ai-workspace-infra/gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(gitops): split external secrets bootstrap

Browse Source
This commit is contained in:
Haitao Pan 2026-04-02 15:08:58 +08:00
parent 50153c8f2f
commit 9ec3e714b0
13 changed files with 45 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
infra/apps/core/accounts/base/oci-repository.yaml
View File

@ -4,7 +4,7 @@ metadata:
name: accounts-chart
spec:
interval: 10m0s
url: oci://ghcr.io/x-evor/charts/app-service
url: oci://ghcr.io/x-evor/app-service
ref:
semver: "0.1.0"
layerSelector:

2
infra/apps/core/console/base/oci-repository.yaml
View File

@ -4,7 +4,7 @@ metadata:
name: console-chart
spec:
interval: 10m0s
url: oci://ghcr.io/x-evor/charts/app-service
url: oci://ghcr.io/x-evor/app-service
ref:
semver: "0.1.0"
layerSelector:

2
infra/clusters/prod/infrastructure-kustomization.yaml
View File

@ -12,3 +12,5 @@ spec:
kind: GitRepository
name: platform-config
path: ./infra/infrastructure
dependsOn:
- name: platform-secrets-stack

2
infra/clusters/prod/kustomization.yaml
View File

@ -3,6 +3,8 @@ kind: Kustomization
resources:
- namespaces.yaml
- platform-kustomization.yaml
- platform-secrets-kustomization.yaml
- platform-services-kustomization.yaml
- infrastructure-kustomization.yaml
- observability-kustomization.yaml
- console-prod-kustomization.yaml

16
infra/clusters/prod/platform-secrets-kustomization.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: platform-secrets-stack
namespace: flux-system
spec:
interval: 5m0s
prune: true
wait: true
timeout: 5m0s
sourceRef:
kind: GitRepository
name: platform-config
path: ./infra/platform-secrets
dependsOn:
- name: platform-stack

16
infra/clusters/prod/platform-services-kustomization.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: platform-services-stack
namespace: flux-system
spec:
interval: 5m0s
prune: true
wait: true
timeout: 10m0s
sourceRef:
kind: GitRepository
name: platform-config
path: ./infra/platform/external-dns
dependsOn:
- name: platform-secrets-stack

2
infra/infrastructure/postgresql/oci-repository.yaml
View File

@ -5,7 +5,7 @@ metadata:
namespace: database
spec:
interval: 10m0s
url: oci://ghcr.io/x-evor/charts/postgresql
url: oci://ghcr.io/x-evor/postgresql
ref:
semver: "1.1.0"
layerSelector:

2
infra/observability/observability-stack/oci-repository.yaml
View File

@ -5,7 +5,7 @@ metadata:
namespace: observability
spec:
interval: 10m0s
url: oci://ghcr.io/x-evor/charts/observability
url: oci://ghcr.io/x-evor/observability
ref:
semver: "0.1.0"
layerSelector:

1
infra/platform/external-secrets/clustersecretstore.yaml → infra/platform-secrets/clustersecretstore.yaml
View File

@ -15,4 +15,3 @@ spec:
serviceAccountRef:
name: external-secrets
namespace: platform

4
infra/platform-secrets/kustomization.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- clustersecretstore.yaml

1
infra/platform/external-secrets/kustomization.yaml
View File

@ -2,4 +2,3 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helmrelease.yaml
- clustersecretstore.yaml

2
infra/platform/k3s-platform/oci-repository.yaml
View File

@ -5,7 +5,7 @@ metadata:
namespace: platform
spec:
interval: 10m0s
url: oci://ghcr.io/x-evor/charts/k3s-platform-chart
url: oci://ghcr.io/x-evor/k3s-platform-chart
ref:
semver: "0.1.0"
layerSelector:

1
infra/platform/kustomization.yaml
View File

@ -4,5 +4,4 @@ resources:
- repositories.yaml
- k3s-platform
- external-secrets
- external-dns
- reloader