Compare commits
No commits in common. "445f16e7eef92aeb780aa09ad6f9e80f22d88520" and "124018c2d0e1a6b9bc34fd633454baa8da5869c8" have entirely different histories.
445f16e7ee
...
124018c2d0
10
Makefile
10
Makefile
|
@ -1,10 +0,0 @@
|
||||||
################################
|
|
||||||
# Makefile for Cadoles SP
|
|
||||||
################################
|
|
||||||
|
|
||||||
IMAGE_REPO := reg.cadoles.com/cadoles
|
|
||||||
IMAGE_VERSION ?= 0.0.1
|
|
||||||
|
|
||||||
DAY_SUFFIX_TAG ?= $(shell date +%Y%m%d)
|
|
||||||
|
|
||||||
include main.mk
|
|
52
README.md
52
README.md
|
@ -1,55 +1,5 @@
|
||||||
Symfony Skeletor
|
Symfony Skeletor
|
||||||
|
|
||||||
# Create a dev cluster with "kind"
|
|
||||||
|
|
||||||
|
|
||||||
1. Start your Kubernetes cluster
|
|
||||||
|
|
||||||
```shell
|
|
||||||
export ENGINE="kind"
|
|
||||||
```
|
|
||||||
|
|
||||||
Setup your "harbor" user:
|
|
||||||
```
|
|
||||||
export HARBOR_USER_NAME="<pnom>"
|
|
||||||
```
|
|
||||||
|
|
||||||
Create the cluster
|
|
||||||
|
|
||||||
```shell
|
|
||||||
${ENGINE} create cluster --config misc/k8s/${ENGINE}/${ENGINE}-cluster.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
2. Check your cluster status
|
|
||||||
|
|
||||||
```shell
|
|
||||||
kubectl get nodes
|
|
||||||
```
|
|
||||||
All the nodes are "Ready"
|
|
||||||
```
|
|
||||||
NAME STATUS ROLES AGE VERSION
|
|
||||||
dev-control-plane Ready control-plane 5d5h v1.27.2
|
|
||||||
dev-worker Ready <none> 5d5h v1.27.2
|
|
||||||
dev-worker2 Ready <none> 5d5h v1.27.2
|
|
||||||
dev-worker3 Ready <none> 5d5h v1.27.2
|
|
||||||
```
|
|
||||||
|
|
||||||
3. Déployer les opérateurs dans votre cluster
|
|
||||||
|
|
||||||
```shell
|
|
||||||
kubectl apply -k misc/k8s/${ENGINE}/cluster --server-side
|
|
||||||
```
|
|
||||||
|
|
||||||
4. Récupèrer la plage IP de votre "cluster"
|
|
||||||
Si vous utilisez [kind](https://kind.sigs.k8s.io) :
|
|
||||||
|
|
||||||
```shell
|
|
||||||
docker network inspect kind | jq '.[0].IPAM.Config[0].Subnet' -r
|
|
||||||
```
|
|
||||||
En toute logique vous devriez obtenir un résultat du type `172.XX.0.0/16`.
|
|
||||||
Gardez cette information pour plus tard.
|
|
||||||
|
|
||||||
|
|
||||||
```
|
```
|
||||||
your-project/
|
your-project/
|
||||||
├── assets/
|
├── assets/
|
||||||
|
@ -70,4 +20,4 @@ your-project/
|
||||||
├── translations/
|
├── translations/
|
||||||
├── var/
|
├── var/
|
||||||
└── vendor/
|
└── vendor/
|
||||||
```
|
```
|
77
main.mk
77
main.mk
|
@ -1,77 +0,0 @@
|
||||||
IMAGES_DIR := ./misc/images
|
|
||||||
|
|
||||||
#
|
|
||||||
# $1: IMAGE_NAME
|
|
||||||
#
|
|
||||||
define build_image
|
|
||||||
echo "Building ${IMAGE_REPO}/$1";\
|
|
||||||
docker build \
|
|
||||||
-t "${IMAGE_REPO}/$1:$(IMAGE_VERSION)" \
|
|
||||||
-f ${IMAGES_DIR}/$1/Dockerfile \
|
|
||||||
.
|
|
||||||
endef
|
|
||||||
|
|
||||||
#
|
|
||||||
# $1: IMAGE_NAME
|
|
||||||
# $2: IMAGE_TAG
|
|
||||||
#
|
|
||||||
define scan_image
|
|
||||||
echo "Scanning ${IMAGE_REPO}/$1"; \
|
|
||||||
mkdir -p .trivy/$(IMAGE_REPO)/$1; \
|
|
||||||
tools/trivy/bin/trivy --cache-dir .trivy/.cache image -o ".trivy/$(IMAGE_REPO)/$1/$2/report.txt" $(TRIVY_ARGS) $(IMAGE_REPO)/$1:$2 ; \
|
|
||||||
cat ".trivy/$(IMAGE_REPO)/$1/$2report.txt"
|
|
||||||
endef
|
|
||||||
|
|
||||||
define install_trivy
|
|
||||||
mkdir -p tools/trivy/bin ; \
|
|
||||||
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1
|
|
||||||
endef
|
|
||||||
|
|
||||||
define release_image
|
|
||||||
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) ; \
|
|
||||||
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION); \
|
|
||||||
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:latest ; \
|
|
||||||
docker push $(IMAGE_REPO)/$1:latest ; \
|
|
||||||
docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION) ; \
|
|
||||||
docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
|
|
||||||
endef
|
|
||||||
|
|
||||||
|
|
||||||
#list:
|
|
||||||
build: ${IMAGES_DIR}/*
|
|
||||||
@for name in $(basename $(notdir $^)); do \
|
|
||||||
$(call build_image,$${name}); \
|
|
||||||
done;\
|
|
||||||
|
|
||||||
scan: ${IMAGES_DIR}/*
|
|
||||||
$(call install_trivy)
|
|
||||||
@for name in $(basename $(notdir $^)); do \
|
|
||||||
$(call scan_image,$${name}); \
|
|
||||||
done;\
|
|
||||||
|
|
||||||
tools/trivy/bin/trivy:
|
|
||||||
mkdir -p tools/trivy/bin
|
|
||||||
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1
|
|
||||||
|
|
||||||
|
|
||||||
release: ${IMAGES_DIR}/*
|
|
||||||
@for name in $(basename $(notdir $^)); do \
|
|
||||||
$(call release_image,$${name},base); \
|
|
||||||
done;\
|
|
||||||
|
|
||||||
_release:
|
|
||||||
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
|
|
||||||
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)
|
|
||||||
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest
|
|
||||||
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
|
|
||||||
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)
|
|
||||||
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest
|
|
||||||
|
|
||||||
_test: tools/bin/bash_unit
|
|
||||||
tools/bin/bash_unit ./tests/test_$(IMAGE_TAG).sh
|
|
||||||
|
|
||||||
tools/bin/bash_unit:
|
|
||||||
mkdir -p tools/bin
|
|
||||||
cd tools/bin && bash <(curl -s https://raw.githubusercontent.com/pgrange/bash_unit/master/install.sh)
|
|
||||||
|
|
||||||
##include recipes/*.mk
|
|
|
@ -1,3 +0,0 @@
|
||||||
ARG ADDITIONAL_PACKAGES="tree"
|
|
||||||
|
|
||||||
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-base
|
|
|
@ -1,11 +0,0 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
|
|
||||||
resources:
|
|
||||||
- https://raw.githubusercontent.com/ory/k8s/v0.30.0/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml
|
|
||||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop
|
|
||||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop
|
|
||||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop
|
|
||||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/metallb?ref=develop
|
|
||||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/metrics?ref=develop
|
|
||||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/nginx?ref=develop
|
|
|
@ -1,7 +0,0 @@
|
||||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
||||||
kind: Kustomization
|
|
||||||
namespace: metallb-system
|
|
||||||
|
|
||||||
resources:
|
|
||||||
- ./resources/ipaddresspoool.yaml
|
|
||||||
- ./resources/advertise.yaml
|
|
|
@ -1,9 +0,0 @@
|
||||||
apiVersion: metallb.io/v1beta1
|
|
||||||
kind: L2Advertisement
|
|
||||||
metadata:
|
|
||||||
name: l2-ip-pool-ad
|
|
||||||
namespace: metallb-system
|
|
||||||
spec:
|
|
||||||
ipAddressPools:
|
|
||||||
- main-pool
|
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
apiVersion: metallb.io/v1beta1
|
|
||||||
kind: IPAddressPool
|
|
||||||
metadata:
|
|
||||||
name: main-pool
|
|
||||||
namespace: metallb-system
|
|
||||||
spec:
|
|
||||||
addresses:
|
|
||||||
- 172.18.10.100-172.18.10.200
|
|
|
@ -1,48 +0,0 @@
|
||||||
kind: Cluster
|
|
||||||
apiVersion: kind.x-k8s.io/v1alpha4
|
|
||||||
name: mse-dev
|
|
||||||
networking:
|
|
||||||
podSubnet: "10.110.0.0/16"
|
|
||||||
serviceSubnet: "10.115.0.0/16"
|
|
||||||
nodes:
|
|
||||||
- role: control-plane
|
|
||||||
image: kindest/node:v1.27.2
|
|
||||||
kubeadmConfigPatches:
|
|
||||||
- |
|
|
||||||
kind: InitConfiguration
|
|
||||||
nodeRegistration:
|
|
||||||
kubeletExtraArgs:
|
|
||||||
node-labels: "ingress-ready=true"
|
|
||||||
extraPortMappings:
|
|
||||||
- containerPort: 31000
|
|
||||||
hostPort: 31000
|
|
||||||
listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
|
|
||||||
- containerPort: 80
|
|
||||||
hostPort: 8080
|
|
||||||
listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
|
|
||||||
labels:
|
|
||||||
ingress-ready: true
|
|
||||||
- role: worker
|
|
||||||
image: kindest/node:v1.27.2
|
|
||||||
kubeadmConfigPatches:
|
|
||||||
- |
|
|
||||||
kind: JoinConfiguration
|
|
||||||
nodeRegistration:
|
|
||||||
kubeletExtraArgs:
|
|
||||||
system-reserved: memory=2Gi
|
|
||||||
- role: worker
|
|
||||||
image: kindest/node:v1.27.2
|
|
||||||
kubeadmConfigPatches:
|
|
||||||
- |
|
|
||||||
kind: JoinConfiguration
|
|
||||||
nodeRegistration:
|
|
||||||
kubeletExtraArgs:
|
|
||||||
system-reserved: memory=2Gi
|
|
||||||
- role: worker
|
|
||||||
image: kindest/node:v1.27.2
|
|
||||||
kubeadmConfigPatches:
|
|
||||||
- |
|
|
||||||
kind: JoinConfiguration
|
|
||||||
nodeRegistration:
|
|
||||||
kubeletExtraArgs:
|
|
||||||
system-reserved: memory=2Gi
|
|
|
@ -1,46 +0,0 @@
|
||||||
apiVersion: skaffold/v3
|
|
||||||
kind: Config
|
|
||||||
|
|
||||||
metadata:
|
|
||||||
name: mse
|
|
||||||
|
|
||||||
manifests:
|
|
||||||
kustomize:
|
|
||||||
paths:
|
|
||||||
- misc/k8s/kustomization/base
|
|
||||||
|
|
||||||
profiles:
|
|
||||||
- name: dev
|
|
||||||
manifests:
|
|
||||||
kustomize:
|
|
||||||
paths:
|
|
||||||
- misc/k8s/kustomization/overlays/dev
|
|
||||||
activation:
|
|
||||||
- command: dev
|
|
||||||
|
|
||||||
build:
|
|
||||||
cluster:
|
|
||||||
dockerConfig:
|
|
||||||
path: misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson
|
|
||||||
randomDockerConfigSecret: true
|
|
||||||
randomPullSecret: true
|
|
||||||
|
|
||||||
tagPolicy:
|
|
||||||
sha256: {}
|
|
||||||
|
|
||||||
artifacts:
|
|
||||||
- image: reg.cadoles.com/cadoles/app-kube
|
|
||||||
context: .
|
|
||||||
sync:
|
|
||||||
infer:
|
|
||||||
- src/**
|
|
||||||
- app/**
|
|
||||||
- translations/**
|
|
||||||
- scripts/**
|
|
||||||
- templates/**
|
|
||||||
kaniko:
|
|
||||||
dockerfile: misc/images/app-kube/Dockerfile
|
|
||||||
cache: {}
|
|
||||||
|
|
||||||
deploy:
|
|
||||||
statusCheckDeadlineSeconds: 600
|
|
Loading…
Reference in New Issue