From 638dd73d1d2e2acc8c022d5396462baa8b74f38e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A1rcio=20Fernandes?= Date: Thu, 4 Jun 2026 22:33:32 +0000 Subject: [PATCH] flux: remaining act runners --- README.md | 13 ++++++++++ deploy/act-runners/mf/README.md | 13 ---------- .../mf/{deploy => }/app/configmap.yaml | 0 .../mf/{deploy => }/app/deployment.yaml | 0 .../mf/{deploy => }/app/kustomization.yaml | 7 +----- deploy/act-runners/mf/app/secrets.yaml | 24 +++++++++++++++++++ .../mf/deploy/app/.env.d/.gitignore | 2 -- .../act-runners/mf/ops-scripts/apply-app.sh | 4 ---- .../act-runners/mf/ops-scripts/apply-infra.sh | 4 ---- deploy/act-runners/myLimbo/README.md | 13 ---------- .../myLimbo/{deploy => }/app/configmap.yaml | 0 .../myLimbo/{deploy => }/app/deployment.yaml | 0 .../myLimbo/app/kustomization.yaml | 8 +++++++ deploy/act-runners/myLimbo/app/secrets.yaml | 24 +++++++++++++++++++ .../myLimbo/deploy/app/.env.d/.gitignore | 2 -- .../myLimbo/deploy/app/kustomization.yaml | 14 ----------- .../myLimbo/ops-scripts/apply-app.sh | 4 ---- .../myLimbo/ops-scripts/apply-infra.sh | 4 ---- deploy/flux/act-runner-mf-sync.yaml | 17 +++++++++++++ deploy/flux/act-runner-myLimbo-sync.yaml | 17 +++++++++++++ deploy/flux/kustomization.yaml | 2 ++ 21 files changed, 106 insertions(+), 66 deletions(-) delete mode 100644 deploy/act-runners/mf/README.md rename deploy/act-runners/mf/{deploy => }/app/configmap.yaml (100%) rename deploy/act-runners/mf/{deploy => }/app/deployment.yaml (100%) rename deploy/act-runners/mf/{deploy => }/app/kustomization.yaml (50%) create mode 100644 deploy/act-runners/mf/app/secrets.yaml delete mode 100644 deploy/act-runners/mf/deploy/app/.env.d/.gitignore delete mode 100755 deploy/act-runners/mf/ops-scripts/apply-app.sh delete mode 100755 deploy/act-runners/mf/ops-scripts/apply-infra.sh delete mode 100644 deploy/act-runners/myLimbo/README.md rename deploy/act-runners/myLimbo/{deploy => }/app/configmap.yaml (100%) rename deploy/act-runners/myLimbo/{deploy => }/app/deployment.yaml (100%) create mode 100644 deploy/act-runners/myLimbo/app/kustomization.yaml create mode 100644 deploy/act-runners/myLimbo/app/secrets.yaml delete mode 100644 deploy/act-runners/myLimbo/deploy/app/.env.d/.gitignore delete mode 100644 deploy/act-runners/myLimbo/deploy/app/kustomization.yaml delete mode 100755 deploy/act-runners/myLimbo/ops-scripts/apply-app.sh delete mode 100755 deploy/act-runners/myLimbo/ops-scripts/apply-infra.sh create mode 100644 deploy/flux/act-runner-mf-sync.yaml create mode 100644 deploy/flux/act-runner-myLimbo-sync.yaml diff --git a/README.md b/README.md index 34cf804..3d5852e 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,17 @@ kubectl create secret generic flux-sops-age \ --namespace=limbosolutions-com-cicd \ --from-file=age.agekey=/dev/stdin +cat deploy/flux/.env.d/age.agekey | \ +kubectl create secret generic flux-sops-age \ +--namespace=mf-cicd \ +--from-file=age.agekey=/dev/stdin + + +cat deploy/flux/.env.d/age.agekey | \ +kubectl create secret generic flux-sops-age \ +--namespace=mylimbo-com-cicd \ +--from-file=age.agekey=/dev/stdin + ``` **Encrypt secrets:** @@ -55,6 +66,8 @@ sops -e deploy/app/helm-values.private.dec.yaml > deploy/app/helm-values.private sops -e deploy/backups/secrets.dec.yaml > deploy/backups/secrets.yaml sops -e deploy/act-runners/kb/app/secrets.dec.yaml > deploy/act-runners/kb/app/secrets.yaml sops -e deploy/act-runners/limbosolutions-com/app/secrets.dec.yaml > deploy/act-runners/limbosolutions-com/app/secrets.yaml +sops -e deploy/act-runners/mf/app/secrets.dec.yaml > deploy/act-runners/mf/app/secrets.yaml +sops -e deploy/act-runners/myLimbo/app/secrets.dec.yaml > deploy/act-runners/myLimbo/app/secrets.yaml ``` ## Backups diff --git a/deploy/act-runners/mf/README.md b/deploy/act-runners/mf/README.md deleted file mode 100644 index 5fc9515..0000000 --- a/deploy/act-runners/mf/README.md +++ /dev/null @@ -1,13 +0,0 @@ -# mylimbo - act-runner - -**Deploy app:** - -```bash -./ops-scripts/apply-app.sh -``` - -**Deploy Infra:** - -```bash -./ops-scripts/apply-infra.sh -``` diff --git a/deploy/act-runners/mf/deploy/app/configmap.yaml b/deploy/act-runners/mf/app/configmap.yaml similarity index 100% rename from deploy/act-runners/mf/deploy/app/configmap.yaml rename to deploy/act-runners/mf/app/configmap.yaml diff --git a/deploy/act-runners/mf/deploy/app/deployment.yaml b/deploy/act-runners/mf/app/deployment.yaml similarity index 100% rename from deploy/act-runners/mf/deploy/app/deployment.yaml rename to deploy/act-runners/mf/app/deployment.yaml diff --git a/deploy/act-runners/mf/deploy/app/kustomization.yaml b/deploy/act-runners/mf/app/kustomization.yaml similarity index 50% rename from deploy/act-runners/mf/deploy/app/kustomization.yaml rename to deploy/act-runners/mf/app/kustomization.yaml index efcdc70..b9b71f1 100644 --- a/deploy/act-runners/mf/deploy/app/kustomization.yaml +++ b/deploy/act-runners/mf/app/kustomization.yaml @@ -1,14 +1,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: mf-cicd resources: - configmap.yaml - deployment.yaml -generatorOptions: - disableNameSuffixHash: true -secretGenerator: - - name: act-runner - envs: - - .env.d/.env diff --git a/deploy/act-runners/mf/app/secrets.yaml b/deploy/act-runners/mf/app/secrets.yaml new file mode 100644 index 0000000..7a3e677 --- /dev/null +++ b/deploy/act-runners/mf/app/secrets.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Secret +metadata: + name: act-runner +type: Opaque +data: + GITEA_INSTANCE_URL: ENC[AES256_GCM,data:Obz1y5FaUsux2DjItdnJMG+rfF3vuO9o4wmpeOU2xxs70ijWUIoEyg==,iv:TLqspEhTvo8lGSGirZMeN0ikKyKmvsuJZ3s2ePL/Hv4=,tag:ju8t2qk2Dgz63Cgte0Wmxw==,type:str] + GITEA_RUNNER_NAME: ENC[AES256_GCM,data:u9/zD8aDRx8OSXLZfRP8ww==,iv:tnO1oZGS1dCRGonL3KLaubUr1JtbJvaD7wjBcpCpL2Y=,tag:HtPlkQgSHKVE7Zndo+U2mA==,type:str] + GITEA_RUNNER_REGISTRATION_TOKEN: ENC[AES256_GCM,data:9qfwY9IjXnOOFb8SsIJ0HCBv4KlTt1QNy20v59hZt+fPI688mrGpAhzbZfdZwRbAI74H/Gm5Hfk=,iv:q38chmaHIo4nSsDUhpBeFpszTdtwFEFOFIjPTdfNX5A=,tag:tCndZLIBo6RQXQN4V6tbCQ==,type:str] +sops: + age: + - enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVTk1JVDBJQURtd0VIMlc4 + WjR4UUp6cHExWC9CVE55UzJLT1ZNU3lFY0JBCnkvK0xvSHRuWi9mUHVMMU5LN3dQ + Ujh3cU9pMkNKenRza1FyZjlWaW41T1EKLS0tIGx0WFlQSmtCc3VmWGhhdWNteC9S + YTR3S3FpN0pjM29aNTA3NG9TYVE5VW8KguSIXnaxjzcAcvsJAnsz6VdpM6QJoWos + 5EO8pwi1KF6q/RNv9Qg8XWpenBNJJt4BUms6Lej6xcgntxIVc8Fx5A== + -----END AGE ENCRYPTED FILE----- + recipient: age1gk946fp37xtm3fv500407zdd5h89a5lvxysrufhau3f73xcq8ewqcu8l5g + encrypted_regex: ^(data|stringData)$ + lastmodified: "2026-06-04T22:26:34Z" + mac: ENC[AES256_GCM,data:12FZB5VqHBDoFpatMhF9wHnseW5LAHRLDDxGQGkBqRbVEq1mWKzERAwBh7emeQvUNnIIAUU9OKjrVhboDPn3t2Te9/z70CIJ/UDoPql0DTxezN6ulL4EYfrhtQvs+4m3JTcAFaF5JWL8ogh46vIL9hxaibuSdi856MnR6Zpiw2Y=,iv:KbLpaU3es78wjEqgpwn1cqqIGQdRy+PDByoJhELlO0I=,tag:62rZQkGKWkgkxAglLqyjaw==,type:str] + version: 3.13.1 diff --git a/deploy/act-runners/mf/deploy/app/.env.d/.gitignore b/deploy/act-runners/mf/deploy/app/.env.d/.gitignore deleted file mode 100644 index 1287e9b..0000000 --- a/deploy/act-runners/mf/deploy/app/.env.d/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -** -!.gitignore diff --git a/deploy/act-runners/mf/ops-scripts/apply-app.sh b/deploy/act-runners/mf/ops-scripts/apply-app.sh deleted file mode 100755 index 29bcc4d..0000000 --- a/deploy/act-runners/mf/ops-scripts/apply-app.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -e -NAMESPACE=mf-cicd -kubectl kustomize deploy/app | kubectl --namespace ${NAMESPACE} apply -f - \ No newline at end of file diff --git a/deploy/act-runners/mf/ops-scripts/apply-infra.sh b/deploy/act-runners/mf/ops-scripts/apply-infra.sh deleted file mode 100755 index 47c9f71..0000000 --- a/deploy/act-runners/mf/ops-scripts/apply-infra.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -e -NAMESPACE=mf-cicd -kubectl create namespace ${NAMESPACE} || true diff --git a/deploy/act-runners/myLimbo/README.md b/deploy/act-runners/myLimbo/README.md deleted file mode 100644 index 5fc9515..0000000 --- a/deploy/act-runners/myLimbo/README.md +++ /dev/null @@ -1,13 +0,0 @@ -# mylimbo - act-runner - -**Deploy app:** - -```bash -./ops-scripts/apply-app.sh -``` - -**Deploy Infra:** - -```bash -./ops-scripts/apply-infra.sh -``` diff --git a/deploy/act-runners/myLimbo/deploy/app/configmap.yaml b/deploy/act-runners/myLimbo/app/configmap.yaml similarity index 100% rename from deploy/act-runners/myLimbo/deploy/app/configmap.yaml rename to deploy/act-runners/myLimbo/app/configmap.yaml diff --git a/deploy/act-runners/myLimbo/deploy/app/deployment.yaml b/deploy/act-runners/myLimbo/app/deployment.yaml similarity index 100% rename from deploy/act-runners/myLimbo/deploy/app/deployment.yaml rename to deploy/act-runners/myLimbo/app/deployment.yaml diff --git a/deploy/act-runners/myLimbo/app/kustomization.yaml b/deploy/act-runners/myLimbo/app/kustomization.yaml new file mode 100644 index 0000000..9d9fc36 --- /dev/null +++ b/deploy/act-runners/myLimbo/app/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: mylimbo-com-cicd +resources: + - configmap.yaml + - deployment.yaml + + diff --git a/deploy/act-runners/myLimbo/app/secrets.yaml b/deploy/act-runners/myLimbo/app/secrets.yaml new file mode 100644 index 0000000..d4deec8 --- /dev/null +++ b/deploy/act-runners/myLimbo/app/secrets.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Secret +metadata: + name: act-runner +type: Opaque +data: + GITEA_INSTANCE_URL: ENC[AES256_GCM,data:BATws1oD1oaQehXZGiAWasKVWYlGUOB2xxdRe2+OdJds5LUdzXx4SA==,iv:6ox8QZJDhUdR8IVyOyk+nPa9c/lhlAYOb/pY/l+wOy0=,tag:nJVE3shYschhfhfFkwHQpQ==,type:str] + GITEA_RUNNER_NAME: ENC[AES256_GCM,data:P7yDwNE/bSl34HfEqSwQNmIf9OLP4ayD,iv:kDcRIaeULPF5XckCqK6qlKpZBWw2cSyGHKaKQiGlzhk=,tag:kzynWwCu4brmVRoSCemtOA==,type:str] + GITEA_RUNNER_REGISTRATION_TOKEN: ENC[AES256_GCM,data:P4yLgfdOTRscbU0QBaeGU4iZjHTazAAOtPzjAtinP196CFeJ177T58qU419WNSYZeutZB96Gzgw=,iv:YIbPzLSFMT+RlDkCuIfv2AkAk5v31cfmF/KRMBAV6kE=,tag:1htUmlUDedLXecT24wSIDQ==,type:str] +sops: + age: + - enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4cEEyZmk3dnhPN2JxUytr + WUtCMDlrK2pmb2xJSG8yaEVSZ3FsQkFaUWpJCk5iRjZtdFUvL1ZDdXlkUG5QWVNF + NXFxSkQrQjJIQ3g5dmdGNXRzUEIrNUEKLS0tIEpzdlJuR1dQV2NMc1JvdmJOUlpm + TVpYQlY0dDNTaTE5KzNzMUdQbXFnNnMK3uirf3+95s/D5bztGWphGOGJBl7BGGHh + y4kwM4DzlZioy9sLT8DpEQJi9eazkwRCJfAw89HQML2waTzc3j8kDg== + -----END AGE ENCRYPTED FILE----- + recipient: age1gk946fp37xtm3fv500407zdd5h89a5lvxysrufhau3f73xcq8ewqcu8l5g + encrypted_regex: ^(data|stringData)$ + lastmodified: "2026-06-04T22:31:22Z" + mac: ENC[AES256_GCM,data:jJQJe1C0ebtg6n2nEQHaMgC31rGOfPRDtEeBwUaE3r7JxBqPZA9zLi91wMtO2ULTiTVzEVq4uKUo21JIozkdKFcBvO7sQUPgCcxJ9p67/2zyM499I03yq9EnruvV30qVcLm7Ts+mXOt3Hnbb4hj7MR5nYAszf2ZmHNNRNLSHGwg=,iv:yjgKkJT+HQReEks7aVn2Q9besmzvTwbiDtECriCRxwU=,tag:6hyb/r21vtUI03CfrcXo4Q==,type:str] + version: 3.13.1 diff --git a/deploy/act-runners/myLimbo/deploy/app/.env.d/.gitignore b/deploy/act-runners/myLimbo/deploy/app/.env.d/.gitignore deleted file mode 100644 index 1287e9b..0000000 --- a/deploy/act-runners/myLimbo/deploy/app/.env.d/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -** -!.gitignore diff --git a/deploy/act-runners/myLimbo/deploy/app/kustomization.yaml b/deploy/act-runners/myLimbo/deploy/app/kustomization.yaml deleted file mode 100644 index efcdc70..0000000 --- a/deploy/act-runners/myLimbo/deploy/app/kustomization.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - configmap.yaml - - deployment.yaml - -generatorOptions: - disableNameSuffixHash: true - -secretGenerator: - - name: act-runner - envs: - - .env.d/.env - diff --git a/deploy/act-runners/myLimbo/ops-scripts/apply-app.sh b/deploy/act-runners/myLimbo/ops-scripts/apply-app.sh deleted file mode 100755 index 21816dc..0000000 --- a/deploy/act-runners/myLimbo/ops-scripts/apply-app.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -e -NAMESPACE=mylimbo-com-cicd -kubectl kustomize deploy/app | kubectl --namespace ${NAMESPACE} apply -f - \ No newline at end of file diff --git a/deploy/act-runners/myLimbo/ops-scripts/apply-infra.sh b/deploy/act-runners/myLimbo/ops-scripts/apply-infra.sh deleted file mode 100755 index 6a30581..0000000 --- a/deploy/act-runners/myLimbo/ops-scripts/apply-infra.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -e -NAMESPACE=mylimbo-com-cicd -kubectl create namespace ${NAMESPACE} || true diff --git a/deploy/flux/act-runner-mf-sync.yaml b/deploy/flux/act-runner-mf-sync.yaml new file mode 100644 index 0000000..cba727a --- /dev/null +++ b/deploy/flux/act-runner-mf-sync.yaml @@ -0,0 +1,17 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: act-runner-sync + namespace: mf-cicd +spec: + interval: 1m + sourceRef: + kind: GitRepository + name: git-limbosolutions-com + namespace: git-limbosolutions-com + path: deploy/act-runners/mf/app + prune: true + decryption: + provider: sops + secretRef: + name: flux-sops-age diff --git a/deploy/flux/act-runner-myLimbo-sync.yaml b/deploy/flux/act-runner-myLimbo-sync.yaml new file mode 100644 index 0000000..1f6a989 --- /dev/null +++ b/deploy/flux/act-runner-myLimbo-sync.yaml @@ -0,0 +1,17 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: act-runner-sync + namespace: mylimbo-com-cicd +spec: + interval: 1m + sourceRef: + kind: GitRepository + name: git-limbosolutions-com + namespace: git-limbosolutions-com + path: deploy/act-runners/myLimbo/app + prune: true + decryption: + provider: sops + secretRef: + name: flux-sops-age diff --git a/deploy/flux/kustomization.yaml b/deploy/flux/kustomization.yaml index 8d5d908..0933df8 100644 --- a/deploy/flux/kustomization.yaml +++ b/deploy/flux/kustomization.yaml @@ -7,6 +7,8 @@ resources: - backups-sync.yaml - act-runner-kb-sync.yaml - act-runner-limbosolutions-com-sync.yaml + - act-runner-mf-sync.yaml + - act-runner-myLimbo-sync.yaml secretGenerator: - name: flux-repo-ssh-credentials namespace: git-limbosolutions-com