6fbd92bae5
PERF(tekton): remove CPU limits for stability
...
- Remove CPU limit from tekton-pipelines-webhook
- Remove CPU limit from tekton-pipelines-remote-resolvers
2026-01-12 02:51:10 +09:00
a097eb560e
REFACTOR(argocd): remove nodeSelector for controller
...
- Allow controller to be scheduled on any node
- Removes master node constraint
2026-01-12 02:45:02 +09:00
4bdceb7d17
PERF(argocd): increase repo-server probe timeout to 5s
...
- Increase liveness/readiness probe timeout from 1s to 5s
- Prevents false probe failures under high manifest generation load
2026-01-12 02:22:10 +09:00
6431c855ef
PERF(argocd,gitea): remove CPU limits for stability
...
- Remove CPU limits from all ArgoCD components
- Remove CPU limits from Gitea
- Prevents CPU throttling issues
2026-01-12 02:05:25 +09:00
59a0ed6327
PERF(argocd): increase repo-server CPU limit to 1000m
...
- 500m still caused liveness probe failures under load
- Increase to 1000m for stable manifest generation
2026-01-12 01:40:49 +09:00
1bc778bb11
PERF(argocd): increase repo-server CPU limit to 500m
...
- Previous 168m limit caused liveness probe failures due to throttling
- Increase to 500m to ensure stable operation during manifest generation
2026-01-12 01:33:52 +09:00
be072c84d6
PERF(argocd): increase repo-server CPU limit
...
- Double CPU limit from 84m to 168m to reduce throttling
2026-01-12 01:25:39 +09:00
11a945011f
PERF(gitea): optimize resources via VPA
...
- Set CPU request to 15m, limit to 46m
- Set memory request to 247Mi, limit to 333Mi
2026-01-12 01:07:42 +09:00
a91fe6ab2f
PERF(argocd): optimize resources via VPA
...
- Set controller CPU to 22m/839m, memory to 1388Mi/1861Mi
- Set server CPU to 15m/15m, memory to 163Mi/218Mi
- Set repoServer CPU to 15m/84m, memory to 225Mi/1310Mi
- Set redis CPU to 15m/15m, memory to 100Mi/100Mi
2026-01-12 01:07:37 +09:00
12db0af4cd
PERF(argocd): optimize resources and pin controller to master
...
- Move application-controller to control-plane node
- Adjust CPU request to VPA recommendation (476m)
- Reduce memory request/limit (1700Mi → 1324Mi)
- Update GOMEMLIMIT to 800MiB
- Reduce repo-server memory (1536Mi → 1200Mi)
2026-01-12 00:02:55 +09:00
3ceeb5bfc0
Update gitea-credentials ExternalSecret Vault path
...
Change key from 'gitea' to 'platform/gitea' to match the
new categorized Vault secret structure.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-11 23:08:38 +09:00
010cd38390
Remove duplicate zot-creds.yaml ExternalSecret
...
The zot-registry-credentials ExternalSecret was defined twice in argocd
namespace, causing ArgoCD duplicate resource warning. The image-updater-secret.yaml
already has the correct definition with the new Vault path (storage/zot).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-11 23:03:44 +09:00
2f4ec4ed64
CHORE(gitea-runner): remove gitea-runner component
...
- Delete gitea-runner ArgoCD application and manifests
- Remove kustomization.yaml reference
- Migrate CI/CD to Tekton pipelines
2026-01-11 23:03:22 +09:00
f50497e49e
refactor: update Vault secret paths to new categorized structure
...
- argocd: zot → storage/zot, github → platform/github, gitea → platform/gitea
- gitea-runner: gitea → platform/gitea, zot → storage/zot
- tekton: tekton → platform/tekton, zot → storage/zot
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-11 22:36:27 +09:00
fa8a2dc805
CHORE(repo): add goldilocks labels to namespaces
...
- Add goldilocks label to gitea namespace
- Add goldilocks label to argocd namespace
- Add goldilocks label to tekton-pipelines namespace
2026-01-11 21:10:41 +09:00
81748614ea
FEAT(tekton): add develop branch CI/CD triggers
...
- Add gitea-push-nextjs-dev trigger for jaejadle
- Add gitea-push-fastapi-dev trigger for joossam
- Add nextjs-dev-build-template for -dev deployments
- Add fastapi-dev-build-template for -dev deployments
2026-01-11 21:06:25 +09:00
90f204a0f5
FEAT(tekton): add automatic cleanup for old PipelineRuns
...
- Add CronJob to delete completed PipelineRuns older than 1 hour
- Add 30m timeout to TriggerTemplates
- Prevent resource accumulation in tekton-pipelines namespace
2026-01-11 01:41:21 +09:00
4a1a718060
FIX(tekton): disable prune for dynamic PipelineRuns
...
- Set prune: false to prevent ArgoCD from deleting PipelineRuns
- PipelineRuns/TaskRuns are dynamically created by triggers
- IgnoreExtraneous only affects diff, not prune action
2026-01-11 00:39:20 +09:00
43e8dd9419
FIX(tekton): restore IgnoreExtraneous for dynamic resources
...
- Add compare-options annotation to prevent pruning PipelineRuns
- PipelineRuns/TaskRuns are dynamically created by triggers
2026-01-11 00:38:01 +09:00
39fecb3c5b
FEAT(tekton): add OCI manifest list support for Image Updater
...
- Update buildah task to create OCI manifest list format
- Push images with both :latest and specific tags
- Update all pipelines to use new IMAGE/TAG parameters
- Enable ArgoCD Image Updater digest detection
2026-01-11 00:31:50 +09:00
4ac6b297e5
CHORE(tekton): enable auto-prune for tekton-ci-cd
...
- Enable prune: true to auto-delete orphaned resources
- Add finalizers for proper resource cleanup
- Add PrunePropagationPolicy and PruneLast sync options
- Set revisionHistoryLimit to 10
2026-01-11 00:29:10 +09:00
942bda4ce8
REFACTOR(tekton): migrate from GitHub to Gitea
...
- Rename EventListener from github-listener to gitea-listener
- Rename TriggerBinding from github-push-binding to gitea-push-binding
- Update webhook secret to gitea-webhook-secret
- Rename credentials from github to gitea
- Update Ingress service name to el-gitea-listener
- Update Vault secret paths from github to gitea
2026-01-10 22:25:24 +09:00
7e8ae418fd
FIX(tekton): correct github-credentials secret keys
...
- Change PAT to username and password properties
- Match Vault secret structure used by argocd
2026-01-10 22:17:00 +09:00
4c198278fa
CHORE(tekton): migrate repoURL to Gitea
...
- Update pipeline ArgoCD repoURL to github0213.com
- Update triggers ArgoCD repoURL to github0213.com
- Update dashboard ArgoCD repoURL to github0213.com
- Update ci-cd ArgoCD repoURL to github0213.com
2026-01-10 22:13:03 +09:00
79ba475d5e
FEAT(tekton): add Tekton references to kustomization
...
- Add tekton/pipeline ArgoCD application
- Add tekton/triggers ArgoCD application
- Add tekton/dashboard ArgoCD application
- Add tekton/ci-cd ArgoCD application
2026-01-10 22:11:16 +09:00
7f4e3bff8a
feat: add plain zot credentials for crane
2026-01-10 22:09:49 +09:00
dfa2a0578e
feat: Kaniko 기반 CI/CD 설정
...
- gitea-runner: DinD 제거, Host 모드 전환
- gitea-runner: ServiceAccount, RBAC 추가
- gitea ns: zot-registry-credentials ExternalSecret 추가
- argocd ns: zot-registry-credentials ExternalSecret 추가
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-10 21:15:19 +09:00
625c9c2367
fix(gitea-runner): use Docker-in-Docker sidecar
...
K3S uses containerd, not Docker. Use DinD sidecar container
to provide Docker daemon for the runner.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-10 20:40:29 +09:00
fa63d0f86a
feat: add Gitea credentials and Actions runner
...
- Add gitea-creds ExternalSecret for ArgoCD authentication to Gitea
- Enable Gitea Actions in helm-values.yaml
- Add gitea-runner deployment for CI/CD
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-10 20:38:03 +09:00
5d54ee767a
REFACTOR(argocd): separate image-updater manifests
...
- Move ExternalSecrets to image-updater-manifests folder
- Add manifests source to image-updater Application
- Remove unnecessary ignoreDifferences from argocd
2026-01-10 20:05:43 +09:00
b174afbc0d
FIX(argocd): add ignoreDifferences for API defaults
...
- Ignore ExternalSecret default values from API server
- Ignore ServiceMonitor metric relabelings
2026-01-10 20:03:07 +09:00
e7f97888cc
REFACTOR(cert-manager): move to security repo
...
- Remove cert-manager folder
- Update kustomization references
2026-01-10 19:58:03 +09:00
ad591293f1
CHORE(traefik): disable dashboard
...
- Remove dashboard and api.dashboard settings
- Remove --api.insecure argument
- Keep core settings (DaemonSet, metrics, crossNamespace)
2026-01-10 19:52:46 +09:00
b650c0af56
REFACTOR(argocd): merge priority-classes into argocd
...
- Move priority-classes to argocd/manifests
- Remove separate priority-classes Application
- Simplify platform folder structure
2026-01-10 19:47:30 +09:00
81c42f67e9
REFACTOR(argocd): merge image-updater into argocd
...
- Move image-updater Application to argocd folder
- Move helm-values and secrets to argocd
- Remove separate argocd-image-updater folder
- Update kustomization references
2026-01-10 19:44:02 +09:00
121d5eb198
REFACTOR(gitea): move from applications repo
...
- Add gitea Application manifests
- Update repoURL to reference platform repo
- Include helm-values, kustomization, redirect configs
2026-01-10 19:38:35 +09:00
c31046a322
REFACTOR(traefik): remove control-plane scheduling
...
- Remove tolerations for control-plane taint
- Remove svclb tolerations annotation
- Allow pods to schedule on any available node
2026-01-10 18:35:15 +09:00
737873066d
feat: increase argocd application-controller CPU request to 250m
2026-01-10 18:02:48 +09:00
c38b944a96
REVERT(argocd): restore original resource values
...
- Keep argocd controller at 126m/1700Mi
- Keep argocd server at 15m/138Mi
- Keep argocd repo-server at 15m/1536Mi
2026-01-10 14:44:44 +09:00
d079b8582a
PERF(platform): use 20% memory increase instead of VPA
...
- Update argocd controller memory 1700Mi→2040Mi (+20%)
- Update argocd server memory 138Mi→166Mi (+20%)
- Update argocd repo-server memory 1536Mi→1843Mi (+20%)
- Update cert-manager memory 96Mi→115Mi (+20%)
- Update cert-manager webhook memory 96Mi→115Mi (+20%)
- Update cert-manager cainjector memory 192Mi→230Mi (+20%)
2026-01-10 14:37:21 +09:00
26ca07623e
PERF(platform): adjust resources based on VPA
...
- Update argocd controller cpu 126m→350m, memory 1700Mi→640Mi
- Update argocd server memory 138Mi→121Mi
- Update argocd repo-server cpu 15m→49m, memory 1536Mi→933Mi
- Update argocd-image-updater cpu 10m→15m, memory 64Mi→100Mi
- Update cert-manager cpu 23m→15m, memory 96Mi→100Mi
- Update cert-manager webhook cpu 23m→15m, memory 96Mi→100Mi
- Update cert-manager cainjector cpu 23m→15m, memory 192Mi→237Mi
2026-01-10 14:31:28 +09:00
57ef8ebca1
PERF(cert-manager): reduce replicas to 1
...
- Reduce cert-manager replicas to 1
- Reduce cainjector replicas to 1
- Reduce webhook replicas to 1
2026-01-10 13:31:46 +09:00
187d6aa668
PERF(argocd): increase repo-server memory
...
- Increase memory from 960Mi to 1536Mi
- Prevent OOM during manifest generation
2026-01-10 13:26:40 +09:00
f867b281ff
FIX(priority-classes): correct repoURL
...
- Change repoURL from Mayne0213 to K3S-HOME
2026-01-10 13:18:46 +09:00
52c66f51ae
PERF(argocd): move to workers, add high priority
...
- Remove nodeSelector forcing control-plane placement
- Remove tolerations from ArgoCD and image-updater
- Add high-priority PriorityClass
2026-01-10 13:14:07 +09:00
c9eb7e69f6
PERF(repo): add PriorityClasses for workloads
...
- Create high-priority (1000) for critical infra
- Create medium-priority (500) for observability
- Create low-priority (100) as global default
2026-01-10 13:13:01 +09:00
00cdc2efb1
REVERT(telepresence): remove Telepresence installation
...
- Delete telepresence folder and all configurations
- Remove from kustomization.yaml
- Decided to use local database instead
2026-01-10 03:53:54 +09:00
98d340f7eb
CHORE(telepresence): upgrade to OSS chart v2.25.2
...
- Switch from datawire commercial to telepresence-oss chart
- Use OCI registry ghcr.io/telepresenceio
- Update helm values for OSS chart compatibility
2026-01-10 03:48:23 +09:00
53b8494b6f
FIX(telepresence): set Helm release name to traffic-manager
...
- Telepresence chart requires release name to be traffic-manager
- Add releaseName field to helm configuration
2026-01-10 03:40:12 +09:00
03ca19b771
feat(argocd): enable ServiceMonitor for metrics collection
...
- Add serviceMonitor.enabled: true to controller, server, repoServer
- Allows Prometheus to scrape ArgoCD metrics
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com >
2026-01-10 03:36:29 +09:00
