From ef3185a8fff17077a5966b96300cdbd5603baa62 Mon Sep 17 00:00:00 2001 From: Asara Date: Tue, 10 Dec 2024 03:23:13 +0000 Subject: [PATCH] post-fail fixes pt.1 --- argo/apps/values.yaml | 2 +- helm/forgejo/install.sh | 2 +- helm/forgejo/pv.yaml | 38 ++++++++++++++++++++++++++ helm/forgejo/pvc.yaml | 1 + helm/longhorn/install.sh | 2 +- scripts/vault-config-operator-vault.sh | 2 +- 6 files changed, 43 insertions(+), 4 deletions(-) create mode 100644 helm/forgejo/pv.yaml diff --git a/argo/apps/values.yaml b/argo/apps/values.yaml index caf025e..fbc856b 100644 --- a/argo/apps/values.yaml +++ b/argo/apps/values.yaml @@ -29,7 +29,7 @@ helmApps: namespace: prometheus repoURL: https://prometheus-community.github.io/helm-charts chart: kube-prometheus-stack - revision: 65.6.0 + revision: 66.3.0 - app: goldpinger namespace: goldpinger repoURL: https://okgolove.github.io/helm-charts diff --git a/helm/forgejo/install.sh b/helm/forgejo/install.sh index c2c474f..04153ee 100755 --- a/helm/forgejo/install.sh +++ b/helm/forgejo/install.sh @@ -1,6 +1,6 @@ #!/bin/bash -CHART_VERSION=8.1.0 +CHART_VERSION=10.1.1 NAMESPACE=gitea VAULT_AUTH_NAMESPACE="k8s-teapot" diff --git a/helm/forgejo/pv.yaml b/helm/forgejo/pv.yaml new file mode 100644 index 0000000..20d7f37 --- /dev/null +++ b/helm/forgejo/pv.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + annotations: + longhorn.io/volume-scheduling-error: "" + pv.kubernetes.io/provisioned-by: driver.longhorn.io + volume.kubernetes.io/provisioner-deletion-secret-name: longhorn-encryption + volume.kubernetes.io/provisioner-deletion-secret-namespace: longhorn-system + name: pvc-04e95cac-441e-4cd8-afbb-670ab8ba4c4d +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 20Gi + claimRef: + apiVersion: v1 + kind: PersistentVolumeClaim + name: data-gitea-0 + namespace: gitea + csi: + driver: driver.longhorn.io + fsType: ext4 + nodePublishSecretRef: + name: longhorn-encryption + namespace: longhorn-system + nodeStageSecretRef: + name: longhorn-encryption + namespace: longhorn-system + volumeAttributes: + encrypted: "true" + fromBackup: "" + fsType: ext4 + numberOfReplicas: "3" + staleReplicaTimeout: "120" + volumeHandle: pvc-04e95cac-441e-4cd8-afbb-670ab8ba4c4d + persistentVolumeReclaimPolicy: Retain + storageClassName: longhorn-encrypted-retain + volumeMode: Filesystem diff --git a/helm/forgejo/pvc.yaml b/helm/forgejo/pvc.yaml index a6cd712..d0d3bc8 100644 --- a/helm/forgejo/pvc.yaml +++ b/helm/forgejo/pvc.yaml @@ -10,3 +10,4 @@ spec: resources: requests: storage: 20Gi + volumeName: pvc-04e95cac-441e-4cd8-afbb-670ab8ba4c4d diff --git a/helm/longhorn/install.sh b/helm/longhorn/install.sh index 2308ed8..865e4e7 100755 --- a/helm/longhorn/install.sh +++ b/helm/longhorn/install.sh @@ -1,7 +1,7 @@ #!/bin/bash CHART_VERSION=1.7.2 -#helm repo add longhorn https://charts.longhorn.io +helm repo add longhorn https://charts.longhorn.io helm repo update helm upgrade --install \ longhorn \ diff --git a/scripts/vault-config-operator-vault.sh b/scripts/vault-config-operator-vault.sh index 86280f6..041bf4a 100755 --- a/scripts/vault-config-operator-vault.sh +++ b/scripts/vault-config-operator-vault.sh @@ -18,7 +18,7 @@ vault policy write vault-config-operator vault-config-operator.hcl rm vault-config-operator.hcl HOST_IP=$(ip addr show eth0 | grep -Po 'inet \K[\d.]+') -TOKEN="$(kubectl get secret serviceaccounttoken -n ${NAMESPACE} -o go-template='{{ .data.token }}' | base64 -d)" +TOKEN="$(kubectl get secret serviceaccounttoken -n vco -o go-template='{{ .data.token }}' | base64 -d)" vault write auth/${VAULT_AUTH_NAMESPACE}/role/vault-config-operator \ bound_service_account_names=vault-config-operator,controller-manager,default \