add standard raw-resources-sandbox and secrets-sandbox structure

2026-05-21 19:28:15 +03:00 · 2026-05-21 19:28:15 +03:00 · 52d4babf0a
commit 52d4babf0a
parent edbc77669d
7 changed files with 92 additions and 0 deletions
--- a/argocd-apps/raw-resources-sandbox.yaml
+++ b/argocd-apps/raw-resources-sandbox.yaml
@ -0,0 +1,22 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: raw-resources-sandbox
+  namespace: argocd
+spec:
+  project: sandbox
+  source:
+    repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/sandbox.git
+    targetRevision: HEAD
+    path: manifests/raw-resources-sandbox
+    directory:
+      recurse: true
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: sandbox
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
--- a/argocd-apps/secrets-sandbox.yaml
+++ b/argocd-apps/secrets-sandbox.yaml
@ -0,0 +1,23 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: secrets-sandbox
+  namespace: argocd
+spec:
+  project: sandbox
+  source:
+    repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/sandbox.git
+    targetRevision: HEAD
+    path: charts/secrets
+    helm:
+      valueFiles:
+        - ../../manifests/secrets-sandbox/values.yaml
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: sandbox
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
--- a/charts/nginx-message-1/templates/nodeport.yaml
+++ b/charts/nginx-message-1/templates/nodeport.yaml
@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Release.Name }}-nodeport
+spec:
+  type: NodePort
+  selector:
+    app: {{ .Release.Name }}
+  ports:
+    - protocol: TCP
+      port: {{ .Values.service.port | default 80 }}
+      targetPort: 80
+      nodePort: {{ .Values.service.nodePort | default 30080 }}
--- a/charts/secrets/Chart.yaml
+++ b/charts/secrets/Chart.yaml
@ -0,0 +1,6 @@
+apiVersion: v2
+name: secrets
+description: Generic ExternalSecret resources chart
+type: application
+version: 0.1.0
+appVersion: "1.0.0"
--- a/charts/secrets/templates/external-secret.yaml
+++ b/charts/secrets/templates/external-secret.yaml
@ -0,0 +1,23 @@
+{{- range .Values.externalSecrets }}
+---
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: {{ .name }}
+  namespace: {{ .namespace }}
+spec:
+  refreshInterval: {{ .refreshInterval | default "1h" }}
+  secretStoreRef:
+    name: {{ $.Values.secretStore.name }}
+    kind: {{ $.Values.secretStore.kind }}
+  target:
+    name: {{ .targetName }}
+    creationPolicy: {{ .creationPolicy | default "Owner" }}
+  data:
+{{- range .data }}
+    - secretKey: {{ .secretKey }}
+      remoteRef:
+        key: {{ .remoteKey }}
+        property: {{ .property }}
+{{- end }}
+{{- end }}
--- a/manifests/raw-resources-sandbox/.gitkeep
+++ b/manifests/raw-resources-sandbox/.gitkeep
--- a/manifests/secrets-sandbox/values.yaml
+++ b/manifests/secrets-sandbox/values.yaml
@ -0,0 +1,5 @@
+secretStore:
+  name: vault
+  kind: ClusterSecretStore
+
+externalSecrets: []