Merge branch 'master' of gitlab.brainfood.com:brainfood/k8s-helmfiles

Adam Heath
Showing 7 changed files with 55 additions and 30 deletions
cert-manager/charts/root-ca/kustomization.yaml
cert-manager/charts/root-ca/root-ca.yaml
cert-manager/environments/default-values.yaml
cert-manager/helmfile.yaml
keycloak-operator/helmfile.yaml
postgres-operator/environments/default-values.yaml
postgres-operator/helmfile.yaml
--- a/cert-manager/charts/root-ca/kustomization.yaml 0 → 100644
View file @55d9ad7
+++ b/cert-manager/charts/root-ca/kustomization.yaml 0 → 100644
View file @55d9ad7
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - root-ca.yaml
--- a/cert-manager/charts/root-ca/root-ca.yaml 0 → 100644
View file @55d9ad7
+++ b/cert-manager/charts/root-ca/root-ca.yaml 0 → 100644
View file @55d9ad7
+apiVersion: v1
+kind: Secret
+metadata:
+  name: root-ca
+  namespace: cert-manager
+data:
+---
--- a/cert-manager/environments/default-values.yaml
View file @55d9ad7
+++ b/cert-manager/environments/default-values.yaml
View file @55d9ad7
@@ -10,5 +10,4 @@ clusterIssuer:
 root-ca:
  crt: null
  key: null
-version:
-  raw: 1.1.0
+version: {}
--- a/cert-manager/helmfile.yaml
View file @55d9ad7
+++ b/cert-manager/helmfile.yaml
View file @55d9ad7
@@ -4,22 +4,13 @@ bases:
 repositories:
  - name: jetstack
    url: https://charts.jetstack.io
-  - name: bedag
-    url: https://bedag.github.io/helm-charts/

 ---
 releases:
-  - name: cert-manager
-    chart: jetstack/cert-manager
+  - name: root-ca
+    chart: charts/root-ca
    namespace: cert-manager
-    dependencies:
-      - chart: bedag/raw
-        alias: root-ca
-        version: {{ $.Values.version.raw }}
-    values:
-      - installCRDs: true
-      - root-ca:
-          resources:
+    strategicMergePatches:
      - apiVersion: v1
        kind: Secret
        metadata:
@@ -31,6 +22,12 @@ releases:
          ca.crt: {{ .Values | get "root-ca.crt" }}
          ca.key: {{ .Values | get "root-ca.key" }}

+  - name: cert-manager
+    chart: jetstack/cert-manager
+    namespace: cert-manager
+    values:
+      - installCRDs: true
+
  - name: cluster-issuer
    chart: charts/cluster-issuer
    disableValidationOnInstall: true
--- a/keycloak-operator/helmfile.yaml
View file @55d9ad7
+++ b/keycloak-operator/helmfile.yaml
View file @55d9ad7
@@ -21,7 +21,7 @@ releases:
            path: /spec/template/spec/containers/0/env/-
            value:
              name: QUARKUS_OPERATOR_SDK_NAMESPACES
-              value: {{ .Values.watchNamespaces }}
+              value: {{ .Values.watchNamespaces | quote }}
      - target:
          kind: Role
          name: keycloak-operator-role
--- a/postgres-operator/environments/default-values.yaml
View file @55d9ad7
+++ b/postgres-operator/environments/default-values.yaml
View file @55d9ad7
 namespace: postgres-operator
 backup:
+  logical:
    provider: s3
+    sse: "AES256"
+    s3:
+      endpoint: ""
+  schedule: "00 12 * * *"
+  num_to_retain: "5"
  s3:
    access_key_id: ""
    secret_access_key: ""
+    force_path_style: false
    bucket: ""
    region: ""
    endpoint: ""
-    sse: "AES256"
-    wale:
-      endpoint: ""
-      storage_class: STANDARD
-
+  walg:
+    disable_sse: false
--- a/postgres-operator/helmfile.yaml
View file @55d9ad7
+++ b/postgres-operator/helmfile.yaml
View file @55d9ad7
@@ -18,12 +18,25 @@ releases:
          name: postgres-extra-config
          namespace: {{ .Values.namespace }}
        data:
+          BACKUP_SCHEDULE: {{ .Values.backup.schedule | quote }}
+          BACKUP_NUM_TO_RETAIN: {{ .Values.backup.num_to_retain | quote }}
+
+          AWS_ENDPOINT: {{ .Values.backup.s3.endpoint }}
          AWS_ACCESS_KEY_ID: {{ .Values.backup.s3.access_key_id }}
          AWS_SECRET_ACCESS_KEY: {{ .Values.backup.s3.secret_access_key }}
          AWS_REGION: {{ .Values.backup.s3.region }}
-          USE_WALE_BACKUP: "true"
-          WALE_S3_ENDPOINT: {{ .Values.backup.s3.wale.endpoint }}
-          WALE_S3_STORAGE_CLASS: {{ .Values.backup.s3.wale.storage_class }}
+          AWS_S3_FORCE_PATH_STYLE: {{ .Values.backup.s3.force_path_style | quote }}
+
+          USE_WALG_BACKUP: "true"
+          USE_WALG_RESTORE: "true"
+          WAL_S3_BUCKET: {{ .Values.backup.s3.bucket }}
+          WALG_DISABLE_S3_SSE: {{ .Values.backup.walg.disable_sse | quote }}
+
+          CLONE_METHOD: CLONE_WITH_WALG
+          CLONE_AWS_REGION: {{ .Values.backup.s3.region }}
+          CLONE_AWS_ACCESS_KEY_ID: {{ .Values.backup.s3.access_key_id }}
+          CLONE_AWS_SECRET_ACCESS_KEY: {{ .Values.backup.s3.secret_access_key }}
+          CLONE_AWS_S3_FORCE_PATH_STYLE: {{ .Values.backup.s3.force_path_style | quote }}

  - name: postgres-operator
    namespace: {{ .Values.namespace }}
@@ -31,13 +44,13 @@ releases:
    disableValidation: true
    values:
      - configLogicalBackup:
-          logical_backup_provider: {{ .Values.backup.provider }}
-          logical_backup_s3_access_key_id: {{ .Values.backup.s3.access_key_id }}
-          logical_backup_s3_bucket: {{ .Values.backup.s3.bucket }}
-          logical_backup_s3_region: {{ .Values.backup.s3.region }}
-          logical_backup_s3_endpoint: {{ .Values.backup.s3.endpoint }}
-          logical_backup_s3_secret_access_key: {{ .Values.backup.s3.secret_access_key }}
-          logical_backup_s3_sse: {{ .Values.backup.s3.sse }}
+          logical_backup_provider: {{ .Values.backup.logical.provider }}
+          logical_backup_s3_endpoint: {{ .Values.backup | get "logical.s3.endpoint" ( .Values.backup | get "s3.endpoint" "" ) }}
+          logical_backup_s3_access_key_id: {{ .Values.backup | get "logical.s3.access_key_id" .Values.backup.s3.access_key_id }}
+          logical_backup_s3_secret_access_key: {{ .Values.backup | get "logical.s3.secret_access_key" .Values.backup.s3.secret_access_key }}
+          logical_backup_s3_bucket: {{ .Values.backup | get "logical.s3.bucket" .Values.backup.s3.bucket }}
+          logical_backup_s3_region: {{ .Values.backup | get "logical.s3.region" ( .Values.backup | get "s3.region" "" ) }}
+          logical_backup_s3_sse: {{ .Values.backup | get "logical.s3.sse" ( .Values.backup | get "s3.sse" "" ) }}
        configAwsOrGcp:
          wal_s3_bucket: {{ .Values.backup.s3.bucket }}
        configKubernetes: