test de ingressroute

move kustomize
fix quotes
2021-08-06 21:51:24 -04:00 · 2021-06-24 17:25:41 -04:00 · 2021-06-24 16:21:39 -04:00 · 2021-06-24 16:05:01 -04:00 · 2021-06-24 15:51:22 -04:00 · 2021-06-24 14:12:09 -04:00
7 changed files with 134 additions and 34 deletions
--- a/14
+++ b/14
@ -2,16 +2,10 @@ pipeline {
  environment {
    registry = 'https://registry.hub.docker.com'
    registryCredential = 'dockerhub_jcabillot'
-    dockerImage = 'jcabillot/ip:arm64'
+    dockerImage = 'jcabillot/ip'
  }

-  //agent any
-  agent {
-    kubernetes {
-      defaultContainer 'docker' // All `steps` instructions will be executed by this container
-      yamlFile 'Jenkinsfile-pod-template.yml'
-    }
-  }
+  agent any

  triggers {
    cron('@midnight')
@ -20,15 +14,13 @@ pipeline {
  stages {
    stage('Clone repository') {
      steps{
-        container('jnlp') {
        checkout scm
      }
    }
-    }

    stage('Build image') {
      steps{
-        sh 'docker build --build-arg VERSION=arm64 --force-rm=true --no-cache=true --pull -t ${dockerImage} .'
+        sh 'docker build --force-rm=true --no-cache=true --pull -t ${dockerImage} .'
      }
    }

--- a/Jenkinsfile-pod-template.yml
+++ b/Jenkinsfile-pod-template.yml
@ -1,22 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  labels:
-    jenkins: 'true'
-spec:
-  containers:
-  - name: jnlp
-    image: 'jcabillot/docker-inbound-agent-arm64'
-  - name: docker
-    image: docker:20.10-dind
-    securityContext:
-      privileged: true
-    #volumeMounts:
-    #- mountPath: '/var/run/docker.sock'
-    #  name: docker-socket
-  #volumes:
-  #- name: docker-socket
-  #  hostPath:
-  #    path: '/var/run/docker.sock'
-  securityContext:
-    runAsUser: 0
--- a/kustomize/depl.yml
+++ b/kustomize/depl.yml
@ -0,0 +1,35 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: "ip"
+  labels:
+    app: "front"
+spec:
+  template:
+    metadata:
+      name: "front-apache"
+      labels:
+        owner: "jcabillot"
+        app: "front"
+    spec:
+      automountServiceAccountToken: false
+      containers:
+        - name:  "front-apache"
+          image: "jcabillot/ip"
+          ports:
+            - name: "http"
+              containerPort: 8080
+              protocol: "TCP"
+          livenessProbe:
+            httpGet:
+              path: "/"
+              port: "http"
+          readinessProbe:
+            httpGet:
+              path: "/"
+              port: "http"
+
+  replicas: 1
+  selector:
+    matchLabels:
+      app: "front"
--- a/kustomize/ingress.yml
+++ b/kustomize/ingress.yml
@ -0,0 +1,25 @@
+---
+#apiVersion: networking.k8s.io/v1
+#kind: Ingress
+#metadata:
+#  name: "ip"
+#  annotations:
+#    kubernetes.io/ingress.class: "traefik"
+#    traefik.ingress.kubernetes.io/router.entrypoints: "web,websecure"
+#    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+#spec:
+#  tls:
+#    - hosts:
+#        - "ip.opti.cabillot.eu"
+#      secretName: "ipcabilloteu-tls"
+#  rules:
+#  - host: "ip.opti.cabillot.eu"
+#    http:
+#      paths:
+#      - path: "/"
+#        pathType: "Prefix"
+#        backend:
+#          service:
+#            name: "ip"
+#            port:
+#              name: "http"
--- a/kustomize/ingressroute.yml
+++ b/kustomize/ingressroute.yml
@ -0,0 +1,50 @@
+---
+# TODO: Named port for service
+# but currently unsupported on my k3s cluster https://github.com/traefik/traefik/pull/7668
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: "ip-websecure"
+spec:
+  entryPoints:
+    - "websecure"
+  routes:
+  - kind: Rule
+    match: Host(`ip.opti.cabillot.eu`)
+    middlewares: []
+    priority: 10
+    services:
+    - kind: Service
+      name: "ip"
+      port: 80
+  tls:
+    secretName: "ipcabilloteu-tls"
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: "ip-web"
+spec:
+  entryPoints:
+    - "web"
+  routes:
+  - match: Host(`ip.opti.cabillot.eu`)
+    kind: Rule
+    priority: 10
+    services:
+    # in this IngressRoute the service will be never called
+    # because of the redirect middleware BUT DO NOT REMOVE !
+    - kind: Service
+      name: "ip"
+      port: 80
+    middlewares:
+    - name: "httpsredirect"
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: "httpsredirect"
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true
--- a/kustomize/kustomization.yaml
+++ b/kustomize/kustomization.yaml
@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- depl.yml
+- ingress.yml
+- ingressroute.yml
+- svc.yml
--- a/kustomize/svc.yml
+++ b/kustomize/svc.yml
@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: 'ip'
+spec:
+  type: "ClusterIP"
+  ports:
+    - name: "http"
+      port: 80
+      protocol: "TCP"
+      targetPort: "http"
+  selector:
+    app: "front"
Author	SHA1	Message	Date
Julien Cabillot	13193d699e	test de ingressroute All checks were successful Web/ip/pipeline/head This commit looks good Details web/ip/pipeline/head This commit looks good Details	2021-08-06 21:51:24 -04:00
Julien Cabillot	d27c5c9684	move kustomize	2021-06-24 17:25:41 -04:00
Julien Cabillot	36820d3232	fix quotes	2021-06-24 16:21:39 -04:00
Julien Cabillot	fe7b01eb72	define type even if default	2021-06-24 16:05:01 -04:00
Julien Cabillot	c7969bfe6e	sec: remove service account creds	2021-06-24 15:51:22 -04:00
Julien Cabillot	291cea689e	add kustomization.yml All checks were successful Web/ip/pipeline/head This commit looks good Details	2021-06-24 14:12:09 -04:00