kosmos/gitea.kosmos.org
Archived
8
1
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: kosmos:f73c58d7eef5e51d11eed078819b8e97c247c177
Branches Tags
kosmos:master kosmos:feature/stateful-set kosmos:feature/ingress kosmos:drone-ci kosmos:dev/kubernetes-namespaces
..
compare: kosmos:drone-ci
Branches Tags
kosmos:master kosmos:feature/stateful-set kosmos:feature/ingress kosmos:drone-ci kosmos:dev/kubernetes-namespaces

4 Commits
f73c58d7ee ... drone-ci

Author SHA1 Message Date
Sebastian Kippe
122cb1232c Switch to latest Drone build 
Looks like the resource limit support from drone-runtime wasn't in -rc5.
 2019-03-04 15:41:11 +07:00
Sebastian Kippe
69f62182a1 Add resource requests and limits for Drone 2019-03-04 13:38:10 +07:00
Sebastian Kippe
08cd2ad211 Fix rbac role 
Drone is using the "default" service account.
 2019-03-03 14:11:59 +07:00
Sebastian Kippe
30c3f47afd Initial Drone CI configs 2019-03-03 12:59:07 +07:00
10 changed files with 117 additions and 103 deletions
Expand all files Collapse all files

18
README.md
View File

@@ -3,24 +3,6 @@
This repository contains configuration files and other assets, that are used to
deploy and operate this Gitea instance.
To create a new image containing the customizations:
Edit `packer/custom.json` to increment the tag, then run this script (needs
[Packer](https://www.packer.io/) in your path)
```
./script/build_customizations_image
```
Then edit `kubernetes/gitea-server.yaml` to use the new tag
(`image: eu.gcr.io/fluted-magpie-218106/gitea_custom:$VERSION`) and apply the
change:
```
cd kubernetes
kubectl apply -f gitea-server.yaml
```
Feel free to [open issues] for questions, suggestions, bugs, to-do items, and
whatever else you want to discuss or resolve.

11
custom/options/label/Default
View File

@@ -1,11 +0,0 @@
#db231d bug ; Something is not working
#76db1d enhancement ; Improving existing functionality
#1d76db feature ; New functionality
#db1d76 idea ; Something to consider
#db1d76 question ; Looking for an answer
#fbca04 security ; All your base are belong to us
#1dd5db ui/ux ; User interface, process design, etc.
#333333 dev environment ; Config, builds, CI, deployment, etc.
#cccccc duplicate ; This issue or pull request already exists
#cccccc invalid ; Not a bug
#cccccc wontfix ; This won't be fixed

14
custom/options/label/Kosmos
View File

@@ -1,14 +0,0 @@
#db231d bug ; Something is not working
#76db1d enhancement ; Improving existing functionality
#1d76db feature ; New functionality
#db1d76 idea ; Something to consider
#db1d76 question ; Looking for an answer
#fbca04 security ; All your base are belong to us
#1dd5db ui/ux ; User interface, process design, etc.
#333333 dev environment ; Config, builds, CI, deployment, etc.
#008080 kredits-1 ; Small contribution
#008080 kredits-2 ; Medium contribution
#008080 kredits-3 ; Large contribution
#cccccc duplicate ; This issue or pull request already exists
#cccccc invalid ; Not a bug
#cccccc wontfix ; This won't be fixed

12
kubernetes/drone-rbac.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kosmos-drone-rbac
subjects:
- kind: ServiceAccount
name: default
namespace: kosmos
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io

91
kubernetes/drone-server.yaml Normal file
View File

@@ -0,0 +1,91 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kosmos-drone-server
namespace: kosmos
labels:
app: kosmos-drone
spec:
replicas: 1
template:
metadata:
labels:
name: kosmos-drone-server
app: kosmos-drone
spec:
containers:
- name: kosmos-drone-server
image: drone/drone:latest
imagePullPolicy: Always
env:
- name: DRONE_KUBERNETES_ENABLED
value: "true"
- name: DRONE_KUBERNETES_NAMESPACE
value: kosmos
- name: DRONE_GITEA_SERVER
value: https://gitea.kosmos.org
- name: DRONE_RPC_SECRET
value: 0500c55b6ae97a7f1e7c207477698b6d
- name: DRONE_SERVER_HOST
value: drone.kosmos.org
- name: DRONE_SERVER_PROTO
value: https
- name: DRONE_TLS_AUTOCERT
value: "true"
- name: DRONE_ADMIN
value: raucao,gregkare,galfert
- name: DRONE_LOGS_DEBUG
value: "true"
volumeMounts:
- mountPath: /var/lib/drone
name: kosmos-drone-data
ports:
- containerPort: 80
- containerPort: 443
resources:
requests:
cpu: 50m
memory: 50Mi
limits:
cpu: 100m
memory: 100Mi
volumes:
- name: kosmos-drone-data
persistentVolumeClaim:
claimName: kosmos-drone-data
restartPolicy: Always
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kosmos-drone-data
namespace: kosmos
labels:
app: kosmos-drone
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 3000Mi
status: {}
---
apiVersion: v1
kind: Service
metadata:
name: kosmos-drone-server
namespace: kosmos
labels:
name: kosmos-drone-server
app: kosmos-drone
spec:
type: LoadBalancer
ports:
- name: "http"
port: 80
targetPort: 80
- name: "https"
port: 443
targetPort: 443
selector:
name: kosmos-drone-server

8
kubernetes/gitea-db.yaml
View File

@@ -32,19 +32,13 @@ spec:
value: gitea
image: mariadb:10.3.10
name: gitea-db
resources: {}
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- mountPath: /var/lib/mysql
name: gitea-db-data
resources:
requests:
cpu: 250m
memory: 150Mi
limits:
cpu: 500m
memory: 300Mi
restartPolicy: Always
volumes:
- name: gitea-db-data

24
kubernetes/gitea-server.yaml
View File

@@ -14,22 +14,19 @@ spec:
spec:
initContainers:
- name: init-config
# This is a busybox image with our gitea customizations saved to
# /custom, built using ./script/build_customizations_image from the
# root of the repo
image: eu.gcr.io/fluted-magpie-218106/gitea_custom:0.1
command: [
'sh', '-c',
'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && cp -R /custom/* /data/gitea && chown -R 1000:1000 /data/gitea'
]
image: busybox
command: ['sh', '-c', 'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && chown -R 1000:1000 /data/gitea']
volumeMounts:
- mountPath: /data
name: gitea-server-data
- mountPath: /root/conf
name: config
containers:
# This is only used for the initial setup, it does nothing once a app.ini
# file exists in the conf/ directory of the data directory
# (/data/gitea/conf in our case)
- name: gitea-server
image: gitea/gitea:1.8.0
image: gitea/gitea:1.7.1
ports:
- containerPort: 3000
- containerPort: 3001
@@ -37,13 +34,6 @@ spec:
volumeMounts:
- mountPath: /data
name: gitea-server-data
resources:
requests:
cpu: 250m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
restartPolicy: Always
volumes:
- name: gitea-server-data
@@ -74,7 +64,7 @@ spec:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
storage: 1Gi
---
apiVersion: v1
kind: Service

6
kubernetes/kosmos-namespace.yaml Normal file
View File

@@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
name: kosmos
labels:
app: kosmos

29
packer/custom.json
View File

@@ -1,29 +0,0 @@
{
"builders": [{
"type": "docker",
"image": "busybox",
"run_command": ["-d", "-i", "-t", "{{.Image}}", "/bin/sh"],
"commit": true
}],
"provisioners": [
{
"inline": ["mkdir /custom"],
"type": "shell"
},
{
"type": "file",
"source": "../custom/",
"destination": "/custom"
}
],
"post-processors": [
[
{
"type": "docker-tag",
"repository": "eu.gcr.io/fluted-magpie-218106/gitea_custom",
"tag": "0.1"
},
"docker-push"
]
]
}

7
script/build_customizations_image
View File

@@ -1,7 +0,0 @@
#!/usr/bin/env bash
# fail fast
set -e
cd packer/
packer build custom.json
cd -