refactor(gitops): normalize apps and services layout

2026-04-03 16:05:52 +08:00 · 2026-04-03 16:05:52 +08:00 · 76bbda3c3d
commit 76bbda3c3d
parent 1167c67cea
28 changed files with 3 additions and 300 deletions
--- a/apps/clusters/pre/stunnel-client-pre-kustomization.yaml
+++ b/apps/clusters/pre/stunnel-client-pre-kustomization.yaml
@ -11,6 +11,6 @@ spec:
  sourceRef:
    kind: GitRepository
    name: platform-config
-  path: ./apps/core/stunnel-client/pre
+  path: ./services/stunnel-client/pre
  dependsOn:
    - name: stunnel-server
--- a/apps/clusters/prod/observability-kustomization.yaml
+++ b/apps/clusters/prod/observability-kustomization.yaml
@ -11,4 +11,4 @@ spec:
  sourceRef:
    kind: GitRepository
    name: platform-config
-  path: ./apps/monitor/observability-stack
+  path: ./services/observability
--- a/apps/clusters/prod/stunnel-client-prod-kustomization.yaml
+++ b/apps/clusters/prod/stunnel-client-prod-kustomization.yaml
@ -11,6 +11,6 @@ spec:
  sourceRef:
    kind: GitRepository
    name: platform-config
-  path: ./apps/core/stunnel-client/prod
+  path: ./services/stunnel-client/prod
  dependsOn:
    - name: stunnel-server
--- a/apps/monitor/observability-agent/kustomization.yaml
+++ b/apps/monitor/observability-agent/kustomization.yaml
@ -1,4 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - release.yaml 
--- a/apps/monitor/observability-agent/release.yaml
+++ b/apps/monitor/observability-agent/release.yaml
@ -1,101 +0,0 @@
 apiVersion: source.toolkit.fluxcd.io/v1beta2
 kind: HelmRepository
 metadata:
  name: stable
  namespace: monitoring
 spec:
  interval: 10m
  url: https://charts.onwalk.net/
 ---
 apiVersion: helm.toolkit.fluxcd.io/v2beta1
 kind: HelmRelease
 metadata:
  name: observabilityagent
  namespace: monitoring
 spec:
  chart:
    spec:
      chart: observabilityagent
      version: "0.1.7"
      sourceRef:
        kind: HelmRepository
        name: stable
        namespace: monitoring
  interval: 1m
  values:
    fluent-bit:
      enabled: false
    telegraf:
      enabled: true
      config:
        agent:
          interval: "10s"
          round_interval: true
          metric_batch_size: 1000
          metric_buffer_limit: 10000
          collection_jitter: "0s"
          flush_interval: "10s"
          flush_jitter: "0s"
          precision: ""
          debug: false
          quiet: false
          logfile: ""
          hostname: "$HOSTNAME"
          omit_hostname: true
        processors:
          - enum:
              mapping:
                field: "status"
                dest: "status_code"
                value_mappings:
                  healthy: 1
                  problem: 2
                  critical: 3
        outputs:
          - influxdb:
              urls:
                - "https://influxdb.svc-dev.ink"
              database: "telegraf"
        inputs:
          - net:
              interfaces: *
          - statsd:
              service_address: ":8125"
              percentiles:
                - 50
                - 95
                - 99
              metric_separator: "_"
              allowed_pending_messages: 10000
              percentile_limit: 1000
    deepflow-agent:
      enabled: true
      deepflowServerNodeIPS:
        - 10.0.1.3
      deepflowK8sClusterID: d-rUJ4CUKMUt
    prometheus:
      enabled: true
      server:
        name: agent
        retention: "30m"
        extraFlags:
        - web.enable-lifecycle
        - enable-feature=expand-external-labels
        remoteWrite:
        - name: remote_prometheus
          url: 'https://prometheus.svc-dev.ink/api/v1/write'
        persistentVolume:
          enabled: false
      alertmanager:
        enabled: false
      prometheus-pushgateway:
        enabled: false
      kube-state-metrics:
        enabled: false
      prometheus-node-exporter:
        enabled: false
    promtail:
      enabled: true
      config:
        clients:
          - url: https://loki.svc-dev.ink/loki/api/v1/push
--- a/infra/infrastructure/kustomization.yaml
+++ b/infra/infrastructure/kustomization.yaml
@ -1,5 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - repositories.yaml
  - ../../services/database/postgresql
--- a/infra/infrastructure/repositories.yaml
+++ b/infra/infrastructure/repositories.yaml
@ -1,8 +0,0 @@
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
  name: bitnami
  namespace: flux-system
 spec:
  interval: 10m0s
  url: https://charts.bitnami.com/bitnami
--- a/repo/helm/kustomization.yaml
+++ b/repo/helm/kustomization.yaml
@ -1,4 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - stable.yaml
--- a/repo/helm/stable.yaml
+++ b/repo/helm/stable.yaml
@ -1,8 +0,0 @@
 apiVersion: source.toolkit.fluxcd.io/v1beta2
 kind: HelmRepository
 metadata:
  name: stable
  namespace: monitoring
 spec:
  interval: 1m
  url: https://charts.onwalk.net/
--- a/services/cache/redis/kustomization.yaml
+++ b/services/cache/redis/kustomization.yaml
@ -1,5 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: itsm-dev
 resources:
  - release.yaml
--- a/services/cache/redis/release.yaml
+++ b/services/cache/redis/release.yaml
@ -1,38 +0,0 @@
 apiVersion: helm.toolkit.fluxcd.io/v2beta2
 kind: HelmRelease
 metadata:
  name: redis
  namespace: itsm-dev
 spec:
  interval: 1m
  chart:
    spec:
      version: "18.12.1"
      chart: redis
      sourceRef:
        kind: HelmRepository
        name: stable
        namespace: itsm-dev
      interval: 1m
  values:
    enabled: true
    nameOverride: "redis"
    architecture: standalone
    global:
      imageRegistry: ""
      redis:
        password: "redis"
    auth:
      enabled: true
      sentinel: false
      password: ""
    master:
      persistence:
        enabled: false
      resources:
        requests:
          memory: 100Mi
          cpu: 100m
        limits:
          cpu: "200m"
          memory: "300Mi"
--- a/services/database/mongodb/kustomization.yaml
+++ b/services/database/mongodb/kustomization.yaml
@ -1,5 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: itsm-dev
 resources:
  - release.yaml
--- a/services/database/mongodb/release.yaml
+++ b/services/database/mongodb/release.yaml
@ -1,42 +0,0 @@
 apiVersion: helm.toolkit.fluxcd.io/v2beta2
 kind: HelmRelease
 metadata:
  name: mongodb
  namespace: itsm-dev
 spec:
  interval: 1m
  chart:
    spec:
      version: "14.8.3"
      chart: mongodb
      sourceRef:
        kind: HelmRepository
        name: stable
        namespace: itsm-dev
      interval: 1m
  values:
    enabled: true
    nameOverride: "mongodb"
    architecture: standalone
    useStatefulSet: true
    global:
      imageRegistry: ""
    persistence:
      enabled: true
    auth:
      enabled: true
      rootUser: root
      rootPassword: "mongodb"
      usernames:
      - novu
      passwords:
      - novu
      databases:
      - novu-db
    resources:
      requests:
        memory: 100Mi
        cpu: 100m
      limits:
        cpu: "500m"
        memory: "500Mi"
--- a/services/object-storage/minio/kustomization.yaml
+++ b/services/object-storage/minio/kustomization.yaml
@ -1,5 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: itsm-dev
 resources:
  - release.yaml
--- a/services/object-storage/minio/release.yaml
+++ b/services/object-storage/minio/release.yaml
@ -1,37 +0,0 @@
 apiVersion: helm.toolkit.fluxcd.io/v2beta2
 kind: HelmRelease
 metadata:
  name: minio
  namespace: itsm-dev
 spec:
  interval: 1m
  chart:
    spec:
      version: "5.0.15"
      chart: minio
      sourceRef:
        kind: HelmRepository
        name: stable
        namespace: itsm-dev
      interval: 1m
  values:
    enabled: true
    nameOverride: minio
    mode: standalone
    replicas: 2
    ingress:
      enabled: true
      ingressClassName: "nginx"
      hosts:
        - minio.local
    persistence:
      enabled: true
      size: 10Gi
    existingSecret: minio-secret
    resources:
      requests:
        memory: 50Mi
        cpu: 50m
      limits:
        cpu: "100m"
        memory: "100Mi"
--- a/services/observability/kustomization.yaml
+++ b/services/observability/kustomization.yaml
--- a/services/observability/observability-stack/helmrelease.yaml
+++ b/services/observability/observability-stack/helmrelease.yaml
--- a/services/observability/observability-stack/kustomization.yaml
+++ b/services/observability/observability-stack/kustomization.yaml
--- a/services/observability/observability-stack/oci-repository.yaml
+++ b/services/observability/observability-stack/oci-repository.yaml
--- a/services/observability/observability-stack/values.yaml
+++ b/services/observability/observability-stack/values.yaml
--- a/services/observability/repositories.yaml
+++ b/services/observability/repositories.yaml
--- a/apps/core/stunnel-client/base/kustomization.yaml
+++ b/apps/core/stunnel-client/base/kustomization.yaml
--- a/apps/core/stunnel-client/base/stunnel-client-configmap.yaml
+++ b/apps/core/stunnel-client/base/stunnel-client-configmap.yaml
--- a/apps/core/stunnel-client/base/stunnel-client-deployment.yaml
+++ b/apps/core/stunnel-client/base/stunnel-client-deployment.yaml
--- a/apps/core/stunnel-client/base/stunnel-client-service.yaml
+++ b/apps/core/stunnel-client/base/stunnel-client-service.yaml
--- a/apps/core/stunnel-client/pre/kustomization.yaml
+++ b/apps/core/stunnel-client/pre/kustomization.yaml
--- a/apps/core/stunnel-client/prod/kustomization.yaml
+++ b/apps/core/stunnel-client/prod/kustomization.yaml
--- a/sync/config.yaml
+++ b/sync/config.yaml
@ -1,35 +0,0 @@
 - name: Local Config Tasks
  tasks:
    - name: Install nginx (macOS/Homebrew or Linux/apt)
      shell: |
        if command -v nginx >/dev/null; then
          echo "nginx already installed"
        elif command -v brew >/dev/null; then
          brew install nginx || echo "brew install failed or not allowed"
        elif command -v apt >/dev/null; then
          sudo apt update && sudo apt install -y nginx
        else
          echo "No supported package manager found"
        fi
    - name: Update /etc/hosts with test domain
      shell: |
        if ! grep -q "test.cw-agent.local" /etc/hosts; then
          echo "127.0.0.1 test.cw-agent.local" | sudo tee -a /etc/hosts
        fi
    - name: Create dummy SSL cert (for test)
      shell: |
        mkdir -p certs
        openssl req -x509 -nodes -days 1 -newkey rsa:2048 \
          -keyout certs/test.key \
          -out certs/test.crt \
          -subj "/CN=test.cw-agent.local"
    - name: Reload nginx (if available)
      shell: |
        if command -v nginx >/dev/null; then
          sudo nginx -s reload || true
        elif command -v brew >/dev/null; then
          brew services restart nginx || true
        fi