Add twistlock to umbrella

f477649d · joshwolf · 47470b52 · f477649d · f477649d · f477649d
Commit f477649d authored 4 years ago by joshwolf
--- a/chart/templates/twistlock/gitrepository.yaml
+++ b/chart/templates/twistlock/gitrepository.yaml
+{{- if or (not .Values.global.offline) .Values.twistlock.enabled }}
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+  name: {{ .Release.Name }}-twistlock
+  namespace: {{ .Release.Namespace }}
+spec:
+  ignore: |
+    # exclude file extensions
+    /**/*.md
+    /**/*.txt
+    /**/*.sh
+  interval: {{ .Values.global.interval }}
+  ref:
+    branch: {{ .Values.twistlock.git.branch }}
+  url: {{ .Values.twistlock.git.repo }}
+{{- end }}
--- a/chart/templates/twistlock/namespace.yaml
+++ b/chart/templates/twistlock/namespace.yaml
+{{- if .Values.twistlock.enabled }}
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: twistlock
+  labels:
+    namespace: twistlock
+{{- end }}
\ No newline at end of file
--- a/chart/templates/twistlock/twistlock-helmrelease.yaml
+++ b/chart/templates/twistlock/twistlock-helmrelease.yaml
+{{- if .Values.twistlock.enabled }}
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: {{ .Release.Name }}-twistlock
+  namespace: {{ .Release.Namespace }}
+spec:
+  targetNamespace: twistlock
+  chart:
+    spec:
+      chart: chart
+      interval: 5m
+      sourceRef:
+        kind: GitRepository
+        name: {{ .Release.Name }}-twistlock
+        namespace: flux-system
+
+  interval: {{ .Values.interval | default .Values.global.interval }}
+  test:
+    enable: false
+  install:
+    remediation:
+      retries: {{ .Values.global.install.retries }}
+  upgrade:
+    remediation:
+      retries: {{ .Values.global.upgrade.retries }}
+      remediateLastFailure: true
+    cleanupOnFail: true
+  rollback:
+    timeout: {{ .Values.global.rollback.timeout }}
+    cleanupOnFail: {{ .Values.global.rollback.cleanupOnFail }}
+
+  valuesFrom:
+    - name: env-values
+      kind: ConfigMap
+      optional: true
+    - name: env-values
+      kind: Secret
+      optional: true
+
+  values:
+    hostname: {{ .Values.global.hostname }}
+    prometheus:
+      servicemonitor:
+        enabled: true
+
+  dependsOn:
+    - name: {{ .Release.Name }}-gatekeeper
+      namespace: {{ .Release.Namespace }}
+    - name: {{ .Release.Name }}-istio
+      namespace: {{ .Release.Namespace }}
+{{- end }}
\ No newline at end of file
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -18,7 +18,7 @@ istio:
  enabled: true
  git:
    repo: https://repo1.dsop.io/platform-one/big-bang/apps/core/servicemesh.git
-    branch: charts
+    branch: chart-release

 certmanager:
  enabled: true
@@ -30,7 +30,7 @@ gatekeeper:
  enabled: true
  git:
    repo: https://repo1.dsop.io/platform-one/big-bang/apps/core/policy.git
-    branch: chart
+    branch: chart-release

 logging:
  enabled: true
@@ -42,4 +42,10 @@ monitoring:
  enabled: true
  git:
    repo: https://repo1.dsop.io/platform-one/big-bang/apps/core/monitoring.git
-    branch: release-v0.2.x
\ No newline at end of file
+    branch: release-v0.2.x
+
+twistlock:
+  enabled: true
+  git:
+    repo: https://repo1.dsop.io/platform-one/big-bang/apps/security-tools/twistlock.git
+    branch: chart-release