Skip to content

Commit

Permalink
Fix tekton results storage configurations
Browse files Browse the repository at this point in the history
  • Loading branch information
sayan-biswas committed Sep 6, 2023
1 parent 6ca17bf commit 68805d0
Show file tree
Hide file tree
Showing 20 changed files with 221 additions and 263 deletions.
19 changes: 8 additions & 11 deletions developer/openshift/dev_setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -234,7 +234,7 @@ install_pipeline_service() {
TEKTON_RESULTS_DATABASE_PASSWORD="$(yq '.tekton_results_db.password' "$CONFIG")"
export TEKTON_RESULTS_DATABASE_USER
export TEKTON_RESULTS_DATABASE_PASSWORD
TEKTON_RESULTS_S3_USER="$(yq '.tekton_results_s3.user // "minio"' "$CONFIG")"
TEKTON_RESULTS_S3_USER="$(yq '.tekton_results_s3.user // "tekton"' "$CONFIG")"
TEKTON_RESULTS_S3_PASSWORD="$(yq ".tekton_results_s3.password // \"$(openssl rand -base64 20)\"" "$CONFIG")"
export TEKTON_RESULTS_S3_USER
export TEKTON_RESULTS_S3_PASSWORD
Expand All @@ -251,17 +251,14 @@ install_pipeline_service() {
for app in "pipeline-service" "pipeline-service-storage" "pipeline-service-o11y"; do
cat << EOF >"$manifest_dir/patch-$app.yaml"
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: $app
namespace: openshift-gitops
spec:
source:
repoURL: $GIT_URL
targetRevision: $GIT_REF
- op: replace
path: "/spec/sources/0/repoURL"
value: $GIT_URL
- op: replace
path: "/spec/sources/0/targetRevision"
value: $GIT_REF
EOF
yq -i ".patches += [{\"path\": \"patch-$app.yaml\"}]" "$manifest_dir/kustomization.yaml"
yq -i ".patches += [{\"path\": \"patch-$app.yaml\", \"target\": {\"kind\": \"Application\", \"namespace\": \"openshift-gitops\", \"name\": \"$app\" }}]" "$manifest_dir/kustomization.yaml"
done

#############################################################################
Expand Down
2 changes: 1 addition & 1 deletion developer/openshift/gitops/argocd/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,5 @@ kind: Kustomization

resources:
- pipeline-service.yaml
- pipeline-service-storage.yaml
- pipeline-service-o11y.yaml
- pipeline-service-storage
8 changes: 4 additions & 4 deletions developer/openshift/gitops/argocd/pipeline-service-o11y.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,10 @@ spec:
destination:
namespace: openshift-gitops
server: https://kubernetes.default.svc
source:
path: developer/openshift/gitops/argocd/pipeline-service-o11y
repoURL: https://github.com/openshift-pipelines/pipeline-service.git
targetRevision: main
sources:
- path: developer/openshift/gitops/argocd/pipeline-service-o11y
repoURL: https://github.com/openshift-pipelines/pipeline-service.git
targetRevision: main
project: default
syncPolicy:
# Comment this out if you want to manually trigger deployments (using the
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

resources:
- postgres.yaml
- minio
- pipeline-service-storage.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
apiVersion: minio.min.io/v2
kind: Tenant
metadata:
name: storage
name: minio
namespace: tekton-results
labels:
app: minio
Expand All @@ -13,60 +13,35 @@ metadata:
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
argocd.argoproj.io/sync-wave: "0"
spec:
image: quay.io/minio/minio:latest
requestAutoCert: false
podManagementPolicy: Parallel
configuration:
name: minio-configuration
exposeServices:
minio: true
features:
bucketDNS: false
domains: {}
# This desired part doesn't work. Issues:
# https://github.com/minio/operator/issues/1345
# https://github.com/minio/operator/issues/1346
# users:
# - name: storage-user
# buckets:
# - name: "tekton-results"
# region: "us-east-1"
# objectLock: true
certConfig: {}
podManagementPolicy: Parallel
configuration:
name: minio-storage-configuration
env: []
serviceMetadata:
minioServiceLabels: {}
minioServiceAnnotations: {}
consoleServiceLabels: {}
consoleServiceAnnotations: {}
priorityClassName: ""
externalCaCertSecret: []
externalCertSecret: []
externalClientCertSecrets: []
image: quay.io/minio/minio:RELEASE.2022-09-17T00-09-45Z
imagePullSecret: {}
mountPath: /export
subPath: ""
users:
- name: minio-user
buckets:
- name: tekton-results
region: not-applicable
objectLock: true
pools:
- servers: 1
name: pool-0
volumesPerServer: 2
nodeSelector: {}
tolerations: []
affinity:
nodeAffinity: {}
podAffinity: {}
podAntiAffinity: {}
resources: {}
volumeClaimTemplate:
apiVersion: v1
kind: persistentvolumeclaims
metadata: {}
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
status: {}
securityContext: {}
containerSecurityContext: {}
requestAutoCert: true
securityContext:
runAsNonRoot: true
containerSecurityContext:
runAsNonRoot: true
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,20 @@ metadata:
argocd.argoproj.io/sync-wave: "0"
spec:
destination:
namespace: openshift-gitops
namespace: tekton-results
server: https://kubernetes.default.svc
source:
path: developer/openshift/gitops/argocd/pipeline-service-storage
repoURL: https://github.com/openshift-pipelines/pipeline-service.git
targetRevision: main
sources:
- repoURL: https://github.com/openshift-pipelines/pipeline-service.git
path: developer/openshift/gitops/argocd/pipeline-service-storage/minio
targetRevision: main
ref: values
- repoURL: https://charts.bitnami.com/bitnami
chart: postgresql
targetRevision: 12.2.7
helm:
releaseName: postgres
valueFiles:
- $values/developer/openshift/gitops/argocd/pipeline-service-storage/postgres/values.yaml
project: default
syncPolicy:
# Comment this out if you want to manually trigger deployments (using the
Expand Down

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
---
image:
tag: 13.10.0

tls:
enabled: true
autoGenerated: true

auth:
database: tekton_results
username: tekton
existingSecret: tekton-results-database
secretKeys:
userPasswordKey: db.password
adminPasswordKey: db.password

primary:
resources:
requests: null
podSecurityContext:
fsGroup: null
seccompProfile:
type: RuntimeDefault
containerSecurityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: null
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL

volumePermissions:
enabled: false

shmVolume:
enabled: false
10 changes: 5 additions & 5 deletions developer/openshift/gitops/argocd/pipeline-service.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,12 @@ metadata:
argocd.argoproj.io/sync-wave: "0"
spec:
destination:
namespace: openshift-gitops
namespace: pipeline-service
server: https://kubernetes.default.svc
source:
path: developer/openshift/gitops/argocd/pipeline-service
repoURL: https://github.com/openshift-pipelines/pipeline-service.git
targetRevision: main
sources:
- path: developer/openshift/gitops/argocd/pipeline-service
repoURL: https://github.com/openshift-pipelines/pipeline-service.git
targetRevision: main
project: default
syncPolicy:
# Comment this out if you want to manually trigger deployments (using the
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,8 @@ kind: Kustomization
resources:
- ../../../../../operator/gitops/argocd/pipeline-service

patches:
- path: tekton-results/minio-create-bucket.yaml
- path: tekton-results/minio-tls.yaml
# patches:
# - path: tekton-results/minio-tls.yaml

# Skip applying the Tekton operands while the Tekton operator is being installed.
# See more information about this option, here:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,5 +5,4 @@ resources:
- ../../../../../../operator/gitops/argocd/pipeline-service/tekton-results

patches:
- path: minio-create-bucket.yaml
- path: minio-tls.yaml

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ spec:
volumes:
- name: ca-s3
secret:
secretName: storage-tls
secretName: minio-tls
items:
- key: public.crt
path: s3-cert.crt
Expand Down
Loading

0 comments on commit 68805d0

Please sign in to comment.