gitea-admin/ab-initio-manifests
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial render: k3s-dev environment

Browse Source
This commit is contained in:
gitea-admin
2026-03-07 15:00:05 +00:00
commit a787720f2a
306 changed files with 75879 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
rendered/argocd/k3s-dev/applications/abinitio-common/config.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-common-config
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-common-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-common/config"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-common/passwords.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-common-passwords
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-common-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-common/passwords"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-common/resources.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-common-resources
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-common-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-common/resources"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-db/authgateway-db.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-db-authgateway-db
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-db-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-db/authgateway-db"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio-db
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-db/controlcenter-db.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-db-controlcenter-db
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-db-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-db/controlcenter-db"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio-db
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-db/metadatahub-db.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-db-metadatahub-db
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-db-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-db/metadatahub-db"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio-db
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/authgateway.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-authgateway
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/authgateway"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/blueprints.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-blueprints
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/blueprints"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/controlcenter.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-controlcenter
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/controlcenter"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/datacatalog.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-datacatalog
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/datacatalog"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/dqa.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-dqa
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/dqa"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/eme.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-eme
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/eme"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/enterprise-data-masking.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-enterprise-data-masking
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/enterprise-data-masking"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/expressit.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-expressit
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/expressit"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/metadata-promotion.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-metadata-promotion
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/metadata-promotion"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/metadatahub.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-metadatahub
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/metadatahub"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/portal.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-portal
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/portal"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/queryit.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-queryit
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/queryit"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/runtime-locator.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-runtime-locator
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/runtime-locator"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/rwi.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-rwi
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/rwi"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/semantic-discovery.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-semantic-discovery
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/semantic-discovery"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/tdm.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-tdm
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/tdm"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/testing-framework.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-testing-framework
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/testing-framework"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-platform/trw.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-platform-trw
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-platform-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-platform/trw"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/abinitio-system/ab-runtime-operator.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: abinitio-system-ab-runtime-operator
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: abinitio-system-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/abinitio-system/ab-runtime-operator"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio-system
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/certificates/cert-manager.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: certificates-cert-manager
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: certificates-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/certificates/cert-manager"
destination:
server: "https://kubernetes.default.svc"
namespace: cert-manager
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/database/cnpg.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: database-cnpg
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: database-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/database/cnpg"
destination:
server: "https://kubernetes.default.svc"
namespace: abinitio-db
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/ingress/nginx-ingress.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: ingress-nginx-ingress
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: ingress-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/ingress/nginx-ingress"
destination:
server: "https://kubernetes.default.svc"
namespace: ingress-nginx
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

25
rendered/argocd/k3s-dev/applications/storage/csi-driver-nfs.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: storage-csi-driver-nfs
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "0"
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: storage-project
source:
repoURL: "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
targetRevision: HEAD
path: "rendered/manifests/k3s-dev/storage/csi-driver-nfs"
destination:
server: "https://kubernetes.default.svc"
namespace: kube-system
syncPolicy:
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
automated:
selfHeal: true
prune: true

20
rendered/argocd/k3s-dev/appprojects/abinitio-common-project.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: abinitio-common-project
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "-1"
spec:
description: "Abinitio-common project generated for environment k3s-dev"
sourceRepos:
- "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
destinations:
- server: "https://kubernetes.default.svc"
namespace: abinitio
clusterResourceWhitelist:
- group: "*"
kind: "*"
namespaceResourceBlacklist:
- group: ""
kind: "ResourceQuota"

20
rendered/argocd/k3s-dev/appprojects/abinitio-db-project.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: abinitio-db-project
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "-1"
spec:
description: "Abinitio-db project generated for environment k3s-dev"
sourceRepos:
- "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
destinations:
- server: "https://kubernetes.default.svc"
namespace: abinitio-db
clusterResourceWhitelist:
- group: "*"
kind: "*"
namespaceResourceBlacklist:
- group: ""
kind: "ResourceQuota"

20
rendered/argocd/k3s-dev/appprojects/abinitio-platform-project.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: abinitio-platform-project
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "-1"
spec:
description: "Abinitio-platform project generated for environment k3s-dev"
sourceRepos:
- "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
destinations:
- server: "https://kubernetes.default.svc"
namespace: abinitio
clusterResourceWhitelist:
- group: "*"
kind: "*"
namespaceResourceBlacklist:
- group: ""
kind: "ResourceQuota"

20
rendered/argocd/k3s-dev/appprojects/abinitio-system-project.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: abinitio-system-project
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "-1"
spec:
description: "Abinitio-system project generated for environment k3s-dev"
sourceRepos:
- "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
destinations:
- server: "https://kubernetes.default.svc"
namespace: abinitio-system
clusterResourceWhitelist:
- group: "*"
kind: "*"
namespaceResourceBlacklist:
- group: ""
kind: "ResourceQuota"

20
rendered/argocd/k3s-dev/appprojects/certificates-project.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: certificates-project
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "-1"
spec:
description: "Certificates project generated for environment k3s-dev"
sourceRepos:
- "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
destinations:
- server: "https://kubernetes.default.svc"
namespace: cert-manager
clusterResourceWhitelist:
- group: "*"
kind: "*"
namespaceResourceBlacklist:
- group: ""
kind: "ResourceQuota"

20
rendered/argocd/k3s-dev/appprojects/database-project.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: database-project
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "-1"
spec:
description: "Database project generated for environment k3s-dev"
sourceRepos:
- "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
destinations:
- server: "https://kubernetes.default.svc"
namespace: abinitio-db
clusterResourceWhitelist:
- group: "*"
kind: "*"
namespaceResourceBlacklist:
- group: ""
kind: "ResourceQuota"

20
rendered/argocd/k3s-dev/appprojects/ingress-project.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: ingress-project
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "-1"
spec:
description: "Ingress project generated for environment k3s-dev"
sourceRepos:
- "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
destinations:
- server: "https://kubernetes.default.svc"
namespace: ingress-nginx
clusterResourceWhitelist:
- group: "*"
kind: "*"
namespaceResourceBlacklist:
- group: ""
kind: "ResourceQuota"

20
rendered/argocd/k3s-dev/appprojects/storage-project.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: storage-project
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "-1"
spec:
description: "Storage project generated for environment k3s-dev"
sourceRepos:
- "https://gitea.k3s.sg.ic.cloudguild.gcp.abinitio.com/gitea-admin/ab-initio-manifests.git"
destinations:
- server: "https://kubernetes.default.svc"
namespace: kube-system
clusterResourceWhitelist:
- group: "*"
kind: "*"
namespaceResourceBlacklist:
- group: ""
kind: "ResourceQuota"

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_abinitio.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: abinitio
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/abinitio
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/abinitio
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: abinitio

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_admin.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: admin
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/admin
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/admin
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: admin

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_ag-appserver.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: ag-appserver
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/ag-appserver
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/ag-appserver
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: ag-appserver

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_ag-db-importer.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: ag-db-importer
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/ag-db-importer
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/ag-db-importer
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: ag-db-importer

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_ag-report.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: ag-report
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/ag-report
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/ag-report
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: ag-report

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_ag-ui-importer.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: ag-ui-importer
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/ag-ui-importer
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/ag-ui-importer
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: ag-ui-importer

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_aiadmin.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: aiadmin
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/aiadmin
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/aiadmin
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: aiadmin

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_aic-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: aic-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/aic-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/aic-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: aic-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_azure-client.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: azure-client
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/azure-client
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/azure-client
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: azure-client

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_bridge.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: bridge
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/bridge
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/bridge
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: bridge

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_cafe-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: cafe-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/cafe-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/cafe-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: cafe-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_cc-jdbc.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: cc-jdbc
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/cc-jdbc
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/cc-jdbc
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: cc-jdbc

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_cc-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: cc-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/cc-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/cc-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: cc-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_dcs-hmac-key.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: dcs-hmac-key
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/dcs-hmac-key
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/dcs-hmac-key
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: dcs-hmac-key

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_dcs-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: dcs-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/dcs-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/dcs-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: dcs-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_dcs-utility-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: dcs-utility-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/dcs-utility-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/dcs-utility-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: dcs-utility-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_ei-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: ei-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/ei-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/ei-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: ei-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_eme-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: eme-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/eme-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/eme-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: eme-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_mhub-appserver.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mhub-appserver
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/mhub-appserver
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/mhub-appserver
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: mhub-appserver

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_mhub-db-importer.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mhub-db-importer
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/mhub-db-importer
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/mhub-db-importer
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: mhub-db-importer

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_mhub-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mhub-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/mhub-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/mhub-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: mhub-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_mhub-report.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mhub-report
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/mhub-report
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/mhub-report
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: mhub-report

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_mhub-ui-importer.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mhub-ui-importer
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/mhub-ui-importer
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/mhub-ui-importer
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: mhub-ui-importer

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_mhub-utility-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mhub-utility-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/mhub-utility-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/mhub-utility-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: mhub-utility-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_ocagent.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: ocagent
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/ocagent
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/ocagent
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: ocagent

19
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_password-key-file.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: password-key-file
namespace: abinitio
spec:
data:
- remoteRef:
decodingStrategy: Base64
key: secret/abinitio/password-key-file
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: password-key-file

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_qi-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: qi-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/qi-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/qi-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: qi-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_qiadmin-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: qiadmin-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/qiadmin-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/qiadmin-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: qiadmin-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_runtime-locator-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: runtime-locator-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/runtime-locator-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/runtime-locator-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: runtime-locator-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_sd-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: sd-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/sd-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/sd-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: sd-join-user

22
rendered/manifests/k3s-dev/abinitio-common/passwords/external-secrets.io_v1beta1_externalsecret_trw-join-user.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: trw-join-user
namespace: abinitio
spec:
data:
- remoteRef:
key: secret/abinitio/trw-join-user
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/trw-join-user
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
creationPolicy: Owner
name: trw-join-user

12
rendered/manifests/k3s-dev/abinitio-common/resources/cert-manager.io_v1_certificate_abinitio-tls.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: abinitio-tls
namespace: abinitio
spec:
dnsNames:
- aidp.k3s.sg.ic.cloudguild.gcp.abinitio.com
issuerRef:
kind: ClusterIssuer
name: selfsigned-ca-issuer
secretName: abinitio-tls

12
rendered/manifests/k3s-dev/abinitio-common/resources/v1_persistentvolumeclaim_ab-shared-data-and-appconf-root-claim.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: ab-shared-data-and-appconf-root-claim
namespace: abinitio
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 100Gi
storageClassName: local-nfs

5
rendered/manifests/k3s-dev/abinitio-common/resources/v1_serviceaccount_abinitio-sa.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: abinitio-sa
namespace: abinitio

32
rendered/manifests/k3s-dev/abinitio-db/authgateway-db/external-secrets.io_v1beta1_externalsecret_ag-appserver.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: ag-appserver
namespace: abinitio-db
spec:
data:
- remoteRef:
key: secret/abinitio/ag-appserver
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/ag-appserver
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
name: ag-appserver
template:
data:
jdbc-uri: jdbc:postgresql://authgateway-db-rw.abinitio-db:5432/authgateway?password={{
.password }}&user={{ .username }}
password: '{{ .password }}'
pgpass: authgateway-db-rw:5432:authgateway:{{ .username }}:{{ .password }}
uri: postgresql://{{ .username }}:{{ .password }}@authgateway-db-rw.abinitio-db:5432/authgateway
username: '{{ .username }}'
metadata:
labels:
cnpg.io/reload: "true"

32
rendered/manifests/k3s-dev/abinitio-db/authgateway-db/external-secrets.io_v1beta1_externalsecret_ag-db-importer.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: ag-db-importer
namespace: abinitio-db
spec:
data:
- remoteRef:
key: secret/abinitio/ag-db-importer
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/ag-db-importer
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
name: ag-db-importer
template:
data:
jdbc-uri: jdbc:postgresql://authgateway-db-rw.abinitio-db:5432/authgateway?password={{
.password }}&user={{ .username }}
password: '{{ .password }}'
pgpass: authgateway-db-rw:5432:authgateway:{{ .username }}:{{ .password }}
uri: postgresql://{{ .username }}:{{ .password }}@authgateway-db-rw.abinitio-db:5432/authgateway
username: '{{ .username }}'
metadata:
labels:
cnpg.io/reload: "true"

32
rendered/manifests/k3s-dev/abinitio-db/authgateway-db/external-secrets.io_v1beta1_externalsecret_ag-report.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: ag-report
namespace: abinitio-db
spec:
data:
- remoteRef:
key: secret/abinitio/ag-report
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/ag-report
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
name: ag-report
template:
data:
jdbc-uri: jdbc:postgresql://authgateway-db-rw.abinitio-db:5432/authgateway?password={{
.password }}&user={{ .username }}
password: '{{ .password }}'
pgpass: authgateway-db-rw:5432:authgateway:{{ .username }}:{{ .password }}
uri: postgresql://{{ .username }}:{{ .password }}@authgateway-db-rw.abinitio-db:5432/authgateway
username: '{{ .username }}'
metadata:
labels:
cnpg.io/reload: "true"

45
rendered/manifests/k3s-dev/abinitio-db/authgateway-db/postgresql.cnpg.io_v1_cluster_authgateway.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: authgateway
namespace: abinitio-db
spec:
bootstrap:
initdb:
database: authgateway
owner: ag_appserver
postInitApplicationSQLRefs:
configMapRefs:
- key: authgateway.sql
name: authgateway-sql
secret:
name: ag-appserver
imageName: ghcr.io/cloudnative-pg/postgresql:16
instances: 2
managed:
roles:
- login: true
name: ag_appserver
passwordSecret:
name: ag-appserver
- login: true
name: ag_importer
passwordSecret:
name: ag-db-importer
- login: true
name: ag_report
passwordSecret:
name: ag-report
postgresql:
parameters:
effective_cache_size: 6GB
shared_buffers: 3GB
resources:
limits:
cpu: 3
memory: 12Gi
requests:
cpu: 1
memory: 4Gi
storage:
size: 30Gi

15
rendered/manifests/k3s-dev/abinitio-db/authgateway-db/v1_configmap_authgateway-sql.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: v1
data:
authgateway.sql: |
CREATE ROLE ag_importer;
CREATE ROLE ag_report;
CREATE SCHEMA ag_meta AUTHORIZATION ag_appserver;
CREATE SCHEMA ag_main AUTHORIZATION ag_appserver;
GRANT USAGE ON SCHEMA ag_meta TO ag_importer;
GRANT USAGE ON SCHEMA ag_main TO ag_importer;
GRANT USAGE ON SCHEMA ag_meta TO ag_report;
GRANT USAGE ON SCHEMA ag_main TO ag_report;
kind: ConfigMap
metadata:
name: authgateway-sql
namespace: abinitio-db

33
rendered/manifests/k3s-dev/abinitio-db/controlcenter-db/external-secrets.io_v1beta1_externalsecret_cc-jdbc.yaml Normal file
View File

@@ -0,0 +1,33 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: cc-jdbc
namespace: abinitio-db
spec:
data:
- remoteRef:
key: secret/abinitio/cc-jdbc
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/cc-jdbc
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
name: cc-jdbc
template:
data:
jdbc-uri: jdbc:postgresql://controlcenter-db-rw.abinitio-db:5432/controlcenter?password={{
.password }}&user={{ .username }}
password: '{{ .password }}'
pgpass: controlcenter-db-rw:5432:controlcenter:{{ .username }}:{{ .password
}}
uri: postgresql://{{ .username }}:{{ .password }}@controlcenter-db-rw.abinitio-db:5432/controlcenter
username: '{{ .username }}'
metadata:
labels:
cnpg.io/reload: "true"

37
rendered/manifests/k3s-dev/abinitio-db/controlcenter-db/postgresql.cnpg.io_v1_cluster_controlcenter.yaml Normal file
View File

@@ -0,0 +1,37 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: controlcenter
namespace: abinitio-db
spec:
bootstrap:
initdb:
database: controlcenter
owner: cc_jdbc
postInitApplicationSQLRefs:
configMapRefs:
- key: controlcenter.sql
name: controlcenter-sql
secret:
name: cc-jdbc
imageName: ghcr.io/cloudnative-pg/postgresql:16
instances: 2
managed:
roles:
- login: true
name: cc_jdbc
passwordSecret:
name: cc-jdbc
postgresql:
parameters:
effective_cache_size: 4GB
shared_buffers: 2GB
resources:
limits:
cpu: 2
memory: 8Gi
requests:
cpu: 1
memory: 4Gi
storage:
size: 30Gi

7310
rendered/manifests/k3s-dev/abinitio-db/controlcenter-db/v1_configmap_controlcenter-sql.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

32
rendered/manifests/k3s-dev/abinitio-db/metadatahub-db/external-secrets.io_v1beta1_externalsecret_mhub-appserver.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mhub-appserver
namespace: abinitio-db
spec:
data:
- remoteRef:
key: secret/abinitio/mhub-appserver
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/mhub-appserver
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
name: mhub-appserver
template:
data:
jdbc-uri: jdbc:postgresql://metadatahub-db-rw.abinitio-db:5432/metadatahub?password={{
.password }}&user={{ .username }}
password: '{{ .password }}'
pgpass: metadatahub-db-rw:5432:metadatahub:{{ .username }}:{{ .password }}
uri: postgresql://{{ .username }}:{{ .password }}@metadatahub-db-rw.abinitio-db:5432/metadatahub
username: '{{ .username }}'
metadata:
labels:
cnpg.io/reload: "true"

32
rendered/manifests/k3s-dev/abinitio-db/metadatahub-db/external-secrets.io_v1beta1_externalsecret_mhub-db-importer.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mhub-db-importer
namespace: abinitio-db
spec:
data:
- remoteRef:
key: secret/abinitio/mhub-db-importer
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/mhub-db-importer
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
name: mhub-db-importer
template:
data:
jdbc-uri: jdbc:postgresql://metadatahub-db-rw.abinitio-db:5432/metadatahub?password={{
.password }}&user={{ .username }}
password: '{{ .password }}'
pgpass: metadatahub-db-rw:5432:metadatahub:{{ .username }}:{{ .password }}
uri: postgresql://{{ .username }}:{{ .password }}@metadatahub-db-rw.abinitio-db:5432/metadatahub
username: '{{ .username }}'
metadata:
labels:
cnpg.io/reload: "true"

32
rendered/manifests/k3s-dev/abinitio-db/metadatahub-db/external-secrets.io_v1beta1_externalsecret_mhub-report.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: mhub-report
namespace: abinitio-db
spec:
data:
- remoteRef:
key: secret/abinitio/mhub-report
property: username
secretKey: username
- remoteRef:
key: secret/abinitio/mhub-report
property: password
secretKey: password
refreshInterval: 1m
secretStoreRef:
kind: ClusterSecretStore
name: vault-store
target:
name: mhub-report
template:
data:
jdbc-uri: jdbc:postgresql://metadatahub-db-rw.abinitio-db:5432/metadatahub?password={{
.password }}&user={{ .username }}
password: '{{ .password }}'
pgpass: metadatahub-db-rw:5432:metadatahub:{{ .username }}:{{ .password }}
uri: postgresql://{{ .username }}:{{ .password }}@metadatahub-db-rw.abinitio-db:5432/metadatahub
username: '{{ .username }}'
metadata:
labels:
cnpg.io/reload: "true"

45
rendered/manifests/k3s-dev/abinitio-db/metadatahub-db/postgresql.cnpg.io_v1_cluster_metadatahub.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: metadatahub
namespace: abinitio-db
spec:
bootstrap:
initdb:
database: metadatahub
owner: mhub_appserver
postInitApplicationSQLRefs:
configMapRefs:
- key: metadatahub.sql
name: metadatahub-sql
secret:
name: mhub-appserver
imageName: ghcr.io/cloudnative-pg/postgresql:16
instances: 2
managed:
roles:
- login: true
name: mhub_appserver
passwordSecret:
name: mhub-appserver
- login: true
name: mhub_importer
passwordSecret:
name: mhub-db-importer
- login: true
name: mhub_report
passwordSecret:
name: mhub-report
postgresql:
parameters:
effective_cache_size: 12GB
shared_buffers: 6GB
resources:
limits:
cpu: 6
memory: 24Gi
requests:
cpu: 3
memory: 12Gi
storage:
size: 60Gi

15
rendered/manifests/k3s-dev/abinitio-db/metadatahub-db/v1_configmap_metadatahub-sql.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: v1
data:
metadatahub.sql: |
CREATE ROLE mhub_importer;
CREATE ROLE mhub_report;
CREATE SCHEMA mhub_meta AUTHORIZATION mhub_appserver;
CREATE SCHEMA mhub_main AUTHORIZATION mhub_appserver;
GRANT USAGE ON SCHEMA mhub_meta TO mhub_importer;
GRANT USAGE ON SCHEMA mhub_main TO mhub_importer;
GRANT USAGE ON SCHEMA mhub_meta TO mhub_report;
GRANT USAGE ON SCHEMA mhub_main TO mhub_report;
kind: ConfigMap
metadata:
name: metadatahub-sql
namespace: abinitio-db

362
rendered/manifests/k3s-dev/abinitio-platform/authgateway/apps_v1_deployment_authgateway-importer.yaml Normal file
View File

@@ -0,0 +1,362 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: authgateway-importer
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authgateway-importer
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: authgateway-importer-2.4.3-a
name: authgateway-importer
namespace: abinitio
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: authgateway-importer
app.kubernetes.io/name: authgateway-importer
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: authgateway-importer
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authgateway-importer
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: authgateway-importer-2.4.3-a
name: authgateway-importer
spec:
containers:
- args:
- --ab-k8s-start-reporter
- "true"
- --ab-k8s-job-launch-script
- /ab-setup/setup_pod.sh
command:
- ab-container-entrypoint.ksh
env:
- name: AB_AG_ENCRYPTED_PASSWORD
value: file=/secrets/aiadmin/password
- name: AB_AG_USERNAME
value: aiadmin
- name: AB_ALLOW_FILE_LOCK_ON_REMOTE_FILE_SYSTEM
value: "true"
- name: AB_AUTHORIZATION_GATEWAY_URL
value: http://authgateway:8080/authgateway
- name: AB_BRIDGE_CONFIGURATION_DIR
value: /abinitio/bridge
- name: AB_BRIDGE_CONFIGURATION_NAME
value: container-bridge
- name: AB_CHARSET
value: utf-8
- name: AB_CONFIGURATION
value: /config/pod/abinitiorc:/config/pod/apphubrc
- name: AB_CONNECTION_BRIDGE_ENCRYPTED_RPC_ENCRYPTION_KEY
value: file=/secrets/bridge/password
- name: AB_CONNECTION_BRIDGE_PORT
value: "7070"
- name: AB_CONNECTION_BRIDGE_RPC_ENCRYPTION_TYPE
value: aes128-gcm
- name: AB_CONNECTION_BRIDGE_SECURITY_CONFIGURATION
value: container-bridge-security
- name: AB_HOSTNAME_KEYSERVER_URLS
value: abks://key-server:6151
- name: AB_IPV4_ONLY
value: "true"
- name: AB_K8S_MAX_IDLE_SECONDS
value: "0"
- name: AB_K8S_START_BRIDGE
value: background
- name: AB_K8S_START_REPORTER
value: "true"
- name: AB_KEY_DAEMON_DIR
value: /tmp/abkc/data
- name: AB_MHUB_ENCRYPTED_PASSWORD
value: file=/secrets/aiadmin/password
- name: AB_MHUB_USERNAME
value: aiadmin
- name: AB_MUX_ENABLE_AG_CREDENTIAL_MAPPING
value: "true"
- name: AB_OPS_CONSOLE_URL
value: http://controlcenter:8080/controlcenter
- name: AB_OPS_PHYSICAL_HOSTNAME
value: authgateway-importer
- name: AB_OPS_WSS_ENCRYPTED_PASSWORD
value: file=/secrets/ocagent/password
- name: AB_OPS_WSS_USERNAME
value: ocagent
- name: AB_PASSWORD_KEY_FILE
value: /secrets/password_key_file/password
- name: APP_FULL_URL
value: http://authgateway:8080/authgateway
- name: BRIDGE_AB_ENCRYPTED_KEY
value: file=/secrets/bridge/password
- name: CC_ADMIN_ENCRYPTED_PASSWORD
value: file=/secrets/aiadmin/password
- name: CC_ADMIN_USERNAME
value: aiadmin
- name: CMAP_MOUNT
value: /config/pod
- name: DEPLOY_NAME
value: authgateway-importer
- name: JAVA_OPTS
value: -XX:InitialRAMPercentage=50.0 -XX:MaxRAMPercentage=75.0
- name: LOAD_PHYSOBJECTS
value: "true"
- name: MHUB_IMPORTER_ENCRYPTED_PASSWORD
value: file=/secrets/aiadmin/password
- name: NAMESPACE
value: abinitio
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: POD_LABEL
value: 'abinitio/product: authgateway-importer, abinitio/deployment: authgateway-importer'
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_SERVICE
value: authgateway-importer
- name: POD_SERVICE_HEADLESS
value: authgateway-importer-headless
image: asia-southeast1-docker.pkg.dev/str-22391/cloudplatform-proxy/aidp/authgateway-importer:4.4.1.1-1
imagePullPolicy: IfNotPresent
name: authgateway-importer
readinessProbe:
exec:
command:
- stat
- /tmp/.pod.ready
failureThreshold: 120
initialDelaySeconds: 45
periodSeconds: 10
resources:
limits:
ephemeral-storage: 8Gi
memory: 12Gi
requests:
cpu: "1"
ephemeral-storage: 8Gi
memory: 8Gi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /config/pod
name: pod-config
- mountPath: /abinitio
name: abinitio-local
- mountPath: /secrets/aiadmin/password
name: aiadmin
subPath: password
- mountPath: /secrets/ocagent/password
name: ocagent
subPath: password
- mountPath: /secrets/bridge/password
name: bridge
subPath: password
- mountPath: /secrets/eme_join_user/password
name: eme-join-user
subPath: password
- mountPath: /secrets/qi_join_user/password
name: qi-join-user
subPath: password
- mountPath: /secrets/dcs_utility_user/password
name: dcs-utility-user
subPath: password
- mountPath: /secrets/mhub_utility_user/password
name: mhub-utility-user
subPath: password
- mountPath: /secrets/ag_db_importer/password
name: ag-db-importer
subPath: password
- mountPath: /secrets/admin/password
name: admin
subPath: password
- mountPath: /secrets/ag_ui_importer/password
name: ag-ui-importer
subPath: password
- mountPath: /secrets/cafe_join_user/password
name: cafe-join-user
subPath: password
- mountPath: /secrets/cc_join_user/password
name: cc-join-user
subPath: password
- mountPath: /secrets/dcs_join_user/password
name: dcs-join-user
subPath: password
- mountPath: /secrets/ei_join_user/password
name: ei-join-user
subPath: password
- mountPath: /secrets/mhub_join_user/password
name: mhub-join-user
subPath: password
- mountPath: /secrets/qiadmin_join_user/password
name: qiadmin-join-user
subPath: password
- mountPath: /secrets/sd_join_user/password
name: sd-join-user
subPath: password
- mountPath: /secrets/trw_join_user/password
name: trw-join-user
subPath: password
- mountPath: /secrets/mhub_db_importer/password
name: mhub-db-importer
subPath: password
- mountPath: /secrets/mhub_ui_importer/password
name: mhub-ui-importer
subPath: password
- mountPath: /secrets/ag_appserver/password
name: ag-appserver
subPath: password
- mountPath: /secrets/ag_report/password
name: ag-report
subPath: password
- mountPath: /secrets/cc_jdbc/password
name: cc-jdbc
subPath: password
- mountPath: /secrets/dcs_hmac_key/password
name: dcs-hmac-key
subPath: password
- mountPath: /secrets/abinitio/password
name: abinitio
subPath: password
- mountPath: /secrets/mhub_appserver/password
name: mhub-appserver
subPath: password
- mountPath: /secrets/mhub_report/password
name: mhub-report
subPath: password
- mountPath: /secrets/runtime_locator_join_user/password
name: runtime-locator-join-user
subPath: password
- mountPath: /secrets/password_key_file/password
name: password-key-file
subPath: password
- mountPath: /tmp
name: tmp-volume
hostAliases:
- hostnames:
- authgateway-importer.abinitio
ip: 127.0.0.1
hostname: authgateway-importer
initContainers: null
securityContext:
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: abinitio-sa
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 511
name: authgateway-importer
name: pod-config
- name: abinitio-local
persistentVolumeClaim:
claimName: authgateway-importer-claim
- emptyDir: {}
name: tmp-volume
- name: aiadmin
secret:
secretName: aiadmin
- name: ocagent
secret:
secretName: ocagent
- name: bridge
secret:
secretName: bridge
- name: eme-join-user
secret:
secretName: eme-join-user
- name: qi-join-user
secret:
secretName: qi-join-user
- name: dcs-utility-user
secret:
secretName: dcs-utility-user
- name: mhub-utility-user
secret:
secretName: mhub-utility-user
- name: ag-db-importer
secret:
secretName: ag-db-importer
- name: admin
secret:
secretName: admin
- name: ag-ui-importer
secret:
secretName: ag-ui-importer
- name: cafe-join-user
secret:
secretName: cafe-join-user
- name: cc-join-user
secret:
secretName: cc-join-user
- name: dcs-join-user
secret:
secretName: dcs-join-user
- name: ei-join-user
secret:
secretName: ei-join-user
- name: mhub-join-user
secret:
secretName: mhub-join-user
- name: qiadmin-join-user
secret:
secretName: qiadmin-join-user
- name: sd-join-user
secret:
secretName: sd-join-user
- name: trw-join-user
secret:
secretName: trw-join-user
- name: mhub-db-importer
secret:
secretName: mhub-db-importer
- name: mhub-ui-importer
secret:
secretName: mhub-ui-importer
- name: ag-appserver
secret:
secretName: ag-appserver
- name: ag-report
secret:
secretName: ag-report
- name: cc-jdbc
secret:
secretName: cc-jdbc
- name: dcs-hmac-key
secret:
secretName: dcs-hmac-key
- name: abinitio
secret:
secretName: abinitio
- name: mhub-appserver
secret:
secretName: mhub-appserver
- name: mhub-report
secret:
secretName: mhub-report
- name: runtime-locator-join-user
secret:
secretName: runtime-locator-join-user
- name: password-key-file
secret:
secretName: password-key-file

312
rendered/manifests/k3s-dev/abinitio-platform/authgateway/apps_v1_deployment_authgateway.yaml Normal file
View File

@@ -0,0 +1,312 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
abinitio/deployment: authgateway
app.kubernetes.io/instance: authgateway
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authgateway
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: authgateway-2.4.3-a
name: authgateway
namespace: abinitio
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: authgateway
app.kubernetes.io/name: authgateway
template:
metadata:
labels:
abinitio/deployment: authgateway
app.kubernetes.io/instance: authgateway
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authgateway
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: authgateway-2.4.3-a
name: authgateway
spec:
containers:
- env:
- name: AB_CONFIG_PROVIDER_URL
value: file://localhost/config
- name: AB_IPV4_ONLY
value: "true"
- name: AB_PASSWORD_KEY_FILE
value: /secrets/password_key_file/password
- name: CATALINA_TMPDIR
value: /tmp
- name: DEPLOY_NAME
value: authgateway
- name: JAVA_OPTS
value: -XX:InitialRAMPercentage=50.0 -XX:MaxRAMPercentage=75.0
- name: LOAD_PHYSOBJECTS
value: "true"
- name: NAMESPACE
value: abinitio
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: POD_LABEL
value: 'abinitio/product: authgateway, abinitio/deployment: authgateway'
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_SERVICE
value: authgateway
image: asia-southeast1-docker.pkg.dev/str-22391/cloudplatform-proxy/aidp/authgateway:4.4.1.1-1
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- ${CATALINA_HOME}/bin/catalina.sh stop
livenessProbe:
failureThreshold: 3
httpGet:
path: /authgateway/api/abwebinternal/health/k8s/liveness
port: 8080
initialDelaySeconds: 5
periodSeconds: 30
name: authgateway-app
readinessProbe:
failureThreshold: 3
httpGet:
path: /authgateway/api/abwebinternal/health/k8s/readiness
port: 8080
initialDelaySeconds: 10
periodSeconds: 30
resources:
limits:
ephemeral-storage: 2Gi
memory: 8Gi
requests:
cpu: "1"
ephemeral-storage: 2Gi
memory: 8Gi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
startupProbe:
failureThreshold: 60
httpGet:
path: /authgateway/api/abwebinternal/health/k8s/startup
port: 8080
initialDelaySeconds: 60
periodSeconds: 30
volumeMounts:
- mountPath: /config/authgateway
name: app-external-config
- mountPath: /abinitio
name: abinitio-local
- mountPath: /tmp
name: tmp-volume
- mountPath: /secrets/aiadmin/password
name: aiadmin
subPath: password
- mountPath: /secrets/ocagent/password
name: ocagent
subPath: password
- mountPath: /secrets/bridge/password
name: bridge
subPath: password
- mountPath: /secrets/eme_join_user/password
name: eme-join-user
subPath: password
- mountPath: /secrets/qi_join_user/password
name: qi-join-user
subPath: password
- mountPath: /secrets/dcs_utility_user/password
name: dcs-utility-user
subPath: password
- mountPath: /secrets/mhub_utility_user/password
name: mhub-utility-user
subPath: password
- mountPath: /secrets/ag_db_importer/password
name: ag-db-importer
subPath: password
- mountPath: /secrets/admin/password
name: admin
subPath: password
- mountPath: /secrets/ag_ui_importer/password
name: ag-ui-importer
subPath: password
- mountPath: /secrets/cafe_join_user/password
name: cafe-join-user
subPath: password
- mountPath: /secrets/cc_join_user/password
name: cc-join-user
subPath: password
- mountPath: /secrets/dcs_join_user/password
name: dcs-join-user
subPath: password
- mountPath: /secrets/ei_join_user/password
name: ei-join-user
subPath: password
- mountPath: /secrets/mhub_join_user/password
name: mhub-join-user
subPath: password
- mountPath: /secrets/qiadmin_join_user/password
name: qiadmin-join-user
subPath: password
- mountPath: /secrets/sd_join_user/password
name: sd-join-user
subPath: password
- mountPath: /secrets/trw_join_user/password
name: trw-join-user
subPath: password
- mountPath: /secrets/mhub_db_importer/password
name: mhub-db-importer
subPath: password
- mountPath: /secrets/mhub_ui_importer/password
name: mhub-ui-importer
subPath: password
- mountPath: /secrets/ag_appserver/password
name: ag-appserver
subPath: password
- mountPath: /secrets/ag_report/password
name: ag-report
subPath: password
- mountPath: /secrets/cc_jdbc/password
name: cc-jdbc
subPath: password
- mountPath: /secrets/dcs_hmac_key/password
name: dcs-hmac-key
subPath: password
- mountPath: /secrets/abinitio/password
name: abinitio
subPath: password
- mountPath: /secrets/mhub_appserver/password
name: mhub-appserver
subPath: password
- mountPath: /secrets/mhub_report/password
name: mhub-report
subPath: password
- mountPath: /secrets/runtime_locator_join_user/password
name: runtime-locator-join-user
subPath: password
- mountPath: /secrets/password_key_file/password
name: password-key-file
subPath: password
hostname: authgateway
initContainers: null
securityContext:
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: abinitio-sa
terminationGracePeriodSeconds: 30
volumes:
- emptyDir: {}
name: abinitio-local
- configMap:
defaultMode: 511
name: authgateway-external-config
name: app-external-config
- emptyDir: {}
name: tmp-volume
- name: aiadmin
secret:
secretName: aiadmin
- name: ocagent
secret:
secretName: ocagent
- name: bridge
secret:
secretName: bridge
- name: eme-join-user
secret:
secretName: eme-join-user
- name: qi-join-user
secret:
secretName: qi-join-user
- name: dcs-utility-user
secret:
secretName: dcs-utility-user
- name: mhub-utility-user
secret:
secretName: mhub-utility-user
- name: ag-db-importer
secret:
secretName: ag-db-importer
- name: admin
secret:
secretName: admin
- name: ag-ui-importer
secret:
secretName: ag-ui-importer
- name: cafe-join-user
secret:
secretName: cafe-join-user
- name: cc-join-user
secret:
secretName: cc-join-user
- name: dcs-join-user
secret:
secretName: dcs-join-user
- name: ei-join-user
secret:
secretName: ei-join-user
- name: mhub-join-user
secret:
secretName: mhub-join-user
- name: qiadmin-join-user
secret:
secretName: qiadmin-join-user
- name: sd-join-user
secret:
secretName: sd-join-user
- name: trw-join-user
secret:
secretName: trw-join-user
- name: mhub-db-importer
secret:
secretName: mhub-db-importer
- name: mhub-ui-importer
secret:
secretName: mhub-ui-importer
- name: ag-appserver
secret:
secretName: ag-appserver
- name: ag-report
secret:
secretName: ag-report
- name: cc-jdbc
secret:
secretName: cc-jdbc
- name: dcs-hmac-key
secret:
secretName: dcs-hmac-key
- name: abinitio
secret:
secretName: abinitio
- name: mhub-appserver
secret:
secretName: mhub-appserver
- name: mhub-report
secret:
secretName: mhub-report
- name: runtime-locator-join-user
secret:
secretName: runtime-locator-join-user
- name: password-key-file
secret:
secretName: password-key-file

1462
rendered/manifests/k3s-dev/abinitio-platform/authgateway/v1_configmap_authgateway-external-config.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

73
rendered/manifests/k3s-dev/abinitio-platform/authgateway/v1_configmap_authgateway-importer.yaml Normal file
View File

@@ -0,0 +1,73 @@
apiVersion: v1
data:
abinitiorc: |
AB_AG_LOCAL_ROOT : /abinitio/deploy
AB_BRIDGE_WORKDIR @ container-bridge : /tmp/container-bridge-workdir
AB_CHARSET : utf-8
AB_HOSTNAME_KEYSERVER_URLS : abks://key-server:6151
AB_OPS_CONSOLE_URL : http://controlcenter:8080/controlcenter
AB_OPS_MONITOR : true
AB_OPS_MONITOR_RESOURCES : false
AB_OPS_PHYSICAL_HOSTNAME : authgateway-importer
AB_PROC_DIR : /tmp
AB_WORK_DIR : /abinitio/work
apphubrc: |
AB_BRIDGE_VOLATILE_DIR : /tmp/ab-bridge-volatile-dir
AB_KEYSERVER_GROUP : AI-IC-AWS001a
AB_KEYSERVER_URLS : abks://key-server:6150
deploy_params.config: |
appserver.cluster.option: '3'
appserver.host: 'authgateway'
appserver.port: '8080'
appserver.protocol: 'http'
appserver.type: 'tomcat'
bridge.config: 'container-bridge'
bridge.create.security.config: 'N'
bridge.host: 'authgateway-importer'
bridge.port: '7070'
bridge.rpc.aes128gcm.ab_encrypted_key: 'file=/secrets/bridge/password'
bridge.rpc.aes128gcm.mhub_encrypted_key: 'file=/secrets/bridge/password'
bridge.security_config: 'container-bridge-security'
bridge.security_type: 'aes-128-gcm'
db.appserver.mhub_encrypted_password: 'file=/secrets/ag_appserver/password'
db.appserver.username: 'ag_appserver'
db.create: 'Y'
db.create_physical: 'N'
db.datastore.destroy_if_exists: 'N'
db.host: 'authgateway-rw.abinitio-db.svc'
db.importer.ab_encrypted_password: 'file=/secrets/ag_db_importer/password'
db.importer.mhub_encrypted_password: 'file=/secrets/ag_db_importer/password'
db.importer.username: 'ag_importer'
db.name: 'authgateway'
db.port: '5432'
db.report.mhub_encrypted_password: 'file=/secrets/ag_report/password'
db.report.username: 'ag_report'
db.type: 'postgresql'
deployment.name: 'authgateway-importer'
deployment.set_server_config: 'N'
deployment.type_basic: 'N'
lineage.server: 'N'
lineageserver.url: ''
security.encryption.keyDirectory: ''
security.encryption.useExternalKey: 'N'
ui.webaccess.admin.ab_encrypted_password: 'file=/secrets/admin/password'
ui.webaccess.admin.password_hash_encrypted: 'file=/secrets/admin/password'
ui.webaccess.importer.ab_encrypted_password: 'file=/secrets/ag_ui_importer/password'
ui.webaccess.importer.password_hash_encrypted: 'file=/secrets/ag_ui_importer/password'
webapp.app_name: 'authgateway'
webapp.cluster.hosts: 'authgateway-jgroup'
webapp.cluster.port: '7800'
webapp.clustered.deployment: 'Y'
webapp.deploy_warfile: 'N'
webapp.indexDirectoryRoot: 'file:///abinitio/data/searchIndex'
kind: ConfigMap
metadata:
labels:
app.kubernetes.io/instance: authgateway-importer
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authgateway-importer
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: authgateway-importer-2.4.3-a
name: authgateway-importer
namespace: abinitio

18
rendered/manifests/k3s-dev/abinitio-platform/authgateway/v1_persistentvolumeclaim_authgateway-importer-claim.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: authgateway-importer
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authgateway-importer
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: authgateway-importer-2.4.3-a
name: authgateway-importer-claim
namespace: abinitio
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi

23
rendered/manifests/k3s-dev/abinitio-platform/authgateway/v1_service_authgateway-importer.yaml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: authgateway-importer
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authgateway-importer
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: authgateway-importer-2.4.3-a
name: authgateway-importer
namespace: abinitio
spec:
ports:
- name: bridge
port: 7070
protocol: TCP
targetPort: 7070
publishNotReadyAddresses: true
selector:
app.kubernetes.io/instance: authgateway-importer
app.kubernetes.io/name: authgateway-importer
type: ClusterIP

25
rendered/manifests/k3s-dev/abinitio-platform/authgateway/v1_service_authgateway-jgroup.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: v1
kind: Service
metadata:
labels:
abinitio/deployment: authgateway
app.kubernetes.io/instance: authgateway
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authgateway
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: authgateway-2.4.3-a
name: authgateway-jgroup
namespace: abinitio
spec:
clusterIP: None
ports:
- name: jgroup-channel
port: 7800
protocol: TCP
targetPort: 7800
publishNotReadyAddresses: true
selector:
app.kubernetes.io/instance: authgateway
app.kubernetes.io/name: authgateway
type: ClusterIP

27
rendered/manifests/k3s-dev/abinitio-platform/authgateway/v1_service_authgateway.yaml Normal file
View File

@@ -0,0 +1,27 @@
apiVersion: v1
kind: Service
metadata:
labels:
abinitio/deployment: authgateway
app.kubernetes.io/instance: authgateway
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: authgateway
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: authgateway-2.4.3-a
name: authgateway
namespace: abinitio
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app.kubernetes.io/instance: authgateway
app.kubernetes.io/name: authgateway
sessionAffinity: ClientIP
sessionAffinityConfig:
clientIP:
timeoutSeconds: 86400
type: ClusterIP

362
rendered/manifests/k3s-dev/abinitio-platform/blueprints/apps_v1_deployment_blueprints.yaml Normal file
View File

@@ -0,0 +1,362 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: blueprints
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: blueprints
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: blueprints-2.4.3-a
name: blueprints
namespace: abinitio
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: blueprints
app.kubernetes.io/name: blueprints
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: blueprints
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: blueprints
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: blueprints-2.4.3-a
name: blueprints
spec:
containers:
- args:
- --ab-k8s-job-launch-script
- /ab-setup/setup_pod.sh
command:
- ab-container-entrypoint.ksh
env:
- name: AB_AIR_ENCRYPTED_PASSWORD
value: file=/secrets/aiadmin/password
- name: AB_AIR_ROOT
value: //eme-0.eme-headless/abinitio/eme/eme
- name: AB_AIR_USER
value: aiadmin
- name: AB_ALLOW_FILE_LOCK_ON_REMOTE_FILE_SYSTEM
value: "true"
- name: AB_AUTHORIZATION_GATEWAY_URL
value: http://authgateway:8080/authgateway
- name: AB_BRIDGE_CONFIGURATION_DIR
value: /abinitio/bridge
- name: AB_BRIDGE_CONFIGURATION_NAME
value: container-bridge
- name: AB_CHARSET
value: utf-8
- name: AB_CONFIGURATION
value: /config/pod/abinitiorc:/config/pod/apphubrc
- name: AB_CONNECTION_BRIDGE_ENCRYPTED_RPC_ENCRYPTION_KEY
value: file=/secrets/bridge/password
- name: AB_CONNECTION_BRIDGE_PORT
value: "7070"
- name: AB_CONNECTION_BRIDGE_RPC_ENCRYPTION_TYPE
value: aes128-gcm
- name: AB_CONNECTION_BRIDGE_SECURITY_CONFIGURATION
value: container-bridge-security
- name: AB_HOSTNAME_KEYSERVER_URLS
value: abks://key-server:6151
- name: AB_IPV4_ONLY
value: "true"
- name: AB_K8S_MAX_IDLE_SECONDS
value: "0"
- name: AB_K8S_START_BRIDGE
value: background
- name: AB_K8S_START_REPORTER
value: "true"
- name: AB_KEY_DAEMON_DIR
value: /tmp/abkc/data
- name: AB_MHUB_ENCRYPTED_PASSWORD
value: file=/secrets/aiadmin/password
- name: AB_MHUB_URL
value: http://metadatahub:8080/metadatahub
- name: AB_MHUB_USERNAME
value: aiadmin
- name: AB_MUX_ENABLE_AG_CREDENTIAL_MAPPING
value: "true"
- name: AB_OPS_CONSOLE_URL
value: http://controlcenter:8080/controlcenter
- name: AB_OPS_WSS_ENCRYPTED_PASSWORD
value: file=/secrets/ocagent/password
- name: AB_OPS_WSS_USERNAME
value: ocagent
- name: AB_PASSWORD_KEY_FILE
value: /secrets/password_key_file/password
- name: BRIDGE_AB_ENCRYPTED_KEY
value: file=/secrets/bridge/password
- name: CC_ADMIN_ENCRYPTED_PASSWORD
value: file=/secrets/aiadmin/password
- name: CC_ADMIN_USERNAME
value: aiadmin
- name: CMAP_MOUNT
value: /config/pod
- name: DEPLOY_NAME
value: blueprints
- name: JAVA_OPTS
value: -XX:InitialRAMPercentage=50.0 -XX:MaxRAMPercentage=75.0
- name: LOAD_PHYSOBJECTS
value: "true"
- name: NAMESPACE
value: abinitio
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: POD_LABEL
value: 'abinitio/product: blueprints, abinitio/deployment: blueprints'
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_SERVICE
value: blueprints
- name: POD_SERVICE_HEADLESS
value: blueprints-headless
image: asia-southeast1-docker.pkg.dev/str-22391/cloudplatform-proxy/aidp/blueprints:4.4.1.1-1
imagePullPolicy: IfNotPresent
name: blueprints
readinessProbe:
exec:
command:
- stat
- /tmp/.pod.ready
failureThreshold: 960
periodSeconds: 10
resources:
limits:
ephemeral-storage: 2Gi
memory: 16Gi
requests:
cpu: 500m
ephemeral-storage: 2Gi
memory: 8Gi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /config/pod
name: pod-config
- mountPath: /abinitio
name: abinitio-local
- mountPath: /secrets/aiadmin/password
name: aiadmin
subPath: password
- mountPath: /secrets/ocagent/password
name: ocagent
subPath: password
- mountPath: /secrets/bridge/password
name: bridge
subPath: password
- mountPath: /secrets/eme_join_user/password
name: eme-join-user
subPath: password
- mountPath: /secrets/qi_join_user/password
name: qi-join-user
subPath: password
- mountPath: /secrets/dcs_utility_user/password
name: dcs-utility-user
subPath: password
- mountPath: /secrets/mhub_utility_user/password
name: mhub-utility-user
subPath: password
- mountPath: /secrets/ag_db_importer/password
name: ag-db-importer
subPath: password
- mountPath: /secrets/admin/password
name: admin
subPath: password
- mountPath: /secrets/ag_ui_importer/password
name: ag-ui-importer
subPath: password
- mountPath: /secrets/cafe_join_user/password
name: cafe-join-user
subPath: password
- mountPath: /secrets/cc_join_user/password
name: cc-join-user
subPath: password
- mountPath: /secrets/dcs_join_user/password
name: dcs-join-user
subPath: password
- mountPath: /secrets/ei_join_user/password
name: ei-join-user
subPath: password
- mountPath: /secrets/mhub_join_user/password
name: mhub-join-user
subPath: password
- mountPath: /secrets/qiadmin_join_user/password
name: qiadmin-join-user
subPath: password
- mountPath: /secrets/sd_join_user/password
name: sd-join-user
subPath: password
- mountPath: /secrets/trw_join_user/password
name: trw-join-user
subPath: password
- mountPath: /secrets/mhub_db_importer/password
name: mhub-db-importer
subPath: password
- mountPath: /secrets/mhub_ui_importer/password
name: mhub-ui-importer
subPath: password
- mountPath: /secrets/ag_appserver/password
name: ag-appserver
subPath: password
- mountPath: /secrets/ag_report/password
name: ag-report
subPath: password
- mountPath: /secrets/cc_jdbc/password
name: cc-jdbc
subPath: password
- mountPath: /secrets/dcs_hmac_key/password
name: dcs-hmac-key
subPath: password
- mountPath: /secrets/abinitio/password
name: abinitio
subPath: password
- mountPath: /secrets/mhub_appserver/password
name: mhub-appserver
subPath: password
- mountPath: /secrets/mhub_report/password
name: mhub-report
subPath: password
- mountPath: /secrets/runtime_locator_join_user/password
name: runtime-locator-join-user
subPath: password
- mountPath: /secrets/password_key_file/password
name: password-key-file
subPath: password
- mountPath: /ab_share
name: ab-share-data-and-appconf-root
- mountPath: /tmp
name: tmp-volume
hostAliases:
- hostnames:
- blueprints.abinitio
ip: 127.0.0.1
hostname: blueprints
initContainers: null
securityContext:
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: abinitio-sa
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 511
name: blueprints
name: pod-config
- name: abinitio-local
persistentVolumeClaim:
claimName: blueprints-claim
- emptyDir: {}
name: tmp-volume
- name: aiadmin
secret:
secretName: aiadmin
- name: ocagent
secret:
secretName: ocagent
- name: bridge
secret:
secretName: bridge
- name: eme-join-user
secret:
secretName: eme-join-user
- name: qi-join-user
secret:
secretName: qi-join-user
- name: dcs-utility-user
secret:
secretName: dcs-utility-user
- name: mhub-utility-user
secret:
secretName: mhub-utility-user
- name: ag-db-importer
secret:
secretName: ag-db-importer
- name: admin
secret:
secretName: admin
- name: ag-ui-importer
secret:
secretName: ag-ui-importer
- name: cafe-join-user
secret:
secretName: cafe-join-user
- name: cc-join-user
secret:
secretName: cc-join-user
- name: dcs-join-user
secret:
secretName: dcs-join-user
- name: ei-join-user
secret:
secretName: ei-join-user
- name: mhub-join-user
secret:
secretName: mhub-join-user
- name: qiadmin-join-user
secret:
secretName: qiadmin-join-user
- name: sd-join-user
secret:
secretName: sd-join-user
- name: trw-join-user
secret:
secretName: trw-join-user
- name: mhub-db-importer
secret:
secretName: mhub-db-importer
- name: mhub-ui-importer
secret:
secretName: mhub-ui-importer
- name: ag-appserver
secret:
secretName: ag-appserver
- name: ag-report
secret:
secretName: ag-report
- name: cc-jdbc
secret:
secretName: cc-jdbc
- name: dcs-hmac-key
secret:
secretName: dcs-hmac-key
- name: abinitio
secret:
secretName: abinitio
- name: mhub-appserver
secret:
secretName: mhub-appserver
- name: mhub-report
secret:
secretName: mhub-report
- name: runtime-locator-join-user
secret:
secretName: runtime-locator-join-user
- name: password-key-file
secret:
secretName: password-key-file
- name: ab-share-data-and-appconf-root
persistentVolumeClaim:
claimName: ab-shared-data-and-appconf-root-claim

94
rendered/manifests/k3s-dev/abinitio-platform/blueprints/v1_configmap_blueprints.yaml Normal file
View File

@@ -0,0 +1,94 @@
apiVersion: v1
data:
abinitiorc: |
AB_AIR_BRANCH @ expressit : main
AB_AIR_ROOT @ expressit : //eme-0.eme-headless/abinitio/eme/eme
AB_APPCONF_ROOT_DIR @ expressit : /ab_share/ab_appconf_root
AB_BRIDGE_WORKDIR @ container-bridge : /tmp/container-bridge-workdir
AB_CHARSET : utf-8
AB_CONNECTION : bridge
AB_CONNECTION_BRIDGE_ENCRYPTED_RPC_ENCRYPTION_KEY @ emeabeme : file=/secrets/bridge/password
AB_HOSTNAME_KEYSERVER_URLS : abks://key-server:6151
AB_MHUB_LOCAL_ROOT : /abinitio/deploy
AB_OPS_CONSOLE_URL : http://controlcenter:8080/controlcenter
AB_OPS_MONITOR : true
AB_OPS_MONITOR_RESOURCES : false
AB_OPS_PHYSICAL_HOSTNAME : blueprints
AB_PROC_DIR : /tmp
AB_WORK_DIR : /abinitio/work
apphubrc: |
AB_BRIDGE_VOLATILE_DIR : /tmp/ab-bridge-volatile-dir
AB_KEYSERVER_GROUP : AI-IC-AWS001a
AB_KEYSERVER_URLS : abks://key-server:6150
install-properties.config: |
AB_AIR_ROOT=//eme-0.eme-headless/abinitio/eme/eme
AB_APPLICATION_HUB=/usr/local/abinitio-app-hub
DO_CATALOGVIEW_PROJECT=y
DO_EME_INSTALL=y
DO_EXAMPLES_INSTALL=n
DO_EZ_PRIV=y
DO_MHUB_INSTALL=y
EZ_GENERATOR_AG_CATALOG_IP=datacatalog
EZ_GENERATOR_AG_CATALOG_NAME=Data Catalog Services
EZ_GENERATOR_AG_URL=http://authgateway:8080/authgateway
EZ_GENERATOR_AG_USER=aiadmin
EZ_GENERATOR_APPCONF_REL_LOC=edl
EZ_GENERATOR_APPID=expressit
EZ_GENERATOR_BLUEPRINTS_TO_INSTALL=ALL
EZ_GENERATOR_BLUEPRINT_SERVICE_HOST=blueprints
EZ_GENERATOR_BLUEPRINT_SERVICE_PORT=9870
EZ_GENERATOR_CATALOGVIEW_PHYSPROJECT=catalogview
EZ_GENERATOR_CATALOGVIEW_TECHSYSTEM=EnterpriseDataLake
EZ_GENERATOR_CC_HOST=http://controlcenter:8080/controlcenter
EZ_GENERATOR_CONFIG_MHUB_DEPLOYMENT_DIR=/abinitio/deploy/metadatahub-importer
EZ_GENERATOR_CONFIG_MHUB_MAIN_SCHEMA=mhub_main
EZ_GENERATOR_CONFIG_MHUB_META_SCHEMA=mhub_meta
EZ_GENERATOR_CONFIG_MHUB_USER=aiadmin
EZ_GENERATOR_DATAQUALITY=/ab_share/ab_appconf_root/global/abinitio/dataquality
EZ_GENERATOR_DATAQUALITY_RPATH=/Projects/abinitio/dataquality
EZ_GENERATOR_DCAT_URL=http://datacatalog:8080/datacatalog
EZ_GENERATOR_EI_PRODUCT_INSTANCE=Express>It
EZ_GENERATOR_EI_WORKSPACE=Blueprints (Pipelines)
EZ_GENERATOR_EME_TECHSYSTEM=Technical Repository
EZ_GENERATOR_EME_USES_AG_AUTH=y
EZ_GENERATOR_INSTALL_ACTIVE_METADATA_REFERENCE=y
EZ_GENERATOR_INSTALL_CODEGEN_TRACING=y
EZ_GENERATOR_INSTALL_CONTROL_TEST_RUNS=n
EZ_GENERATOR_LANDING_ROOT=/ab_share/ab_appconf_root/main/users
EZ_GENERATOR_LISTENER_SERVICE_HOST=blueprints
EZ_GENERATOR_LISTENER_SERVICE_PORT=9876
EZ_GENERATOR_LISTENER_SERVICE_URL=http://blueprints:9876
EZ_GENERATOR_MHUB_LOCAL_ROOT_DIR=/abinitio/deploy
EZ_GENERATOR_QUERYIT_HOST=localhost
EZ_GENERATOR_QUERYIT_RPATH=/Projects/queryit-instance-0
EZ_GENERATOR_QUERYIT_SANDBOX_INSTANCE=queryit-instance-0
EZ_GENERATOR_QUERYIT_SANDBOX_ROOT=/abinitio/sandboxes/private_sand
EZ_GENERATOR_QUERYIT_USER=aiadmin
EZ_GENERATOR_STDENV=/abinitio/sandboxes/sand/stdenv
EZ_GENERATOR_STDENV_RPATH=/Projects/stdenv
EZ_GENERATOR_USE_LOCAL_QUERYIT_SANDBOX=n
INSTALL_ACTIVE_METADATA_REFERENCE=y
INSTALL_CONFIG_USING_ABAPP_MHUB=y
MHUB_ABAPP_NAME=metadatahub
MHUB_DATASTORE_NAME=metadatahub-importer
MHUB_IMPORTER_USERNAME=aiadmin
MHUB_IMPORT_PROFILE_PATH=/abinitio/deploy/metadatahub-importer/config/import.profile
MHUB_URL=http://metadatahub:8080/metadatahub
SANDBOX_ROOT=/abinitio/sandboxes/sand
WAIT_BETWEEN_LOAD_ATTEMPTS=60
WAIT_FOR_LOAD_ATTEMPTS=150
EZ_GENERATOR_AG_ENCRYPTED_PASSWORD=file=/secrets/aiadmin/password
EZ_GENERATOR_AG_BASE64_PASSWORD=file=/secrets/aiadmin/password
MHUB_IMPORTER_ENCRYPTED_PASSWORD=file=/secrets/aiadmin/password
EZ_GENERATOR_CONFIG_MHUB_ENCRYPTED_PASSWORD=file=/secrets/aiadmin/password
kind: ConfigMap
metadata:
labels:
app.kubernetes.io/instance: blueprints
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: blueprints
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: blueprints-2.4.3-a
name: blueprints
namespace: abinitio

18
rendered/manifests/k3s-dev/abinitio-platform/blueprints/v1_persistentvolumeclaim_blueprints-claim.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: blueprints
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: blueprints
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: blueprints-2.4.3-a
name: blueprints-claim
namespace: abinitio
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi

31
rendered/manifests/k3s-dev/abinitio-platform/blueprints/v1_service_blueprints.yaml Normal file
View File

@@ -0,0 +1,31 @@
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: blueprints
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: blueprints
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: blueprints-2.4.3-a
name: blueprints
namespace: abinitio
spec:
ports:
- name: blueprints
port: 9870
protocol: TCP
targetPort: 9870
- name: listener
port: 9876
protocol: TCP
targetPort: 9876
- name: bridge
port: 7070
protocol: TCP
targetPort: 7070
publishNotReadyAddresses: false
selector:
app.kubernetes.io/instance: blueprints
app.kubernetes.io/name: blueprints
type: ClusterIP

348
rendered/manifests/k3s-dev/abinitio-platform/controlcenter/apps_v1_deployment_controlcenter-scheduler.yaml Normal file
View File

@@ -0,0 +1,348 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: controlcenter-scheduler
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: controlcenter-scheduler
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: controlcenter-scheduler-2.4.3-a
name: controlcenter-scheduler
namespace: abinitio
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: controlcenter-scheduler
app.kubernetes.io/name: controlcenter-scheduler
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: controlcenter-scheduler
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: controlcenter-scheduler
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: controlcenter-scheduler-2.4.3-a
name: controlcenter-scheduler
spec:
containers:
- args:
- --ab-k8s-start-reporter
- "true"
- --ab-k8s-job-launch-script
- /ab-setup/setup_pod.sh
command:
- ab-container-entrypoint.ksh
env:
- name: AB_ALLOW_FILE_LOCK_ON_REMOTE_FILE_SYSTEM
value: "true"
- name: AB_AUTHORIZATION_GATEWAY_URL
value: http://authgateway:8080/authgateway
- name: AB_BRIDGE_CONFIGURATION_DIR
value: /abinitio/bridge
- name: AB_BRIDGE_CONFIGURATION_NAME
value: container-bridge
- name: AB_CHARSET
value: utf-8
- name: AB_CONFIGURATION
value: /config/pod/abinitiorc:/config/pod/apphubrc
- name: AB_CONNECTION_BRIDGE_ENCRYPTED_RPC_ENCRYPTION_KEY
value: file=/secrets/bridge/password
- name: AB_CONNECTION_BRIDGE_PORT
value: "7070"
- name: AB_CONNECTION_BRIDGE_RPC_ENCRYPTION_TYPE
value: aes128-gcm
- name: AB_CONNECTION_BRIDGE_SECURITY_CONFIGURATION
value: container-bridge-security
- name: AB_HOSTNAME_KEYSERVER_URLS
value: abks://key-server:6151
- name: AB_IPV4_ONLY
value: "true"
- name: AB_K8S_MAX_IDLE_SECONDS
value: "0"
- name: AB_K8S_START_BRIDGE
value: background
- name: AB_K8S_START_REPORTER
value: "true"
- name: AB_KEY_DAEMON_DIR
value: /tmp/abkc/data
- name: AB_MUX_ENABLE_AG_CREDENTIAL_MAPPING
value: "false"
- name: AB_OPS_CONSOLE_URL
value: http://controlcenter:8080/controlcenter
- name: AB_OPS_HOST_CLUSTER_NAME
value: controlcenter-scheduler-cluster-name
- name: AB_OPS_WSS_ENCRYPTED_PASSWORD
value: file=/secrets/ocagent/password
- name: AB_OPS_WSS_USERNAME
value: ocagent
- name: AB_PASSWORD_KEY_FILE
value: /secrets/password_key_file/password
- name: BRIDGE_AB_ENCRYPTED_KEY
value: file=/secrets/bridge/password
- name: CC_ADMIN_ENCRYPTED_PASSWORD
value: file=/secrets/aiadmin/password
- name: CC_ADMIN_USERNAME
value: aiadmin
- name: CMAP_MOUNT
value: /config/pod
- name: DEPLOY_NAME
value: controlcenter-scheduler
- name: LOAD_PHYSOBJECTS
value: "true"
- name: NAMESPACE
value: abinitio
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: POD_LABEL
value: 'abinitio/product: controlcenter-scheduler, abinitio/deployment:
controlcenter-scheduler'
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_SERVICE
value: controlcenter-scheduler
- name: POD_SERVICE_HEADLESS
value: controlcenter-scheduler-headless
image: asia-southeast1-docker.pkg.dev/str-22391/cloudplatform-proxy/aidp/controlcenter-scheduler:4.4.1.1-1
imagePullPolicy: IfNotPresent
name: controlcenter-scheduler
readinessProbe:
exec:
command:
- stat
- /tmp/.pod.ready
failureThreshold: 960
periodSeconds: 10
resources:
limits:
ephemeral-storage: 8Gi
memory: 4096Mi
requests:
cpu: 500m
ephemeral-storage: 8Gi
memory: 4096Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /config/pod
name: pod-config
- mountPath: /abinitio
name: abinitio-local
- mountPath: /secrets/aiadmin/password
name: aiadmin
subPath: password
- mountPath: /secrets/ocagent/password
name: ocagent
subPath: password
- mountPath: /secrets/bridge/password
name: bridge
subPath: password
- mountPath: /secrets/eme_join_user/password
name: eme-join-user
subPath: password
- mountPath: /secrets/qi_join_user/password
name: qi-join-user
subPath: password
- mountPath: /secrets/dcs_utility_user/password
name: dcs-utility-user
subPath: password
- mountPath: /secrets/mhub_utility_user/password
name: mhub-utility-user
subPath: password
- mountPath: /secrets/ag_db_importer/password
name: ag-db-importer
subPath: password
- mountPath: /secrets/admin/password
name: admin
subPath: password
- mountPath: /secrets/ag_ui_importer/password
name: ag-ui-importer
subPath: password
- mountPath: /secrets/cafe_join_user/password
name: cafe-join-user
subPath: password
- mountPath: /secrets/cc_join_user/password
name: cc-join-user
subPath: password
- mountPath: /secrets/dcs_join_user/password
name: dcs-join-user
subPath: password
- mountPath: /secrets/ei_join_user/password
name: ei-join-user
subPath: password
- mountPath: /secrets/mhub_join_user/password
name: mhub-join-user
subPath: password
- mountPath: /secrets/qiadmin_join_user/password
name: qiadmin-join-user
subPath: password
- mountPath: /secrets/sd_join_user/password
name: sd-join-user
subPath: password
- mountPath: /secrets/trw_join_user/password
name: trw-join-user
subPath: password
- mountPath: /secrets/mhub_db_importer/password
name: mhub-db-importer
subPath: password
- mountPath: /secrets/mhub_ui_importer/password
name: mhub-ui-importer
subPath: password
- mountPath: /secrets/ag_appserver/password
name: ag-appserver
subPath: password
- mountPath: /secrets/ag_report/password
name: ag-report
subPath: password
- mountPath: /secrets/cc_jdbc/password
name: cc-jdbc
subPath: password
- mountPath: /secrets/dcs_hmac_key/password
name: dcs-hmac-key
subPath: password
- mountPath: /secrets/abinitio/password
name: abinitio
subPath: password
- mountPath: /secrets/mhub_appserver/password
name: mhub-appserver
subPath: password
- mountPath: /secrets/mhub_report/password
name: mhub-report
subPath: password
- mountPath: /secrets/runtime_locator_join_user/password
name: runtime-locator-join-user
subPath: password
- mountPath: /secrets/password_key_file/password
name: password-key-file
subPath: password
- mountPath: /tmp
name: tmp-volume
hostAliases:
- hostnames:
- controlcenter-scheduler.abinitio
ip: 127.0.0.1
hostname: controlcenter-scheduler
initContainers: null
securityContext:
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: controlcenter-scheduler-sa
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 511
name: controlcenter-scheduler
name: pod-config
- name: abinitio-local
persistentVolumeClaim:
claimName: controlcenter-scheduler-claim
- emptyDir: {}
name: tmp-volume
- name: aiadmin
secret:
secretName: aiadmin
- name: ocagent
secret:
secretName: ocagent
- name: bridge
secret:
secretName: bridge
- name: eme-join-user
secret:
secretName: eme-join-user
- name: qi-join-user
secret:
secretName: qi-join-user
- name: dcs-utility-user
secret:
secretName: dcs-utility-user
- name: mhub-utility-user
secret:
secretName: mhub-utility-user
- name: ag-db-importer
secret:
secretName: ag-db-importer
- name: admin
secret:
secretName: admin
- name: ag-ui-importer
secret:
secretName: ag-ui-importer
- name: cafe-join-user
secret:
secretName: cafe-join-user
- name: cc-join-user
secret:
secretName: cc-join-user
- name: dcs-join-user
secret:
secretName: dcs-join-user
- name: ei-join-user
secret:
secretName: ei-join-user
- name: mhub-join-user
secret:
secretName: mhub-join-user
- name: qiadmin-join-user
secret:
secretName: qiadmin-join-user
- name: sd-join-user
secret:
secretName: sd-join-user
- name: trw-join-user
secret:
secretName: trw-join-user
- name: mhub-db-importer
secret:
secretName: mhub-db-importer
- name: mhub-ui-importer
secret:
secretName: mhub-ui-importer
- name: ag-appserver
secret:
secretName: ag-appserver
- name: ag-report
secret:
secretName: ag-report
- name: cc-jdbc
secret:
secretName: cc-jdbc
- name: dcs-hmac-key
secret:
secretName: dcs-hmac-key
- name: abinitio
secret:
secretName: abinitio
- name: mhub-appserver
secret:
secretName: mhub-appserver
- name: mhub-report
secret:
secretName: mhub-report
- name: runtime-locator-join-user
secret:
secretName: runtime-locator-join-user
- name: password-key-file
secret:
secretName: password-key-file

311
rendered/manifests/k3s-dev/abinitio-platform/controlcenter/apps_v1_deployment_controlcenter.yaml Normal file
View File

@@ -0,0 +1,311 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
abinitio/deployment: controlcenter
app.kubernetes.io/instance: controlcenter
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: controlcenter
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: controlcenter-2.4.3-a
name: controlcenter
namespace: abinitio
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: controlcenter
app.kubernetes.io/name: controlcenter
template:
metadata:
labels:
abinitio/deployment: controlcenter
app.kubernetes.io/instance: controlcenter
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: controlcenter
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: controlcenter-2.4.3-a
name: controlcenter
spec:
containers:
- env:
- name: AB_CONFIG_PROVIDER_URL
value: file://localhost/config
- name: AB_IPV4_ONLY
value: "true"
- name: AB_PASSWORD_KEY_FILE
value: /secrets/password_key_file/password
- name: CATALINA_TMPDIR
value: /tmp
- name: DEPLOY_NAME
value: controlcenter
- name: JAVA_OPTS
value: -XX:InitialRAMPercentage=50.0 -XX:MaxRAMPercentage=75.0
- name: LOAD_PHYSOBJECTS
value: "true"
- name: NAMESPACE
value: abinitio
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: POD_LABEL
value: 'abinitio/product: controlcenter, abinitio/deployment: controlcenter'
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_SERVICE
value: controlcenter
image: asia-southeast1-docker.pkg.dev/str-22391/cloudplatform-proxy/aidp/controlcenter:4.4.1.1-1
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- ${CATALINA_HOME}/bin/catalina.sh stop
livenessProbe:
failureThreshold: 3
httpGet:
path: /controlcenter/api/abwebinternal/health/k8s/liveness
port: 8080
initialDelaySeconds: 15
periodSeconds: 30
name: controlcenter-app
readinessProbe:
failureThreshold: 3
httpGet:
path: /controlcenter/api/abwebinternal/health/k8s/readiness
port: 8080
initialDelaySeconds: 15
periodSeconds: 30
resources:
limits:
ephemeral-storage: 2Gi
memory: 4Gi
requests:
cpu: 200m
ephemeral-storage: 2Gi
memory: 4Gi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
startupProbe:
failureThreshold: 3
httpGet:
path: /controlcenter/api/abwebinternal/health/k8s/startup
port: 8080
initialDelaySeconds: 15
periodSeconds: 30
volumeMounts:
- mountPath: /config/controlcenter
name: app-external-config
- mountPath: /abinitio
name: abinitio-local
- mountPath: /tmp
name: tmp-volume
- mountPath: /secrets/aiadmin/password
name: aiadmin
subPath: password
- mountPath: /secrets/ocagent/password
name: ocagent
subPath: password
- mountPath: /secrets/bridge/password
name: bridge
subPath: password
- mountPath: /secrets/eme_join_user/password
name: eme-join-user
subPath: password
- mountPath: /secrets/qi_join_user/password
name: qi-join-user
subPath: password
- mountPath: /secrets/dcs_utility_user/password
name: dcs-utility-user
subPath: password
- mountPath: /secrets/mhub_utility_user/password
name: mhub-utility-user
subPath: password
- mountPath: /secrets/ag_db_importer/password
name: ag-db-importer
subPath: password
- mountPath: /secrets/admin/password
name: admin
subPath: password
- mountPath: /secrets/ag_ui_importer/password
name: ag-ui-importer
subPath: password
- mountPath: /secrets/cafe_join_user/password
name: cafe-join-user
subPath: password
- mountPath: /secrets/cc_join_user/password
name: cc-join-user
subPath: password
- mountPath: /secrets/dcs_join_user/password
name: dcs-join-user
subPath: password
- mountPath: /secrets/ei_join_user/password
name: ei-join-user
subPath: password
- mountPath: /secrets/mhub_join_user/password
name: mhub-join-user
subPath: password
- mountPath: /secrets/qiadmin_join_user/password
name: qiadmin-join-user
subPath: password
- mountPath: /secrets/sd_join_user/password
name: sd-join-user
subPath: password
- mountPath: /secrets/trw_join_user/password
name: trw-join-user
subPath: password
- mountPath: /secrets/mhub_db_importer/password
name: mhub-db-importer
subPath: password
- mountPath: /secrets/mhub_ui_importer/password
name: mhub-ui-importer
subPath: password
- mountPath: /secrets/ag_appserver/password
name: ag-appserver
subPath: password
- mountPath: /secrets/ag_report/password
name: ag-report
subPath: password
- mountPath: /secrets/cc_jdbc/password
name: cc-jdbc
subPath: password
- mountPath: /secrets/dcs_hmac_key/password
name: dcs-hmac-key
subPath: password
- mountPath: /secrets/abinitio/password
name: abinitio
subPath: password
- mountPath: /secrets/mhub_appserver/password
name: mhub-appserver
subPath: password
- mountPath: /secrets/mhub_report/password
name: mhub-report
subPath: password
- mountPath: /secrets/runtime_locator_join_user/password
name: runtime-locator-join-user
subPath: password
- mountPath: /secrets/password_key_file/password
name: password-key-file
subPath: password
hostname: controlcenter
initContainers: null
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: abinitio-sa
terminationGracePeriodSeconds: 30
volumes:
- emptyDir: {}
name: abinitio-local
- configMap:
defaultMode: 511
name: controlcenter-external-config
name: app-external-config
- emptyDir: {}
name: tmp-volume
- name: aiadmin
secret:
secretName: aiadmin
- name: ocagent
secret:
secretName: ocagent
- name: bridge
secret:
secretName: bridge
- name: eme-join-user
secret:
secretName: eme-join-user
- name: qi-join-user
secret:
secretName: qi-join-user
- name: dcs-utility-user
secret:
secretName: dcs-utility-user
- name: mhub-utility-user
secret:
secretName: mhub-utility-user
- name: ag-db-importer
secret:
secretName: ag-db-importer
- name: admin
secret:
secretName: admin
- name: ag-ui-importer
secret:
secretName: ag-ui-importer
- name: cafe-join-user
secret:
secretName: cafe-join-user
- name: cc-join-user
secret:
secretName: cc-join-user
- name: dcs-join-user
secret:
secretName: dcs-join-user
- name: ei-join-user
secret:
secretName: ei-join-user
- name: mhub-join-user
secret:
secretName: mhub-join-user
- name: qiadmin-join-user
secret:
secretName: qiadmin-join-user
- name: sd-join-user
secret:
secretName: sd-join-user
- name: trw-join-user
secret:
secretName: trw-join-user
- name: mhub-db-importer
secret:
secretName: mhub-db-importer
- name: mhub-ui-importer
secret:
secretName: mhub-ui-importer
- name: ag-appserver
secret:
secretName: ag-appserver
- name: ag-report
secret:
secretName: ag-report
- name: cc-jdbc
secret:
secretName: cc-jdbc
- name: dcs-hmac-key
secret:
secretName: dcs-hmac-key
- name: abinitio
secret:
secretName: abinitio
- name: mhub-appserver
secret:
secretName: mhub-appserver
- name: mhub-report
secret:
secretName: mhub-report
- name: runtime-locator-join-user
secret:
secretName: runtime-locator-join-user
- name: password-key-file
secret:
secretName: password-key-file

94
rendered/manifests/k3s-dev/abinitio-platform/controlcenter/rbac.authorization.k8s.io_v1_role_controlcenter-scheduler-role.yaml Normal file
View File

@@ -0,0 +1,94 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/instance: controlcenter-scheduler
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: controlcenter-scheduler
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: controlcenter-scheduler-2.4.3-a
name: controlcenter-scheduler-role
namespace: abinitio
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- get
- create
- apiGroups:
- ""
resources:
- events
verbs:
- list
- apiGroups:
- ""
resources:
- limitranges
verbs:
- get
- list
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- apiGroups:
- cloud.abinitio.com
resources:
- cooperatingsystemruntimes
verbs:
- get
- create
- delete
- patch
- list
- apiGroups:
- cloud.abinitio.com
resources:
- cooperatingsystemruntimepools
verbs:
- get
- create
- delete
- patch
- list
- apiGroups:
- cloud.abinitio.com
resources:
- cooperatingsystemruntimetemplates
verbs:
- get
- create
- delete
- patch
- list
- apiGroups:
- cloud.abinitio.com
resources:
- cooperatingsystemruntimeclaims
verbs:
- get
- create
- delete
- patch
- list

13
rendered/manifests/k3s-dev/abinitio-platform/controlcenter/rbac.authorization.k8s.io_v1_rolebinding_controlcenter-scheduler-role-rb.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: controlcenter-scheduler-role-rb
namespace: abinitio
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: controlcenter-scheduler-role
subjects:
- kind: ServiceAccount
name: controlcenter-scheduler-sa
namespace: abinitio

Some files were not shown because too many files have changed in this diff Show More