementation/openbao_20241113103006.yaml new file mode 100644 index 0000000..4879383 --- /dev/null +++ b/.history/ref-implementation/openbao_20241113103006.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/openbao/openbao-helm.git + path: charts/argo-cd + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/argocd/values.yaml + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values diff --git a/.history/ref-implementation/openbao_20241113103024.yaml b/.history/ref-implementation/openbao_20241113103024.yaml new file mode 100644 index 0000000..dbd59b5 --- /dev/null +++ b/.history/ref-implementation/openbao_20241113103024.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/openbao/openbao-helm.git + path: charts/openbao + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/argocd/values.yaml + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values diff --git a/.history/ref-implementation/openbao_20241113103029.yaml b/.history/ref-implementation/openbao_20241113103029.yaml new file mode 100644 index 0000000..8d66475 --- /dev/null +++ b/.history/ref-implementation/openbao_20241113103029.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/openbao/openbao-helm.git + path: charts/openbao + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/openbao/values.yaml + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values diff --git a/.history/ref-implementation/openbao_20241113104501.yaml b/.history/ref-implementation/openbao_20241113104501.yaml new file mode 100644 index 0000000..b2e7e7f --- /dev/null +++ b/.history/ref-implementation/openbao_20241113104501.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: argocd + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: argocd + sources: + - repoURL: https://github.com/openbao/openbao-helm.git + path: charts/openbao + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/openbao/values.yaml + # - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + # targetRevision: HEAD + # ref: values diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..fd34068 --- /dev/null +++ b/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [2023] Autodesk + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/README.md b/README.md index b537028..15f02f1 100644 --- a/README.md +++ b/README.md @@ -16,3 +16,4 @@ See [the instructions](https://github.com/cnoe-io/idpbuilder?tab=readme-ov-file# - **[Local Backup](./local-backup)**. How do I make sure my work is backed up? - **[Localstack](./localstack-integration)**. Use [LocalStack](https://github.com/localstack/localstack) to test out cloud integrations. - **[Terraform Integrations](./terraform-integrations)**. Integrating Terraform with Reference Implementation. +- **[Dapr Integration](./dapr-integrations)**. Integrating the Dapr APIs for Building Secure and Reliable Microservices . diff --git a/crossplane-integrations/README.md b/crossplane-integrations/README.md new file mode 100755 index 0000000..86dc284 --- /dev/null +++ b/crossplane-integrations/README.md @@ -0,0 +1,37 @@ +# Crossplane Integrations for Backstage + +`idpBuilder` is extensible to launch custom Crossplane patterns using package extensions. + +Please use the below command to deploy an IDP reference implementation with an Argo application for preparing up the setup for terraform integrations: + +```bash +idpbuilder create \ + --use-path-routing \ + --package https://github.com/cnoe-io/stacks//ref-implementation \ + --package https://github.com/cnoe-io/stacks//crossplane-integrations +``` +## What is installed? + +1. Crossplane Runtime +1. AWS providers +1. Basic Compositions + +This needs your credentials for this to work. Follow the Crossplane installation documentation on how to add your credentials. + +## Application with cloud resources. + +With this integration, we can deploy an application with cloud resources using Backstage templates from the reference implementation, together with Crossplane integrations. + +In this example, we will create an application with a S3 Bucket. + +Choose a template named `App with S3 bucket`, type `demo3` as the name, then choose a region to create this bucket in. + +Once you click the create button, you will have a very similar setup as the basic example. +The only difference is we now have a resource for a S3 Bucket which is managed by Crossplane. + +Note that Bucket is **not** created because Crossplane doesn't have necessary credentials to do so. +If you'd like it to actually create a bucket, update [the credentials secret file](crossplane-providers/provider-secret.yaml), then run `idpbuilder create --package https://github.com/cnoe-io/stacks//ref-implementation`. + +In this example, we used Crossplane to provision resources, but you can use other cloud resource management tools such as Terraform instead. + +Regardless of your tool choice, concepts are the same. We use Backstage as the templating mechanism and UI for users, then use Kubernetes API with GitOps to deploy resources. diff --git a/ref-implementation/crossplane-compositions.yaml b/crossplane-integrations/crossplane-compositions.yaml old mode 100644 new mode 100755 similarity index 88% rename from ref-implementation/crossplane-compositions.yaml rename to crossplane-integrations/crossplane-compositions.yaml index f46fc7a..51deb74 --- a/ref-implementation/crossplane-compositions.yaml +++ b/crossplane-integrations/crossplane-compositions.yaml @@ -10,7 +10,7 @@ metadata: spec: project: default source: - repoURL: cnoe://crossplane-compositions/manifests + repoURL: cnoe://crossplane-compositions targetRevision: HEAD path: "." directory: diff --git a/ref-implementation/crossplane-compositions/manifests/s3/definition.yaml b/crossplane-integrations/crossplane-compositions/s3/definition.yaml similarity index 100% rename from ref-implementation/crossplane-compositions/manifests/s3/definition.yaml rename to crossplane-integrations/crossplane-compositions/s3/definition.yaml diff --git a/ref-implementation/crossplane-compositions/manifests/s3/general-purpose.yaml b/crossplane-integrations/crossplane-compositions/s3/general-purpose.yaml similarity index 100% rename from ref-implementation/crossplane-compositions/manifests/s3/general-purpose.yaml rename to crossplane-integrations/crossplane-compositions/s3/general-purpose.yaml diff --git a/ref-implementation/crossplane-providers.yaml b/crossplane-integrations/crossplane-providers.yaml old mode 100644 new mode 100755 similarity index 100% rename from ref-implementation/crossplane-providers.yaml rename to crossplane-integrations/crossplane-providers.yaml diff --git a/ref-implementation/crossplane-providers/provider-aws.yaml b/crossplane-integrations/crossplane-providers/provider-aws.yaml similarity index 100% rename from ref-implementation/crossplane-providers/provider-aws.yaml rename to crossplane-integrations/crossplane-providers/provider-aws.yaml diff --git a/ref-implementation/crossplane-providers/provider-config.yaml b/crossplane-integrations/crossplane-providers/provider-config.yaml similarity index 100% rename from ref-implementation/crossplane-providers/provider-config.yaml rename to crossplane-integrations/crossplane-providers/provider-config.yaml diff --git a/ref-implementation/crossplane-providers/provider-secret.yaml b/crossplane-integrations/crossplane-providers/provider-secret.yaml similarity index 100% rename from ref-implementation/crossplane-providers/provider-secret.yaml rename to crossplane-integrations/crossplane-providers/provider-secret.yaml diff --git a/ref-implementation/crossplane.yaml b/crossplane-integrations/crossplane.yaml old mode 100644 new mode 100755 similarity index 100% rename from ref-implementation/crossplane.yaml rename to crossplane-integrations/crossplane.yaml diff --git a/dapr-integration/README.md b/dapr-integration/README.md new file mode 100644 index 0000000..f74e559 --- /dev/null +++ b/dapr-integration/README.md @@ -0,0 +1,66 @@ +# Dapr Integrations + +`idpBuilder` is extensible to launch custom Dapr patterns using package extensions. + +Please use the following command to deploy Dapr using `idpbuilder`: + +```bash +idpbuilder create \ + --use-path-routing \ + --p https://github.com/cnoe-io/stacks//dapr-integrations +``` + +Notice that you can add Dapr to the reference implementation: + +```bash +idpbuilder create \ + --use-path-routing \ + --p https://github.com/cnoe-io/stacks//ref-implementation + --p https://github.com/cnoe-io/stacks//dapr-integrations +``` + +## What is installed? + +1. Dapr Control Plane +1. Dapr Statestore and PubSub components +2. Redis instance to support Statestore and Pubsub components + +Once installed, you can enable your workloads (Deployments) to use the Dapr APIs by using the Dapr annotations: + +``` +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nodeapp + labels: + app: node +spec: + replicas: 1 + selector: + matchLabels: + app: node + template: + metadata: + labels: + app: node + annotations: + dapr.io/enabled: "true" + dapr.io/app-id: "nodeapp" + dapr.io/app-port: "3000" + dapr.io/enable-api-logging: "true" + spec: + containers: + - name: node + image: ghcr.io/dapr/samples/hello-k8s-node:latest + env: + - name: APP_PORT + value: "3000" + ports: + - containerPort: 3000 + imagePullPolicy: Always +``` +This example creates a Dapr-enabled Kubernetes Deployment (setting the `dapr.io/*` annotations). This application can now use the Dapr APIs to interact with the Statestore and PubSub components provided by the default installation. Applications can be written in any programming language, check the [Dapr SDKs here](https://docs.dapr.io/developing-applications/sdks/). + +For more information, check the Hello Kubernetes Dapr tutorial [here](https://github.com/dapr/quickstarts/tree/master/tutorials/hello-kubernetes) + + diff --git a/dapr-integration/dapr-components.yaml b/dapr-integration/dapr-components.yaml new file mode 100644 index 0000000..dad0965 --- /dev/null +++ b/dapr-integration/dapr-components.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: dapr-components + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: cnoe://dapr-components + targetRevision: HEAD + path: "." + directory: + recurse: true + destination: + server: "https://kubernetes.default.svc" + namespace: default + syncPolicy: + automated: {} diff --git a/dapr-integration/dapr-components/pubsub.yaml b/dapr-integration/dapr-components/pubsub.yaml new file mode 100644 index 0000000..15372ee --- /dev/null +++ b/dapr-integration/dapr-components/pubsub.yaml @@ -0,0 +1,21 @@ +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: pubsub +spec: + type: pubsub.redis + version: v1 + metadata: + # These settings will work out of the box if you use `helm install + # bitnami/redis`. If you have your own setup, replace + # `redis-master:6379` with your own Redis master address, and the + # Redis password with your own Secret's name. For more information, + # see https://docs.dapr.io/operations/components/component-secrets . + - name: redisHost + value: redis-master:6379 + - name: redisPassword + secretKeyRef: + name: redis + key: redis-password +auth: + secretStore: kubernetes \ No newline at end of file diff --git a/dapr-integration/dapr-components/statestore.yaml b/dapr-integration/dapr-components/statestore.yaml new file mode 100644 index 0000000..5e35ea3 --- /dev/null +++ b/dapr-integration/dapr-components/statestore.yaml @@ -0,0 +1,16 @@ +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: statestore +spec: + type: state.redis + version: v1 + metadata: + - name: redisHost + value: redis-master:6379 + - name: redisPassword + secretKeyRef: + name: redis + key: redis-password +auth: + secretStore: kubernetes \ No newline at end of file diff --git a/terraform-integrations/terraform-workflows-templates.yaml b/dapr-integration/dapr.yaml similarity index 55% rename from terraform-integrations/terraform-workflows-templates.yaml rename to dapr-integration/dapr.yaml index 106aa44..3e81c4c 100644 --- a/terraform-integrations/terraform-workflows-templates.yaml +++ b/dapr-integration/dapr.yaml @@ -1,7 +1,7 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: terraform-argo-workflows-templates + name: dapr namespace: argocd labels: env: dev @@ -10,16 +10,17 @@ metadata: spec: project: default source: - repoURL: https://github.com/cnoe-io/backstage-terraform-integrations - targetRevision: main - path: argo-workflows-templates/dev + repoURL: 'https://dapr.github.io/helm-charts/' + targetRevision: 1.13.5 + helm: + releaseName: dapr + chart: dapr destination: - server: "https://kubernetes.default.svc" - namespace: argo + server: 'https://kubernetes.default.svc' + namespace: dapr-system syncPolicy: automated: prune: true + selfHeal: true syncOptions: - CreateNamespace=true - automated: - selfHeal: true diff --git a/dapr-integration/redis.yaml b/dapr-integration/redis.yaml new file mode 100644 index 0000000..b6eefb1 --- /dev/null +++ b/dapr-integration/redis.yaml @@ -0,0 +1,28 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: redis-dapr + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: 'registry-1.docker.io/bitnamicharts' + targetRevision: 19.6.4 + helm: + valuesObject: + architecture: standalone + releaseName: redis + chart: redis + destination: + server: 'https://kubernetes.default.svc' + namespace: default + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/jupyterhub/README.md b/jupyterhub/README.md new file mode 100644 index 0000000..b1bc25f --- /dev/null +++ b/jupyterhub/README.md @@ -0,0 +1,17 @@ +# Jupyterhub Stack + +This directory contains a Jupyterhub deployment that's integrated with Keycloak + +## Caveats +1) Reliance on `ref-implementation` for SSO + - This is possible to work around by setting `authenticator_class` in the `jupyterhub.yaml` to `dummy`. + +## Components +- Jupyterhub + +## Installation +Note: The stack is configured to use Keycloak for SSO; therefore, the ref-implementation is required for this to work. + +`idpbuilder create --use-path-routing -p https://github.com/cnoe-io/stacks//ref-implementation -p https://github.com/cnoe-io/stacks//jupyterhub` + +A `jupyterhub-config` job will be deployed into the keycloak namespace to create/patch some of the keycloak components. If deployed at the same time as the `ref-implementation`, this job will fail until the `config` job succeeds. This is normal diff --git a/jupyterhub/jupyterhub.yaml b/jupyterhub/jupyterhub.yaml new file mode 100644 index 0000000..4ae67c3 --- /dev/null +++ b/jupyterhub/jupyterhub.yaml @@ -0,0 +1,54 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: jupyterhub + namespace: argocd + labels: + env: dev + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + sources: + - repoURL: 'https://jupyterhub.github.io/helm-chart/' + targetRevision: 3.3.7 + helm: + releaseName: jupyterhub + values: | + hub: + baseUrl: /jupyterhub + extraEnv: + - name: OAUTH_TLS_VERIFY # for getting around self signed certificate issue + value: "0" + - name: OAUTH_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: jupyterhub-oidc + key: JUPYTERHUB_OAUTH_CLIENT_SECRET + config: + GenericOAuthenticator: + oauth_callback_url: https://cnoe.localtest.me:8443/jupyterhub/hub/oauth_callback + client_id: jupyterhub + authorize_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/auth + token_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/token + userdata_url: https://cnoe.localtest.me:8443/keycloak/realms/cnoe/protocol/openid-connect/userinfo + scope: + - openid + - profile + username_key: "preferred_username" + login_service: "keycloak" + allow_all: true # Allows all oauth authenticated users to use Jupyterhub. For finer grained control, you can use `allowed_users`: https://jupyterhub.readthedocs.io/en/stable/tutorial/getting-started/authenticators-users-basics.html#deciding-who-is-allowed + JupyterHub: + authenticator_class: generic-oauth + chart: jupyterhub + - repoURL: cnoe://jupyterhub + targetRevision: HEAD + path: "manifests" + destination: + server: "https://kubernetes.default.svc" + namespace: jupyterhub + syncPolicy: + syncOptions: + - CreateNamespace=true + automated: + selfHeal: true diff --git a/jupyterhub/jupyterhub/manifests/jupyterhub-config.yaml b/jupyterhub/jupyterhub/manifests/jupyterhub-config.yaml new file mode 100644 index 0000000..1a3b330 --- /dev/null +++ b/jupyterhub/jupyterhub/manifests/jupyterhub-config.yaml @@ -0,0 +1,127 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: jupyterhub-config-job + namespace: keycloak +data: + jupyterhub-client-payload.json: | + { + "protocol": "openid-connect", + "clientId": "jupyterhub", + "name": "Jupyterhub Client", + "description": "Used for Jupyterhub SSO", + "publicClient": false, + "authorizationServicesEnabled": false, + "serviceAccountsEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "standardFlowEnabled": true, + "frontchannelLogout": true, + "attributes": { + "saml_idp_initiated_sso_url_name": "", + "oauth2.device.authorization.grant.enabled": false, + "oidc.ciba.grant.enabled": false + }, + "alwaysDisplayInConsole": false, + "rootUrl": "", + "baseUrl": "", + "redirectUris": [ + "https://cnoe.localtest.me:8443/jupyterhub/hub/oauth_callback" + ], + "webOrigins": [ + "/*" + ] + } +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: jupyterhub-config + namespace: keycloak +spec: + template: + metadata: + generateName: jupyterhub-config + spec: + serviceAccountName: keycloak-config + restartPolicy: Never + volumes: + - name: keycloak-config + secret: + secretName: keycloak-config + - name: config-payloads + configMap: + name: jupyterhub-config-job + containers: + - name: kubectl + image: docker.io/library/ubuntu:22.04 + volumeMounts: + - name: keycloak-config + readOnly: true + mountPath: "/var/secrets/" + - name: config-payloads + readOnly: true + mountPath: "/var/config/" + command: ["/bin/bash", "-c"] + args: + - | + #! /bin/bash + set -ex -o pipefail + apt -qq update && apt -qq install curl jq gettext-base -y + + curl -sS -LO "https://dl.k8s.io/release/v1.28.3//bin/linux/amd64/kubectl" + chmod +x kubectl + + echo "checking if we're ready to start" + set +e + ./kubectl get secret -n keycloak keycloak-clients &> /dev/null + if [ $? -ne 0 ]; then + exit 1 + fi + set -e + + ADMIN_PASSWORD=$(cat /var/secrets/KEYCLOAK_ADMIN_PASSWORD) + KEYCLOAK_URL=http://keycloak.keycloak.svc.cluster.local:8080/keycloak + KEYCLOAK_TOKEN=$(curl -sS --fail-with-body -X POST -H "Content-Type: application/x-www-form-urlencoded" \ + --data-urlencode "username=cnoe-admin" \ + --data-urlencode "password=${ADMIN_PASSWORD}" \ + --data-urlencode "grant_type=password" \ + --data-urlencode "client_id=admin-cli" \ + ${KEYCLOAK_URL}/realms/master/protocol/openid-connect/token | jq -e -r '.access_token') + + set +e + + curl --fail-with-body -H "Authorization: bearer ${KEYCLOAK_TOKEN}" "${KEYCLOAK_URL}/admin/realms/cnoe" &> /dev/null + if [ $? -ne 0 ]; then + exit 0 + fi + set -e + + echo "creating Jupyterhub client" + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X POST --data @/var/config/jupyterhub-client-payload.json \ + ${KEYCLOAK_URL}/admin/realms/cnoe/clients + + CLIENT_ID=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients | jq -e -r '.[] | select(.clientId == "jupyterhub") | .id') + + CLIENT_SCOPE_GROUPS_ID=$(curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/client-scopes | jq -e -r '.[] | select(.name == "groups") | .id') + curl -sS -H "Content-Type: application/json" -H "Authorization: bearer ${KEYCLOAK_TOKEN}" -X PUT ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID}/default-client-scopes/${CLIENT_SCOPE_GROUPS_ID} + + JUPYTERHUB_CLIENT_SECRET=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: bearer ${KEYCLOAK_TOKEN}" \ + -X GET ${KEYCLOAK_URL}/admin/realms/cnoe/clients/${CLIENT_ID} | jq -e -r '.secret') + + ./kubectl patch secret -n keycloak keycloak-clients --type=json \ + -p='[{ + "op" : "add" , + "path" : "/data/JUPYTERHUB_CLIENT_SECRET" , + "value" : "'$(echo -n "$JUPYTERHUB_CLIENT_SECRET" | base64 -w 0)'" + },{ + "op" : "add" , + "path" : "/data/JUPYTERHUB_CLIENT_ID" , + "value" : "'$(echo -n "jupyterhub" | base64 -w 0)'" + }]' diff --git a/jupyterhub/jupyterhub/manifests/jupyterhub-external-secrets.yaml b/jupyterhub/jupyterhub/manifests/jupyterhub-external-secrets.yaml new file mode 100644 index 0000000..a300333 --- /dev/null +++ b/jupyterhub/jupyterhub/manifests/jupyterhub-external-secrets.yaml @@ -0,0 +1,20 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: keycloak-oidc + namespace: jupyterhub +spec: + secretStoreRef: + name: keycloak + kind: ClusterSecretStore + target: + name: jupyterhub-oidc + data: + - secretKey: JUPYTERHUB_OAUTH_CLIENT_ID + remoteRef: + key: keycloak-clients + property: JUPYTERHUB_CLIENT_ID + - secretKey: JUPYTERHUB_OAUTH_CLIENT_SECRET + remoteRef: + key: keycloak-clients + property: JUPYTERHUB_CLIENT_SECRET diff --git a/jupyterhub/jupyterhub/manifests/jupyterhub-ingress.yaml b/jupyterhub/jupyterhub/manifests/jupyterhub-ingress.yaml new file mode 100644 index 0000000..94f39e3 --- /dev/null +++ b/jupyterhub/jupyterhub/manifests/jupyterhub-ingress.yaml @@ -0,0 +1,32 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: jupyterhub-ingress + namespace: jupyterhub + annotations: + nginx.ingress.kubernetes.io/backend-protocol: HTTP + nginx.ingress.kubernetes.io/rewrite-target: /jupyterhub/$2 + nginx.ingress.kubernetes.io/use-regex: 'true' +spec: + ingressClassName: nginx + rules: + - host: cnoe.localtest.me + http: + paths: + - path: /jupyterhub(/|$)(.*) + pathType: ImplementationSpecific + backend: + service: + name: proxy-public + port: + number: 80 + - host: localhost + http: + paths: + - path: /jupyterhub(/|$)(.*) + pathType: ImplementationSpecific + backend: + service: + name: proxy-public + port: + number: 80 diff --git a/kyverno-integration/README.md b/kyverno-integration/README.md new file mode 100644 index 0000000..346484e --- /dev/null +++ b/kyverno-integration/README.md @@ -0,0 +1,46 @@ +# Kyverno Stack + +Implementation of Kyverno for CNOE + +## Components + +The Stack installs `Kyverno` and optionally `Kyverno Pod Security Policies - Restricted` implementation. By default users should use: + - `module/audit` - for testing and understanding of the impact + - `module/enforce` - once the proper state of platform is understood and all necessary workload exceptions or violations have been accounted for. + - If you chose to enable `Enforce` mode. Exceptions for the following `ref-implementation` components are included, to ensure proper operability: + - [ArgoCD](modules/enforce/exceptions/argocd.yaml) + - [Crossplane](modules/enforce/exceptions/crossplane.yaml) + - [Backstage](modules/enforce/exceptions/backstage.yaml) + - [Ingress-Nginx](modules/enforce/exceptions/ingress-nginx.yaml) + - [Kind cluster](modules/enforce/exceptions/kind.yaml), this should mainly be needed when testing `ref-implementation` on a `kind` installation + +*NOTE* - enabling `Enforce` mode without prior testing will most likely cause issues for NEW workloads, already existing workloads will not be affected immediately, always start with `Audit` unless you are completely sure of the impact enabling blocking policies will have on your platform. + +## Installation + +You can use and test out this stack without using any policies, using the `ref-implementation` as follows: + +```bash +idpbuilder create --use-path-routing \ + -p https://github.com/cnoe-io/stacks//ref-implementation \ + -p https://github.com/cnoe-io/stacks//kyverno-integration +``` + +Depending on your use case, install the Kubernetes PSS Policies in `Audit`, implemented in Kyverno as follows: + +```bash +idpbuilder create --use-path-routing \ + -p https://github.com/cnoe-io/stacks//ref-implementation \ + -p https://github.com/cnoe-io/stacks//kyverno-integration \ + -p https://github.com/cnoe-io/stacks//kyverno-integration/modules/audit +``` + +If you would like to change to `Enforce` mode: + +```bash +idpbuilder create --use-path-routing \ + -p https://github.com/cnoe-io/stacks//ref-implementation \ + -p https://github.com/cnoe-io/stacks//kyverno-integration \ + -p https://github.com/cnoe-io/stacks//kyverno-integration/modules/enforce +``` + diff --git a/kyverno-integration/kyverno.yaml b/kyverno-integration/kyverno.yaml new file mode 100644 index 0000000..8816923 --- /dev/null +++ b/kyverno-integration/kyverno.yaml @@ -0,0 +1,31 @@ +kind: Application +apiVersion: argoproj.io/v1alpha1 +metadata: + name: kyverno + namespace: argocd +spec: + project: default + source: + chart: kyverno + repoURL: https://kyverno.github.io/kyverno/ + targetRevision: 3.2.7 + helm: + releaseName: kyverno + valuesObject: + kyverno.fullname: kyverno + destination: + server: "https://kubernetes.default.svc" + namespace: kyverno + syncPolicy: + syncOptions: + - Replace=true + - CreateNamespace=true + automated: + selfHeal: true + prune: true + retry: + limit: 30 + backoff: + duration: 5s + factor: 2 + maxDuration: 3m0s diff --git a/kyverno-integration/modules/audit/kyverno-pss-policies-audit.yaml b/kyverno-integration/modules/audit/kyverno-pss-policies-audit.yaml new file mode 100644 index 0000000..4d38eb6 --- /dev/null +++ b/kyverno-integration/modules/audit/kyverno-pss-policies-audit.yaml @@ -0,0 +1,33 @@ +kind: Application +apiVersion: argoproj.io/v1alpha1 +metadata: + name: kyverno-pss-policies-audit + namespace: argocd +spec: + project: default + source: + repoURL: https://github.com/kyverno/kyverno + targetRevision: 3.2.7 + path: charts/kyverno-policies + helm: + releaseName: "kyverno-policies" + parameters: + - name: "podSecurityStandard" + value: restricted + - name: "validationFailureAction" + value: Audit + - name: "podSecuritySeverity" + value: High + destination: + server: "https://kubernetes.default.svc" + syncPolicy: + syncOptions: + - Replace=true + automated: + selfHeal: true + retry: + limit: 30 + backoff: + duration: 5s + factor: 2 + maxDuration: 3m0s diff --git a/kyverno-integration/modules/enforce/exceptions/argocd.yaml b/kyverno-integration/modules/enforce/exceptions/argocd.yaml new file mode 100644 index 0000000..b10e933 --- /dev/null +++ b/kyverno-integration/modules/enforce/exceptions/argocd.yaml @@ -0,0 +1,35 @@ +apiVersion: kyverno.io/v2beta1 +kind: PolicyException +metadata: + name: argocd-cnoe-operation + namespace: kyverno +spec: + exceptions: + - policyName: disallow-privilege-escalation + ruleNames: + - privilege-escalation + - autogen-privilege-escalation + - policyName: disallow-capabilities-strict + ruleNames: + - require-drop-all + - autogen-require-drop-all + - policyName: require-run-as-nonroot + ruleNames: + - run-as-non-root + - autogen-run-as-non-root + - policyName: restrict-seccomp-strict + ruleNames: + - check-seccomp-strict + - autogen-check-seccomp-strict + match: + any: + - resources: + kinds: + - Pod + - Deployment + - ReplicaSet + namespaces: + - argocd + names: + # TODO: this should be more targeted than blanket * + - argocd-* diff --git a/kyverno-integration/modules/enforce/exceptions/backstage.yaml b/kyverno-integration/modules/enforce/exceptions/backstage.yaml new file mode 100644 index 0000000..5620a0e --- /dev/null +++ b/kyverno-integration/modules/enforce/exceptions/backstage.yaml @@ -0,0 +1,35 @@ +apiVersion: kyverno.io/v2beta1 +kind: PolicyException +metadata: + name: backstage-cnoe-operation + namespace: kyverno +spec: + exceptions: + - policyName: disallow-privilege-escalation + ruleNames: + - privilege-escalation + - autogen-privilege-escalation + - policyName: disallow-capabilities-strict + ruleNames: + - require-drop-all + - autogen-require-drop-all + - policyName: require-run-as-nonroot + ruleNames: + - run-as-non-root + - autogen-run-as-non-root + - policyName: restrict-seccomp-strict + ruleNames: + - check-seccomp-strict + - autogen-check-seccomp-strict + match: + any: + - resources: + kinds: + - Pod + - Deployment + - ReplicaSet + namespaces: + - backstage + names: + # TODO: this should be more targeted than blanket * + - backstage* diff --git a/kyverno-integration/modules/enforce/exceptions/crossplane.yaml b/kyverno-integration/modules/enforce/exceptions/crossplane.yaml new file mode 100644 index 0000000..eaacbf3 --- /dev/null +++ b/kyverno-integration/modules/enforce/exceptions/crossplane.yaml @@ -0,0 +1,36 @@ +apiVersion: kyverno.io/v2beta1 +kind: PolicyException +metadata: + name: crossplane-system-cnoe-operation + namespace: kyverno +spec: + exceptions: + - policyName: disallow-capabilities-strict + ruleNames: + - require-drop-all + - autogen-require-drop-all + - policyName: disallow-privilege-escalation + ruleNames: + - privilege-escalation + - autogen-privilege-escalation + - policyName: require-run-as-nonroot + ruleNames: + - run-as-non-root + - autogen-run-as-non-root + - policyName: restrict-seccomp-strict + ruleNames: + - check-seccomp-strict + - autogen-check-seccomp-strict + match: + any: + - resources: + kinds: + - Pod + - Deployment + - ReplicaSet + namespaces: + - crossplane-system + names: + # TODO: this should be more targeted than blanket * + - crossplane* + - upbound-provider-* diff --git a/kyverno-integration/modules/enforce/exceptions/ingress-nginx.yaml b/kyverno-integration/modules/enforce/exceptions/ingress-nginx.yaml new file mode 100644 index 0000000..24ccaa7 --- /dev/null +++ b/kyverno-integration/modules/enforce/exceptions/ingress-nginx.yaml @@ -0,0 +1,22 @@ +apiVersion: kyverno.io/v2beta1 +kind: PolicyException +metadata: + name: ingress-nginx-cnoe-operation + namespace: kyverno +spec: + exceptions: + - policyName: disallow-host-ports + ruleNames: + - host-ports-none + - autogen-host-ports-none + match: + any: + - resources: + kinds: + - Pod + - Deployment + - ReplicaSet + namespaces: + - ingress-nginx + names: + - ingress-nginx* diff --git a/kyverno-integration/modules/enforce/exceptions/kind.yaml b/kyverno-integration/modules/enforce/exceptions/kind.yaml new file mode 100644 index 0000000..6bb33ce --- /dev/null +++ b/kyverno-integration/modules/enforce/exceptions/kind.yaml @@ -0,0 +1,66 @@ +apiVersion: kyverno.io/v2beta1 +kind: PolicyException +metadata: + name: system-cnoe-operation + namespace: kyverno +spec: + exceptions: + - policyName: disallow-host-path + ruleNames: + - host-path + - autogen-host-path + - policyName: disallow-privilege-escalation + ruleNames: + - privilege-escalation + - autogen-privilege-escalation + - policyName: disallow-privileged-containers + ruleNames: + - privileged-containers + - autogen-privileged-containers + - policyName: disallow-capabilities-strict + ruleNames: + - require-drop-all + - autogen-require-drop-all + - adding-capabilities-strict + - autogen-adding-capabilities-strict + - adding-capabilities + - autogen-adding-capabilities + - policyName: disallow-capabilities + ruleNames: + - adding-capabilities + - autogen-adding-capabilities + - policyName: require-run-as-nonroot + ruleNames: + - run-as-non-root + - autogen-run-as-non-root + - policyName: restrict-seccomp-strict + ruleNames: + - check-seccomp-strict + - autogen-check-seccomp-strict + - policyName: restrict-volume-types + ruleNames: + - restricted-volumes + - autogen-restricted-volumes + - policyName: disallow-host-namespaces + ruleNames: + - host-namespaces + - autogen-host-namespaces + match: + any: + - resources: + kinds: + - Pod + - Deployment + - ReplicaSet + - StatefulSet + - DaemonSet + namespaces: + - kube-system + - local-path-storage + names: + # TODO: this should be more targeted than blanket * + - kube-* + - kindnet* + - local-path* + - coredns* + - etcd-* diff --git a/kyverno-integration/modules/enforce/kyverno-pss-exceptions.yaml b/kyverno-integration/modules/enforce/kyverno-pss-exceptions.yaml new file mode 100644 index 0000000..dce95b4 --- /dev/null +++ b/kyverno-integration/modules/enforce/kyverno-pss-exceptions.yaml @@ -0,0 +1,26 @@ +kind: Application +apiVersion: argoproj.io/v1alpha1 +metadata: + name: kyverno-pss-policies-enforce-exceptions + namespace: argocd +spec: + project: default + source: + repoURL: cnoe://exceptions + targetRevision: HEAD + path: "." + directory: + recurse: true + destination: + server: "https://kubernetes.default.svc" + syncPolicy: + syncOptions: + - Replace=true + automated: + selfHeal: true + retry: + limit: 30 + backoff: + duration: 5s + factor: 2 + maxDuration: 3m0s diff --git a/kyverno-integration/modules/enforce/kyverno-pss-policies-enforce.yaml b/kyverno-integration/modules/enforce/kyverno-pss-policies-enforce.yaml new file mode 100644 index 0000000..8545a51 --- /dev/null +++ b/kyverno-integration/modules/enforce/kyverno-pss-policies-enforce.yaml @@ -0,0 +1,33 @@ +kind: Application +apiVersion: argoproj.io/v1alpha1 +metadata: + name: kyverno-pss-policies-enforce + namespace: argocd +spec: + project: default + source: + repoURL: https://github.com/kyverno/kyverno + targetRevision: HEAD + path: charts/kyverno-policies + helm: + releaseName: "kyverno-policies" + parameters: + - name: "podSecurityStandard" + value: restricted + - name: "validationFailureAction" + value: Enforce + - name: "podSecuritySeverity" + value: High + destination: + server: "https://kubernetes.default.svc" + syncPolicy: + syncOptions: + - Replace=true + automated: + selfHeal: true + retry: + limit: 30 + backoff: + duration: 5s + factor: 2 + maxDuration: 3m0s diff --git a/local-backup/README.md b/local-backup/README.md index 8a08dfc..193c27f 100644 --- a/local-backup/README.md +++ b/local-backup/README.md @@ -1,7 +1,7 @@ # Local Backup with Velero and Minio This example creates a configuration that allows you to back up Kubernetes objects -to your laptop (or wherever you are running idpbuilder from). +to your laptop (or wherever you are running idpbuilder from). It assumes that idpBuilder is on the path and that you have cloned this repository. In short, it: 1. Creates a [MinIO](https://min.io/) installation that mounts a local directory. @@ -34,7 +34,7 @@ Once you've made the change, run this command from the root of this repository. # example: mkdir /Users/my-name/backup mkdir -idpbuilder create --kind-config examples/local-backup/kind.yaml --package-dir examples/local-backup/ +idpbuilder create --kind-config local-backup/kind.yaml --package local-backup/ ``` This command: @@ -81,7 +81,7 @@ kubectl apply -f https://raw.githubusercontent.com/vmware-tanzu/velero/main/exam Once they are created and running, create a backup. ```bash -kubectl apply -f examples/local-backup/demo/backup.yaml +kubectl apply -f local-backup/demo/backup.yaml ``` This command is equivalent to this Velero command: `velero backup create nginx-backup --selector app=nginx` @@ -119,7 +119,7 @@ kind delete clusters localdev && docker system prune -f Once it is destroyed, create it again. ```bash -idpbuilder create --kind-config examples/local-backup/kind.yaml --package-dir examples/local-backup/ +idpbuilder create --kind-config local-backup/kind.yaml --package local-backup/ ``` Make sure everything looks good: @@ -153,7 +153,7 @@ nginx-backup 1m Target this backup to restore objects. ```bash -kubectl apply -f examples/local-backup/demo/restore.yaml +kubectl apply -f local-backup/demo/restore.yaml ``` This command is equivalent to `velero restore create --from-backup nginx-backup`. diff --git a/localstack-integration/README.md b/localstack-integration/README.md index 0f53185..e24a947 100644 --- a/localstack-integration/README.md +++ b/localstack-integration/README.md @@ -5,8 +5,8 @@ Please use the below command to deploy an IDP reference implementation with an A ```bash idpbuilder create \ --use-path-routing \ - --package-dir https://github.com/cnoe-io/stacks//ref-implementation \ - --package-dir https://github.com/cnoe-io/stacks//localstack-integration + --package https://github.com/cnoe-io/stacks//ref-implementation \ + --package https://github.com/cnoe-io/stacks//localstack-integration ``` As you see above, this add-on to `idpbuilder` has a dependency on the [reference implementation](../ref-implementation/). This command primarily does the following: diff --git a/ref-implementation/README.md b/ref-implementation/README.md index efa33cc..7c42689 100644 --- a/ref-implementation/README.md +++ b/ref-implementation/README.md @@ -27,7 +27,7 @@ and be configured with the new host and port. you can use the [replace.sh](repla ```bash idpbuilder create --use-path-routing \ - --package-dir https://github.com/cnoe-io/stacks//ref-implementation + --package https://github.com/cnoe-io/stacks//ref-implementation ``` This will take ~6 minutes for everything to come up. To track the progress, you can go to the [ArgoCD UI](https://cnoe.localtest.me:8443/argocd/applications). @@ -35,20 +35,14 @@ This will take ~6 minutes for everything to come up. To track the progress, you ### What was installed? 1. **Argo Workflows** to enable workflow orchestrations. -2. **Backstage** as the UI for software catalog and templating. Source is available [here](https://github.com/cnoe-io/backstage-app). -3. **Crossplane**, AWS providers, and basic compositions for deploying cloud related resources (needs your credentials for this to work) -4. **External Secrets** to generate secrets and coordinate secrets between applications. -5. **Keycloak** as the identity provider for applications. -6. **Spark Operator** to demonstrate an example Spark workload through Backstage. +1. **Backstage** as the UI for software catalog and templating. Source is available [here](https://github.com/cnoe-io/backstage-app). +1. **External Secrets** to generate secrets and coordinate secrets between applications. +1. **Keycloak** as the identity provider for applications. +1. **Spark Operator** to demonstrate an example Spark workload through Backstage. If you don't want to install a package above, you can remove the ArgoCD Application file corresponding to the package you want to remove. For example, if you want to remove Spark Operator, you can delete [this file](./spark-operator.yaml). -```bash -# remove spark operator from this installation. -rm examples/ref-implementation/spark-operator.yaml -``` - The only package that cannot be removed this way is Keycloak because other packages rely on it. @@ -137,19 +131,10 @@ Back in the entity page, you can view more details about Spark jobs by navigatin ## Application with cloud resources. -Similar to the above, we can deploy an application with cloud resources using Backstage templates. -In this example, we will create an application with a S3 Bucket. +To deploy cloud resources, you can follow any of the instructions below: -Choose a template named `App with S3 bucket`, type `demo3` as the name, then choose a region to create this bucket in. - -Once you click the create button, you will have a very similar setup as the basic example. -The only difference is we now have a resource for a S3 Bucket which is managed by Crossplane. - -Note that Bucket is **not** created because Crossplane doesn't have necessary credentials to do so. -If you'd like it to actually create a bucket, update [the credentials secret file](crossplane-providers/provider-secret.yaml), then run `idpbuilder create --package-dir examples/ref-implementation`. - -In this example, we used Crossplane to provision resources, but you can use other cloud resource management tools such as Terraform instead. -Regardless of your tool choice, concepts are the same. We use Backstage as the templating mechanism and UI for users, then use Kubernetes API with GitOps to deploy resources. +- [Cloud resource deployments via Crossplane](../crossplane-integrations/) +- [Cloud resource deployments via Terraform](../terraform-integrations/) ## Notes diff --git a/ref-implementation/argo-workflows/manifests/dev/patches/deployment-argo-server.yaml b/ref-implementation/argo-workflows/manifests/dev/patches/deployment-argo-server.yaml index bcc03d5..5fc6c69 100644 --- a/ref-implementation/argo-workflows/manifests/dev/patches/deployment-argo-server.yaml +++ b/ref-implementation/argo-workflows/manifests/dev/patches/deployment-argo-server.yaml @@ -3,6 +3,8 @@ kind: Deployment metadata: name: argo-server namespace: argo + annotations: + argocd.argoproj.io/sync-wave: "20" spec: template: spec: @@ -25,4 +27,4 @@ spec: - "--loglevel" - "info" - "--log-format" - - "text" \ No newline at end of file + - "text" diff --git a/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/catalog-info.yaml b/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/catalog-info.yaml index 90c4e32..7eb1d36 100644 --- a/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/catalog-info.yaml +++ b/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/catalog-info.yaml @@ -7,7 +7,7 @@ metadata: argocd/app-name: ${{values.name | dump}} spec: type: s3-bucket - owner: guest + owner: guests --- apiVersion: backstage.io/v1alpha1 kind: Component @@ -15,6 +15,7 @@ metadata: name: ${{values.name | dump}} description: This is for testing purposes annotations: + backstage.io/techdocs-ref: dir:. backstage.io/kubernetes-label-selector: 'entity-id=${{values.name}}' backstage.io/kubernetes-namespace: default argocd/app-name: ${{values.name | dump}} @@ -23,8 +24,25 @@ metadata: title: Repo URL icon: github spec: - owner: guest + owner: guests lifecycle: experimental type: service + system: ${{values.name | dump}} dependsOn: - resource:default/${{values.name}}-bucket +--- +apiVersion: backstage.io/v1alpha1 +kind: System +metadata: + name: ${{values.name | dump}} + description: An example system for demonstration purposes + annotations: + backstage.io/techdocs-ref: dir:. + links: + - url: https://github.com/cnoe-io/stacks/tree/main/ref-implementation + title: CNOE Repo + icon: github +spec: + owner: guests + lifecycle: experimental + type: service diff --git a/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/docs/idpbuilder.md b/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/docs/idpbuilder.md new file mode 100644 index 0000000..3ec74fb --- /dev/null +++ b/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/docs/idpbuilder.md @@ -0,0 +1,46 @@ +[![Codespell][codespell-badge]][codespell-link] +[![E2E][e2e-badge]][e2e-link] +[![Go Report Card][report-badge]][report-link] +[![Commit Activity][commit-activity-badge]][commit-activity-link] + +# IDP Builder + +Internal development platform binary launcher. + +> **WORK IN PROGRESS**: This tool is in a pre-release stage and is under active development. + +## About + +Spin up a complete internal developer platform using industry standard technologies like Kubernetes, Argo, and backstage with only Docker required as a dependency. + +This can be useful in several ways: +* Create a single binary which can demonstrate an IDP reference implementation. +* Use within CI to perform integration testing. +* Use as a local development environment for platform engineers. + +## Getting Started + +Checkout our [documentation website](https://cnoe.io/docs/reference-implementation/installations/idpbuilder) for getting started with idpbuilder. + +## Community + +- If you have questions or concerns about this tool, please feel free to reach out to us on the [CNCF Slack Channel](https://cloud-native.slack.com/archives/C05TN9WFN5S). +- You can also join our community meetings to meet the team and ask any questions. Checkout [this calendar](https://calendar.google.com/calendar/embed?src=064a2adfce866ccb02e61663a09f99147f22f06374e7a8994066bdc81e066986%40group.calendar.google.com&ctz=America%2FLos_Angeles) for more information. + +## Contribution + +Checkout the [contribution doc](./CONTRIBUTING.md) for contribution guidelines and more information on how to set up your local environment. + + + +[codespell-badge]: https://github.com/cnoe-io/idpbuilder/actions/workflows/codespell.yaml/badge.svg +[codespell-link]: https://github.com/cnoe-io/idpbuilder/actions/workflows/codespell.yaml + +[e2e-badge]: https://github.com/cnoe-io/idpbuilder/actions/workflows/e2e.yaml/badge.svg +[e2e-link]: https://github.com/cnoe-io/idpbuilder/actions/workflows/e2e.yaml + +[report-badge]: https://goreportcard.com/badge/github.com/cnoe-io/idpbuilder +[report-link]: https://goreportcard.com/report/github.com/cnoe-io/idpbuilder + +[commit-activity-badge]: https://img.shields.io/github/commit-activity/m/cnoe-io/idpbuilder +[commit-activity-link]: https://github.com/cnoe-io/idpbuilder/pulse diff --git a/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/docs/images/cnoe-logo.png b/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/docs/images/cnoe-logo.png new file mode 100644 index 0000000..63b8f22 Binary files /dev/null and b/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/docs/images/cnoe-logo.png differ diff --git a/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/docs/index.md b/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/docs/index.md new file mode 100644 index 0000000..ace4440 --- /dev/null +++ b/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/docs/index.md @@ -0,0 +1,16 @@ +![cnoe logo](./images/cnoe-logo.png) + +# Example Basic Application + +Thanks for trying out this demo! In this example, we deployed a simple application with a S3 bucket using Crossplane. + + +### idpbuilder + +Checkout the idpbuilder website: https://cnoe.io/docs/reference-implementation/installations/idpbuilder + +Checkout the idpbuilder repository: https://github.com/cnoe-io/idpbuilder + +## Crossplane + +Checkout the Crossplane website: https://www.crossplane.io/ diff --git a/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/mkdocs.yml b/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/mkdocs.yml new file mode 100644 index 0000000..c8ae223 --- /dev/null +++ b/ref-implementation/backstage-templates/entities/app-with-bucket/skeleton/mkdocs.yml @@ -0,0 +1,6 @@ +site_name: 'Argo Spark Example' +nav: + - Home: index.md + - idpBuilder: idpbuilder.md +plugins: + - techdocs-core diff --git a/ref-implementation/backstage-templates/entities/app-with-bucket/template.yaml b/ref-implementation/backstage-templates/entities/app-with-bucket/template.yaml index b1097c2..7627951 100644 --- a/ref-implementation/backstage-templates/entities/app-with-bucket/template.yaml +++ b/ref-implementation/backstage-templates/entities/app-with-bucket/template.yaml @@ -5,7 +5,7 @@ metadata: name: app-with-aws-resources title: Add a Go App with AWS resources spec: - owner: guest + owner: guests type: service parameters: - properties: @@ -111,7 +111,7 @@ spec: argoInstance: in-cluster projectName: default # necessary until we generate our own cert - repoUrl: http://my-gitea-http.gitea.svc.cluster.local:3000/giteaAdmin/${{parameters.name}} + repoUrl: https://cnoe.localtest.me:8443/gitea/giteaAdmin/${{parameters.name}} path: "kustomize/base" - id: register name: Register diff --git a/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/catalog-info.yaml b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/catalog-info.yaml index d517d42..0cf6405 100644 --- a/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/catalog-info.yaml +++ b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/catalog-info.yaml @@ -3,8 +3,9 @@ apiVersion: backstage.io/v1alpha1 kind: Component metadata: name: ${{values.name | dump}} - description: This is for testing purposes + description: This is an example Backstage component representing the use of Argo Workflows and Spark Operator. annotations: + backstage.io/techdocs-ref: dir:. backstage.io/kubernetes-label-selector: 'entity-id=${{values.name}}' backstage.io/kubernetes-namespace: argo argocd/app-name: ${{values.name | dump}} @@ -17,6 +18,23 @@ metadata: title: Repo URL icon: github spec: - owner: guest + owner: guests + lifecycle: experimental + type: service + system: ${{values.name | dump}} +--- +apiVersion: backstage.io/v1alpha1 +kind: System +metadata: + name: ${{values.name | dump}} + description: An example system for demonstration purposes + annotations: + backstage.io/techdocs-ref: dir:. + links: + - url: https://github.com/cnoe-io/stacks/tree/main/ref-implementation + title: CNOE Repo + icon: github +spec: + owner: guests lifecycle: experimental type: service diff --git a/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/argo-workflows.md b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/argo-workflows.md new file mode 100644 index 0000000..1e01c2b --- /dev/null +++ b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/argo-workflows.md @@ -0,0 +1,160 @@ + +[![Security Status](https://github.com/argoproj/argo-workflows/actions/workflows/snyk.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-workflows/actions/workflows/snyk.yml?query=branch%3Amain) +[![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/3830/badge)](https://bestpractices.coreinfrastructure.org/projects/3830) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-workflows/badge)](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-workflows) +[![FOSSA License Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fargoproj%2Fargo-workflows.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fargoproj%2Fargo-workflows?ref=badge_shield) +[![Slack](https://img.shields.io/badge/slack-argoproj-brightgreen.svg?logo=slack)](https://argoproj.github.io/community/join-slack) +[![Twitter Follow](https://img.shields.io/twitter/follow/argoproj?style=social)](https://twitter.com/argoproj) +[![LinkedIn](https://img.shields.io/badge/LinkedIn-argoproj-blue.svg?logo=linkedin)](https://www.linkedin.com/company/argoproj/) +[![Release Version](https://img.shields.io/github/v/release/argoproj/argo-workflows?label=argo-workflows)](https://github.com/argoproj/argo-workflows/releases/latest) +[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo-workflows)](https://artifacthub.io/packages/helm/argo/argo-workflows) + +## What is Argo Workflows? + +Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. +Argo Workflows is implemented as a Kubernetes CRD (Custom Resource Definition). + +* Define workflows where each step is a container. +* Model multi-step workflows as a sequence of tasks or capture the dependencies between tasks using a directed acyclic graph (DAG). +* Easily run compute intensive jobs for machine learning or data processing in a fraction of the time using Argo Workflows on Kubernetes. + +Argo is a [Cloud Native Computing Foundation (CNCF)](https://cncf.io/) graduated project. + +## Use Cases + +* [Machine Learning pipelines](use-cases/machine-learning.md) +* [Data and batch processing](use-cases/data-processing.md) +* [Infrastructure automation](use-cases/infrastructure-automation.md) +* [CI/CD](use-cases/ci-cd.md) +* [Other use cases](use-cases/other.md) + +## Why Argo Workflows? + +* Argo Workflows is the most popular workflow execution engine for Kubernetes. +* Light-weight, scalable, and easier to use. +* Designed from the ground up for containers without the overhead and limitations of legacy VM and server-based environments. +* Cloud agnostic and can run on any Kubernetes cluster. + +[Read what people said in our latest survey](https://blog.argoproj.io/argo-workflows-events-2023-user-survey-results-82c53bc30543) + +## Try Argo Workflows + +You can try Argo Workflows via one of the following: + +1. [Interactive Training Material](https://killercoda.com/argoproj/course/argo-workflows/) +1. [Access the demo environment](https://workflows.apps.argoproj.io/workflows/argo) + +![Screenshot](assets/screenshot.png) + +## Who uses Argo Workflows? + +[About 200+ organizations are officially using Argo Workflows](https://github.com/argoproj/argo-workflows/blob/main/USERS.md) + +## Ecosystem + +Just some of the projects that use or rely on Argo Workflows (complete list [here](https://github.com/akuity/awesome-argo#ecosystem-projects)): + +* [Argo Events](https://github.com/argoproj/argo-events) +* [Couler](https://github.com/couler-proj/couler) +* [Hera](https://github.com/argoproj-labs/hera-workflows) +* [Katib](https://github.com/kubeflow/katib) +* [Kedro](https://kedro.readthedocs.io/en/stable/) +* [Kubeflow Pipelines](https://github.com/kubeflow/pipelines) +* [Netflix Metaflow](https://metaflow.org) +* [Onepanel](https://github.com/onepanelio/onepanel) +* [Orchest](https://github.com/orchest/orchest/) +* [Piper](https://github.com/quickube/piper) +* [Ploomber](https://github.com/ploomber/ploomber) +* [Seldon](https://github.com/SeldonIO/seldon-core) +* [SQLFlow](https://github.com/sql-machine-learning/sqlflow) + +## Client Libraries + +Check out our [Java, Golang and Python clients](client-libraries.md). + +## Quickstart + +* [Get started here](quick-start.md) +* [Walk-through examples](walk-through/index.md) + +## Documentation + +You're here! + +## Features + +An incomplete list of features Argo Workflows provide: + +* UI to visualize and manage Workflows +* Artifact support (S3, Artifactory, Alibaba Cloud OSS, Azure Blob Storage, HTTP, Git, GCS, raw) +* Workflow templating to store commonly used Workflows in the cluster +* Archiving Workflows after executing for later access +* Scheduled workflows using cron +* Server interface with REST API (HTTP and GRPC) +* DAG or Steps based declaration of workflows +* Step level input & outputs (artifacts/parameters) +* Loops +* Parameterization +* Conditionals +* Timeouts (step & workflow level) +* Retry (step & workflow level) +* Resubmit (memoized) +* Suspend & Resume +* Cancellation +* K8s resource orchestration +* Exit Hooks (notifications, cleanup) +* Garbage collection of completed workflow +* Scheduling (affinity/tolerations/node selectors) +* Volumes (ephemeral/existing) +* Parallelism limits +* Daemoned steps +* DinD (docker-in-docker) +* Script steps +* Event emission +* Prometheus metrics +* Multiple executors +* Multiple pod and workflow garbage collection strategies +* Automatically calculated resource usage per step +* Java/Golang/Python SDKs +* Pod Disruption Budget support +* Single-sign on (OAuth2/OIDC) +* Webhook triggering +* CLI +* Out-of-the box and custom Prometheus metrics +* Windows container support +* Embedded widgets +* Multiplex log viewer + +## Community Meetings + +We host monthly community meetings where we and the community showcase demos and discuss the current and future state of the project. Feel free to join us! +For Community Meeting information, minutes and recordings, please [see here](https://bit.ly/argo-wf-cmty-mtng). + +Participation in Argo Workflows is governed by the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md) + +## Community Blogs and Presentations + +* [Awesome-Argo: A Curated List of Awesome Projects and Resources Related to Argo](https://github.com/terrytangyuan/awesome-argo) +* [Automation of Everything - How To Combine Argo Events, Workflows & Pipelines, CD, and Rollouts](https://youtu.be/XNXJtxkUKeY) +* [Argo Workflows and Pipelines - CI/CD, Machine Learning, and Other Kubernetes Workflows](https://youtu.be/UMaivwrAyTA) +* [Argo Ansible role: Provisioning Argo Workflows on OpenShift](https://medium.com/@marekermk/provisioning-argo-on-openshift-with-ansible-and-kustomize-340a1fda8b50) +* [Argo Workflows vs Apache Airflow](http://bit.ly/30YNIvT) +* [CI/CD with Argo on Kubernetes](https://medium.com/@bouwe.ceunen/ci-cd-with-argo-on-kubernetes-28c1a99616a9) +* [Define Your CI/CD Pipeline with Argo Workflows](https://haque-zubair.medium.com/define-your-ci-cd-pipeline-with-argo-workflows-25aefb02fa63) +* [Distributed Machine Learning Patterns from Manning Publication](https://github.com/terrytangyuan/distributed-ml-patterns) +* [Running Argo Workflows Across Multiple Kubernetes Clusters](https://admiralty.io/blog/running-argo-workflows-across-multiple-kubernetes-clusters/) +* [Open Source Model Management Roundup: Polyaxon, Argo, and Seldon](https://www.anaconda.com/blog/developer-blog/open-source-model-management-roundup-polyaxon-argo-and-seldon/) +* [Producing 200 OpenStreetMap extracts in 35 minutes using a scalable data workflow](https://www.interline.io/blog/scaling-openstreetmap-data-workflows/) +* [Argo integration review](http://dev.matt.hillsdon.net/2018/03/24/argo-integration-review.html) +* TGI Kubernetes with Joe Beda: [Argo workflow system](https://www.youtube.com/watch?v=M_rxPPLG8pU&start=859) + +## Project Resources + +* [Argo Project GitHub organization](https://github.com/argoproj) +* [Argo Website](https://argoproj.github.io/) +* [Argo Slack](https://argoproj.github.io/community/join-slack) + +## Security + +See [Security](security.md). + diff --git a/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/images/cnoe-logo.png b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/images/cnoe-logo.png new file mode 100644 index 0000000..63b8f22 Binary files /dev/null and b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/images/cnoe-logo.png differ diff --git a/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/index.md b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/index.md new file mode 100644 index 0000000..6e3003a --- /dev/null +++ b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/index.md @@ -0,0 +1,9 @@ +![cnoe logo](./images/cnoe-logo.png) + +# Example Spark Application + +Thanks for trying out this demo! In this example, we deployed a simple Apache Spark job through Argo Workflows. + +To learn more about Spark Operators, check out [this link](https://github.com/kubeflow/spark-operator) + +To learn more about Argo Workflows, see [this link](https://argoproj.github.io/workflows/) diff --git a/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/spark-operator.md b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/spark-operator.md new file mode 100644 index 0000000..c7ead4e --- /dev/null +++ b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/docs/spark-operator.md @@ -0,0 +1,86 @@ +# Kubeflow Spark Operator + +[![Go Report Card](https://goreportcard.com/badge/github.com/kubeflow/spark-operator)](https://goreportcard.com/report/github.com/kubeflow/spark-operator) + +## What is Spark Operator? + +The Kubernetes Operator for Apache Spark aims to make specifying and running [Spark](https://github.com/apache/spark) applications as easy and idiomatic as running other workloads on Kubernetes. It uses +[Kubernetes custom resources](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/) for specifying, running, and surfacing status of Spark applications. + +## Overview + +For a complete reference of the custom resource definitions, please refer to the [API Definition](docs/api-docs.md). For details on its design, please refer to the [Architecture](https://www.kubeflow.org/docs/components/spark-operator/overview/#architecture). It requires Spark 2.3 and above that supports Kubernetes as a native scheduler backend. + +The Kubernetes Operator for Apache Spark currently supports the following list of features: + +* Supports Spark 2.3 and up. +* Enables declarative application specification and management of applications through custom resources. +* Automatically runs `spark-submit` on behalf of users for each `SparkApplication` eligible for submission. +* Provides native [cron](https://en.wikipedia.org/wiki/Cron) support for running scheduled applications. +* Supports customization of Spark pods beyond what Spark natively is able to do through the mutating admission webhook, e.g., mounting ConfigMaps and volumes, and setting pod affinity/anti-affinity. +* Supports automatic application re-submission for updated `SparkApplication` objects with updated specification. +* Supports automatic application restart with a configurable restart policy. +* Supports automatic retries of failed submissions with optional linear back-off. +* Supports mounting local Hadoop configuration as a Kubernetes ConfigMap automatically via `sparkctl`. +* Supports automatically staging local application dependencies to Google Cloud Storage (GCS) via `sparkctl`. +* Supports collecting and exporting application-level metrics and driver/executor metrics to Prometheus. + +## Project Status + +**Project status:** *beta* + +**Current API version:** *`v1beta2`* + +**If you are currently using the `v1beta1` version of the APIs in your manifests, please update them to use the `v1beta2` version by changing `apiVersion: "sparkoperator.k8s.io/"` to `apiVersion: "sparkoperator.k8s.io/v1beta2"`. You will also need to delete the `previous` version of the CustomResourceDefinitions named `sparkapplications.sparkoperator.k8s.io` and `scheduledsparkapplications.sparkoperator.k8s.io`, and replace them with the `v1beta2` version either by installing the latest version of the operator or by running `kubectl create -f config/crd/bases`.** + +## Prerequisites + +* Version >= 1.13 of Kubernetes to use the [`subresource` support for CustomResourceDefinitions](https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/#subresources), which became beta in 1.13 and is enabled by default in 1.13 and higher. + +* Version >= 1.16 of Kubernetes to use the `MutatingWebhook` and `ValidatingWebhook` of `apiVersion: admissionregistration.k8s.io/v1`. + +## Getting Started + +For getting started with Spark operator, please refer to [Getting Started](https://www.kubeflow.org/docs/components/spark-operator/getting-started/). + +## User Guide + +For detailed user guide and API documentation, please refer to [User Guide](https://www.kubeflow.org/docs/components/spark-operator/user-guide/) and [API Specification](docs/api-docs.md). + +If you are running Spark operator on Google Kubernetes Engine (GKE) and want to use Google Cloud Storage (GCS) and/or BigQuery for reading/writing data, also refer to the [GCP guide](https://www.kubeflow.org/docs/components/spark-operator/user-guide/gcp/). + +## Version Matrix + +The following table lists the most recent few versions of the operator. + +| Operator Version | API Version | Kubernetes Version | Base Spark Version | +| ------------- | ------------- | ------------- | ------------- | +| `v1beta2-1.6.x-3.5.0` | `v1beta2` | 1.16+ | `3.5.0` | +| `v1beta2-1.5.x-3.5.0` | `v1beta2` | 1.16+ | `3.5.0` | +| `v1beta2-1.4.x-3.5.0` | `v1beta2` | 1.16+ | `3.5.0` | +| `v1beta2-1.3.x-3.1.1` | `v1beta2` | 1.16+ | `3.1.1` | +| `v1beta2-1.2.3-3.1.1` | `v1beta2` | 1.13+ | `3.1.1` | +| `v1beta2-1.2.2-3.0.0` | `v1beta2` | 1.13+ | `3.0.0` | +| `v1beta2-1.2.1-3.0.0` | `v1beta2` | 1.13+ | `3.0.0` | +| `v1beta2-1.2.0-3.0.0` | `v1beta2` | 1.13+ | `3.0.0` | +| `v1beta2-1.1.x-2.4.5` | `v1beta2` | 1.13+ | `2.4.5` | +| `v1beta2-1.0.x-2.4.4` | `v1beta2` | 1.13+ | `2.4.4` | + +## Developer Guide + +For developing with Spark Operator, please refer to [Developer Guide](https://www.kubeflow.org/docs/components/spark-operator/developer-guide/). + +## Contributor Guide + +For contributing to Spark Operator, please refer to [Contributor Guide](CONTRIBUTING.md). + +## Community + +* Join the [CNCF Slack Channel](https://www.kubeflow.org/docs/about/community/#kubeflow-slack-channels) and then join `#kubeflow-spark-operator` Channel. +* Check out our blog post [Announcing the Kubeflow Spark Operator: Building a Stronger Spark on Kubernetes Community](https://blog.kubeflow.org/operators/2024/04/15/kubeflow-spark-operator.html). +* Join our monthly community meeting [Kubeflow Spark Operator Meeting Notes](https://bit.ly/3VGzP4n). + +## Adopters + +Check out [adopters of Spark Operator](ADOPTERS.md). + diff --git a/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/mkdocs.yml b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/mkdocs.yml new file mode 100644 index 0000000..ba91633 --- /dev/null +++ b/ref-implementation/backstage-templates/entities/argo-workflows/skeleton/mkdocs.yml @@ -0,0 +1,8 @@ +site_name: 'Argo Spark Example' +nav: + - Home: index.md + - Argo-Workflows: argo-workflows.md + - Apache Spark Operator: spark-operator.md +plugins: + - techdocs-core + diff --git a/ref-implementation/backstage-templates/entities/argo-workflows/template.yaml b/ref-implementation/backstage-templates/entities/argo-workflows/template.yaml index 448b32f..985c97b 100644 --- a/ref-implementation/backstage-templates/entities/argo-workflows/template.yaml +++ b/ref-implementation/backstage-templates/entities/argo-workflows/template.yaml @@ -5,7 +5,7 @@ metadata: name: argo-workflows-basic title: Basic Argo Workflow with a Spark Job spec: - owner: guest + owner: guests type: service parameters: - title: Configuration Options @@ -46,7 +46,7 @@ spec: argoInstance: in-cluster projectName: default # necessary until we generate our own cert - repoUrl: http://my-gitea-http.gitea.svc.cluster.local:3000/giteaAdmin/${{parameters.name}} + repoUrl: https://cnoe.localtest.me:8443/gitea/giteaAdmin/${{parameters.name}} path: "manifests" - id: register name: Register diff --git a/ref-implementation/backstage-templates/entities/basic/mkdocs.yml b/ref-implementation/backstage-templates/entities/basic/mkdocs.yml new file mode 100644 index 0000000..c8ae223 --- /dev/null +++ b/ref-implementation/backstage-templates/entities/basic/mkdocs.yml @@ -0,0 +1,6 @@ +site_name: 'Argo Spark Example' +nav: + - Home: index.md + - idpBuilder: idpbuilder.md +plugins: + - techdocs-core diff --git a/ref-implementation/backstage-templates/entities/basic/skeleton/catalog-info.yaml b/ref-implementation/backstage-templates/entities/basic/skeleton/catalog-info.yaml index cf9b024..c4dec95 100644 --- a/ref-implementation/backstage-templates/entities/basic/skeleton/catalog-info.yaml +++ b/ref-implementation/backstage-templates/entities/basic/skeleton/catalog-info.yaml @@ -3,8 +3,9 @@ apiVersion: backstage.io/v1alpha1 kind: Component metadata: name: ${{values.name | dump}} - description: This is for testing purposes + description: This is a basic example application annotations: + backstage.io/techdocs-ref: dir:. backstage.io/kubernetes-label-selector: 'entity-id=${{values.name}}' backstage.io/kubernetes-namespace: default argocd/app-name: ${{values.name | dump}} @@ -13,6 +14,23 @@ metadata: title: Repo URL icon: github spec: - owner: guest + owner: guests + lifecycle: experimental + type: service + system: ${{values.name | dump}} +--- +apiVersion: backstage.io/v1alpha1 +kind: System +metadata: + name: ${{values.name | dump}} + description: An example system for demonstration purposes + annotations: + backstage.io/techdocs-ref: dir:. + links: + - url: https://github.com/cnoe-io/stacks/tree/main/ref-implementation + title: CNOE Repo + icon: github +spec: + owner: guests lifecycle: experimental type: service diff --git a/ref-implementation/backstage-templates/entities/basic/skeleton/docs/idpbuilder.md b/ref-implementation/backstage-templates/entities/basic/skeleton/docs/idpbuilder.md new file mode 100644 index 0000000..3ec74fb --- /dev/null +++ b/ref-implementation/backstage-templates/entities/basic/skeleton/docs/idpbuilder.md @@ -0,0 +1,46 @@ +[![Codespell][codespell-badge]][codespell-link] +[![E2E][e2e-badge]][e2e-link] +[![Go Report Card][report-badge]][report-link] +[![Commit Activity][commit-activity-badge]][commit-activity-link] + +# IDP Builder + +Internal development platform binary launcher. + +> **WORK IN PROGRESS**: This tool is in a pre-release stage and is under active development. + +## About + +Spin up a complete internal developer platform using industry standard technologies like Kubernetes, Argo, and backstage with only Docker required as a dependency. + +This can be useful in several ways: +* Create a single binary which can demonstrate an IDP reference implementation. +* Use within CI to perform integration testing. +* Use as a local development environment for platform engineers. + +## Getting Started + +Checkout our [documentation website](https://cnoe.io/docs/reference-implementation/installations/idpbuilder) for getting started with idpbuilder. + +## Community + +- If you have questions or concerns about this tool, please feel free to reach out to us on the [CNCF Slack Channel](https://cloud-native.slack.com/archives/C05TN9WFN5S). +- You can also join our community meetings to meet the team and ask any questions. Checkout [this calendar](https://calendar.google.com/calendar/embed?src=064a2adfce866ccb02e61663a09f99147f22f06374e7a8994066bdc81e066986%40group.calendar.google.com&ctz=America%2FLos_Angeles) for more information. + +## Contribution + +Checkout the [contribution doc](./CONTRIBUTING.md) for contribution guidelines and more information on how to set up your local environment. + + + +[codespell-badge]: https://github.com/cnoe-io/idpbuilder/actions/workflows/codespell.yaml/badge.svg +[codespell-link]: https://github.com/cnoe-io/idpbuilder/actions/workflows/codespell.yaml + +[e2e-badge]: https://github.com/cnoe-io/idpbuilder/actions/workflows/e2e.yaml/badge.svg +[e2e-link]: https://github.com/cnoe-io/idpbuilder/actions/workflows/e2e.yaml + +[report-badge]: https://goreportcard.com/badge/github.com/cnoe-io/idpbuilder +[report-link]: https://goreportcard.com/report/github.com/cnoe-io/idpbuilder + +[commit-activity-badge]: https://img.shields.io/github/commit-activity/m/cnoe-io/idpbuilder +[commit-activity-link]: https://github.com/cnoe-io/idpbuilder/pulse diff --git a/ref-implementation/backstage-templates/entities/basic/skeleton/docs/images/cnoe-logo.png b/ref-implementation/backstage-templates/entities/basic/skeleton/docs/images/cnoe-logo.png new file mode 100644 index 0000000..63b8f22 Binary files /dev/null and b/ref-implementation/backstage-templates/entities/basic/skeleton/docs/images/cnoe-logo.png differ diff --git a/ref-implementation/backstage-templates/entities/basic/skeleton/docs/index.md b/ref-implementation/backstage-templates/entities/basic/skeleton/docs/index.md new file mode 100644 index 0000000..6f9f96b --- /dev/null +++ b/ref-implementation/backstage-templates/entities/basic/skeleton/docs/index.md @@ -0,0 +1,11 @@ +![cnoe logo](./images/cnoe-logo.png) + +# Example Basic Application + +Thanks for trying out this demo! In this example, we deployed a simple application. + +### idpbuilder + +Checkout idpbuilder website: https://cnoe.io/docs/reference-implementation/installations/idpbuilder + +Checkout idpbuilder repository: https://github.com/cnoe-io/idpbuilder diff --git a/ref-implementation/backstage-templates/entities/basic/template.yaml b/ref-implementation/backstage-templates/entities/basic/template.yaml index 8b02b37..f75743b 100644 --- a/ref-implementation/backstage-templates/entities/basic/template.yaml +++ b/ref-implementation/backstage-templates/entities/basic/template.yaml @@ -5,7 +5,7 @@ metadata: name: basic title: Create a Basic Deployment spec: - owner: guest + owner: guests type: service parameters: - title: Configuration Options @@ -42,7 +42,7 @@ spec: argoInstance: in-cluster projectName: default # necessary until we generate our own cert - repoUrl: http://my-gitea-http.gitea.svc.cluster.local:3000/giteaAdmin/${{parameters.name}} + repoUrl: https://cnoe.localtest.me:8443/gitea/giteaAdmin/${{parameters.name}} path: "manifests" - id: register name: Register diff --git a/ref-implementation/backstage-templates/entities/catalog-info.yaml b/ref-implementation/backstage-templates/entities/catalog-info.yaml index 5dd49eb..f49a7bb 100644 --- a/ref-implementation/backstage-templates/entities/catalog-info.yaml +++ b/ref-implementation/backstage-templates/entities/catalog-info.yaml @@ -8,3 +8,12 @@ spec: - ./basic/template.yaml - ./argo-workflows/template.yaml - ./app-with-bucket/template.yaml +--- +apiVersion: backstage.io/v1alpha1 +kind: Location +metadata: + name: basic-organization + description: Basic organization data +spec: + targets: + - ./organization/guests.yaml diff --git a/ref-implementation/backstage-templates/entities/organization/guests.yaml b/ref-implementation/backstage-templates/entities/organization/guests.yaml new file mode 100644 index 0000000..b1dddfc --- /dev/null +++ b/ref-implementation/backstage-templates/entities/organization/guests.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: backstage.io/v1alpha1 +kind: User +metadata: + name: guest +spec: + memberOf: [guests] +--- +apiVersion: backstage.io/v1alpha1 +kind: Group +metadata: + name: guests +spec: + type: team + children: [] diff --git a/ref-implementation/backstage/manifests/install.yaml b/ref-implementation/backstage/manifests/install.yaml index fb09407..5cc31a9 100644 --- a/ref-implementation/backstage/manifests/install.yaml +++ b/ref-implementation/backstage/manifests/install.yaml @@ -134,7 +134,7 @@ data: techdocs: builder: 'local' # Alternatives - 'external' generator: - runIn: 'docker' # Alternatives - 'local' + runIn: 'local' publisher: type: 'local' # Alternatives - 'googleGcs' or 'awsS3'. Read documentation for using alternatives. @@ -148,7 +148,6 @@ data: metadataUrl: ${KEYCLOAK_NAME_METADATA} clientId: backstage clientSecret: ${KEYCLOAK_CLIENT_SECRET} - scope: 'openid profile email groups' prompt: auto scaffolder: @@ -167,11 +166,8 @@ data: # Examples from a public GitHub repository. - type: url target: https://cnoe.localtest.me/gitea/giteaAdmin/idpbuilder-localdev-backstage-templates-entities/raw/branch/main/catalog-info.yaml - ## Uncomment these lines to add an example org - # - type: url - # target: https://github.com/backstage/backstage/blob/master/packages/catalog-model/examples/acme-corp.yaml - # rules: - # - allow: [User, Group] + rules: + - allow: [Component, System, API, Resource, Location, Template, User, Group] kubernetes: serviceLocatorMethod: type: 'multiTenant' @@ -235,7 +231,7 @@ metadata: name: backstage namespace: backstage annotations: - argocd.argoproj.io/sync-wave: "10" + argocd.argoproj.io/sync-wave: "20" spec: replicas: 1 selector: @@ -264,7 +260,7 @@ spec: name: gitea-credentials - secretRef: name: argocd-credentials - image: public.ecr.aws/cnoe-io/backstage:rc1 + image: ghcr.io/cnoe-io/backstage-app:9232d633b2698fffa6d0a73b715e06640d170162 name: backstage ports: - containerPort: 7007 @@ -296,6 +292,8 @@ metadata: app: postgresql name: postgresql namespace: backstage + annotations: + argocd.argoproj.io/sync-wave: "10" spec: replicas: 1 selector: diff --git a/ref-implementation/codespaces.md b/ref-implementation/codespaces.md index 06857ec..ba49bbb 100644 --- a/ref-implementation/codespaces.md +++ b/ref-implementation/codespaces.md @@ -30,9 +30,11 @@ Codespaces assigns random hostname to your specific instance. You need to make s Instance host name is available as an environment variable (`CODESPACE_NAME`). Let's use it to setup our host names. Run the following commands to update host name and ports. Port is set to 443 because this is the port used by the browser to access your instance. +Clone the [stacks](https://github.com/cnoe-io/stacks) repo. + ```bash -cd examples/ref-implementation +cd ref-implementation ./replace.sh ${CODESPACE_NAME}-8080.${GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN} 443 @@ -44,7 +46,7 @@ Now you are ready to run idpbuilder with reference implementation. ```bash idpbuilder create --protocol http \ --host ${CODESPACE_NAME}-8080.${GITHUB_CODESPACES_PORT_FORWARDING_DOMAIN} \ - --port 8080 --use-path-routing --package-dir examples/ref-implementation + --port 8080 --use-path-routing --package ref-implementation ``` Once idpbuilder finishes bootstrapping, you should have port 8080 forward in the port tab within Codespaces. diff --git a/ref-implementation/coredns/manifests/cm-coredns.yaml b/ref-implementation/coredns/manifests/cm-coredns.yaml deleted file mode 100644 index 9cf733a..0000000 --- a/ref-implementation/coredns/manifests/cm-coredns.yaml +++ /dev/null @@ -1,33 +0,0 @@ -# the only purpose of this is to resolve external DNS entries such as `redesigned-bassoon-r4jjwpvv99vhx9gp-8080.app.github.dev` to a cluster IP -# normally, `redesigned-bassoon-r4jjwpvv99vhx9gp-8080.app.github.dev` resolves to 127.0.0.1 and thus oidc endpoint configurations cannot be obtained. -# in addition, we need to ensure traffic do not go out of cluster when not necessary. -apiVersion: v1 -kind: ConfigMap -metadata: - name: coredns - namespace: kube-system -data: - Corefile: | - .:53 { - errors - health { - lameduck 5s - } - ready - - rewrite name cnoe.localtest.me ingress-nginx-controller.ingress-nginx.svc.cluster.local - - kubernetes cluster.local in-addr.arpa ip6.arpa { - pods insecure - fallthrough in-addr.arpa ip6.arpa - ttl 30 - } - prometheus :9153 - forward . /etc/resolv.conf { - max_concurrent 1000 - } - cache 30 - loop - reload - loadbalance - } diff --git a/ref-implementation/external-secrets/generate-manifests.sh b/ref-implementation/external-secrets/generate-manifests.sh index 1a26292..64f2f2e 100755 --- a/ref-implementation/external-secrets/generate-manifests.sh +++ b/ref-implementation/external-secrets/generate-manifests.sh @@ -4,9 +4,9 @@ set -e INSTALL_YAML="manifests/install.yaml" CHART_VERSION="0.9.11" -echo "# EXTERNAL SECRETS INSTALL RESOURCES" > ${INSTALL_YAML} -echo "# This file is auto-generated with 'examples/ref-impelmentation/external-secrets/generate-manifests.sh'" >> ${INSTALL_YAML} +echo "# EXTERNAL SECRETS INSTALL RESOURCES" >${INSTALL_YAML} +echo "# This file is auto-generated with 'ref-impelmentation/external-secrets/generate-manifests.sh'" >>${INSTALL_YAML} helm repo add external-secrets --force-update https://charts.external-secrets.io helm repo update -helm template --namespace external-secrets external-secrets external-secrets/external-secrets -f values.yaml --version ${CHART_VERSION} >> ${INSTALL_YAML} +helm template --namespace external-secrets external-secrets external-secrets/external-secrets -f values.yaml --version ${CHART_VERSION} >>${INSTALL_YAML} diff --git a/ref-implementation/images/backstage-templates-spark.png b/ref-implementation/images/backstage-templates-spark.png index 2b0b411..cc5f1b5 100644 Binary files a/ref-implementation/images/backstage-templates-spark.png and b/ref-implementation/images/backstage-templates-spark.png differ diff --git a/ref-implementation/images/backstage-templates.png b/ref-implementation/images/backstage-templates.png index a53f985..e92e5ad 100644 Binary files a/ref-implementation/images/backstage-templates.png and b/ref-implementation/images/backstage-templates.png differ diff --git a/ref-implementation/images/basic-template-flow.png b/ref-implementation/images/basic-template-flow.png index b976202..b333e21 100644 Binary files a/ref-implementation/images/basic-template-flow.png and b/ref-implementation/images/basic-template-flow.png differ diff --git a/ref-implementation/openbao.yaml b/ref-implementation/openbao.yaml new file mode 100644 index 0000000..c30e2dd --- /dev/null +++ b/ref-implementation/openbao.yaml @@ -0,0 +1,27 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: openbao + namespace: argocd + labels: + env: dev +spec: + project: default + syncPolicy: + automated: + selfHeal: true + syncOptions: + - CreateNamespace=true + destination: + name: in-cluster + namespace: openbao + sources: + - repoURL: https://github.com/openbao/openbao-helm.git + path: charts/openbao + targetRevision: HEAD + helm: + valueFiles: + - $values/stacks/core/openbao/values.yaml + - repoURL: https://gitea.cnoe.localtest.me/giteaAdmin/edfbuilder-shoot + targetRevision: HEAD + ref: values diff --git a/ref-implementation/openbao/values.yaml b/ref-implementation/openbao/values.yaml new file mode 100644 index 0000000..623e208 --- /dev/null +++ b/ref-implementation/openbao/values.yaml @@ -0,0 +1,2 @@ +global: + domain: cnoe.localtest.me \ No newline at end of file diff --git a/ref-implementation/replace.sh b/ref-implementation/replace.sh index 365a0c9..e1834e1 100755 --- a/ref-implementation/replace.sh +++ b/ref-implementation/replace.sh @@ -5,8 +5,8 @@ set -e # Check if the new port number is provided as an argument if [ "$#" -ne 2 ]; then - echo "Usage: NEW_HOST NEW_PORT" - exit 1 + echo "Usage: NEW_HOST NEW_PORT" + exit 1 fi # Assign the first script argument to NEW_PORT @@ -16,8 +16,8 @@ NEW_PORT="$2" # Base directory to start from, "." means the current directory CURRENT_DIR=$(echo "${PWD##*/}") if [[ ${CURRENT_DIR} != "ref-implementation" ]]; then - echo "please run this script from the examples/ref-implementation directory" - exit 10 + echo "please run this script from the ref-implementation directory" + exit 10 fi BASE_DIRECTORY="." @@ -28,9 +28,9 @@ find "$BASE_DIRECTORY" -type f -name "*.yaml" -exec sed -i "s/cnoe\.localtest\.m # Remove hostname-port configuration if the new port is 443. Browsers strip 443 but keycloak still expects 443 in url. if [[ ${NEW_PORT} == "443" ]]; then - sed -i "/hostname-port/d" keycloak/manifests/install.yaml - sed -i "/hostname-admin/d" keycloak/manifests/install.yaml - sed -i '0,/:443/{s/:443//}' argo-workflows/manifests/dev/patches/cm-argo-workflows.yaml + sed -i "/hostname-port/d" keycloak/manifests/install.yaml + sed -i "/hostname-admin/d" keycloak/manifests/install.yaml + sed -i '0,/:443/{s/:443//}' argo-workflows/manifests/dev/patches/cm-argo-workflows.yaml fi echo "Replacement complete." diff --git a/terraform-integrations/README.md b/terraform-integrations/README.md index 864b5ae..ce8f561 100644 --- a/terraform-integrations/README.md +++ b/terraform-integrations/README.md @@ -7,8 +7,8 @@ Please use the below command to deploy an IDP reference implementation with an A ```bash idpbuilder create \ --use-path-routing \ - --package-dir https://github.com/cnoe-io/stacks//ref-implementation \ - --package-dir https://github.com/cnoe-io/stacks//terraform-integrations + --package https://github.com/cnoe-io/stacks//ref-implementation \ + --package https://github.com/cnoe-io/stacks//terraform-integrations ``` As you see above, this add-on to `idpbuilder` has a dependency to the [reference implementation](../ref-implementation/). This command primarily does the following: diff --git a/terraform-integrations/fluxcd.yaml b/terraform-integrations/fluxcd.yaml index 1a508a5..6ad5928 100644 --- a/terraform-integrations/fluxcd.yaml +++ b/terraform-integrations/fluxcd.yaml @@ -24,7 +24,7 @@ spec: kustomizeController: create: false notificationController: - create: false + create: true chart: flux2 destination: server: 'https://kubernetes.default.svc' @@ -34,4 +34,4 @@ spec: prune: true selfHeal: true syncOptions: - - CreateNamespace=true \ No newline at end of file + - CreateNamespace=true diff --git a/vcluster-multi-env/README.md b/vcluster-multi-env/README.md new file mode 100644 index 0000000..42dceba --- /dev/null +++ b/vcluster-multi-env/README.md @@ -0,0 +1,41 @@ +# IDP Builder Multi-Environment + +Multi-environment emulation on top of CNOE. + +# Configuring Clusters + +By default, this stack creates two vclusters (staging and production). If you +desire a different configuration you can edit the following list in +`vclusters.yaml`: + +```yaml + generators: + - list: + elements: + - name: staging + - name: production +``` + +# Running + +```bash +# Create CNOE deployment with vcluster-multi-env stack +idpbuilder create -p vcluster-multi-env + +# Enroll vclusters in ArgoCD +./vcluster-multi-env/add-vclusters.sh +``` + +# Using + +Your CNOE ArgoCD should now have a cluster enrolled for each configured +vcluster (staging and production by default). These clusters will have the +following labels for your use: + +```yaml + cnoe.io/vclusterMultiEnv/clusterClass: "app-runtime" + cnoe.io/vclusterMultiEnv/clusterName: "${cluster_name}" +``` + +You may now target them using, for example, an ArgoCD ApplicationSet cluster +generator which matches these labels. diff --git a/vcluster-multi-env/add-vclusters.sh b/vcluster-multi-env/add-vclusters.sh new file mode 100755 index 0000000..78d6d96 --- /dev/null +++ b/vcluster-multi-env/add-vclusters.sh @@ -0,0 +1,48 @@ +#! /bin/bash + +set -eu + +vcluster_app_names=$(kubectl get application -A -l cnoe.io/applicationName=vcluster-package,cnoe.io/stackName=vcluster-multi-env --no-headers -o custom-columns=":metadata.name") +environments=$(echo "$vcluster_app_names" | cut -f 1 -d '-') + +for env in $environments; do + cluster_name=$env + + echo "Checking readiness for ${cluster_name} vcluster..." + + until kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm &> /dev/null; do + echo "Waiting for ${cluster_name} vcluster secret to be ready..." + sleep 10 + done + + echo "${cluster_name} vcluster is ready. Retrieving credentials..." + client_key=$(kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm --template='{{index .data "client-key" }}') + client_certificate=$(kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm --template='{{index .data "client-certificate" }}') + certificate_authority=$(kubectl get secret -n ${cluster_name}-vcluster vc-${cluster_name}-vcluster-helm --template='{{index .data "certificate-authority" }}') + + kubectl apply -f - <