REFACTOR(obs): integrate ingress to helm-values

- alertmanager: move ingress to karma inline, servicemonitor to manifests
- goldilocks: move ingress to helm-values
- grafana: move ingress to helm-values
- uptime-kuma: move ingress to helm-values

alertmanager/argocd.yaml

@@ -91,6 +91,21 @@ spec:
           httpGet:
             path: /health
             port: http
+
+        ingress:
+          enabled: true
+          ingressClassName: traefik
+          annotations:
+            cert-manager.io/cluster-issuer: letsencrypt-prod
+            traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
+          hosts:
+            - karma0213.kro.kr
+          path: /
+          pathType: Prefix
+          tls:
+            - secretName: karma-tls
+              hosts:
+                - karma0213.kro.kr
   destination:
     server: https://kubernetes.default.svc
     namespace: alertmanager

alertmanager/ingress.yaml

@@ -1,25 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: karma-ingress
-  namespace: alertmanager
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
-spec:
-  ingressClassName: traefik
-  tls:
-    - hosts:
-        - karma0213.kro.kr
-      secretName: karma-tls
-  rules:
-    - host: karma0213.kro.kr
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: karma
-                port:
-                  number: 8080

alertmanager/kustomization.yaml

@@ -1,6 +1,5 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ingress.yaml
+- manifests/servicemonitor.yaml
-  - servicemonitor.yaml
 - vault/alertmanager-secrets.yaml

goldilocks/helm-values.yaml

@@ -18,17 +18,21 @@ dashboard:
     type: ClusterIP
     port: 80
 
-  # Ingress configuration (optional)
   ingress:
-    enabled: false
+    enabled: true
-    # Uncomment below to enable ingress
+    ingressClassName: traefik
-    # enabled: true
+    annotations:
-    # ingressClassName: nginx
+      cert-manager.io/cluster-issuer: letsencrypt-prod
-    # hosts:
+      traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
-    #   - host: goldilocks.example.com
+    hosts:
-    #     paths:
+      - host: goldilocks0213.kro.kr
-    #       - path: /
+        paths:
-    #         type: Prefix
+          - path: /
+            type: Prefix
+    tls:
+      - secretName: goldilocks-dashboard-tls
+        hosts:
+          - goldilocks0213.kro.kr
 
 # Controller configuration
 controller:

goldilocks/ingress.yaml

@@ -1,25 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: goldilocks-dashboard-ingress
-  namespace: goldilocks
-  annotations:
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
-    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
-spec:
-  ingressClassName: traefik
-  tls:
-    - hosts:
-        - goldilocks0213.kro.kr
-      secretName: goldilocks-dashboard-tls
-  rules:
-    - host: goldilocks0213.kro.kr
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: goldilocks-dashboard
-                port:
-                  number: 80

goldilocks/kustomization.yaml

@@ -1,4 +1,3 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-resources:
+resources: []
-- ingress.yaml

grafana/helm-values.yaml

@@ -72,3 +72,18 @@ grafana.ini:
     disable_signout_menu: true
   news:
     news_feed_enabled: false
+
+ingress:
+  enabled: true
+  ingressClassName: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
+  hosts:
+    - grafana0213.kro.kr
+    - www.grafana0213.kro.kr
+  tls:
+    - secretName: grafana-tls
+      hosts:
+        - grafana0213.kro.kr
+        - www.grafana0213.kro.kr

grafana/ingress.yaml

@@ -1,37 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: grafana-ingress
-  namespace: grafana
-  annotations:
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
-    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
-spec:
-  ingressClassName: traefik
-  # TLS 설정
-  tls:
-  - hosts:
-    - grafana0213.kro.kr
-    - www.grafana0213.kro.kr
-    secretName: grafana-tls
-  rules:
-    - host: grafana0213.kro.kr
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: grafana
-                port:
-                  number: 80
-    - host: www.grafana0213.kro.kr
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: grafana
-                port:
-                  number: 80

grafana/kustomization.yaml

@@ -2,7 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - vault/grafana-admin-password.yaml
-- ingress.yaml
-
-# Dashboard JSON files are stored in dashboards/ for manual import reference
-# Auto-provisioning disabled due to ConfigMap size limits

uptime-kuma/helm-values.yaml

@@ -30,3 +30,19 @@ serviceMonitor:
   enabled: true
   namespace: prometheus
   interval: 60s
+
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
+  hosts:
+    - host: kuma0213.kro.kr
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: uptime-kuma-tls
+      hosts:
+        - kuma0213.kro.kr

uptime-kuma/ingress.yaml

@@ -1,25 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: uptime-kuma-ingress
-  namespace: uptime-kuma
-  annotations:
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
-    traefik.ingress.kubernetes.io/router.middlewares: authelia-authelia-auth@kubernetescrd
-spec:
-  ingressClassName: traefik
-  tls:
-  - hosts:
-    - kuma0213.kro.kr
-    secretName: uptime-kuma-tls
-  rules:
-    - host: kuma0213.kro.kr
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: uptime-kuma
-                port:
-                  number: 3001

uptime-kuma/kustomization.yaml

@@ -1,5 +1,3 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-
+resources: []
-resources:
-  - ingress.yaml