Last active
November 24, 2020 18:13
-
-
Save fieldju/670c1696d202ebd211876eff99ec45f5 to your computer and use it in GitHub Desktop.
Justin's Operator Config for his microk8s operator shrek env
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: spinnaker.armory.io/v1alpha2 | |
| kind: SpinnakerService | |
| metadata: | |
| name: spinnaker-armory-dev | |
| namespace: spinnaker-armory-dev | |
| spec: | |
| spinnakerConfig: | |
| config: | |
| version: 2.22.0 | |
| persistentStorage: | |
| persistentStoreType: s3 | |
| s3: | |
| bucket: armory-fieldju-dev | |
| rootFolder: microk8s-armory-dev/persistent-storage | |
| region: us-west-2 | |
| features: | |
| auth: false | |
| fiat: false | |
| chaos: false | |
| entityTags: false | |
| artifacts: true | |
| artifactsRewrite: true | |
| timezone: America/Los_Angeles | |
| artifacts: | |
| github: | |
| enabled: true | |
| accounts: | |
| - name: github | |
| username: armory-jenkins | |
| token: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:jenkins-user-gh-api-token | |
| - name: public-github | |
| gitrepo: | |
| enabled: true | |
| accounts: | |
| - name: github | |
| username: armory-jenkins | |
| token: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:jenkins-user-gh-api-token | |
| sshTrustUnknownHosts: false | |
| http: | |
| enabled: true | |
| accounts: | |
| - name: public-http | |
| canary: | |
| enabled: true | |
| serviceIntegrations: | |
| - name: aws | |
| enabled: true | |
| accounts: | |
| - name: aws-dev-s3-canary-storage | |
| bucket: armory-fieldju-dev | |
| rootFolder: microk8s-dev/canary-persistent-storage | |
| region: us-west-2 | |
| supportedTypes: | |
| - CONFIGURATION_STORE | |
| - OBJECT_STORE | |
| - name: newrelic | |
| enabled: true | |
| accounts: | |
| - name: new-relic-armory-managed | |
| apiKey: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:new-relic-query-key | |
| applicationKey: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:new-relic-account-id | |
| supportedTypes: | |
| - METRICS_STORE | |
| reduxLoggerEnabled: true | |
| defaultJudge: NetflixACAJudge-v1.0 | |
| stagesEnabled: true | |
| templatesEnabled: true | |
| showAllConfigsEnabled: true | |
| stats: | |
| enabled: false | |
| armory: | |
| dinghy: | |
| enabled: false | |
| diagnostics: | |
| enabled: false | |
| terraform: | |
| enabled: true | |
| git: | |
| enabled: true | |
| accessToken: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:jenkins-user-gh-api-token | |
| username: armory-jenkins | |
| providers: | |
| kubernetes: | |
| enabled: false | |
| aws: | |
| enabled: true | |
| primaryAccount: acme-prod | |
| accounts: | |
| - name: acme-prod | |
| accountId: "510537551160" | |
| assumeRole: arn:aws:iam::510537551160:role/spinnaker-iam-role-SpinnakerManagedIamRole-6KXHPWYHC6SE | |
| externalId: my-external-id | |
| permissions: {} | |
| providerVersion: V1 | |
| regions: | |
| - name: us-west-2 | |
| bakeryDefaults: | |
| awsAssociatePublicIpAddress: true | |
| templateFile: node-application.json | |
| defaultVirtualizationType: hvm | |
| awsSubnetId: subnet-00c959f42907f31f4 | |
| awsVpcId: vpc-04c0cd4adb36b1863 | |
| baseImages: | |
| - baseImage: | |
| id: ubuntu | |
| shortDescription: v20.04 | |
| detailedDescription: Canonical, Ubuntu, 20.04 LTS, amd64 focal image build on 2020-09-24 | |
| packageType: deb | |
| virtualizationSettings: | |
| - region: us-west-2 | |
| virtualizationType: hvm | |
| instanceType: t2.micro | |
| sourceAmi: ami-02c45ea799467b51b | |
| sshUserName: ubuntu | |
| spotPrice: 0 | |
| spotPriceAutoProduct: Linux/UNIX (Amazon VPC) | |
| features: | |
| cloudFormation: | |
| enabled: true | |
| defaultRegions: | |
| - name: us-west-2 | |
| service-settings: | |
| clouddriver: | |
| artifactId: docker.io/armory/clouddriver:2.21.7-externalId.2 | |
| env: | |
| AWS_REGION: us-west-2 | |
| kubernetes: | |
| podAnnotations: | |
| iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile | |
| deck: | |
| kubernetes: | |
| podAnnotations: | |
| iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile | |
| echo: | |
| kubernetes: | |
| podAnnotations: | |
| iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile | |
| fiat: | |
| kubernetes: | |
| podAnnotations: | |
| iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile | |
| front50: | |
| kubernetes: | |
| podAnnotations: | |
| iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile | |
| gate: | |
| kubernetes: | |
| podAnnotations: | |
| iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile | |
| igor: | |
| kubernetes: | |
| podAnnotations: | |
| iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile | |
| kayenta: | |
| kubernetes: | |
| podAnnotations: | |
| iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile | |
| orca: | |
| kubernetes: | |
| podAnnotations: | |
| iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile | |
| rosco: | |
| artifactId: registry.fieldju.com:32000/rosco:2.22.0-RC4 | |
| kubernetes: | |
| podAnnotations: | |
| iam.amazonaws.com/role: arn:aws:iam::025179128306:role/SpinnakerManagedProfile | |
| profiles: | |
| # UI Settings | |
| deck: | |
| settings-local.js: | | |
| window.spinnakerSettings.feature.kustomizeEnabled = true; | |
| window.spinnakerSettings.feature.artifactsRewrite = true; | |
| window.spinnakerSettings.feature.terraform = true; | |
| // wtf! | |
| # Rosco | |
| rosco: | |
| packer: | |
| additionalParameters: | |
| - -var | |
| - encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:artifactory-username-packer-var | |
| - -var | |
| - encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:artifactory-password-packer-var | |
| # Global Settings | |
| spinnaker: | |
| spinnaker: | |
| extensibility: | |
| plugins: | |
| Armory.ObservabilityPlugin: | |
| enabled: false | |
| version: 1.0.0 | |
| config.metrics: | |
| armoryRecommendedFiltersEnabled: true | |
| additionalTags: | |
| customerName: fieldju | |
| customerEnvName: armory-dev | |
| newrelic: | |
| enabled: true | |
| apiKey: encrypted:secrets-manager!r:us-west-2!s:spinnaker-development-secrets!k:new-relic-insert-key | |
| stepInSeconds: 120 | |
| meterRegistryConfig.armoryRecommendedFiltersEnabled: true | |
| repositories: | |
| armory-observability-plugin-releases: | |
| url: https://raw.githubusercontent.com/armory-plugins/armory-observability-plugin-releases/master/repositories.json | |
| files: | |
| profiles__rosco__packer__node-application.json: | | |
| { | |
| "variables": { | |
| "aws_access_key": "", | |
| "aws_secret_key": "", | |
| "aws_region": null, | |
| "aws_source_ami": null, | |
| "aws_target_ami": null, | |
| "aws_subnet_id": "{{env `AWS_SUBNET_ID`}}", | |
| "aws_vpc_id": "{{env `AWS_VPC_ID`}}", | |
| "aws_ssh_username": null, | |
| "artifactory_username": null, | |
| "artifactory_password": null, | |
| "packages": null | |
| }, | |
| "builders": [{ | |
| "type": "amazon-ebs", | |
| "assume_role": { | |
| "role_arn" : "arn:aws:iam::510537551160:role/spinnaker-iam-role-SpinnakerManagedIamRole-6KXHPWYHC6SE", | |
| "session_name": "ami-bake", | |
| "external_id": "my-external-id" | |
| }, | |
| "access_key": "{{user `aws_access_key`}}", | |
| "secret_key": "{{user `aws_secret_key`}}", | |
| "vpc_id": "{{user `aws_vpc_id`}}", | |
| "subnet_id": "{{user `aws_subnet_id`}}", | |
| "region": "{{user `aws_region`}}", | |
| "source_ami": "{{user `aws_source_ami`}}", | |
| "ami_name": "{{user `aws_target_ami`}}", | |
| "instance_type": "t2.micro", | |
| "ssh_pty": true, | |
| "ssh_timeout": "5m", | |
| "ssh_username": "{{user `aws_ssh_username`}}", | |
| "tags" : { | |
| "base_ami" : "{{user `aws_source_ami`}}", | |
| "ami_creation_time": "{{timestamp}}" | |
| } | |
| }], | |
| "provisioners": [ | |
| { | |
| "type" : "file", | |
| "source" : "/opt/rosco/config/packer/ecosystem.config.js.mustache", | |
| "destination": "/tmp/ecosystem.config.js.mustache" | |
| }, | |
| { | |
| "type" : "file", | |
| "source" : "/opt/rosco/config/packer/setup-artifact.sh", | |
| "destination": "/tmp/setup-artifact.sh" | |
| }, | |
| { | |
| "type": "shell", | |
| "inline": [ | |
| "bash /tmp/setup-artifact.sh" | |
| ], | |
| "environment_vars": [ | |
| "ARTIFACTORY_USER={{user `artifactory_username`}}", | |
| "ARTIFACTORY_PASSWORD={{user `artifactory_password`}}", | |
| "PACKAGE={{user `packages`}}" | |
| ] | |
| } | |
| ] | |
| } | |
| profiles__rosco__packer__setup-artifact.sh: | | |
| #!/usr/bin/env bash | |
| ############################# | |
| # Install NVM | |
| ############################# | |
| curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.36.0/install.sh | bash | |
| export NVM_DIR="$HOME/.nvm" | |
| [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm | |
| ############################# | |
| # Install latest node lts | |
| ############################# | |
| nvm install --lts | |
| ############################# | |
| # Install latest pm2 | |
| ############################# | |
| npm install pm2@latest -g | |
| export NVM_DIR=\"$HOME/.nvm\" | |
| [ -s \"$NVM_DIR/nvm.sh\" ] && \\. \"$NVM_DIR/nvm.sh\" | |
| # Set up artifact | |
| sudo mkdir -p /opt/node-app/ | |
| sudo chown -R ubuntu:ubuntu /opt/node-app/ | |
| # CD to app dir | |
| cd /opt/node-app/ | |
| # Install Mustache | |
| sudo apt update && sudo apt install -y unzip | |
| wget https://github.com/quantumew/mustache-cli/releases/download/v1.0.0/mustache-cli-linux-amd64.zip | |
| unzip mustache-cli-linux-amd64.zip | |
| chmod +x mustache | |
| # Install artifact | |
| echo '@armory:registry=https://armory.jfrog.io/artifactory/api/npm/npm-all' > .npmrc | |
| echo 'registry=https://armory.jfrog.io/artifactory/api/npm/npm-all' >> .npmrc | |
| curl -u${ARTIFACTORY_USER}:${ARTIFACTORY_PASSWORD} https://armory.jfrog.io/artifactory/api/npm/auth >> .npmrc | |
| npm install @armory/${PACKAGE} | |
| # Inject package name into pm2 ecosystem file | |
| ./mustache ENV /tmp/ecosystem.config.js.mustache > /opt/node-app/ecosystem.config.js | |
| # Misc clean up | |
| rm -fr mustache-cli-linux-amd64.zip mustache .npmrc /tmp/ecosystem.config.js.mustache | |
| # Configure PM2 to run the artifact | |
| pm2 start /opt/node-app/ecosystem.config.js | |
| pm2 save | |
| sudo env PATH=$PATH:/home/ubuntu/.nvm/versions/node/$(node -v)/bin /home/ubuntu/.nvm/versions/node/$(node -v)/lib/node_modules/pm2/bin/pm2 startup systemd -u ubuntu --hp /home/ubuntu | |
| profiles__rosco__packer__ecosystem.config.js.mustache: | | |
| module.exports = { | |
| apps : [{ | |
| name : "Node Application", | |
| script : "/opt/node-app/node_modules/@armory/{{ PACKAGE }}/dist/main.js", | |
| cwd : "/opt/node-app", | |
| watch : true, | |
| env: { | |
| "NODE_ENV": "production", | |
| } | |
| }] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment