flux: lower controller log verbosity

Reviewed-on: #7

clusters/atlas/applications/kustomization.yaml

@@ -9,3 +9,4 @@ resources:
   - ../../services/monitoring
   - ../../services/pegasus
   - ../../services/vault
+  - ../../services/bstein-dev-home

clusters/atlas/flux-system/applications/bstein-dev-home/image-automation.yaml

@@ -0,0 +1,26 @@
+# clusters/atlas/flux-system/applications/bstein-dev-home/image-automation.yaml
+apiVersion: image.toolkit.fluxcd.io/v1
+kind: ImageUpdateAutomation
+metadata:
+  name: bstein-dev-home
+  namespace: flux-system
+spec:
+  interval: 1m0s
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+    namespace: flux-system
+  git:
+    checkout:
+      ref:
+        branch: feature/ci-gitops
+    commit:
+      author:
+        email: ops@bstein.dev
+        name: flux-bot
+      messageTemplate: "chore(bstein-dev-home): update images to {{range .Updated.Images}}{{.}}{{end}}"
+    push:
+      branch: feature/ci-gitops
+  update:
+    strategy: Setters
+    path: services/bstein-dev-home

clusters/atlas/flux-system/applications/bstein-dev-home/kustomization.yaml

@@ -0,0 +1,15 @@
+# clusters/atlas/flux-system/applications/bstein-dev-home/kustomization.yaml
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: bstein-dev-home
+  namespace: flux-system
+spec:
+  interval: 10m
+  path: ./services/bstein-dev-home
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  targetNamespace: bstein-dev-home
+  wait: false

clusters/atlas/flux-system/applications/ci-demo/image-automation.yaml

@@ -18,7 +18,7 @@ spec:
       author:
         email: ops@bstein.dev
         name: flux-bot
-      messageTemplate: "chore(ci-demo): update image to {{range .Updated.Images}}{{.}}{{end}}"
+      messageTemplate: "chore(ci-demo): apply image updates"
     push:
       branch: feature/ci-gitops
   update:

clusters/atlas/flux-system/applications/ci-demo/kustomization.yaml

@@ -12,8 +12,6 @@ spec:
     kind: GitRepository
     name: flux-system
     namespace: flux-system
-  targetNamespace: ci-demo
   dependsOn:
     - name: core
   wait: false
-

clusters/atlas/flux-system/applications/harbor/image-automation.yaml

@@ -19,7 +19,7 @@ spec:
       author:
         email: ops@bstein.dev
         name: flux-bot
-      messageTemplate: "chore(harbor): update images to {{range .Updated.Images}}{{.}}{{end}}"
+      messageTemplate: "chore(harbor): apply image updates"
     push:
       branch: feature/ci-gitops
   update:

clusters/atlas/flux-system/applications/kustomization.yaml

@@ -9,6 +9,8 @@ resources:
   - monerod/kustomization.yaml
   - pegasus/kustomization.yaml
   - pegasus/image-automation.yaml
+  - bstein-dev-home/kustomization.yaml
+  - bstein-dev-home/image-automation.yaml
   - harbor/kustomization.yaml
   - harbor/image-automation.yaml
   - jellyfin/kustomization.yaml

clusters/atlas/flux-system/applications/pegasus/image-automation.yaml

@@ -18,7 +18,7 @@ spec:
       author:
         email: ops@bstein.dev
         name: flux-bot
-      messageTemplate: "chore(pegasus): update image to {{range .Updated.Images}}{{.}}{{end}}"
+      messageTemplate: "chore(pegasus): apply image updates"
     push:
       branch: feature/ci-gitops
   update:

clusters/atlas/flux-system/gotk-components.yaml

@@ -4478,7 +4478,7 @@ spec:
       - args:
         - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc.cluster.local./
         - --watch-all-namespaces=true
-        - --log-level=debug
+        - --log-level=info
         - --log-encoding=json
         - --enable-leader-election
         - --storage-path=/data
@@ -5965,7 +5965,7 @@ spec:
       - args:
         - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc.cluster.local./
         - --watch-all-namespaces=true
-        - --log-level=debug
+        - --log-level=info
         - --log-encoding=json
         - --enable-leader-election
         env:
@@ -12379,7 +12379,7 @@ spec:
       - args:
         - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc.cluster.local./
         - --watch-all-namespaces=true
-        - --log-level=debug
+        - --log-level=info
         - --log-encoding=json
         - --enable-leader-election
         env:

services/bstein-dev-home/backend-deployment.yaml

@@ -0,0 +1,48 @@
+# services/bstein-dev-home/backend-deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: bstein-dev-home-backend
+  namespace: bstein-dev-home
+spec:
+  replicas: 2
+  revisionHistoryLimit: 3
+  selector:
+    matchLabels:
+      app: bstein-dev-home-backend
+  template:
+    metadata:
+      labels:
+        app: bstein-dev-home-backend
+    spec:
+      nodeSelector:
+        kubernetes.io/arch: arm64
+        node-role.kubernetes.io/worker: "true"
+      imagePullSecrets:
+        - name: harbor-bstein-robot
+      containers:
+        - name: backend
+          image: registry.bstein.dev/bstein/bstein-dev-home-backend:latest
+          imagePullPolicy: Always
+          ports:
+            - name: http
+              containerPort: 8080
+          readinessProbe:
+            httpGet:
+              path: /api/healthz
+              port: http
+            initialDelaySeconds: 2
+            periodSeconds: 5
+          livenessProbe:
+            httpGet:
+              path: /api/healthz
+              port: http
+            initialDelaySeconds: 10
+            periodSeconds: 10
+          resources:
+            requests:
+              cpu: 50m
+              memory: 64Mi
+            limits:
+              cpu: 300m
+              memory: 256Mi

services/bstein-dev-home/backend-service.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: bstein-dev-home-backend
+  namespace: bstein-dev-home
+spec:
+  selector:
+    app: bstein-dev-home-backend
+  ports:
+    - name: http
+      port: 80
+      targetPort: 8080

services/bstein-dev-home/frontend-deployment.yaml

@@ -0,0 +1,48 @@
+# services/bstein-dev-home/frontend-deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: bstein-dev-home-frontend
+  namespace: bstein-dev-home
+spec:
+  replicas: 2
+  revisionHistoryLimit: 3
+  selector:
+    matchLabels:
+      app: bstein-dev-home-frontend
+  template:
+    metadata:
+      labels:
+        app: bstein-dev-home-frontend
+    spec:
+      nodeSelector:
+        kubernetes.io/arch: arm64
+        node-role.kubernetes.io/worker: "true"
+      imagePullSecrets:
+        - name: harbor-bstein-robot
+      containers:
+        - name: frontend
+          image: registry.bstein.dev/bstein/bstein-dev-home-frontend:latest
+          imagePullPolicy: Always
+          ports:
+            - name: http
+              containerPort: 80
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
+            initialDelaySeconds: 2
+            periodSeconds: 5
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+            initialDelaySeconds: 10
+            periodSeconds: 10
+          resources:
+            requests:
+              cpu: 50m
+              memory: 64Mi
+            limits:
+              cpu: 300m
+              memory: 256Mi

services/bstein-dev-home/frontend-service.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: bstein-dev-home-frontend
+  namespace: bstein-dev-home
+spec:
+  selector:
+    app: bstein-dev-home-frontend
+  ports:
+    - name: http
+      port: 80
+      targetPort: 80

services/bstein-dev-home/image.yaml

@@ -0,0 +1,48 @@
+# services/bstein-dev-home/image.yaml
+apiVersion: image.toolkit.fluxcd.io/v1beta2
+kind: ImageRepository
+metadata:
+  name: bstein-dev-home-frontend
+  namespace: bstein-dev-home
+spec:
+  image: registry.bstein.dev/bstein/bstein-dev-home-frontend
+  interval: 1m0s
+---
+apiVersion: image.toolkit.fluxcd.io/v1beta2
+kind: ImagePolicy
+metadata:
+  name: bstein-dev-home-frontend
+  namespace: bstein-dev-home
+spec:
+  imageRepositoryRef:
+    name: bstein-dev-home-frontend
+  filterTags:
+    pattern: '^v?(?P<version>[0-9]+\\.[0-9]+\\.[0-9]+(?:[-.][0-9A-Za-z]+)?)$'
+    extract: '$version'
+  policy:
+    semver:
+      range: ">=0.1.0"
+---
+apiVersion: image.toolkit.fluxcd.io/v1beta2
+kind: ImageRepository
+metadata:
+  name: bstein-dev-home-backend
+  namespace: bstein-dev-home
+spec:
+  image: registry.bstein.dev/bstein/bstein-dev-home-backend
+  interval: 1m0s
+---
+apiVersion: image.toolkit.fluxcd.io/v1beta2
+kind: ImagePolicy
+metadata:
+  name: bstein-dev-home-backend
+  namespace: bstein-dev-home
+spec:
+  imageRepositoryRef:
+    name: bstein-dev-home-backend
+  filterTags:
+    pattern: '^v?(?P<version>[0-9]+\\.[0-9]+\\.[0-9]+(?:[-.][0-9A-Za-z]+)?)$'
+    extract: '$version'
+  policy:
+    semver:
+      range: ">=0.1.0"

services/bstein-dev-home/ingress.yaml

@@ -0,0 +1,31 @@
+# services/bstein-dev-home/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: bstein-dev-home
+  namespace: bstein-dev-home
+  annotations:
+    kubernetes.io/ingress.class: traefik
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+    cert-manager.io/cluster-issuer: letsencrypt
+spec:
+  tls:
+    - hosts: [ "bstein.dev" ]
+      secretName: bstein-dev-home-tls
+  rules:
+    - host: bstein.dev
+      http:
+        paths:
+          - path: /api
+            pathType: Prefix
+            backend:
+              service:
+                name: bstein-dev-home-backend
+                port: { number: 80 }
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: bstein-dev-home-frontend
+                port: { number: 80 }

services/bstein-dev-home/kustomization.yaml

@@ -0,0 +1,17 @@
+# services/bstein-dev-home/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: bstein-dev-home
+resources:
+  - namespace.yaml
+  - image.yaml
+  - frontend-deployment.yaml
+  - frontend-service.yaml
+  - backend-deployment.yaml
+  - backend-service.yaml
+  - ingress.yaml
+images:
+  - name: registry.bstein.dev/bstein/bstein-dev-home-frontend
+    newTag: latest # {"$imagepolicy": "bstein-dev-home:bstein-dev-home-frontend"}
+  - name: registry.bstein.dev/bstein/bstein-dev-home-backend
+    newTag: latest # {"$imagepolicy": "bstein-dev-home:bstein-dev-home-backend"}

services/bstein-dev-home/namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: bstein-dev-home

services/ci-demo/image.yaml

@@ -1,18 +1,18 @@
 # services/ci-demo/image.yaml
-apiVersion: image.toolkit.fluxcd.io/v1beta2
+apiVersion: image.toolkit.fluxcd.io/v1
 kind: ImageRepository
 metadata:
   name: ci-demo
-  namespace: ci-demo
+  namespace: flux-system
 spec:
   image: registry.bstein.dev/infra/ci-demo
   interval: 1m0s
 ---
-apiVersion: image.toolkit.fluxcd.io/v1beta2
+apiVersion: image.toolkit.fluxcd.io/v1
 kind: ImagePolicy
 metadata:
   name: ci-demo
-  namespace: ci-demo
+  namespace: flux-system
 spec:
   imageRepositoryRef:
     name: ci-demo

services/ci-demo/kustomization.yaml

@@ -8,4 +8,4 @@ resources:
   - service.yaml
 images:
   - name: registry.bstein.dev/infra/ci-demo
-    newTag: v0.0.0-2 # {"$imagepolicy": "ci-demo:ci-demo:tag"}
+    newTag: registry.bstein.dev/infra/ci-demo:v0.0.0-3 # {"$imagepolicy": "flux-system:ci-demo"}

services/jenkins/helmrelease.yaml

@@ -287,6 +287,25 @@ spec:
                       }
                     }
                   }
+                  pipelineJob('bstein-dev-home') {
+                    triggers {
+                      scm('H/2 * * * *')
+                    }
+                    definition {
+                      cpsScm {
+                        scm {
+                          git {
+                            remote {
+                              url('https://scm.bstein.dev/bstein/bstein-dev-home.git')
+                              credentials('gitea-pat')
+                            }
+                            branches('*/master')
+                          }
+                        }
+                        scriptPath('Jenkinsfile')
+                      }
+                    }
+                  }
     persistence:
       enabled: true
       storageClass: astreae