K3S-HOME/security
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

REFACTOR(repo): security repo structure

Browse Source 
- Add application.yaml for ArgoCD app-of-apps
- Add kustomization.yaml with security components
- Add renovate.json for automated updates
- Update all component argocd.yaml repoURLs to security repo

Components: authelia, vault, external-secrets, falco, trivy
This commit is contained in:
Mayne0213
2026-01-04 19:57:03 +09:00
parent 27ba06b750
commit 321685822f
8 changed files with 78 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
application.yaml Normal file
View File

@@ -0,0 +1,33 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: security
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: https://github.com/K3S-HOME/security.git
targetRevision: main
path: .
destination:
server: https://kubernetes.default.svc
namespace: argocd
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
retry:
limit: 5
backoff:
duration: 5s
factor: 2
maxDuration: 3m
revisionHistoryLimit: 10

4
authelia/argocd.yaml
View File

@@ -14,10 +14,10 @@ spec:
helm:
valueFiles:
- $values/authelia/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/cluster-infrastructure.git
- repoURL: https://github.com/K3S-HOME/security.git
targetRevision: main
ref: values
- repoURL: https://github.com/K3S-HOME/cluster-infrastructure.git
- repoURL: https://github.com/K3S-HOME/security.git
targetRevision: main
path: authelia
destination:

2
external-secrets/argocd.yaml
View File

@@ -20,7 +20,7 @@ spec:
helm:
valueFiles:
- $values/external-secrets/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/cluster-infrastructure.git
- repoURL: https://github.com/K3S-HOME/security.git
targetRevision: main
ref: values
destination:

4
falco/argocd.yaml
View File

@@ -14,10 +14,10 @@ spec:
helm:
valueFiles:
- $values/falco/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/cluster-infrastructure.git
- repoURL: https://github.com/K3S-HOME/security.git
targetRevision: main
ref: values
- repoURL: https://github.com/K3S-HOME/cluster-infrastructure.git
- repoURL: https://github.com/K3S-HOME/security.git
targetRevision: main
path: falco
kustomize: {}

10
kustomization.yaml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- application.yaml
- authelia/argocd.yaml
- vault/argocd.yaml
- external-secrets/argocd.yaml
- falco/argocd.yaml
- trivy/argocd.yaml

26
renovate.json Normal file
View File

@@ -0,0 +1,26 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:recommended"
],
"customManagers": [
{
"customType": "regex",
"managerFilePatterns": ["argocd\\.yaml$"],
"matchStrings": [
"repoURL:\\s*(?<registryUrl>ghcr\\.io/[^\\s]+)\\n\\s+chart:\\s*(?<depName>[^\\s]+)\\n\\s+targetRevision:\\s*(?<currentValue>[^\\s]+)"
],
"datasourceTemplate": "helm",
"registryUrlTemplate": "oci://{{registryUrl}}"
}
],
"kubernetes": {
"fileMatch": ["\\.yaml$"]
},
"helmv3": {
"fileMatch": ["helm-values\\.yaml$"]
},
"argocd": {
"fileMatch": ["argocd\\.yaml$"]
}
}

4
trivy/argocd.yaml
View File

@@ -14,10 +14,10 @@ spec:
helm:
valueFiles:
- $values/trivy/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/monitoring.git
- repoURL: https://github.com/K3S-HOME/security.git
targetRevision: main
ref: values
- repoURL: https://github.com/K3S-HOME/monitoring.git
- repoURL: https://github.com/K3S-HOME/security.git
targetRevision: main
path: trivy
destination:

4
vault/argocd.yaml
View File

@@ -14,10 +14,10 @@ spec:
helm:
valueFiles:
- $values/vault/helm-values.yaml
- repoURL: https://github.com/K3S-HOME/cluster-infrastructure.git
- repoURL: https://github.com/K3S-HOME/security.git
targetRevision: main
ref: values
- repoURL: https://github.com/K3S-HOME/cluster-infrastructure.git
- repoURL: https://github.com/K3S-HOME/security.git
targetRevision: main
path: vault
destination: