myLimbo/casa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

modified: .gitea/workflows/casa-services-deploy.yaml
All checks were successful
Deploy Casa services CI/CD Pipeline / deploy (push) Successful in 17s
Details
Monitoring services CI/CD Pipeline / deploy (push) Successful in 17s
Details

Browse Source 
modified:   .gitea/workflows/monitoring-deploy.yaml
modified:   monitoring/cicd-rbac.yaml
This commit is contained in:
Márcio Fernandes
2025-11-22 21:45:17 +00:00
parent b02382a4d4
commit 8fe822ef32
3 changed files with 44 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.gitea/workflows/casa-services-deploy.yaml
View File

@@ -6,7 +6,13 @@ on:
- fix/* - fix/*
- main - main
- master - master
paths:
- 'services/**'
- '.gitea/workflows/casa-services**'
pull_request: pull_request:
paths:
- 'monitoring/**'
- '.gitea/workflows/monitoring**'
schedule: schedule:
- cron: '0 15 * * 0' # every sunday 3 pm - cron: '0 15 * * 0' # every sunday 3 pm

8
.gitea/workflows/monitoring-deploy.yaml
View File

@@ -6,7 +6,13 @@ on:
- fix/* - fix/*
- main - main
- master - master
paths:
- 'monitoring/**'
- '.gitea/workflows/monitoring**'
pull_request: pull_request:
paths:
- 'monitoring/**'
- '.gitea/workflows/monitoring**'
schedule: schedule:
- cron: '0 15 * * 0' # every sunday 3 pm - cron: '0 15 * * 0' # every sunday 3 pm
@@ -45,5 +51,5 @@ jobs:
helm repo add grafana https://grafana.github.io/helm-charts helm repo add grafana https://grafana.github.io/helm-charts
# Install & Upgrade # Install & Upgrade
helm upgrade --install promtail grafana/promtail --namespace monitoring \ helm upgrade --install promtail grafana/promtail --namespace monitoring \
--values=./monitoring/promtail/values.yaml --set config.clients[0].url=${LOKI_URL} --debug --values=./monitoring/promtail/values.yaml --set config.clients[0].url=${LOKI_URL}

33
monitoring/cicd-rbac.yaml
View File

@@ -7,10 +7,10 @@ metadata:
name: ci-cd name: ci-cd
rules: rules:
- apiGroups: [""] - apiGroups: [""]
resources: ["pods", "services", "secrets", "configmaps", "persistentvolumeclaims", "endpoints"] resources: ["pods", "services", "secrets", "configmaps", "persistentvolumeclaims", "endpoints", "serviceaccounts"]
verbs: ["get", "watch", "list", "create", "update", "patch", "delete"] verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]
- apiGroups: ["apps"] - apiGroups: ["apps"]
resources: ["deployments", "statefulsets"] resources: ["deployments", "statefulsets","daemonsets"]
verbs: ["get", "watch", "list", "create", "update", "patch", "delete"] verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]
- apiGroups: ["networking.k8s.io"] - apiGroups: ["networking.k8s.io"]
resources: ["ingresses"] resources: ["ingresses"]
@@ -18,6 +18,10 @@ rules:
- apiGroups: ["traefik.io"] - apiGroups: ["traefik.io"]
resources: ["ingressroutes"] resources: ["ingressroutes"]
verbs: ["get", "watch", "list", "create", "update", "patch", "delete"] verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["clusterroles", "clusterrolebindings"]
verbs: ["get", "list", "create", "update", "patch", "delete"]
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
@@ -32,3 +36,28 @@ roleRef:
kind: Role kind: Role
name: ci-cd name: ci-cd
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: ci-cd-cluster
rules:
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["clusterroles", "clusterrolebindings"]
verbs: ["get", "list", "create", "update", "patch", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: ci-cd-clusterbinding
subjects:
- kind: ServiceAccount
name: casa-ci-cd
namespace: home-assistant
roleRef:
kind: ClusterRole
name: ci-cd-cluster
apiGroup: rbac.authorization.k8s.io