[stage-3] create atlantis helm chart

update readme
2025-12-25 15:22:36 +03:00 · 2023-03-22 10:31:17 +07:00
parent 02b0b7d931
commit 72d269640e
9 changed files with 159 additions and 1 deletions
--- a/k8s/helm/atlantis/.helmignore
+++ b/k8s/helm/atlantis/.helmignore
@@ -0,0 +1,23 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *.orig
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
 .vscode/
--- a/k8s/helm/atlantis/Chart.yaml
+++ b/k8s/helm/atlantis/Chart.yaml
@@ -0,0 +1,6 @@
 apiVersion: v2
 name: atlantis
 description: atlantis simple helm chart
 type: application
 version: 1.0.3
 appVersion: v0.23.3
--- a/k8s/helm/atlantis/templates/NOTES.txt
+++ b/k8s/helm/atlantis/templates/NOTES.txt
@@ -0,0 +1,6 @@
 ---------------------------------------------------------
 Atlantis release is done.
 Deployed version {{ .Chart.AppVersion }}.
 ---------------------------------------------------------
--- a/k8s/helm/atlantis/templates/deployment.yaml
+++ b/k8s/helm/atlantis/templates/deployment.yaml
@@ -0,0 +1,56 @@
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  labels:
    app: {{ .Chart.Name }}-{{ .Values.environment }}
    service: atlantis
  name: {{ .Chart.Name }}-{{ .Values.environment }}
 spec:
  replicas: {{ .Values.atlantis.replicasCount }}
  selector:
    matchLabels:
      app: {{ .Chart.Name }}-{{ .Values.environment }}
      service: atlantis
  template:
    metadata:
      labels:
        app: {{ .Chart.Name }}-{{ .Values.environment }}
        service: atlantis
    spec:
      containers:
        - image: {{ .Values.image.name }}:{{ .Chart.AppVersion }}
          imagePullPolicy: Always
          name: atlantis
          ports:
            - name: web
              containerPort: 4141
          env:
            - name: ATLANTIS_GH_USER
              value: {{ .Values.atlantis.config.github.user }}
            - name: ATLANTIS_GH_TOKEN
              valueFrom:
                secretKeyRef:
                  name: {{ .Chart.Name }}-{{ .Values.environment }}
                  key: github_token
            - name: ATLANTIS_GH_WEBHOOK_SECRET
              valueFrom:
                secretKeyRef:
                  name: {{ .Chart.Name }}-{{ .Values.environment }}
                  key: github_secret
            - name: ATLANTIS_REPO_ALLOWLIST
              value: {{ toYaml (.Values.atlantis.config.orgAllowlist) }}
            - name: ATLANTIS_ALLOW_COMMANDS
              value: {{ .Values.atlantis.config.allowCommands }}
          resources:
            {{- toYaml .Values.atlantis.resources | nindent 12 }}
          livenessProbe:
            httpGet:
              path: /healthz
              port: 4141
            initialDelaySeconds: 5
            periodSeconds: 60
            timeoutSeconds: 5
            successThreshold: 1
            failureThreshold: 5
      terminationGracePeriodSeconds: 30
--- a/k8s/helm/atlantis/templates/ingress.yaml
+++ b/k8s/helm/atlantis/templates/ingress.yaml
@@ -0,0 +1,20 @@
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: {{ .Chart.Name }}-{{ .Values.environment }}-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    ingress.kubernetes.io/rewrite-target: /
 spec:
  rules:
    - host: atlantis-gw.my.to
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: {{ .Chart.Name }}-{{ .Values.environment }}
                port:
                  number: 4141
--- a/k8s/helm/atlantis/templates/secret.yaml
+++ b/k8s/helm/atlantis/templates/secret.yaml
@@ -0,0 +1,8 @@
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ .Chart.Name }}-{{ .Values.environment }}
 data:
  github_token: {{ .Values.atlantis.config.github.token | b64enc }}
  github_secret: {{ .Values.atlantis.config.github.secret | b64enc }}
--- a/k8s/helm/atlantis/templates/service.yaml
+++ b/k8s/helm/atlantis/templates/service.yaml
@@ -0,0 +1,12 @@
 ---
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ .Chart.Name }}-{{ .Values.environment }}
 spec:
  ports:
    - name: web
      port: 4141
  selector:
    app: {{ .Chart.Name }}-{{ .Values.environment }}
    service: atlantis
--- a/k8s/helm/atlantis/values.yaml
+++ b/k8s/helm/atlantis/values.yaml
@@ -0,0 +1,22 @@
 environment: production
 image:
  name: ghcr.io/runatlantis/atlantis
 atlantis:
  config:
    orgAllowlist: github.com/Dannecron/*
    github:
      user: Dannecron
      token: personal-access-token
      secret: token-secret
    allowCommands: "version,plan,state"
  replicasCount: 1
  resources:
    requests:
      memory: 512Mi
      cpu: 100m
    limits:
      memory: 1Gi
      cpu: 100m
--- a/readme.md
+++ b/readme.md
@@ -82,4 +82,9 @@ ansible-playbook -i ansible/kubectl_init kubectl_init.yml
    helm upgrade simple-app k8s/helm/simple-app
    ```
 * [atlantis](https://www.runatlantis.io)
-  // todo
+
    ```shell
    helm install --set "atlantis.config.github.token=<access_token>" --set "atlantis.config.github.secret=<token_secret>" atlantis k8s/helm/atlantis
    ```
    где `<access_token>`, `<token_secret>` - это данные персонального access-токена, созданного на github.