146 lines
3.6 KiB
YAML
146 lines
3.6 KiB
YAML
---
|
|
apiVersion: codemowers.io/v1alpha1
|
|
kind: OIDCGWClient
|
|
metadata:
|
|
name: woodpecker
|
|
spec:
|
|
displayName: Woodpecker CI
|
|
uri: https://woodpecker.k-space.ee/
|
|
redirectUris: []
|
|
allowedGroups:
|
|
- k-space:floor
|
|
grantTypes: []
|
|
responseTypes: []
|
|
availableScopes: []
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: woodpecker
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- port: 80
|
|
targetPort: http
|
|
protocol: TCP
|
|
name: http
|
|
selector:
|
|
app: woodpecker
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: woodpecker-grpc
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- port: 9000
|
|
targetPort: grpc
|
|
protocol: TCP
|
|
name: grpc
|
|
selector:
|
|
app: woodpecker
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: woodpecker
|
|
spec:
|
|
serviceName: woodpecker
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: woodpecker
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: woodpecker
|
|
spec:
|
|
automountServiceAccountToken: false
|
|
securityContext:
|
|
{}
|
|
containers:
|
|
- name: server
|
|
image: woodpeckerci/woodpecker-server:next@sha256:b9017d9b95952a3871a7ac6f71affc87f2dfa17a7cc0931bf09bd04f5182c047
|
|
ports:
|
|
- name: http
|
|
containerPort: 8000
|
|
- name: grpc
|
|
containerPort: 9000
|
|
env:
|
|
- name: WOODPECKER_ADMIN
|
|
value: laurivosandi
|
|
- name: WOODPECKER_OPEN
|
|
value: "true"
|
|
- name: WOODPECKER_HOST
|
|
value: "https://woodpecker.k-space.ee"
|
|
- name: WOODPECKER_GITEA
|
|
value: "true"
|
|
- name: WOODPECKER_GITEA_URL
|
|
value: "https://git.k-space.ee/"
|
|
- name: WOODPECKER_GITEA_CLIENT
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: woodpecker-secret
|
|
key: WOODPECKER_GITEA_CLIENT
|
|
- name: WOODPECKER_GITEA_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: woodpecker-secret
|
|
key: WOODPECKER_GITEA_SECRET
|
|
- name: WOODPECKER_GITHUB # https://woodpecker-ci.org/docs/administration/forges/github
|
|
value: "true"
|
|
- name: WOODPECKER_GITHUB_CLIENT
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: woodpecker-secret-github
|
|
key: WOODPECKER_GITHUB_CLIENT
|
|
- name: WOODPECKER_GITHUB_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: woodpecker-secret-github
|
|
key: WOODPECKER_GITHUB_SECRET
|
|
- name: "WOODPECKER_AGENT_SECRET"
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: woodpecker-secret
|
|
key: WOODPECKER_AGENT_SECRET
|
|
volumeMounts:
|
|
- name: woodpecker-data
|
|
mountPath: /var/lib/woodpecker
|
|
volumeClaimTemplates:
|
|
- metadata:
|
|
name: woodpecker-data
|
|
spec:
|
|
storageClassName: longhorn
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: 8Gi
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: woodpecker
|
|
annotations:
|
|
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
|
|
kubernetes.io/ingress.class: traefik
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- "*.k-space.ee"
|
|
rules:
|
|
- host: "woodpecker.k-space.ee"
|
|
http:
|
|
paths:
|
|
- pathType: Prefix
|
|
path: /
|
|
backend:
|
|
service:
|
|
name: woodpecker
|
|
port:
|
|
number: 80
|