From dc6cdb16867bf84981f8830706d0535b2f2fb8ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?M=C3=A1rcio=20Fernandes?= Date: Sat, 6 Jun 2026 00:56:37 +0000 Subject: [PATCH] flux: add image update automation --- README.md | 19 +++++-------------- deploy/app/image-policy.yaml | 13 +++++++++++++ deploy/app/image-repo.yaml | 7 +++++++ deploy/app/image-update-automation.yaml | 24 ++++++++++++++++++++++++ deploy/app/kustomization.yaml | 3 +++ deploy/app/statefulset.yaml | 4 +++- deploy/flux/app-sync.yaml | 2 +- deploy/flux/kustomization.yaml | 4 ++-- ops-scripts/apply-flux.sh | 3 +++ 9 files changed, 61 insertions(+), 18 deletions(-) create mode 100644 deploy/app/image-policy.yaml create mode 100644 deploy/app/image-repo.yaml create mode 100644 deploy/app/image-update-automation.yaml create mode 100755 ops-scripts/apply-flux.sh diff --git a/README.md b/README.md index 19fd862..aee2b9d 100644 --- a/README.md +++ b/README.md @@ -2,19 +2,10 @@ Currently hosted on [kubernetes cluster - casa](https://git.limbosolutions.com/myLimbo/casa). -## Namespace +## Setup and Deploy -```bash { cwd=../ terminalRows=15 } -kubectl create namespace mosquitto +Using flux for reconciliation. + +``` bash +./ops-scripts/apply-flux.sh ``` - -## Deploy - -- [deployment](./deploy/cicd-rbac.yaml) -- [cicd-rbac](./deploy/cicd-rbac.yaml) - -## Continuous Deploy - -Weekly cron update. - -[Gitea Workflow](./.gitea/workflows/%20deploy.yml) diff --git a/deploy/app/image-policy.yaml b/deploy/app/image-policy.yaml new file mode 100644 index 0000000..0ffff58 --- /dev/null +++ b/deploy/app/image-policy.yaml @@ -0,0 +1,13 @@ +apiVersion: image.toolkit.fluxcd.io/v1 +kind: ImagePolicy +metadata: + name: eclipse-mosquitto +spec: + imageRepositoryRef: + name: eclipse-mosquitto + filterTags: + pattern: '^latest$' + policy: + alphabetical: {} + digestReflectionPolicy: Always + interval: 24h \ No newline at end of file diff --git a/deploy/app/image-repo.yaml b/deploy/app/image-repo.yaml new file mode 100644 index 0000000..49ec7b8 --- /dev/null +++ b/deploy/app/image-repo.yaml @@ -0,0 +1,7 @@ +apiVersion: image.toolkit.fluxcd.io/v1 +kind: ImageRepository +metadata: + name: eclipse-mosquitto +spec: + image: eclipse-mosquitto + interval: 72h \ No newline at end of file diff --git a/deploy/app/image-update-automation.yaml b/deploy/app/image-update-automation.yaml new file mode 100644 index 0000000..5113473 --- /dev/null +++ b/deploy/app/image-update-automation.yaml @@ -0,0 +1,24 @@ +apiVersion: image.toolkit.fluxcd.io/v1 +kind: ImageUpdateAutomation +metadata: + name: lms +spec: + interval: 30m + sourceRef: + kind: GitRepository + name: mosquitto + git: + checkout: + ref: + branch: master + commit: + author: + name: FluxCD + email: flux@local + messageTemplate: | + Update mosquitto image. + push: + branch: master + update: + path: ./deploy/app/statefulset.yaml + strategy: Setters \ No newline at end of file diff --git a/deploy/app/kustomization.yaml b/deploy/app/kustomization.yaml index 211055a..14f070a 100644 --- a/deploy/app/kustomization.yaml +++ b/deploy/app/kustomization.yaml @@ -5,3 +5,6 @@ resources: - statefulset.yaml - pvc.yaml - secret.yaml + - image-policy.yaml + - image-repo.yaml + - image-update-automation.yaml \ No newline at end of file diff --git a/deploy/app/statefulset.yaml b/deploy/app/statefulset.yaml index 60e9ba4..eab7951 100644 --- a/deploy/app/statefulset.yaml +++ b/deploy/app/statefulset.yaml @@ -19,7 +19,9 @@ spec: hostNetwork: true containers: - name: mosquitto - image: eclipse-mosquitto:latest + ### Maintained by flux - Image Update Automation + image: eclipse-mosquitto:latest # {"$imagepolicy": "mqtt:eclipse-mosquitto"} + ### imagePullPolicy: Always command: ["/usr/sbin/mosquitto"] args: ["-c", "/etc/mosquitto/mosquitto.conf"] diff --git a/deploy/flux/app-sync.yaml b/deploy/flux/app-sync.yaml index f0f2b46..85816e3 100644 --- a/deploy/flux/app-sync.yaml +++ b/deploy/flux/app-sync.yaml @@ -6,7 +6,7 @@ spec: interval: 1m sourceRef: kind: GitRepository - name: lms + name: mosquitto path: deploy/app prune: true \ No newline at end of file diff --git a/deploy/flux/kustomization.yaml b/deploy/flux/kustomization.yaml index 074efaf..93e4bc1 100644 --- a/deploy/flux/kustomization.yaml +++ b/deploy/flux/kustomization.yaml @@ -5,13 +5,13 @@ resources: - app-sync.yaml secretGenerator: - name: flux-repo-ssh-credentials - namespace: lyrionmusicserver + namespace: mqtt files: - "identity=./.env.d/flux-repo-ssh-key" - "known_hosts=./.env.d/flux-repo-ssh-known_hosts" - "pubkey=./.env.d/flux-repo-ssh-key.pub" - name: flux-sops-age - namespace: lyrionmusicserver + namespace: mqtt files: - "age.agekey=./.env.d/age.agekey" generatorOptions: diff --git a/ops-scripts/apply-flux.sh b/ops-scripts/apply-flux.sh new file mode 100755 index 0000000..83157e0 --- /dev/null +++ b/ops-scripts/apply-flux.sh @@ -0,0 +1,3 @@ +#!/bin/bash +set -e +kubectl kustomize deploy/flux | kubectl apply -f - \ No newline at end of file