UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Normal view Permalink
gotk-components.yaml 191 KiB
Newer Older
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4001 4002 
            memory: 1Gi
          requests:
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4003 4004 
            cpu: 100m
            memory: 64Mi
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4005 4006 
        securityContext:
          allowPrivilegeEscalation: false
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4007 4008 4009 
          capabilities:
            drop:
            - ALL
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4010 
          readOnlyRootFilesystem: true
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4011 4012 4013 
          runAsNonRoot: true
          seccompProfile:
            type: RuntimeDefault
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4014 4015 4016 
        volumeMounts:
        - mountPath: /tmp
          name: temp
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4017 4018 
      nodeSelector:
        kubernetes.io/os: linux
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4019 4020 4021 4022 4023 4024 4025 4026 
      serviceAccountName: helm-controller
      terminationGracePeriodSeconds: 600
      volumes:
      - emptyDir: {}
        name: temp
---
apiVersion: apps/v1
kind: Deployment
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4027 4028 4029 
metadata:
  labels:
    app.kubernetes.io/instance: flux-system
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4030 
    app.kubernetes.io/part-of: flux
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4031 
    app.kubernetes.io/version: v0.27.3
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4032 
    control-plane: controller
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4033 
  name: kustomize-controller
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4034 4035 
  namespace: flux-system
spec:
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4036 
  replicas: 1
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4037 
  selector:
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4038 4039 4040 4041 4042 4043 4044 4045 4046 4047 4048 4049 
    matchLabels:
      app: kustomize-controller
  template:
    metadata:
      annotations:
        prometheus.io/port: "8080"
        prometheus.io/scrape: "true"
      labels:
        app: kustomize-controller
    spec:
      containers:
      - args:
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4050 4051 
        - --events-addr=http://notification-controller.flux-system.svc.cluster.local/
        - --watch-all-namespaces=true
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4052 4053 4054 4055 4056 4057 4058 4059 
        - --log-level=info
        - --log-encoding=json
        - --enable-leader-election
        env:
        - name: RUNTIME_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4060 
        image: ghcr.io/fluxcd/kustomize-controller:v0.21.1
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4061 4062 4063 4064 4065 4066 4067 
        imagePullPolicy: IfNotPresent
        livenessProbe:
          httpGet:
            path: /healthz
            port: healthz
        name: manager
        ports:
runyontr's avatar
update flux to latest versions  
runyontr committed
4068 4069 
        - containerPort: 8080
          name: http-prom
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4070 
          protocol: TCP
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4071 4072 4073 4074 4075 4076 4077 4078 4079 4080 4081 4082 
        - containerPort: 9440
          name: healthz
          protocol: TCP
        readinessProbe:
          httpGet:
            path: /readyz
            port: healthz
        resources:
          limits:
            cpu: 1000m
            memory: 1Gi
          requests:
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4083 4084 
            cpu: 100m
            memory: 64Mi
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4085 4086 
        securityContext:
          allowPrivilegeEscalation: false
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4087 4088 4089 
          capabilities:
            drop:
            - ALL
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4090 
          readOnlyRootFilesystem: true
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4091 4092 4093 
          runAsNonRoot: true
          seccompProfile:
            type: RuntimeDefault
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4094 4095 4096 
        volumeMounts:
        - mountPath: /tmp
          name: temp
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4097 4098 
      nodeSelector:
        kubernetes.io/os: linux
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4099 4100 4101 4102 4103 4104 4105 
      securityContext:
        fsGroup: 1337
      serviceAccountName: kustomize-controller
      terminationGracePeriodSeconds: 60
      volumes:
      - emptyDir: {}
        name: temp
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4106 4107 4108 4109 4110 4111 
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/instance: flux-system
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4112 
    app.kubernetes.io/part-of: flux
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4113 
    app.kubernetes.io/version: v0.27.3
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4114 4115 4116 4117 4118 4119 4120 4121 4122 4123 4124 4125 4126 4127 4128 4129 4130 4131 
    control-plane: controller
  name: notification-controller
  namespace: flux-system
spec:
  replicas: 1
  selector:
    matchLabels:
      app: notification-controller
  template:
    metadata:
      annotations:
        prometheus.io/port: "8080"
        prometheus.io/scrape: "true"
      labels:
        app: notification-controller
    spec:
      containers:
      - args:
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4132 
        - --watch-all-namespaces=true
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4133 
        - --log-level=info
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4134 
        - --log-encoding=json
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4135 4136 4137 4138 4139 4140 
        - --enable-leader-election
        env:
        - name: RUNTIME_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4141 
        image: ghcr.io/fluxcd/notification-controller:v0.22.2
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4142 4143 4144 
        imagePullPolicy: IfNotPresent
        livenessProbe:
          httpGet:
Jeff McCoy's avatar
Bump flux v0.2.4 -> v0.4.0  
Jeff McCoy committed
4145 4146 
            path: /healthz
            port: healthz
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4147 4148 4149 4150 
        name: manager
        ports:
        - containerPort: 9090
          name: http
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4151 
          protocol: TCP
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4152 4153 
        - containerPort: 9292
          name: http-webhook
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4154 
          protocol: TCP
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4155 4156 
        - containerPort: 8080
          name: http-prom
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4157 
          protocol: TCP
runyontr's avatar
update flux to latest versions  
runyontr committed
4158 4159 4160 
        - containerPort: 9440
          name: healthz
          protocol: TCP
Jeff McCoy's avatar
Bump flux v0.2.4 -> v0.4.0  
Jeff McCoy committed
4161 4162 4163 4164 
        readinessProbe:
          httpGet:
            path: /readyz
            port: healthz
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4165 4166 4167 4168 4169 
        resources:
          limits:
            cpu: 1000m
            memory: 1Gi
          requests:
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4170 4171 
            cpu: 100m
            memory: 64Mi
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4172 4173 
        securityContext:
          allowPrivilegeEscalation: false
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4174 4175 4176 
          capabilities:
            drop:
            - ALL
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4177 
          readOnlyRootFilesystem: true
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4178 4179 4180 
          runAsNonRoot: true
          seccompProfile:
            type: RuntimeDefault
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4181 4182 4183 
        volumeMounts:
        - mountPath: /tmp
          name: temp
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4184 4185 
      nodeSelector:
        kubernetes.io/os: linux
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4186 
      serviceAccountName: notification-controller
runyontr's avatar
Deploy flux with iron bank images
runyontr committed
4187 4188 4189 4190 4191 
      terminationGracePeriodSeconds: 10
      volumes:
      - emptyDir: {}
        name: temp
---
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4192 4193 4194 4195 4196 
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/instance: flux-system
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4197 
    app.kubernetes.io/part-of: flux
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4198 
    app.kubernetes.io/version: v0.27.3
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4199 4200 4201 4202 4203 4204 4205 4206 4207 4208 4209 4210 4211 4212 4213 4214 4215 4216 4217 4218 
    control-plane: controller
  name: source-controller
  namespace: flux-system
spec:
  replicas: 1
  selector:
    matchLabels:
      app: source-controller
  strategy:
    type: Recreate
  template:
    metadata:
      annotations:
        prometheus.io/port: "8080"
        prometheus.io/scrape: "true"
      labels:
        app: source-controller
    spec:
      containers:
      - args:
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4219 4220 
        - --events-addr=http://notification-controller.flux-system.svc.cluster.local/
        - --watch-all-namespaces=true
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4221 4222 4223 4224 4225 4226 4227 4228 4229 4230 
        - --log-level=info
        - --log-encoding=json
        - --enable-leader-election
        - --storage-path=/data
        - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local.
        env:
        - name: RUNTIME_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
bigbang bot's avatar
chore(deps): update flux docker tags  
bigbang bot committed
4231 
        image: ghcr.io/fluxcd/source-controller:v0.21.2
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4232 4233 4234 4235 4236 4237 4238 4239 4240 
        imagePullPolicy: IfNotPresent
        livenessProbe:
          httpGet:
            path: /healthz
            port: healthz
        name: manager
        ports:
        - containerPort: 9090
          name: http
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4241 
          protocol: TCP
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4242 4243 
        - containerPort: 8080
          name: http-prom
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4244 
          protocol: TCP
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4245 4246 
        - containerPort: 9440
          name: healthz
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4247 
          protocol: TCP
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4248 4249 4250 4251 4252 4253 4254 4255 4256 
        readinessProbe:
          httpGet:
            path: /
            port: http
        resources:
          limits:
            cpu: 1000m
            memory: 1Gi
          requests:
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4257 4258 
            cpu: 50m
            memory: 64Mi
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4259 4260 
        securityContext:
          allowPrivilegeEscalation: false
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4261 4262 4263 
          capabilities:
            drop:
            - ALL
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4264 
          readOnlyRootFilesystem: true
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4265 4266 4267 
          runAsNonRoot: true
          seccompProfile:
            type: RuntimeDefault
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4268 4269 4270 4271 4272 
        volumeMounts:
        - mountPath: /data
          name: data
        - mountPath: /tmp
          name: tmp
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4273 4274 
      nodeSelector:
        kubernetes.io/os: linux
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4275 4276 4277 4278 4279 4280 4281 4282 4283 4284 4285 4286 4287 4288 4289 
      securityContext:
        fsGroup: 1337
      serviceAccountName: source-controller
      terminationGracePeriodSeconds: 10
      volumes:
      - emptyDir: {}
        name: data
      - emptyDir: {}
        name: tmp
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  labels:
    app.kubernetes.io/instance: flux-system
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4290 
    app.kubernetes.io/part-of: flux
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4291 
    app.kubernetes.io/version: v0.27.3
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4292 
  name: allow-egress
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4293 4294 
  namespace: flux-system
spec:
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4295 4296 
  egress:
  - {}
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4297 4298 
  ingress:
  - from:
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4299 
    - podSelector: {}
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4300 4301 4302 
  podSelector: {}
  policyTypes:
  - Ingress
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4303 
  - Egress
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4304 4305 4306 4307 4308 4309 
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  labels:
    app.kubernetes.io/instance: flux-system
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4310 
    app.kubernetes.io/part-of: flux
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4311 
    app.kubernetes.io/version: v0.27.3
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4312 
  name: allow-scraping
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4313 4314 4315 4316 4317 
  namespace: flux-system
spec:
  ingress:
  - from:
    - namespaceSelector: {}
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4318 4319 4320 4321 
    ports:
    - port: 8080
      protocol: TCP
  podSelector: {}
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4322 4323 4324 4325 4326 4327 4328 4329 
  policyTypes:
  - Ingress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  labels:
    app.kubernetes.io/instance: flux-system
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4330 
    app.kubernetes.io/part-of: flux
bigbang bot's avatar
Update Flux Docker tags  
bigbang bot committed
4331 
    app.kubernetes.io/version: v0.27.3
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4332 
  name: allow-webhooks
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4333 4334 4335 4336 
  namespace: flux-system
spec:
  ingress:
  - from:
ablanchard's avatar
Updated flux install script to use a kustomization.  
ablanchard committed
4337 4338 4339 4340 
    - namespaceSelector: {}
  podSelector:
    matchLabels:
      app: notification-controller
runyontr's avatar
upgrade to flux 0.7.x  
runyontr committed
4341 4342 
  policyTypes:
  - Ingress
Show full blame

UNCLASSIFIED - NO CUI