Mayne0213
37a7dbd561
Infrastructure as Code: - Add Kaniko namespace and RBAC manifests - Create ArgoCD Application for Kaniko infrastructure - Kustomize configuration for Kaniko resources Workflow improvements: - Remove kubeconfig dependency - Use in-cluster ServiceAccount (runner runs in K8s) - Remove all sudo commands - Simplify Kubernetes access GitOps workflow: 1. Push manifests to Git 2. ArgoCD auto-syncs infrastructure 3. Gitea runner uses ServiceAccount permissions 4. Kaniko builds run in kaniko-builds namespace Benefits: - True GitOps approach - No secrets management needed - Declarative infrastructure - ArgoCD handles reconciliation - Audit trail in Git
30 lines
642 B
YAML
30 lines
642 B
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: kaniko-infrastructure
|
|
namespace: argocd
|
|
finalizers:
|
|
- resources-finalizer.argocd.argoproj.io
|
|
spec:
|
|
project: default
|
|
source:
|
|
repoURL: https://gitea0213.kro.kr/bluemayne/jovies.git
|
|
targetRevision: main
|
|
path: deploy/kaniko
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: kaniko-builds
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
selfHeal: true
|
|
allowEmpty: false
|
|
syncOptions:
|
|
- CreateNamespace=true
|
|
retry:
|
|
limit: 5
|
|
backoff:
|
|
duration: 5s
|
|
factor: 2
|
|
maxDuration: 3m
|