feat(apps): remove Penpot deployment and associated configurations
这个提交包含在:
rohow
-3
@@ -12,6 +12,3 @@ GITEA_ACTIONS_TOKEN=placeholder
|
|||||||
# Flux Operator Web OIDC 凭据(Gitea 启动后创建 OAuth2 应用获取,Redirect URI: https://cd.dev.cm/oauth2/callback)
|
# Flux Operator Web OIDC 凭据(Gitea 启动后创建 OAuth2 应用获取,Redirect URI: https://cd.dev.cm/oauth2/callback)
|
||||||
FLUX_WEB_OIDC_CLIENT_ID=placeholder
|
FLUX_WEB_OIDC_CLIENT_ID=placeholder
|
||||||
FLUX_WEB_OIDC_CLIENT_SECRET=placeholder
|
FLUX_WEB_OIDC_CLIENT_SECRET=placeholder
|
||||||
|
|
||||||
# Penpot 凭据
|
|
||||||
PENPOT_API_SECRET_KEY=placeholder
|
|
||||||
|
|||||||
+1
-2
@@ -18,7 +18,7 @@ flux/
|
|||||||
│ ├── kustomization.yaml # 引入 base,并追加 apps / app 依赖层
|
│ ├── kustomization.yaml # 引入 base,并追加 apps / app 依赖层
|
||||||
│ ├── apps-sources.yaml # app HelmRepository 源
|
│ ├── apps-sources.yaml # app HelmRepository 源
|
||||||
│ ├── apps-secrets.yaml # apps namespace 与 app 专属 Secret
|
│ ├── apps-secrets.yaml # apps namespace 与 app 专属 Secret
|
||||||
│ ├── apps.yaml # Halo / RustDesk / Penpot / Fillcode / SinceAI
|
│ ├── apps.yaml # Halo / RustDesk / Fillcode / SinceAI
|
||||||
│ └── apps-post.yaml # CDN Ingress(依赖 apps)
|
│ └── apps-post.yaml # CDN Ingress(依赖 apps)
|
||||||
├── infrastructure/
|
├── infrastructure/
|
||||||
│ ├── sources/ # 所有 HelmRepository 定义
|
│ ├── sources/ # 所有 HelmRepository 定义
|
||||||
@@ -39,7 +39,6 @@ flux/
|
|||||||
├── post/ # CDN Ingress(依赖 apps,且引用部分 infra 服务)
|
├── post/ # CDN Ingress(依赖 apps,且引用部分 infra 服务)
|
||||||
├── helmrelease-halo.yaml # Halo
|
├── helmrelease-halo.yaml # Halo
|
||||||
├── helmrelease-rustdesk.yaml # RustDesk
|
├── helmrelease-rustdesk.yaml # RustDesk
|
||||||
├── helmrelease-penpot.yaml # Penpot
|
|
||||||
└── ... # app 证书与 Ingress
|
└── ... # app 证书与 Ingress
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|||||||
@@ -1,74 +0,0 @@
|
|||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
||||||
kind: HelmRelease
|
|
||||||
metadata:
|
|
||||||
name: penpot
|
|
||||||
namespace: apps
|
|
||||||
spec:
|
|
||||||
interval: 30m
|
|
||||||
timeout: 15m
|
|
||||||
chart:
|
|
||||||
spec:
|
|
||||||
chart: penpot
|
|
||||||
version: 0.43.0
|
|
||||||
sourceRef:
|
|
||||||
kind: HelmRepository
|
|
||||||
name: penpot
|
|
||||||
namespace: infra-gitops
|
|
||||||
interval: 12h
|
|
||||||
postRenderers:
|
|
||||||
- kustomize:
|
|
||||||
patches:
|
|
||||||
- target:
|
|
||||||
kind: Deployment
|
|
||||||
name: penpot-backend
|
|
||||||
patch: |
|
|
||||||
- op: add
|
|
||||||
path: /spec/template/spec/containers/0/env/8
|
|
||||||
value:
|
|
||||||
name: REDIS_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: valkey-cluster-sh
|
|
||||||
key: valkey-password
|
|
||||||
- target:
|
|
||||||
kind: Deployment
|
|
||||||
name: penpot-exporter
|
|
||||||
patch: |
|
|
||||||
- op: add
|
|
||||||
path: /spec/template/spec/containers/0/env/2
|
|
||||||
value:
|
|
||||||
name: REDIS_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: valkey-cluster-sh
|
|
||||||
key: valkey-password
|
|
||||||
values:
|
|
||||||
global:
|
|
||||||
postgresqlEnabled: false
|
|
||||||
valkeyEnabled: false
|
|
||||||
redisEnabled: false
|
|
||||||
config:
|
|
||||||
publicUri: https://penpot.dev.cm
|
|
||||||
existingSecret: penpot
|
|
||||||
secretKeys:
|
|
||||||
apiSecretKey: api-secret-key
|
|
||||||
postgresql:
|
|
||||||
host: cnpg17-cluster-sh-rw.infra-data
|
|
||||||
port: 5432
|
|
||||||
database: penpot
|
|
||||||
existingSecret: cnpg17-cluster-sh-app
|
|
||||||
secretKeys:
|
|
||||||
usernameKey: username
|
|
||||||
passwordKey: password
|
|
||||||
redis:
|
|
||||||
host: :$(REDIS_PASSWORD)@valkey-cluster-sh-headless.infra-data
|
|
||||||
port: 6379
|
|
||||||
database: 0
|
|
||||||
backend:
|
|
||||||
podAnnotations:
|
|
||||||
backup.velero.io/backup-volumes: app-data
|
|
||||||
ingress:
|
|
||||||
enabled: true
|
|
||||||
className: nginx
|
|
||||||
hosts:
|
|
||||||
- penpot.dev.cm
|
|
||||||
@@ -10,4 +10,3 @@ resources:
|
|||||||
- ingress-sinceai-shop.yaml
|
- ingress-sinceai-shop.yaml
|
||||||
- helmrelease-whoami.yaml
|
- helmrelease-whoami.yaml
|
||||||
- helmrelease-rustdesk.yaml
|
- helmrelease-rustdesk.yaml
|
||||||
- helmrelease-penpot.yaml
|
|
||||||
|
|||||||
@@ -2,4 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
|||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
resources:
|
resources:
|
||||||
- namespaces.yaml
|
- namespaces.yaml
|
||||||
- penpot.yaml
|
|
||||||
|
|||||||
@@ -1,10 +0,0 @@
|
|||||||
# Penpot runtime secrets
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: penpot
|
|
||||||
namespace: apps
|
|
||||||
type: Opaque
|
|
||||||
stringData:
|
|
||||||
api-secret-key: |-
|
|
||||||
${PENPOT_API_SECRET_KEY}
|
|
||||||
@@ -19,14 +19,3 @@ spec:
|
|||||||
interval: 168h
|
interval: 168h
|
||||||
timeout: 5m
|
timeout: 5m
|
||||||
url: https://halo-sigs.github.io/charts/
|
url: https://halo-sigs.github.io/charts/
|
||||||
---
|
|
||||||
# penpot
|
|
||||||
apiVersion: source.toolkit.fluxcd.io/v1
|
|
||||||
kind: HelmRepository
|
|
||||||
metadata:
|
|
||||||
name: penpot
|
|
||||||
namespace: infra-gitops
|
|
||||||
spec:
|
|
||||||
interval: 168h
|
|
||||||
timeout: 5m
|
|
||||||
url: https://helm.penpot.app
|
|
||||||
|
|||||||
@@ -54,57 +54,3 @@ spec:
|
|||||||
values:
|
values:
|
||||||
nodeSelector:
|
nodeSelector:
|
||||||
kubernetes.io/hostname: tcd
|
kubernetes.io/hostname: tcd
|
||||||
- target:
|
|
||||||
kind: HelmRelease
|
|
||||||
name: penpot
|
|
||||||
patch: |
|
|
||||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
||||||
kind: HelmRelease
|
|
||||||
metadata:
|
|
||||||
name: penpot
|
|
||||||
spec:
|
|
||||||
values:
|
|
||||||
backend:
|
|
||||||
affinity:
|
|
||||||
nodeAffinity:
|
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
|
||||||
- weight: 1
|
|
||||||
preference:
|
|
||||||
matchExpressions:
|
|
||||||
- key: kubernetes.io/hostname
|
|
||||||
operator: In
|
|
||||||
values:
|
|
||||||
- homea
|
|
||||||
frontend:
|
|
||||||
affinity:
|
|
||||||
nodeAffinity:
|
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
|
||||||
- weight: 1
|
|
||||||
preference:
|
|
||||||
matchExpressions:
|
|
||||||
- key: kubernetes.io/hostname
|
|
||||||
operator: In
|
|
||||||
values:
|
|
||||||
- homea
|
|
||||||
exporter:
|
|
||||||
affinity:
|
|
||||||
nodeAffinity:
|
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
|
||||||
- weight: 1
|
|
||||||
preference:
|
|
||||||
matchExpressions:
|
|
||||||
- key: kubernetes.io/hostname
|
|
||||||
operator: In
|
|
||||||
values:
|
|
||||||
- homea
|
|
||||||
mcp:
|
|
||||||
affinity:
|
|
||||||
nodeAffinity:
|
|
||||||
preferredDuringSchedulingIgnoredDuringExecution:
|
|
||||||
- weight: 1
|
|
||||||
preference:
|
|
||||||
matchExpressions:
|
|
||||||
- key: kubernetes.io/hostname
|
|
||||||
operator: In
|
|
||||||
values:
|
|
||||||
- homea
|
|
||||||
|
|||||||
@@ -11,17 +11,6 @@ spec:
|
|||||||
---
|
---
|
||||||
apiVersion: postgresql.cnpg.io/v1
|
apiVersion: postgresql.cnpg.io/v1
|
||||||
kind: Database
|
kind: Database
|
||||||
metadata:
|
|
||||||
name: cnpg17-cluster-sh-penpot
|
|
||||||
namespace: infra-data
|
|
||||||
spec:
|
|
||||||
name: penpot
|
|
||||||
owner: app
|
|
||||||
cluster:
|
|
||||||
name: cnpg17-cluster-sh
|
|
||||||
---
|
|
||||||
apiVersion: postgresql.cnpg.io/v1
|
|
||||||
kind: Database
|
|
||||||
metadata:
|
metadata:
|
||||||
name: cnpg17-cluster-sh-grafana
|
name: cnpg17-cluster-sh-grafana
|
||||||
namespace: infra-data
|
namespace: infra-data
|
||||||
|
|||||||
在新议题中引用
屏蔽一个用户