Skip to content

Commit 3e13082

Browse files
ferruhcihanferruhcihan
committed
Merge branch 'main' into APL-535
2 parents 8d0730c + 775e307 commit 3e13082

File tree

3 files changed

+27
-15
lines changed

3 files changed

+27
-15
lines changed

.env.sample

+1-14
Original file line numberDiff line numberDiff line change
@@ -8,24 +8,11 @@ DISABLE_SYNC=1
88
# ENV_DIR=''
99

1010
# KMS access from here on
11-
# Google (paste json key here without newlines nor spaces and double quotes escaped)
12-
GCLOUD_SERVICE_KEY="\"some\":\"key\""
13-
# Azure:
14-
AZURE_TENANT_ID=''
15-
AZURE_CLIENT_ID=''
16-
AZURE_CLIENT_SECRET=''
17-
# AWS:
18-
AWS_DEFAULT_REGION=''
19-
AWS_REGION=''
20-
AWS_ACCESS_KEY_ID=''
21-
AWS_SECRET_ACCESS_KEY=''
22-
# AGE:
2311
SOPS_AGE_KEY=''
2412

2513
OTOMI_CHARTS_URL='https://github.com/linode/apl-charts.git'
2614

27-
2815
RETRIES=6
2916
RANDOM=false
3017
MIN_TIMEOUT=10000
31-
FACTOR=1
18+
FACTOR=1

charts/team-ns/templates/rbac.yaml

+25
Original file line numberDiff line numberDiff line change
@@ -220,6 +220,18 @@ rules:
220220
resources: ["secrets"]
221221
verbs: ["get", "watch", "list", "delete", "create", "update"]
222222
---
223+
apiVersion: rbac.authorization.k8s.io/v1
224+
kind: ClusterRole
225+
metadata:
226+
name: apl-gitea-operator-team-{{ $v.teamId }}-trigger-template-pipeline-watcher
227+
rules:
228+
- apiGroups: ["tekton.dev"]
229+
resources: ["pipelines"]
230+
verbs: ["watch", "list", "get"]
231+
- apiGroups: ["triggers.tekton.dev"]
232+
resources: ["triggertemplates"]
233+
verbs: ["watch", "list", "get"]
234+
---
223235
# RoleBinding for the above Role in team namespace
224236
apiVersion: rbac.authorization.k8s.io/v1
225237
kind: RoleBinding
@@ -234,4 +246,17 @@ roleRef:
234246
kind: Role
235247
name: apl-gitea-operator-service-account
236248
apiGroup: rbac.authorization.k8s.io
249+
---
250+
apiVersion: rbac.authorization.k8s.io/v1
251+
kind: ClusterRoleBinding
252+
metadata:
253+
name: apl-gitea-operator-team-{{ $v.teamId }}-trigger-template-pipeline-binding
254+
subjects:
255+
- kind: ServiceAccount
256+
namespace: apl-gitea-operator
257+
name: apl-gitea-operator
258+
roleRef:
259+
kind: ClusterRole
260+
name: apl-gitea-operator-team-{{ $v.teamId }}-trigger-template-pipeline-watcher
261+
apiGroup: rbac.authorization.k8s.io
237262
---

values/otomi-api/otomi-api.gotmpl

+1-1
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
{{- $cm := $v.apps | get "cert-manager" }}
66
{{- $d := $v.apps.drone }}
77
{{- $sops := $v | get "kms.sops" dict }}
8-
{{- $giteaValuesUrl := printf "gitea.%s/otomi/values" $v.cluster.domainSuffix }}
8+
{{- $giteaValuesUrl := "http://gitea-http.gitea.svc.cluster.local:3000/otomi/values" }}
99
{{- $helmChartCatalog := printf "https://gitea.%s/otomi/charts.git" $v.cluster.domainSuffix }}
1010
{{- $defaultPlatformAdminEmail := printf "platform-admin@%s" $v.cluster.domainSuffix }}
1111
{{- $sopsEnv := tpl (readFile "../../helmfile.d/snippets/sops-env.gotmpl") $sops }}

0 commit comments

Comments
 (0)