Skip to content

Commit

Permalink
feat: enable istio and netpols for everything
Browse files Browse the repository at this point in the history
  • Loading branch information
Racer159 committed Jun 10, 2024
1 parent 1c55b70 commit 0a61df4
Show file tree
Hide file tree
Showing 10 changed files with 62 additions and 47 deletions.
19 changes: 19 additions & 0 deletions bundle/uds-bundle.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,11 @@ metadata:
# x-release-please-end

packages:
# this sets up the namespaces that we will need in order to configure the default databases (and corresponding secrets) that are setup below
- name: dev-namespaces
path: ../
ref: 0.1.0

- name: postgres-operator
path: ../
# x-release-please-start-version
Expand All @@ -22,3 +24,20 @@ packages:
- name: POSTGRESQL
description: "Configure postgres using CRs via the uds-postgres-config chart"
path: postgresql
default:
enabled: true # Set to false to not create the PostgreSQL resource
teamId: "uds"
volume:
size: "10Gi"
numberOfInstances: 2
users:
gitlab.gitlab: [] # database owner
sonarqube.sonarqube: [] # database owner
mattermost.mattermost: [] # database owner
databases:
gitlabdb: gitlab.gitlab
mattermostdb: mattermost.mattermost
sonarqubedb: sonarqube.sonarqube
version: "13"
ingress:
remoteGenerated: Anywhere
19 changes: 0 additions & 19 deletions bundle/uds-config.yaml
Original file line number Diff line number Diff line change
@@ -1,19 +0,0 @@
variables:
postgres-operator:
postgresql:
enabled: true # Set to false to not create the PostgreSQL resource
teamId: "uds"
volume:
size: "10Gi"
numberOfInstances: 2
users:
gitlab.gitlab: [] # database owner
sonarqube.sonarqube: [] # database owner
mattermost.mattermost: [] # database owner
databases:
gitlabdb: gitlab.gitlab
mattermostdb: mattermost.mattermost
sonarqubedb: sonarqube.sonarqube
version: "13"
ingress:
remoteGenerated: Anywhere
16 changes: 0 additions & 16 deletions chart/templates/peer-auth-exception.yaml

This file was deleted.

20 changes: 20 additions & 0 deletions chart/templates/uds-package-postgres.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
{{- if .Values.postgresql.enabled }}
apiVersion: uds.dev/v1alpha1
kind: Package
metadata:
name: postgres
namespace: {{ .Release.Namespace }}
spec:
network:
allow:
- direction: Ingress
remoteGenerated: IntraNamespace
- direction: Egress
remoteGenerated: IntraNamespace
{{- if .Values.postgresql.ingress }}
- direction: Ingress
selector:
cluster-name: pg-cluster
{{- .Values.postgresql.ingress | toYaml | nindent 8 }}
{{- end }}
{{- end }}
19 changes: 7 additions & 12 deletions chart/templates/uds-package.yaml
Original file line number Diff line number Diff line change
@@ -1,24 +1,19 @@
{{- if .Values.postgresql.enabled }}
apiVersion: uds.dev/v1alpha1
kind: Package
metadata:
name: postgres
namespace: {{ .Release.Namespace }}
name: postgres-operator
namespace: postgres-operator
spec:
network:
allow:
- direction: Ingress
remoteGenerated: IntraNamespace
- direction: Egress
remoteGenerated: IntraNamespace
{{- if .Values.postgresql.ingress }}
- direction: Ingress
selector:
app.kubernetes.io/name: postgres-operator
remoteNamespace: {{ .Release.Namespace }}
remoteSelector:
cluster-name: pg-cluster
{{- .Values.postgresql.ingress | toYaml | nindent 8 }}
{{- end }}

- direction: Egress
selector:
cluster-name: pg-cluster
app.kubernetes.io/name: postgres-operator
remoteGenerated: KubeAPI
{{- end }}
2 changes: 2 additions & 0 deletions src/namespace/gitlab-ns.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,5 @@ kind: Namespace
apiVersion: v1
metadata:
name: gitlab
labels:
istio-injection: enabled
2 changes: 2 additions & 0 deletions src/namespace/mattermost-ns.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,5 @@ kind: Namespace
apiVersion: v1
metadata:
name: mattermost
labels:
istio-injection: enabled
2 changes: 2 additions & 0 deletions src/namespace/sonarqube-ns.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,5 @@ kind: Namespace
apiVersion: v1
metadata:
name: sonarqube
labels:
istio-injection: enabled
8 changes: 8 additions & 0 deletions tasks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,14 @@ tasks:
- task: dependencies:create
- task: create:test-bundle

- name: dev
description: Deploy Valkey on existing cluster
actions:
- task: create-pg-package
- task: dependencies:create
- task: create-pg-test-bundle
- task: deploy:test-bundle

# CI will execute the following (via uds-common/.github/actions/test) so they need to be here with these names

- name: test-package
Expand Down
2 changes: 2 additions & 0 deletions tests/postgres/postgres-minimal.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ kind: Namespace
apiVersion: v1
metadata:
name: acid
labels:
istio-injection: enabled
---
apiVersion: acid.zalan.do/v1
kind: postgresql
Expand Down

0 comments on commit 0a61df4

Please sign in to comment.