feat(gitea): add runner helm
这个提交包含在:
rohow
@@ -22,7 +22,7 @@ spec:
|
||||
namespaceSelector: {}
|
||||
image:
|
||||
repository: halohub/halo-pro
|
||||
tag: 2.22.9
|
||||
tag: 2.22.10
|
||||
service:
|
||||
type: ClusterIP
|
||||
ingress:
|
||||
|
||||
@@ -16,7 +16,7 @@ data:
|
||||
<h1 class="ui icon header title">
|
||||
{{AppName}}
|
||||
</h1>
|
||||
<h2><a href="https://git.dev.cm">dev.cm</a> - Git 仓库</h2>
|
||||
<h2><a href="https://dev.cm">dev.cm</a> - Git {{ctx.Locale.Tr "repository"}}</h2>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@@ -24,4 +24,8 @@ data:
|
||||
{{template "base/footer" .}}
|
||||
|
||||
extra_links.tmpl: |-
|
||||
<a class="item" href="https://ci.dev.cm" target="_blank">CI</a>
|
||||
<a class="item" href="https://dev.cm" target="_blank">{{if eq ctx.Locale.Lang "zh-CN"}}博客{{else}}Blog{{end}}</a>
|
||||
<a class="item extra-links-end" href="https://fillcode.com" target="_blank">Fillcode</a>
|
||||
<style>
|
||||
.extra-links-end ~ a { display:none !important; }
|
||||
</style>
|
||||
@@ -0,0 +1,24 @@
|
||||
apiVersion: helm.cattle.io/v1
|
||||
kind: HelmChart
|
||||
metadata:
|
||||
name: gitea-actions
|
||||
namespace: infra-devops
|
||||
spec:
|
||||
repo: https://dl.gitea.com/charts
|
||||
chart: actions
|
||||
targetNamespace: infra-devops
|
||||
version: 0.0.2
|
||||
valuesContent: |-
|
||||
enabled: true
|
||||
statefulset:
|
||||
affinity:
|
||||
nodeSelector:
|
||||
dev-cm-runner/enabled: "true"
|
||||
giteaRootURL: http://gitea-http.infra-devops.svc.cluster.local:3000
|
||||
existingSecret: gitea-runner
|
||||
existingSecretKey: token
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -80,6 +80,8 @@ spec:
|
||||
CONN_STR: redis://:ribiPwYQNU6GWxCYR0Nj@redis-cluster-sh-master.infra-data:6379/0
|
||||
repository:
|
||||
DEFAULT_REPO_UNITS: repo.code,repo.releases,repo.issues,repo.pulls
|
||||
actions:
|
||||
ENABLED: true
|
||||
service:
|
||||
DISABLE_REGISTRATION: true
|
||||
NO_REPLY_ADDRESS: noreply.dev.cm
|
||||
@@ -90,6 +92,7 @@ spec:
|
||||
NAMES: 简体中文,English
|
||||
other:
|
||||
SHOW_FOOTER_VERSION: false
|
||||
SHOW_FOOTER_POWERED_BY: false
|
||||
log:
|
||||
LEVEL: Info
|
||||
valkey-cluster:
|
||||
|
||||
@@ -7,7 +7,7 @@ spec:
|
||||
repo: https://emberstack.github.io/helm-charts
|
||||
chart: reflector
|
||||
targetNamespace: infra-devops
|
||||
version: 9.1.38
|
||||
version: 9.1.45
|
||||
valuesContent: |-
|
||||
affinity:
|
||||
nodeAffinity:
|
||||
|
||||
@@ -7,7 +7,7 @@ spec:
|
||||
repo: https://vmware-tanzu.github.io/helm-charts
|
||||
chart: velero
|
||||
targetNamespace: infra-devops
|
||||
version: 11.1.1
|
||||
version: 11.3.2
|
||||
valuesContent: |-
|
||||
affinity:
|
||||
nodeAffinity:
|
||||
|
||||
@@ -7,7 +7,7 @@ spec:
|
||||
repo: https://grafana.github.io/helm-charts
|
||||
chart: loki
|
||||
targetNamespace: infra-monitor
|
||||
version: 6.46.0
|
||||
version: 6.49.0
|
||||
valuesContent: |-
|
||||
deploymentMode: SingleBinary
|
||||
gateway:
|
||||
|
||||
@@ -18,11 +18,11 @@ spec:
|
||||
tenant_id: 1
|
||||
snippets:
|
||||
extraRelabelConfigs:
|
||||
# 匹配log_collecting_enabled标签 只有为true时才收集日志
|
||||
- source_labels: [__meta_kubernetes_pod_label_log_collecting_enabled]
|
||||
# 匹配 devcm-log-collecting/enabled 标签 只有为true时才收集日志
|
||||
- source_labels: [__meta_kubernetes_pod_label_devcm_log_collecting_enabled]
|
||||
action: keep
|
||||
regex: true
|
||||
# 匹配log_collecting_only_errors标签并只保留stderr流
|
||||
- source_labels: [__meta_kubernetes_pod_label_log_collecting_only_errors]
|
||||
# 匹配 devcm-log-collecting/only-errors标签并只保留stderr流
|
||||
- source_labels: [__meta_kubernetes_pod_label_devcm_log_collecting_only_errors]
|
||||
action: drop
|
||||
regex: stdout
|
||||
|
||||
@@ -7,7 +7,7 @@ spec:
|
||||
repo: https://prometheus-community.github.io/helm-charts
|
||||
chart: kube-prometheus-stack
|
||||
targetNamespace: infra-monitor
|
||||
version: 79.5.0
|
||||
version: 81.0.0
|
||||
valuesContent: |-
|
||||
kubeControllerManager:
|
||||
enabled: false
|
||||
|
||||
@@ -7,11 +7,11 @@ spec:
|
||||
repo: https://crowdsecurity.github.io/helm-charts
|
||||
chart: crowdsec
|
||||
targetNamespace: infra-net
|
||||
version: 0.20.1
|
||||
version: 0.21.1
|
||||
valuesContent: |-
|
||||
container_runtime: containerd
|
||||
image:
|
||||
tag: v1.7.3
|
||||
tag: v1.7.4
|
||||
agent:
|
||||
affinity:
|
||||
podAffinity:
|
||||
|
||||
@@ -6,11 +6,16 @@ metadata:
|
||||
spec:
|
||||
repo: https://kubernetes.github.io/ingress-nginx
|
||||
chart: ingress-nginx
|
||||
version: 4.11.8
|
||||
version: 4.13.2
|
||||
targetNamespace: infra-net
|
||||
valuesContent: |-
|
||||
fullnameOverride: ingress-nginx
|
||||
controller:
|
||||
image:
|
||||
registry: docker.io
|
||||
image: crowdsecurity/controller
|
||||
tag: v1.13.2
|
||||
digest: sha256:4575be24781cad35f8e58437db6a3f492df2a3167fed2b6759a6ff0dc3488d56
|
||||
nodeSelector:
|
||||
svccontroller.k3s.cattle.io/enablelb: "true"
|
||||
tolerations:
|
||||
@@ -18,7 +23,7 @@ spec:
|
||||
operator: "Exists"
|
||||
effect: "NoSchedule"
|
||||
labels:
|
||||
log-collecting/enabled: "true"
|
||||
devcm-log-collecting/enabled: "true"
|
||||
kind: DaemonSet
|
||||
hostNetwork: true
|
||||
hostPort:
|
||||
@@ -33,6 +38,8 @@ spec:
|
||||
enabled: false
|
||||
publishService:
|
||||
enabled: false
|
||||
# 禁用默认的注解验证以防止冲突
|
||||
enableAnnotationValidations: false
|
||||
config:
|
||||
use-forwarded-headers: "true"
|
||||
allow-snippet-annotations: "true"
|
||||
@@ -121,13 +128,13 @@ spec:
|
||||
plugins: "crowdsec"
|
||||
lua-shared-dicts: "crowdsec_cache: 50m"
|
||||
# 启用geoip2模块
|
||||
maxmindLicenseKey: "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"
|
||||
maxmindLicenseKey: "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"
|
||||
extraArgs:
|
||||
default-ssl-certificate: "infra-net/dev-cm-crt"
|
||||
# crowdsec插件配置
|
||||
extraInitContainers:
|
||||
- name: init-clone-crowdsec-bouncer
|
||||
image: crowdsecurity/lua-bouncer-plugin:v1.0.5
|
||||
image: crowdsecurity/lua-bouncer-plugin:v1.1.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: SHELL
|
||||
|
||||
在新议题中引用
屏蔽一个用户