FEAT(goldilocks): add goldilocks from infra

- Move Goldilocks to monitoring repository
- Goldilocks provides VPA recommendations dashboard
- Update repoURL to monitoring.git
- Includes HAProxy ingress for goldilocks0213.kro.kr

goldilocks/argocd/goldilocks.yaml

@@ -0,0 +1,54 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: goldilocks
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+
+  sources:
+    # Helm chart from external repository
+    - repoURL: https://charts.fairwinds.com/stable
+      chart: goldilocks
+      targetRevision: 8.0.2
+      helm:
+        valueFiles:
+          - $values/goldilocks/helm-values/goldilocks.yaml
+    # Values file from Git repository
+    - repoURL: https://gitea0213.kro.kr/bluemayne/monitoring.git
+      targetRevision: main
+      ref: values
+
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: goldilocks
+
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+      allowEmpty: false
+
+    syncOptions:
+      - CreateNamespace=true
+      - PrunePropagationPolicy=foreground
+      - PruneLast=true
+      - RespectIgnoreDifferences=true
+
+    retry:
+      limit: 5
+      backoff:
+        duration: 5s
+        factor: 2
+        maxDuration: 3m
+
+  # Ignore Deployment differences for CPU limits (set to null)
+  ignoreDifferences:
+    - group: apps
+      kind: Deployment
+      jqPathExpressions:
+        - '.spec.template.spec.containers[].resources.limits.cpu'
+
+  revisionHistoryLimit: 10

goldilocks/helm-values/goldilocks.yaml

@@ -0,0 +1,52 @@
+# Goldilocks Helm Values
+# Reference: https://github.com/FairwindsOps/charts/tree/master/stable/goldilocks
+
+# Dashboard configuration
+dashboard:
+  enabled: true
+  replicaCount: 1
+
+  resources:
+    limits:
+      cpu: null
+      memory: 256Mi
+    requests:
+      cpu: 25m
+      memory: 128Mi
+
+  service:
+    type: ClusterIP
+    port: 80
+
+  # Ingress configuration (optional)
+  ingress:
+    enabled: false
+    # Uncomment below to enable ingress
+    # enabled: true
+    # ingressClassName: nginx
+    # hosts:
+    #   - host: goldilocks.example.com
+    #     paths:
+    #       - path: /
+    #         type: Prefix
+
+# Controller configuration
+controller:
+  enabled: true
+
+  resources:
+    limits:
+      cpu: null
+      memory: 256Mi
+    requests:
+      cpu: 25m
+      memory: 128Mi
+
+  # Enable VPA recommendations for all namespaces
+  # Set to false to only monitor namespaces with the label: goldilocks.fairwinds.com/enabled=true
+  enableCostRecommendations: true
+
+# VPA configuration (should already be installed)
+vpa:
+  # Set to false since we're installing VPA separately
+  enabled: false

goldilocks/ingress/goldilocks-dashboard-ingress.yaml

@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: goldilocks-dashboard-ingress
+  namespace: goldilocks
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    haproxy.org/ssl-redirect: "true"
+spec:
+  ingressClassName: haproxy
+  tls:
+    - hosts:
+        - goldilocks0213.kro.kr
+      secretName: goldilocks-dashboard-tls
+  rules:
+    - host: goldilocks0213.kro.kr
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: goldilocks-dashboard
+                port:
+                  number: 80

goldilocks/kustomization.yaml

@@ -0,0 +1,9 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  # ArgoCD Application 리소스는 monitoring/kustomization.yaml에서 관리
+  # - argocd/goldilocks.yaml
+
+  # Goldilocks Dashboard Ingress
+  - ingress/goldilocks-dashboard-ingress.yaml