Merge pull request #63 from GiganticMinecraft/add-helm-chart-publishing

cloudflared の helm-chart を GH Pages に release するように
GiganticMinecraft · Mar 18, 2022 · 9f69953 · 9f69953
2 parents 7f84dde + 6eaa32e
commit 9f69953
Show file tree

Hide file tree

Showing 5 changed files with 107 additions and 199 deletions.
diff --git a/.github/workflows/release_helm_charts.yaml b/.github/workflows/release_helm_charts.yaml
@@ -0,0 +1,67 @@
+name: "Helm chart を更新・公開する"
+
+on:
+  push:
+    # Only when a helm-chart is updated
+    # paths:
+    #  - 'helm-charts/**'
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.8.1
+
+      - uses: actions/setup-python@v2
+        with:
+          python-version: 3.7
+
+      - name: Set up chart-testing
+        uses: helm/[email protected]
+
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        run: |
+          changed=$(ct list-changed --target-branch main --chart-dirs helm-charts)
+          if [[ -n "$changed" ]]; then
+            echo "::set-output name=changed::true"
+          fi
+
+      - name: Run chart-testing (lint)
+        if: steps.list-changed.outputs.changed == 'true'
+        run: ct lint --target-branch main --chart-dirs helm-charts
+
+  release:
+    runs-on: ubuntu-latest
+    if: ${{ github.ref == 'refs/heads/main' }}
+    needs: ["lint"]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "[email protected]"
+
+      - name: Install Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.7.1
+
+      - name: Run chart-releaser
+        uses: helm/[email protected]
+        with:
+          charts_dir: helm-charts
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/README.md b/README.md
@@ -16,6 +16,9 @@ unchama宅のルーター配下のLAN (subnet 192.168.0.0/20)。マイクラサ
    - 概要図、ネットワーク構成図などの図を draw.io で描いて管理するディレクトリ。
    - 2022/03/18現在、GitHubがmermaidのレンダリングを正式にサポートしたため、新しい図はmermaidで作成して良いかも
 
+ - [`helm-charts`](./helm-charts/)
+   - [`proxy-kubernetes`](./proxy-kubernetes/) 等で使用できる汎用的な [Helm chart repository](https://helm.sh/docs/topics/chart_repository/)。
+
  - [`proxy-kubernetes`](./proxy-kubernetes/)
    - Linode Kubernetes Engine(LKE) 上の k8s クラスタの定義を管理するディレクトリ。詳細は [README](./proxy-kubernetes/README.md) を参照してください。
 

diff --git a/helm-charts/proxy-k8s-argo-cd/Chart.yaml b/helm-charts/proxy-k8s-argo-cd/Chart.yaml
@@ -0,0 +1,9 @@
+apiVersion: v2
+name: proxy-k8s-argo-cd
+version: 1.0.0
+dependencies:
+  - name: argo-cd
+    version: 4.2.0
+    repository: https://argoproj.github.io/argo-helm
+maintainers:
+  - name: GiganticMinecraft
diff --git a/helm-charts/proxy-k8s-argo-cd/values.yaml b/helm-charts/proxy-k8s-argo-cd/values.yaml
@@ -0,0 +1,20 @@
+# values for argo-cd. See
+# https://github.com/argoproj/argo-helm/blob/3a2858aa98f607b495d34db0da2a7a3ecad3eaa0/charts/argo-cd/values.yaml
+# for default values.
+argo-cd:
+  ## We will be using the App of Apps pattern (https://argo-cd.readthedocs.io/en/stable/operator-manual/cluster-bootstrapping/)
+  ##   to manage a group of applications in our cluster.
+  ## This is the only application in this deployment.
+  additionalApplications:
+    - name: argocd
+      namespace: argocd
+      finalizers:
+        - resources-finalizer.argocd.argoproj.io
+      destination:
+        namespace: argocd
+        server: https://kubernetes.default.svc
+      project: default
+      source:
+        path: proxy-kubernetes/argocd-apps
+        repoURL: https://github.com/GiganticMinecraft/seichi_infra
+        targetRevision: HEAD
diff --git a/proxy-kubernetes/argocd-apps/argocd.yaml b/proxy-kubernetes/argocd-apps/argocd.yaml
@@ -6,85 +6,24 @@ metadata:
 spec:
   project: default
   source:
-    chart: argo-cd
-    repoURL: https://argoproj.github.io/argo-helm
-    targetRevision: 3.33.5
+    chart: proxy-k8s-argo-cd
+    repoURL: https://giganticminecraft.github.io/seichi_infra
+    targetRevision: 1.0.0
     helm:
-      releaseName: argocd
+      releaseName: proxy-k8s-argo-cd
       values: |
-        controller:
-          ## Application controller metrics configuration
-          metrics:
-            # -- Deploy metrics service
-            enabled: true
-            service:
-              # -- Metrics service annotations
-              annotations: {}
-              # -- Metrics service labels
-              labels: {}
-              # -- Metrics service port
-              servicePort: 8082
-            serviceMonitor:
-              # -- Enable a prometheus ServiceMonitor
-              enabled: true
-              # -- Prometheus ServiceMonitor interval
-              interval: 30s
-              # -- Prometheus [RelabelConfigs] to apply to samples before scraping
-              relabelings: []
-              # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion
-              metricRelabelings: []
-              # -- Prometheus ServiceMonitor selector
-              selector:
-                prometheus: kube-prometheus
-
-              # -- Prometheus ServiceMonitor namespace
-              namespace: "argocd"
-              # -- Prometheus ServiceMonitor labels
-              additionalLabels: {}
-            rules:
-              # -- Deploy a PrometheusRule for the application controller
-              enabled: true
-              # -- PrometheusRule.Spec for the application controller
-              spec:
-              - alert: ArgoAppMissing
-                expr: |
-                  absent(argocd_app_info)
-                for: 15m
-                labels:
-                  severity: critical
-                annotations:
-                  summary: "[ArgoCD] No reported applications"
-                  description: >
-                    ArgoCD has not reported any applications data for the past 15 minutes which
-                    means that it must be down or not functioning properly.  This needs to be
-                    resolved for this cloud to continue to maintain state.
-              - alert: ArgoAppNotSynced
-                expr: |
-                  argocd_app_info{sync_status!="Synced"} == 1
-                for: 12h
-                labels:
-                  severity: warning
-                annotations:
-                  summary: "[{{`{{$labels.name}}`}}] Application not synchronized"
-                  description: >
-                    The application [{{`{{$labels.name}}`}} has not been synchronized for over
-                    12 hours which means that the state of this cloud has drifted away from the
-                    state inside Git.
-              selector:
-                prometheus: kube-prometheus
-              namespace: monitoring
-              additionalLabels: {}
         server:
           configEnabled: true
           # -- [General Argo CD configuration]
           # @default -- See [values.yaml]
           config:
-            # Argo CD's externally facing base URL (optional). Required when configuring SSO
-            url: https://argocd.bungee-proxy-public.seichi.click
             # Argo CD instance label key
             application.instanceLabelKey: argocd.argoproj.io/instance
             kustomize.buildOptions: --load-restrictor LoadRestrictionsNone
             kustomize.buildOptions.v4.4.0: --output /tmp
+            ## Following settings are required when configuring SSO
+            # Argo CD's externally facing base URL (optional).
+            url: https://argocd.bungee-proxy-public.seichi.click
             dex.config: |
               connectors:
                 - type: github
@@ -95,6 +34,7 @@ spec:
                     clientSecret: $argocd-github-client-secret:dex.github.clientSecret
                     orgs:
                     - name: GiganticMinecraft
+
           rbacConfig:
             # policy.csv is an file containing user-defined RBAC policies and role definitions (optional).
             # Policy rules are in the form:
@@ -109,137 +49,6 @@ spec:
             # authorizing API requests (optional). If omitted or empty, users may be still be able to login,
             # but will see no apps, projects, etc...
             policy.default: role:readonly
-          ## Server metrics service configuration
-          metrics:
-            # -- Deploy metrics service
-            enabled: true
-            service:
-              # -- Metrics service annotations
-              annotations: {}
-              # -- Metrics service labels
-              labels: {}
-              # -- Metrics service port
-              servicePort: 8083
-            serviceMonitor:
-              # -- Enable a prometheus ServiceMonitor
-              enabled: true
-              # -- Prometheus ServiceMonitor interval
-              interval: 30s
-              # -- Prometheus [RelabelConfigs] to apply to samples before scraping
-              relabelings: []
-              # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion
-              metricRelabelings: []
-              # -- Prometheus ServiceMonitor selector
-              selector:
-                prometheus: kube-prometheus
-
-              # -- Prometheus ServiceMonitor namespace
-              namespace: "argocd"
-              # -- Prometheus ServiceMonitor labels
-              additionalLabels: {}
-        ## Dex
-        dex:
-          metrics:
-            # -- Deploy metrics service
-            enabled: true
-            serviceMonitor:
-              # -- Enable a prometheus ServiceMonitor
-              enabled: true
-              # -- Prometheus ServiceMonitor interval
-              interval: 30s
-              # -- Prometheus [RelabelConfigs] to apply to samples before scraping
-              relabelings: []
-              # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion
-              metricRelabelings: []
-              # -- Prometheus ServiceMonitor selector
-              selector:
-                prometheus: kube-prometheus
-
-              # -- Prometheus ServiceMonitor namespace
-              namespace: "argocd"
-              # -- Prometheus ServiceMonitor labels
-              additionalLabels: {}
-        redis:
-          metrics:
-            # -- Deploy metrics service and redis-exporter sidecar
-            enabled: true
-            image:
-              # -- redis-exporter image repository
-              repository: quay.io/bitnami/redis-exporter
-              # -- redis-exporter image tag
-              tag: 1.26.0-debian-10-r2
-              # -- redis-exporter image PullPolicy
-              imagePullPolicy: IfNotPresent
-            # -- Port to use for redis-exporter sidecar
-            containerPort: 9121
-            # -- Resource limits and requests for redis-exporter sidecar
-            resources:
-              limits:
-                cpu: 100m
-                memory: 128Mi
-              requests:
-                cpu: 50m
-                memory: 64Mi
-            service:
-              # -- Metrics service type
-              type: ClusterIP
-              # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
-              clusterIP: None
-              # -- Metrics service annotations
-              annotations: {}
-              # -- Metrics service labels
-              labels: {}
-              # -- Metrics service port
-              servicePort: 9121
-              # -- Metrics service port name
-              portName: http-metrics
-            serviceMonitor:
-              # -- Enable a prometheus ServiceMonitor
-              enabled: true
-              # -- Interval at which metrics should be scraped
-              interval: 30s
-              # -- Prometheus [RelabelConfigs] to apply to samples before scraping
-              relabelings: []
-              # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion
-              metricRelabelings: []
-              # -- Prometheus ServiceMonitor selector
-              selector:
-                prometheus: kube-prometheus
-
-              # -- Prometheus ServiceMonitor namespace
-              namespace: "argocd"
-              # -- Prometheus ServiceMonitor labels
-              additionalLabels: {}
-        ## Repo Server
-        repoServer:
-          ## Repo server metrics service configuration
-          metrics:
-            # -- Deploy metrics service
-            enabled: true
-            service:
-              # -- Metrics service annotations
-              annotations: {}
-              # -- Metrics service labels
-              labels: {}
-              # -- Metrics service port
-              servicePort: 8084
-            serviceMonitor:
-              # -- Enable a prometheus ServiceMonitor
-              enabled: true
-              # -- Prometheus ServiceMonitor interval
-              interval: 30s
-              # -- Prometheus [RelabelConfigs] to apply to samples before scraping
-              relabelings: []
-              # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion
-              metricRelabelings: []
-              # -- Prometheus ServiceMonitor selector
-              selector:
-                prometheus: kube-prometheus
-
-              # -- Prometheus ServiceMonitor namespace
-              namespace: "argocd"
-              # -- Prometheus ServiceMonitor labels
-              additionalLabels: {}
   destination:
     server: https://kubernetes.default.svc
     namespace: argocd