diff --git a/charts/web-app/Chart.yaml b/charts/web-app/Chart.yaml new file mode 100644 index 0000000..8910f85 --- /dev/null +++ b/charts/web-app/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: web-app +description: A Helm chart for deploying web applications on K3S +type: application +version: 0.1.0 +appVersion: "1.0.0" diff --git a/charts/web-app/templates/_helpers.tpl b/charts/web-app/templates/_helpers.tpl new file mode 100644 index 0000000..854605b --- /dev/null +++ b/charts/web-app/templates/_helpers.tpl @@ -0,0 +1,40 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "web-app.name" -}} +{{- default .Chart.Name .Values.name | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +*/}} +{{- define "web-app.fullname" -}} +{{- if .Values.name }} +{{- .Values.name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "web-app.labels" -}} +app: {{ include "web-app.fullname" . }} +app.kubernetes.io/name: {{ include "web-app.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "web-app.selectorLabels" -}} +app: {{ include "web-app.fullname" . }} +{{- end }} + +{{/* +Image name +*/}} +{{- define "web-app.image" -}} +{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository .Values.image.tag }} +{{- end }} diff --git a/charts/web-app/templates/deployment.yaml b/charts/web-app/templates/deployment.yaml new file mode 100644 index 0000000..914eafa --- /dev/null +++ b/charts/web-app/templates/deployment.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "web-app.fullname" . }} + labels: + {{- include "web-app.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "web-app.selectorLabels" . | nindent 6 }} + strategy: + type: {{ .Values.strategy.type }} + {{- if eq .Values.strategy.type "RollingUpdate" }} + rollingUpdate: + maxUnavailable: {{ .Values.strategy.rollingUpdate.maxUnavailable }} + maxSurge: {{ .Values.strategy.rollingUpdate.maxSurge }} + {{- end }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + template: + metadata: + labels: + {{- include "web-app.selectorLabels" . | nindent 8 }} + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ include "web-app.fullname" . }} + image: {{ include "web-app.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - containerPort: {{ .Values.containerPort }} + protocol: TCP + {{- with .Values.env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.envFrom }} + envFrom: + {{- toYaml . | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- if .Values.healthCheck.enabled }} + livenessProbe: + httpGet: + path: {{ .Values.healthCheck.path }} + port: {{ .Values.containerPort }} + initialDelaySeconds: {{ .Values.healthCheck.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.healthCheck.livenessProbe.periodSeconds }} + readinessProbe: + httpGet: + path: {{ .Values.healthCheck.path }} + port: {{ .Values.containerPort }} + initialDelaySeconds: {{ .Values.healthCheck.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.healthCheck.readinessProbe.periodSeconds }} + {{- end }} + restartPolicy: Always + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/web-app/templates/external-secret.yaml b/charts/web-app/templates/external-secret.yaml new file mode 100644 index 0000000..835a52c --- /dev/null +++ b/charts/web-app/templates/external-secret.yaml @@ -0,0 +1,22 @@ +{{- if .Values.externalSecret.enabled }} +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: {{ include "web-app.fullname" . }}-secrets +spec: + refreshInterval: {{ .Values.externalSecret.refreshInterval }} + secretStoreRef: + name: {{ .Values.externalSecret.secretStoreRef.name }} + kind: {{ .Values.externalSecret.secretStoreRef.kind }} + target: + name: {{ include "web-app.fullname" . }}-secrets + creationPolicy: {{ .Values.externalSecret.target.creationPolicy }} + deletionPolicy: {{ .Values.externalSecret.target.deletionPolicy }} + data: + {{- range .Values.externalSecret.data }} + - secretKey: {{ .secretKey }} + remoteRef: + key: {{ .remoteRef.key }} + property: {{ .remoteRef.property }} + {{- end }} +{{- end }} diff --git a/charts/web-app/templates/ingress.yaml b/charts/web-app/templates/ingress.yaml new file mode 100644 index 0000000..fb18bfd --- /dev/null +++ b/charts/web-app/templates/ingress.yaml @@ -0,0 +1,37 @@ +{{- if .Values.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "web-app.fullname" . }}-ingress + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + ingressClassName: {{ .Values.ingress.className }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ include "web-app.fullname" $ }} + port: + number: {{ $.Values.service.port }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/web-app/templates/service.yaml b/charts/web-app/templates/service.yaml new file mode 100644 index 0000000..8e72e87 --- /dev/null +++ b/charts/web-app/templates/service.yaml @@ -0,0 +1,17 @@ +{{- if .Values.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "web-app.fullname" . }} + labels: + {{- include "web-app.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - name: http + port: {{ .Values.service.port }} + targetPort: {{ .Values.containerPort }} + protocol: TCP + selector: + {{- include "web-app.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/charts/web-app/values.yaml b/charts/web-app/values.yaml new file mode 100644 index 0000000..d11f9a9 --- /dev/null +++ b/charts/web-app/values.yaml @@ -0,0 +1,110 @@ +# Web App Helm Chart Default Values + +# Application name (used for labels, selectors, service names) +name: "" + +# Image configuration +image: + registry: ghcr.io + repository: mayne0213/app + tag: latest + pullPolicy: Always + +# Image pull secrets +imagePullSecrets: + - name: ghcr-secret + +# Replicas +replicaCount: 1 + +# Container port +containerPort: 3000 + +# Service configuration +service: + enabled: true + type: ClusterIP + port: 80 + +# Ingress configuration +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: app.example.com + paths: + - path: / + pathType: Prefix + tls: + - secretName: app-tls + hosts: + - app.example.com + +# Resources +resources: + requests: + memory: 80Mi + cpu: 20m + limits: + memory: 200Mi + +# Health checks +healthCheck: + enabled: true + path: / + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 5 + +# Environment variables (plain) +env: [] +# - name: NODE_ENV +# value: production + +# Environment variables from secrets +envFrom: [] +# - secretRef: +# name: app-secrets + +# External Secrets configuration +externalSecret: + enabled: false + refreshInterval: 1h + secretStoreRef: + name: vault-backend + kind: ClusterSecretStore + target: + creationPolicy: Owner + deletionPolicy: Retain + data: [] + # - secretKey: DATABASE_URL + # remoteRef: + # key: myapp + # property: DATABASE_URL + +# Deployment strategy +strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 0 + maxSurge: 1 + +# Revision history +revisionHistoryLimit: 3 + +# Pod annotations +podAnnotations: {} + +# Node selector +nodeSelector: {} + +# Tolerations +tolerations: [] + +# Affinity +affinity: {} diff --git a/jaejadle-dev/argocd.yaml b/jaejadle-dev/argocd.yaml index 259f233..2331c11 100644 --- a/jaejadle-dev/argocd.yaml +++ b/jaejadle-dev/argocd.yaml @@ -10,7 +10,13 @@ spec: sources: - repoURL: https://github.com/K3S-HOME/web-apps.git targetRevision: main - path: jaejadle-dev + path: charts/web-app + helm: + valueFiles: + - $values/jaejadle-dev/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + ref: values destination: server: https://kubernetes.default.svc namespace: jaejadle-dev diff --git a/jaejadle-dev/deployment.yaml b/jaejadle-dev/deployment.yaml deleted file mode 100644 index d00a8f6..0000000 --- a/jaejadle-dev/deployment.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: jaejadle-dev - labels: - app: jaejadle-dev -spec: - replicas: 1 - selector: - matchLabels: - app: jaejadle-dev - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - revisionHistoryLimit: 3 - template: - metadata: - labels: - app: jaejadle-dev - spec: - imagePullSecrets: - - name: ghcr-secret - containers: - - name: jaejadle-dev - image: ghcr.io/mayne0213/jaejadle:develop - imagePullPolicy: Always - ports: - - containerPort: 3000 - protocol: TCP - envFrom: - - secretRef: - name: jaejadle-dev-secrets - resources: - requests: - memory: 80Mi - cpu: 20m - limits: - memory: 300Mi - livenessProbe: - httpGet: - path: / - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - readinessProbe: - httpGet: - path: / - port: 3000 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always diff --git a/jaejadle-dev/external-secret.yaml b/jaejadle-dev/external-secret.yaml deleted file mode 100644 index 5cf781b..0000000 --- a/jaejadle-dev/external-secret.yaml +++ /dev/null @@ -1,46 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: jaejadle-dev-secrets -spec: - refreshInterval: 1h - secretStoreRef: - name: vault-backend - kind: ClusterSecretStore - target: - name: jaejadle-dev-secrets - creationPolicy: Owner - deletionPolicy: Retain - data: - - secretKey: DATABASE_URL - remoteRef: - key: jaejadle-dev - property: DATABASE_URL - - secretKey: JWT_SECRET - remoteRef: - key: jaejadle-dev - property: JWT_SECRET - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - key: jaejadle-dev - property: AWS_ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - key: jaejadle-dev - property: AWS_SECRET_ACCESS_KEY - - secretKey: AWS_S3_BUCKET_NAME - remoteRef: - key: jaejadle-dev - property: AWS_S3_BUCKET_NAME - - secretKey: AWS_S3_ENDPOINT - remoteRef: - key: jaejadle-dev - property: AWS_S3_ENDPOINT - - secretKey: AWS_REGION - remoteRef: - key: jaejadle-dev - property: AWS_REGION - - secretKey: CODE - remoteRef: - key: jaejadle-dev - property: CODE diff --git a/jaejadle-dev/helm-values.yaml b/jaejadle-dev/helm-values.yaml new file mode 100644 index 0000000..2195b3f --- /dev/null +++ b/jaejadle-dev/helm-values.yaml @@ -0,0 +1,99 @@ +# Jaejadle Dev Web App Helm Values + +name: jaejadle-dev + +image: + registry: ghcr.io + repository: mayne0213/jaejadle + tag: develop + pullPolicy: Always + +imagePullSecrets: + - name: ghcr-secret + +replicaCount: 1 +containerPort: 3000 + +service: + enabled: true + type: ClusterIP + port: 80 + +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: dev.jaejadle.kro.kr + paths: + - path: / + pathType: Prefix + tls: + - secretName: jaejadle-dev-tls + hosts: + - dev.jaejadle.kro.kr + +resources: + requests: + memory: 80Mi + cpu: 20m + limits: + memory: 300Mi + +healthCheck: + enabled: true + path: / + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 5 + +envFrom: + - secretRef: + name: jaejadle-dev-secrets + +externalSecret: + enabled: true + refreshInterval: 1h + secretStoreRef: + name: vault-backend + kind: ClusterSecretStore + target: + creationPolicy: Owner + deletionPolicy: Retain + data: + - secretKey: DATABASE_URL + remoteRef: + key: jaejadle-dev + property: DATABASE_URL + - secretKey: JWT_SECRET + remoteRef: + key: jaejadle-dev + property: JWT_SECRET + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + key: jaejadle-dev + property: AWS_ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + key: jaejadle-dev + property: AWS_SECRET_ACCESS_KEY + - secretKey: AWS_S3_BUCKET_NAME + remoteRef: + key: jaejadle-dev + property: AWS_S3_BUCKET_NAME + - secretKey: AWS_S3_ENDPOINT + remoteRef: + key: jaejadle-dev + property: AWS_S3_ENDPOINT + - secretKey: AWS_REGION + remoteRef: + key: jaejadle-dev + property: AWS_REGION + - secretKey: CODE + remoteRef: + key: jaejadle-dev + property: CODE diff --git a/jaejadle-dev/ingress.yaml b/jaejadle-dev/ingress.yaml deleted file mode 100644 index b3ac9ca..0000000 --- a/jaejadle-dev/ingress.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: jaejadle-dev-ingress - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod -spec: - ingressClassName: traefik - tls: - - hosts: - - dev.jaejadle.kro.kr - secretName: jaejadle-dev-tls - rules: - - host: dev.jaejadle.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: jaejadle-dev - port: - number: 80 diff --git a/jaejadle-dev/kustomization.yaml b/jaejadle-dev/kustomization.yaml deleted file mode 100644 index 0d8d190..0000000 --- a/jaejadle-dev/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: jaejadle-dev -resources: -- deployment.yaml -- service.yaml -- ingress.yaml -- external-secret.yaml diff --git a/jaejadle-dev/service.yaml b/jaejadle-dev/service.yaml deleted file mode 100644 index 30611e5..0000000 --- a/jaejadle-dev/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: jaejadle-dev - labels: - app: jaejadle-dev -spec: - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 3000 - protocol: TCP - selector: - app: jaejadle-dev diff --git a/jaejadle/argocd.yaml b/jaejadle/argocd.yaml index c18364b..b10b5ce 100644 --- a/jaejadle/argocd.yaml +++ b/jaejadle/argocd.yaml @@ -10,7 +10,13 @@ spec: sources: - repoURL: https://github.com/K3S-HOME/web-apps.git targetRevision: main - path: jaejadle + path: charts/web-app + helm: + valueFiles: + - $values/jaejadle/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + ref: values destination: server: https://kubernetes.default.svc namespace: jaejadle diff --git a/jaejadle/deployment.yaml b/jaejadle/deployment.yaml deleted file mode 100644 index da4f0c2..0000000 --- a/jaejadle/deployment.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: jaejadle - labels: - app: jaejadle -spec: - replicas: 1 - selector: - matchLabels: - app: jaejadle - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - revisionHistoryLimit: 3 - template: - metadata: - labels: - app: jaejadle - spec: - imagePullSecrets: - - name: ghcr-secret - containers: - - name: jaejadle - image: ghcr.io/mayne0213/jaejadle:latest - imagePullPolicy: Always - ports: - - containerPort: 3000 - protocol: TCP - envFrom: - - secretRef: - name: jaejadle-secrets - resources: - requests: - memory: 80Mi - cpu: 20m - limits: - memory: 300Mi - livenessProbe: - httpGet: - path: / - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - readinessProbe: - httpGet: - path: / - port: 3000 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always diff --git a/jaejadle/external-secret.yaml b/jaejadle/external-secret.yaml deleted file mode 100644 index 38f6291..0000000 --- a/jaejadle/external-secret.yaml +++ /dev/null @@ -1,46 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: jaejadle-secrets -spec: - refreshInterval: 1h - secretStoreRef: - name: vault-backend - kind: ClusterSecretStore - target: - name: jaejadle-secrets - creationPolicy: Owner - deletionPolicy: Retain - data: - - secretKey: DATABASE_URL - remoteRef: - key: jaejadle - property: DATABASE_URL - - secretKey: JWT_SECRET - remoteRef: - key: jaejadle - property: JWT_SECRET - - secretKey: AWS_ACCESS_KEY_ID - remoteRef: - key: jaejadle - property: AWS_ACCESS_KEY_ID - - secretKey: AWS_SECRET_ACCESS_KEY - remoteRef: - key: jaejadle - property: AWS_SECRET_ACCESS_KEY - - secretKey: AWS_S3_BUCKET_NAME - remoteRef: - key: jaejadle - property: AWS_S3_BUCKET_NAME - - secretKey: AWS_S3_ENDPOINT - remoteRef: - key: jaejadle - property: AWS_S3_ENDPOINT - - secretKey: AWS_REGION - remoteRef: - key: jaejadle - property: AWS_REGION - - secretKey: CODE - remoteRef: - key: jaejadle - property: CODE diff --git a/jaejadle/helm-values.yaml b/jaejadle/helm-values.yaml new file mode 100644 index 0000000..1744d4d --- /dev/null +++ b/jaejadle/helm-values.yaml @@ -0,0 +1,99 @@ +# Jaejadle Web App Helm Values + +name: jaejadle + +image: + registry: ghcr.io + repository: mayne0213/jaejadle + tag: latest + pullPolicy: Always + +imagePullSecrets: + - name: ghcr-secret + +replicaCount: 1 +containerPort: 3000 + +service: + enabled: true + type: ClusterIP + port: 80 + +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: jaejadle.kro.kr + paths: + - path: / + pathType: Prefix + tls: + - secretName: jaejadle-tls + hosts: + - jaejadle.kro.kr + +resources: + requests: + memory: 80Mi + cpu: 20m + limits: + memory: 300Mi + +healthCheck: + enabled: true + path: / + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 5 + +envFrom: + - secretRef: + name: jaejadle-secrets + +externalSecret: + enabled: true + refreshInterval: 1h + secretStoreRef: + name: vault-backend + kind: ClusterSecretStore + target: + creationPolicy: Owner + deletionPolicy: Retain + data: + - secretKey: DATABASE_URL + remoteRef: + key: jaejadle + property: DATABASE_URL + - secretKey: JWT_SECRET + remoteRef: + key: jaejadle + property: JWT_SECRET + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + key: jaejadle + property: AWS_ACCESS_KEY_ID + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + key: jaejadle + property: AWS_SECRET_ACCESS_KEY + - secretKey: AWS_S3_BUCKET_NAME + remoteRef: + key: jaejadle + property: AWS_S3_BUCKET_NAME + - secretKey: AWS_S3_ENDPOINT + remoteRef: + key: jaejadle + property: AWS_S3_ENDPOINT + - secretKey: AWS_REGION + remoteRef: + key: jaejadle + property: AWS_REGION + - secretKey: CODE + remoteRef: + key: jaejadle + property: CODE diff --git a/jaejadle/ingress.yaml b/jaejadle/ingress.yaml deleted file mode 100644 index b862d5b..0000000 --- a/jaejadle/ingress.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: jaejadle-ingress - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod -spec: - ingressClassName: traefik - tls: - - hosts: - - jaejadle.kro.kr - secretName: jaejadle-tls - rules: - - host: jaejadle.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: jaejadle - port: - number: 80 diff --git a/jaejadle/kustomization.yaml b/jaejadle/kustomization.yaml deleted file mode 100644 index fed166c..0000000 --- a/jaejadle/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: jaejadle -resources: -- deployment.yaml -- service.yaml -- ingress.yaml -- external-secret.yaml diff --git a/jaejadle/service.yaml b/jaejadle/service.yaml deleted file mode 100644 index d823dbf..0000000 --- a/jaejadle/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: jaejadle - labels: - app: jaejadle -spec: - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 3000 - protocol: TCP - selector: - app: jaejadle diff --git a/joossam-dev/argocd.yaml b/joossam-dev/argocd.yaml index eb838c2..11bcc59 100644 --- a/joossam-dev/argocd.yaml +++ b/joossam-dev/argocd.yaml @@ -10,7 +10,13 @@ spec: sources: - repoURL: https://github.com/K3S-HOME/web-apps.git targetRevision: main - path: joossam-dev + path: charts/web-app + helm: + valueFiles: + - $values/joossam-dev/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + ref: values destination: server: https://kubernetes.default.svc namespace: joossam-dev diff --git a/joossam-dev/deployment.yaml b/joossam-dev/deployment.yaml deleted file mode 100644 index 3fecacc..0000000 --- a/joossam-dev/deployment.yaml +++ /dev/null @@ -1,50 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: joossam-dev - labels: - app: joossam-dev -spec: - replicas: 1 - selector: - matchLabels: - app: joossam-dev - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - revisionHistoryLimit: 3 - template: - metadata: - labels: - app: joossam-dev - spec: - imagePullSecrets: - - name: ghcr-secret - containers: - - name: joossam-dev - image: ghcr.io/mayne0213/joossam:develop - imagePullPolicy: Always - ports: - - containerPort: 8000 - protocol: TCP - resources: - requests: - memory: 256Mi - cpu: 20m - limits: - memory: 512Mi - livenessProbe: - httpGet: - path: / - port: 8000 - initialDelaySeconds: 10 - periodSeconds: 10 - readinessProbe: - httpGet: - path: / - port: 8000 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always diff --git a/joossam-dev/helm-values.yaml b/joossam-dev/helm-values.yaml new file mode 100644 index 0000000..74d60c5 --- /dev/null +++ b/joossam-dev/helm-values.yaml @@ -0,0 +1,55 @@ +# Joossam Dev Web App Helm Values + +name: joossam-dev + +image: + registry: ghcr.io + repository: mayne0213/joossam + tag: develop + pullPolicy: Always + +imagePullSecrets: + - name: ghcr-secret + +replicaCount: 1 +containerPort: 8000 + +service: + enabled: true + type: ClusterIP + port: 80 + +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: dev.joossameng.kro.kr + paths: + - path: / + pathType: Prefix + tls: + - secretName: joossam-dev-tls + hosts: + - dev.joossameng.kro.kr + +resources: + requests: + memory: 256Mi + cpu: 20m + limits: + memory: 512Mi + +healthCheck: + enabled: true + path: / + livenessProbe: + initialDelaySeconds: 10 + periodSeconds: 10 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 5 + +externalSecret: + enabled: false diff --git a/joossam-dev/ingress.yaml b/joossam-dev/ingress.yaml deleted file mode 100644 index bdd99c8..0000000 --- a/joossam-dev/ingress.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: joossam-dev-ingress - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod -spec: - ingressClassName: traefik - tls: - - hosts: - - dev.joossameng.kro.kr - secretName: joossam-dev-tls - rules: - - host: dev.joossameng.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: joossam-dev - port: - number: 80 diff --git a/joossam-dev/kustomization.yaml b/joossam-dev/kustomization.yaml deleted file mode 100644 index f59399a..0000000 --- a/joossam-dev/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: joossam-dev -resources: -- deployment.yaml -- service.yaml -- ingress.yaml diff --git a/joossam-dev/service.yaml b/joossam-dev/service.yaml deleted file mode 100644 index a575608..0000000 --- a/joossam-dev/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: joossam-dev - labels: - app: joossam-dev -spec: - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 8000 - protocol: TCP - selector: - app: joossam-dev diff --git a/joossam/argocd.yaml b/joossam/argocd.yaml index b116360..9602648 100644 --- a/joossam/argocd.yaml +++ b/joossam/argocd.yaml @@ -10,7 +10,13 @@ spec: sources: - repoURL: https://github.com/K3S-HOME/web-apps.git targetRevision: main - path: joossam + path: charts/web-app + helm: + valueFiles: + - $values/joossam/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + ref: values destination: server: https://kubernetes.default.svc namespace: joossam diff --git a/joossam/deployment.yaml b/joossam/deployment.yaml deleted file mode 100644 index 3c39131..0000000 --- a/joossam/deployment.yaml +++ /dev/null @@ -1,50 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: joossam - labels: - app: joossam -spec: - replicas: 1 - selector: - matchLabels: - app: joossam - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - revisionHistoryLimit: 3 - template: - metadata: - labels: - app: joossam - spec: - imagePullSecrets: - - name: ghcr-secret - containers: - - name: joossam - image: ghcr.io/mayne0213/joossam:latest - imagePullPolicy: Always - ports: - - containerPort: 8000 - protocol: TCP - resources: - requests: - memory: 256Mi - cpu: 20m - limits: - memory: 512Mi - livenessProbe: - httpGet: - path: / - port: 8000 - initialDelaySeconds: 10 - periodSeconds: 10 - readinessProbe: - httpGet: - path: / - port: 8000 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always diff --git a/joossam/helm-values.yaml b/joossam/helm-values.yaml new file mode 100644 index 0000000..06db64a --- /dev/null +++ b/joossam/helm-values.yaml @@ -0,0 +1,55 @@ +# Joossam Web App Helm Values + +name: joossam + +image: + registry: ghcr.io + repository: mayne0213/joossam + tag: latest + pullPolicy: Always + +imagePullSecrets: + - name: ghcr-secret + +replicaCount: 1 +containerPort: 8000 + +service: + enabled: true + type: ClusterIP + port: 80 + +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: joossameng.kro.kr + paths: + - path: / + pathType: Prefix + tls: + - secretName: joossam-tls + hosts: + - joossameng.kro.kr + +resources: + requests: + memory: 256Mi + cpu: 20m + limits: + memory: 512Mi + +healthCheck: + enabled: true + path: / + livenessProbe: + initialDelaySeconds: 10 + periodSeconds: 10 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 5 + +externalSecret: + enabled: false diff --git a/joossam/ingress.yaml b/joossam/ingress.yaml deleted file mode 100644 index 8cf69a4..0000000 --- a/joossam/ingress.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: joossam-ingress - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod -spec: - ingressClassName: traefik - tls: - - hosts: - - joossameng.kro.kr - secretName: joossam-tls - rules: - - host: joossameng.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: joossam - port: - number: 80 diff --git a/joossam/kustomization.yaml b/joossam/kustomization.yaml deleted file mode 100644 index 4b7b59b..0000000 --- a/joossam/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: joossam -resources: -- deployment.yaml -- service.yaml -- ingress.yaml diff --git a/joossam/service.yaml b/joossam/service.yaml deleted file mode 100644 index 74fbbf4..0000000 --- a/joossam/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: joossam - labels: - app: joossam -spec: - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 8000 - protocol: TCP - selector: - app: joossam diff --git a/jotion/argocd.yaml b/jotion/argocd.yaml index cefb005..4d9c6be 100644 --- a/jotion/argocd.yaml +++ b/jotion/argocd.yaml @@ -10,7 +10,13 @@ spec: sources: - repoURL: https://github.com/K3S-HOME/web-apps.git targetRevision: main - path: jotion + path: charts/web-app + helm: + valueFiles: + - $values/jotion/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + ref: values destination: server: https://kubernetes.default.svc namespace: jotion diff --git a/jotion/deployment.yaml b/jotion/deployment.yaml deleted file mode 100644 index 6d245fc..0000000 --- a/jotion/deployment.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: jotion - labels: - app: jotion -spec: - replicas: 1 - selector: - matchLabels: - app: jotion - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - revisionHistoryLimit: 3 - template: - metadata: - labels: - app: jotion - spec: - imagePullSecrets: - - name: ghcr-secret - containers: - - name: jotion - image: ghcr.io/mayne0213/jotion:latest - imagePullPolicy: Always - ports: - - containerPort: 3000 - protocol: TCP - env: - - name: NODE_ENV - value: production - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: jotion-secrets - key: database-url - resources: - requests: - memory: 80Mi - cpu: 20m - limits: - memory: 200Mi - livenessProbe: - httpGet: - path: /api/health - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - readinessProbe: - httpGet: - path: /api/health - port: 3000 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always diff --git a/jotion/external-secret.yaml b/jotion/external-secret.yaml deleted file mode 100644 index f6880cb..0000000 --- a/jotion/external-secret.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: jotion-secrets -spec: - refreshInterval: 1h - secretStoreRef: - name: vault-backend - kind: ClusterSecretStore - target: - name: jotion-secrets - creationPolicy: Owner - deletionPolicy: Retain - data: - - secretKey: database-url - remoteRef: - key: jotion - property: DATABASE_URL diff --git a/jotion/helm-values.yaml b/jotion/helm-values.yaml new file mode 100644 index 0000000..50d884d --- /dev/null +++ b/jotion/helm-values.yaml @@ -0,0 +1,81 @@ +# Jotion Web App Helm Values + +name: jotion + +image: + registry: ghcr.io + repository: mayne0213/jotion + tag: latest + pullPolicy: Always + +imagePullSecrets: + - name: ghcr-secret + +replicaCount: 1 +containerPort: 3000 + +service: + enabled: true + type: ClusterIP + port: 80 + +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: jotion0213.kro.kr + paths: + - path: / + pathType: Prefix + - host: www.jotion0213.kro.kr + paths: + - path: / + pathType: Prefix + tls: + - secretName: jotion-tls + hosts: + - jotion0213.kro.kr + - www.jotion0213.kro.kr + +resources: + requests: + memory: 80Mi + cpu: 20m + limits: + memory: 200Mi + +healthCheck: + enabled: true + path: /api/health + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 5 + +env: + - name: NODE_ENV + value: production + - name: DATABASE_URL + valueFrom: + secretKeyRef: + name: jotion-secrets + key: database-url + +externalSecret: + enabled: true + refreshInterval: 1h + secretStoreRef: + name: vault-backend + kind: ClusterSecretStore + target: + creationPolicy: Owner + deletionPolicy: Retain + data: + - secretKey: database-url + remoteRef: + key: jotion + property: DATABASE_URL diff --git a/jotion/ingress.yaml b/jotion/ingress.yaml deleted file mode 100644 index 8491a69..0000000 --- a/jotion/ingress.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: jotion-ingress - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod -spec: - ingressClassName: traefik - tls: - - hosts: - - jotion0213.kro.kr - - www.jotion0213.kro.kr - secretName: jotion-tls - rules: - - host: jotion0213.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: jotion - port: - number: 80 - - host: www.jotion0213.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: jotion - port: - number: 80 diff --git a/jotion/kustomization.yaml b/jotion/kustomization.yaml deleted file mode 100644 index aa56fcd..0000000 --- a/jotion/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: jotion -resources: -- deployment.yaml -- service.yaml -- ingress.yaml -- external-secret.yaml diff --git a/jotion/service.yaml b/jotion/service.yaml deleted file mode 100644 index 57ef309..0000000 --- a/jotion/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: jotion - labels: - app: jotion -spec: - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 3000 - protocol: TCP - selector: - app: jotion diff --git a/jovies/argocd.yaml b/jovies/argocd.yaml index 8edf9b1..8e99782 100644 --- a/jovies/argocd.yaml +++ b/jovies/argocd.yaml @@ -10,7 +10,13 @@ spec: sources: - repoURL: https://github.com/K3S-HOME/web-apps.git targetRevision: main - path: jovies + path: charts/web-app + helm: + valueFiles: + - $values/jovies/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + ref: values destination: server: https://kubernetes.default.svc namespace: jovies diff --git a/jovies/deployment.yaml b/jovies/deployment.yaml deleted file mode 100644 index 61fb2df..0000000 --- a/jovies/deployment.yaml +++ /dev/null @@ -1,51 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: jovies - labels: - app: jovies -spec: - replicas: 1 - selector: - matchLabels: - app: jovies - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - revisionHistoryLimit: 3 - template: - metadata: - labels: - app: jovies - spec: - containers: - - name: jovies - image: ghcr.io/mayne0213/jovies:latest - imagePullPolicy: Always - ports: - - containerPort: 3000 - protocol: TCP - env: - - name: NODE_ENV - value: production - resources: - requests: - memory: 40Mi - cpu: 5m - limits: - memory: 100Mi - livenessProbe: - httpGet: - path: / - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - readinessProbe: - httpGet: - path: / - port: 3000 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always diff --git a/jovies/helm-values.yaml b/jovies/helm-values.yaml new file mode 100644 index 0000000..775624d --- /dev/null +++ b/jovies/helm-values.yaml @@ -0,0 +1,63 @@ +# Jovies Web App Helm Values + +name: jovies + +image: + registry: ghcr.io + repository: mayne0213/jovies + tag: latest + pullPolicy: Always + +imagePullSecrets: [] + +replicaCount: 1 +containerPort: 3000 + +service: + enabled: true + type: ClusterIP + port: 80 + +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: jovies.kro.kr + paths: + - path: / + pathType: Prefix + - host: www.jovies.kro.kr + paths: + - path: / + pathType: Prefix + tls: + - secretName: jovies-tls + hosts: + - jovies.kro.kr + - www.jovies.kro.kr + +resources: + requests: + memory: 40Mi + cpu: 5m + limits: + memory: 100Mi + +healthCheck: + enabled: true + path: / + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 5 + +env: + - name: NODE_ENV + value: production + +externalSecret: + enabled: false diff --git a/jovies/ingress.yaml b/jovies/ingress.yaml deleted file mode 100644 index b13bdb4..0000000 --- a/jovies/ingress.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: jovies-ingress - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod -spec: - ingressClassName: traefik - tls: - - hosts: - - jovies.kro.kr - - www.jovies.kro.kr - secretName: jovies-tls - rules: - - host: jovies.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: jovies - port: - number: 80 - - host: www.jovies.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: jovies - port: - number: 80 diff --git a/jovies/kustomization.yaml b/jovies/kustomization.yaml deleted file mode 100644 index d901f70..0000000 --- a/jovies/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: jovies -resources: -- deployment.yaml -- service.yaml -- ingress.yaml diff --git a/jovies/service.yaml b/jovies/service.yaml deleted file mode 100644 index c8cd7b6..0000000 --- a/jovies/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: jovies - labels: - app: jovies -spec: - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 3000 - protocol: TCP - selector: - app: jovies diff --git a/portfolio/argocd.yaml b/portfolio/argocd.yaml index 1a88dfb..94027da 100644 --- a/portfolio/argocd.yaml +++ b/portfolio/argocd.yaml @@ -10,7 +10,13 @@ spec: sources: - repoURL: https://github.com/K3S-HOME/web-apps.git targetRevision: main - path: portfolio + path: charts/web-app + helm: + valueFiles: + - $values/portfolio/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + ref: values destination: server: https://kubernetes.default.svc namespace: portfolio diff --git a/portfolio/deployment.yaml b/portfolio/deployment.yaml deleted file mode 100644 index 5a2db69..0000000 --- a/portfolio/deployment.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: portfolio - labels: - app: portfolio -spec: - replicas: 1 - selector: - matchLabels: - app: portfolio - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - revisionHistoryLimit: 3 - template: - metadata: - labels: - app: portfolio - spec: - containers: - - name: portfolio - image: ghcr.io/mayne0213/portfolio:latest - imagePullPolicy: Always - ports: - - containerPort: 3000 - protocol: TCP - env: - - name: NODE_ENV - value: production - - name: PROMETHEUS_URL - value: http://prometheus.prometheus.svc.cluster.local:9090 - resources: - requests: - memory: 80Mi - cpu: 20m - limits: - memory: 150Mi - livenessProbe: - httpGet: - path: / - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - readinessProbe: - httpGet: - path: / - port: 3000 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always diff --git a/portfolio/helm-values.yaml b/portfolio/helm-values.yaml new file mode 100644 index 0000000..1974bd4 --- /dev/null +++ b/portfolio/helm-values.yaml @@ -0,0 +1,65 @@ +# Portfolio Web App Helm Values + +name: portfolio + +image: + registry: ghcr.io + repository: mayne0213/portfolio + tag: latest + pullPolicy: Always + +imagePullSecrets: [] + +replicaCount: 1 +containerPort: 3000 + +service: + enabled: true + type: ClusterIP + port: 80 + +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: minjo0213.kro.kr + paths: + - path: / + pathType: Prefix + - host: www.minjo0213.kro.kr + paths: + - path: / + pathType: Prefix + tls: + - secretName: portfolio-tls + hosts: + - minjo0213.kro.kr + - www.minjo0213.kro.kr + +resources: + requests: + memory: 80Mi + cpu: 20m + limits: + memory: 150Mi + +healthCheck: + enabled: true + path: / + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 5 + +env: + - name: NODE_ENV + value: production + - name: PROMETHEUS_URL + value: http://prometheus.prometheus.svc.cluster.local:9090 + +externalSecret: + enabled: false diff --git a/portfolio/ingress.yaml b/portfolio/ingress.yaml deleted file mode 100644 index cf69f1d..0000000 --- a/portfolio/ingress.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: portfolio-ingress - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod -spec: - ingressClassName: traefik - tls: - - hosts: - - minjo0213.kro.kr - - www.minjo0213.kro.kr - secretName: portfolio-tls - rules: - - host: minjo0213.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: portfolio - port: - number: 80 - - host: www.minjo0213.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: portfolio - port: - number: 80 diff --git a/portfolio/kustomization.yaml b/portfolio/kustomization.yaml deleted file mode 100644 index 16fdea0..0000000 --- a/portfolio/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: portfolio -resources: -- deployment.yaml -- service.yaml -- ingress.yaml diff --git a/portfolio/service.yaml b/portfolio/service.yaml deleted file mode 100644 index ccd7009..0000000 --- a/portfolio/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: portfolio - labels: - app: portfolio -spec: - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 3000 - protocol: TCP - selector: - app: portfolio diff --git a/todo/argocd.yaml b/todo/argocd.yaml index 11a050c..ed6096d 100644 --- a/todo/argocd.yaml +++ b/todo/argocd.yaml @@ -10,7 +10,13 @@ spec: sources: - repoURL: https://github.com/K3S-HOME/web-apps.git targetRevision: main - path: todo + path: charts/web-app + helm: + valueFiles: + - $values/todo/helm-values.yaml + - repoURL: https://github.com/K3S-HOME/web-apps.git + targetRevision: main + ref: values destination: server: https://kubernetes.default.svc namespace: todo diff --git a/todo/deployment.yaml b/todo/deployment.yaml deleted file mode 100644 index 037d709..0000000 --- a/todo/deployment.yaml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: todo - labels: - app: todo -spec: - replicas: 1 - selector: - matchLabels: - app: todo - strategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - revisionHistoryLimit: 3 - template: - metadata: - labels: - app: todo - spec: - containers: - - name: todo - image: ghcr.io/mayne0213/todo:latest - imagePullPolicy: Always - ports: - - containerPort: 3000 - protocol: TCP - env: - - name: NODE_ENV - value: production - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: todo-secrets - key: database-url - resources: - requests: - memory: 50Mi - cpu: 20m - limits: - memory: 120Mi - livenessProbe: - httpGet: - path: /api/health - port: 3000 - initialDelaySeconds: 30 - periodSeconds: 10 - readinessProbe: - httpGet: - path: /api/health - port: 3000 - initialDelaySeconds: 5 - periodSeconds: 5 - restartPolicy: Always diff --git a/todo/external-secret.yaml b/todo/external-secret.yaml deleted file mode 100644 index 800781a..0000000 --- a/todo/external-secret.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: external-secrets.io/v1 -kind: ExternalSecret -metadata: - name: todo-secrets -spec: - refreshInterval: 1h - secretStoreRef: - name: vault-backend - kind: ClusterSecretStore - target: - name: todo-secrets - creationPolicy: Owner - deletionPolicy: Retain - data: - - secretKey: database-url - remoteRef: - key: todo/prod - property: DATABASE_URL diff --git a/todo/helm-values.yaml b/todo/helm-values.yaml new file mode 100644 index 0000000..425ef38 --- /dev/null +++ b/todo/helm-values.yaml @@ -0,0 +1,81 @@ +# Todo Web App Helm Values + +name: todo + +image: + registry: ghcr.io + repository: mayne0213/todo + tag: latest + pullPolicy: Always + +# No imagePullSecrets needed (public or already configured) +imagePullSecrets: [] + +replicaCount: 1 +containerPort: 3000 + +service: + enabled: true + type: ClusterIP + port: 80 + +ingress: + enabled: true + className: traefik + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: todo0213.kro.kr + paths: + - path: / + pathType: Prefix + - host: www.todo0213.kro.kr + paths: + - path: / + pathType: Prefix + tls: + - secretName: todo-tls + hosts: + - todo0213.kro.kr + - www.todo0213.kro.kr + +resources: + requests: + memory: 50Mi + cpu: 20m + limits: + memory: 120Mi + +healthCheck: + enabled: true + path: /api/health + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 5 + +env: + - name: NODE_ENV + value: production + - name: DATABASE_URL + valueFrom: + secretKeyRef: + name: todo-secrets + key: database-url + +externalSecret: + enabled: true + refreshInterval: 1h + secretStoreRef: + name: vault-backend + kind: ClusterSecretStore + target: + creationPolicy: Owner + deletionPolicy: Retain + data: + - secretKey: database-url + remoteRef: + key: todo/prod + property: DATABASE_URL diff --git a/todo/ingress.yaml b/todo/ingress.yaml deleted file mode 100644 index 2ecf9cb..0000000 --- a/todo/ingress.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: todo-ingress - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod -spec: - ingressClassName: traefik - tls: - - hosts: - - todo0213.kro.kr - - www.todo0213.kro.kr - secretName: todo-tls - rules: - - host: todo0213.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: todo - port: - number: 80 - - host: www.todo0213.kro.kr - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: todo - port: - number: 80 diff --git a/todo/kustomization.yaml b/todo/kustomization.yaml deleted file mode 100644 index 9cd30b6..0000000 --- a/todo/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: todo -resources: -- deployment.yaml -- service.yaml -- ingress.yaml -- external-secret.yaml diff --git a/todo/service.yaml b/todo/service.yaml deleted file mode 100644 index 820d5be..0000000 --- a/todo/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: todo - labels: - app: todo -spec: - type: ClusterIP - ports: - - name: http - port: 80 - targetPort: 3000 - protocol: TCP - selector: - app: todo