Compare commits

..

No commits in common. "445f16e7eef92aeb780aa09ad6f9e80f22d88520" and "124018c2d0e1a6b9bc34fd633454baa8da5869c8" have entirely different histories.

10 changed files with 1 additions and 270 deletions

View File

@ -1,10 +0,0 @@
################################
# Makefile for Cadoles SP
################################
IMAGE_REPO := reg.cadoles.com/cadoles
IMAGE_VERSION ?= 0.0.1
DAY_SUFFIX_TAG ?= $(shell date +%Y%m%d)
include main.mk

View File

@ -1,55 +1,5 @@
Symfony Skeletor Symfony Skeletor
# Create a dev cluster with "kind"
1. Start your Kubernetes cluster
```shell
export ENGINE="kind"
```
Setup your "harbor" user:
```
export HARBOR_USER_NAME="<pnom>"
```
Create the cluster
```shell
${ENGINE} create cluster --config misc/k8s/${ENGINE}/${ENGINE}-cluster.yaml
```
2. Check your cluster status
```shell
kubectl get nodes
```
All the nodes are "Ready"
```
NAME STATUS ROLES AGE VERSION
dev-control-plane Ready control-plane 5d5h v1.27.2
dev-worker Ready <none> 5d5h v1.27.2
dev-worker2 Ready <none> 5d5h v1.27.2
dev-worker3 Ready <none> 5d5h v1.27.2
```
3. Déployer les opérateurs dans votre cluster
```shell
kubectl apply -k misc/k8s/${ENGINE}/cluster --server-side
```
4. Récupèrer la plage IP de votre "cluster"
Si vous utilisez [kind](https://kind.sigs.k8s.io) :
```shell
docker network inspect kind | jq '.[0].IPAM.Config[0].Subnet' -r
```
En toute logique vous devriez obtenir un résultat du type `172.XX.0.0/16`.
Gardez cette information pour plus tard.
``` ```
your-project/ your-project/
├── assets/ ├── assets/
@ -70,4 +20,4 @@ your-project/
├── translations/ ├── translations/
├── var/ ├── var/
└── vendor/ └── vendor/
``` ```

77
main.mk
View File

@ -1,77 +0,0 @@
IMAGES_DIR := ./misc/images
#
# $1: IMAGE_NAME
#
define build_image
echo "Building ${IMAGE_REPO}/$1";\
docker build \
-t "${IMAGE_REPO}/$1:$(IMAGE_VERSION)" \
-f ${IMAGES_DIR}/$1/Dockerfile \
.
endef
#
# $1: IMAGE_NAME
# $2: IMAGE_TAG
#
define scan_image
echo "Scanning ${IMAGE_REPO}/$1"; \
mkdir -p .trivy/$(IMAGE_REPO)/$1; \
tools/trivy/bin/trivy --cache-dir .trivy/.cache image -o ".trivy/$(IMAGE_REPO)/$1/$2/report.txt" $(TRIVY_ARGS) $(IMAGE_REPO)/$1:$2 ; \
cat ".trivy/$(IMAGE_REPO)/$1/$2report.txt"
endef
define install_trivy
mkdir -p tools/trivy/bin ; \
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1
endef
define release_image
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) ; \
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION); \
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:latest ; \
docker push $(IMAGE_REPO)/$1:latest ; \
docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION) ; \
docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
endef
#list:
build: ${IMAGES_DIR}/*
@for name in $(basename $(notdir $^)); do \
$(call build_image,$${name}); \
done;\
scan: ${IMAGES_DIR}/*
$(call install_trivy)
@for name in $(basename $(notdir $^)); do \
$(call scan_image,$${name}); \
done;\
tools/trivy/bin/trivy:
mkdir -p tools/trivy/bin
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1
release: ${IMAGES_DIR}/*
@for name in $(basename $(notdir $^)); do \
$(call release_image,$${name},base); \
done;\
_release:
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest
_test: tools/bin/bash_unit
tools/bin/bash_unit ./tests/test_$(IMAGE_TAG).sh
tools/bin/bash_unit:
mkdir -p tools/bin
cd tools/bin && bash <(curl -s https://raw.githubusercontent.com/pgrange/bash_unit/master/install.sh)
##include recipes/*.mk

View File

@ -1,3 +0,0 @@
ARG ADDITIONAL_PACKAGES="tree"
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-base

View File

@ -1,11 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- https://raw.githubusercontent.com/ory/k8s/v0.30.0/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml
- https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop
- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop
- https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop
- https://forge.cadoles.com/CadolesKube/c-kustom//base/metallb?ref=develop
- https://forge.cadoles.com/CadolesKube/c-kustom//base/metrics?ref=develop
- https://forge.cadoles.com/CadolesKube/c-kustom//base/nginx?ref=develop

View File

@ -1,7 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: metallb-system
resources:
- ./resources/ipaddresspoool.yaml
- ./resources/advertise.yaml

View File

@ -1,9 +0,0 @@
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: l2-ip-pool-ad
namespace: metallb-system
spec:
ipAddressPools:
- main-pool

View File

@ -1,8 +0,0 @@
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: main-pool
namespace: metallb-system
spec:
addresses:
- 172.18.10.100-172.18.10.200

View File

@ -1,48 +0,0 @@
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
name: mse-dev
networking:
podSubnet: "10.110.0.0/16"
serviceSubnet: "10.115.0.0/16"
nodes:
- role: control-plane
image: kindest/node:v1.27.2
kubeadmConfigPatches:
- |
kind: InitConfiguration
nodeRegistration:
kubeletExtraArgs:
node-labels: "ingress-ready=true"
extraPortMappings:
- containerPort: 31000
hostPort: 31000
listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
- containerPort: 80
hostPort: 8080
listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
labels:
ingress-ready: true
- role: worker
image: kindest/node:v1.27.2
kubeadmConfigPatches:
- |
kind: JoinConfiguration
nodeRegistration:
kubeletExtraArgs:
system-reserved: memory=2Gi
- role: worker
image: kindest/node:v1.27.2
kubeadmConfigPatches:
- |
kind: JoinConfiguration
nodeRegistration:
kubeletExtraArgs:
system-reserved: memory=2Gi
- role: worker
image: kindest/node:v1.27.2
kubeadmConfigPatches:
- |
kind: JoinConfiguration
nodeRegistration:
kubeletExtraArgs:
system-reserved: memory=2Gi

View File

@ -1,46 +0,0 @@
apiVersion: skaffold/v3
kind: Config
metadata:
name: mse
manifests:
kustomize:
paths:
- misc/k8s/kustomization/base
profiles:
- name: dev
manifests:
kustomize:
paths:
- misc/k8s/kustomization/overlays/dev
activation:
- command: dev
build:
cluster:
dockerConfig:
path: misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson
randomDockerConfigSecret: true
randomPullSecret: true
tagPolicy:
sha256: {}
artifacts:
- image: reg.cadoles.com/cadoles/app-kube
context: .
sync:
infer:
- src/**
- app/**
- translations/**
- scripts/**
- templates/**
kaniko:
dockerfile: misc/images/app-kube/Dockerfile
cache: {}
deploy:
statusCheckDeadlineSeconds: 600