zipline
This commit is contained in:
@@ -4,6 +4,7 @@ resources:
|
||||
- ../../base
|
||||
- vaultwarden-postgresql
|
||||
- vaultwarden
|
||||
- minio
|
||||
|
||||
# No patches needed — base already has "upc-dev" paths
|
||||
# upc-dev is the default/base cluster
|
||||
|
||||
35
infra/overlays/upc-dev/minio/keycloak-client-config.yaml
Normal file
35
infra/overlays/upc-dev/minio/keycloak-client-config.yaml
Normal file
@@ -0,0 +1,35 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: keycloak-client-minio
|
||||
namespace: minio
|
||||
labels:
|
||||
keycloak.forteapps.net/client-config: "true"
|
||||
stringData:
|
||||
client.json: |
|
||||
{
|
||||
"clientId": "minio",
|
||||
"name": "MinIO",
|
||||
"redirectUris": ["https://minio.forteapps.net/oauth_callback"],
|
||||
"webOrigins": ["https://minio.forteapps.net"],
|
||||
"protocolMappers": [
|
||||
{
|
||||
"name": "minio-policy-mapper",
|
||||
"protocol": "openid-connect",
|
||||
"protocolMapper": "oidc-usermodel-attribute-mapper",
|
||||
"config": {
|
||||
"user.attribute": "policy",
|
||||
"claim.name": "policy",
|
||||
"jsonType.label": "String",
|
||||
"id.token.claim": "true",
|
||||
"access.token.claim": "true",
|
||||
"userinfo.token.claim": "true"
|
||||
}
|
||||
}
|
||||
],
|
||||
"secret": {
|
||||
"namespace": "minio",
|
||||
"name": "minio-oidc-credentials",
|
||||
"keys": { "clientId": "client-id", "clientSecret": "client-secret" }
|
||||
}
|
||||
}
|
||||
6
infra/overlays/upc-dev/minio/kustomization.yaml
Normal file
6
infra/overlays/upc-dev/minio/kustomization.yaml
Normal file
@@ -0,0 +1,6 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- minio.yaml
|
||||
- minio-credentials-sealed.yaml
|
||||
- keycloak-client-config.yaml
|
||||
@@ -0,0 +1,9 @@
|
||||
apiVersion: v1
|
||||
data:
|
||||
rootPassword: NTUwYTU2YmRjZjYyY2RlYmE1ZTYwZDAwZjNhYzcxOGM1MGY0NjExNmZkMzdjZWI0MGY4Yzc3NDA1NTM5YWM4Mg==
|
||||
rootUser: Zm9ydGVtaW5pbw==
|
||||
kind: Secret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: minio-credentials
|
||||
namespace: minio
|
||||
43
infra/overlays/upc-dev/minio/minio.yaml
Normal file
43
infra/overlays/upc-dev/minio/minio.yaml
Normal file
@@ -0,0 +1,43 @@
|
||||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: minio
|
||||
namespace: argocd
|
||||
annotations:
|
||||
argocd.argoproj.io/sync-wave: "1"
|
||||
labels:
|
||||
app.kubernetes.io/name: minio
|
||||
app.kubernetes.io/part-of: storage
|
||||
app.kubernetes.io/managed-by: argocd
|
||||
finalizers:
|
||||
- resources-finalizer.argocd.argoproj.io
|
||||
spec:
|
||||
project: default
|
||||
|
||||
sources:
|
||||
- repoURL: https://charts.min.io/
|
||||
chart: minio
|
||||
targetRevision: "5.4.0"
|
||||
helm:
|
||||
releaseName: minio
|
||||
valueFiles:
|
||||
- $values/infra/values/base/minio-values.yaml
|
||||
- $values/infra/values/upc-dev/minio-values.yaml
|
||||
|
||||
- repoURL: ssh://git@git.forteapps.net:2222/Forte/launchpad.git
|
||||
targetRevision: HEAD
|
||||
ref: values
|
||||
|
||||
destination:
|
||||
server: https://kubernetes.default.svc
|
||||
namespace: minio
|
||||
|
||||
syncPolicy:
|
||||
automated:
|
||||
prune: true
|
||||
selfHeal: true
|
||||
allowEmpty: false
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
||||
- Validate=true
|
||||
- ServerSideApply=true
|
||||
Reference in New Issue
Block a user