From 0f9cd11332c4d8ed170558d861f9b4791099e5ca Mon Sep 17 00:00:00 2001
From: aggarwalakshun <aggarwalakshun@gmail.com>
Date: Wed, 15 Oct 2025 20:00:50 +0530
Subject: [PATCH] Add Semaphore Kubernetes configuration files including
 ConfigMap, PVC, SealedSecret, Service, and Deployment

---
 .../git-ops/semaphore/semaphore-configmap.yml | 17 +++++
 .../git-ops/semaphore/semaphore-pvc.yml       | 14 ++++
 .../git-ops/semaphore/semaphore-secret.yml    | 16 +++++
 .../git-ops/semaphore/semaphore-svc.yml       | 13 ++++
 .../default/git-ops/semaphore/semaphore.yml   | 68 +++++++++++++++++++
 5 files changed, 128 insertions(+)
 create mode 100644 clusters/default/git-ops/semaphore/semaphore-configmap.yml
 create mode 100644 clusters/default/git-ops/semaphore/semaphore-pvc.yml
 create mode 100644 clusters/default/git-ops/semaphore/semaphore-secret.yml
 create mode 100644 clusters/default/git-ops/semaphore/semaphore-svc.yml
 create mode 100644 clusters/default/git-ops/semaphore/semaphore.yml

diff --git a/clusters/default/git-ops/semaphore/semaphore-configmap.yml b/clusters/default/git-ops/semaphore/semaphore-configmap.yml
new file mode 100644
index 0000000..a101dd4
--- /dev/null
+++ b/clusters/default/git-ops/semaphore/semaphore-configmap.yml
@@ -0,0 +1,17 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: semaphore-config
+  namespace: git-ops
+data:
+  SEMAPHORE_DB_USER: "semaphore"
+  SEMAPHORE_DB_HOST: "localhost"
+  SEMAPHORE_DB_PORT: "3306"
+  SEMAPHORE_DB_DIALECT: "mysql"
+  SEMAPHORE_DB: "semaphore"
+  SEMAPHORE_PLAYBOOK_PATH: "/tmp/semaphore"
+  SEMAPHORE_ADMIN_NAME: "admin"
+  SEMAPHORE_ADMIN_EMAIL: "aggarwalakshun@gmail.com"
+  SEMAPHORE_ADMIN: "admin"
+  SEMAPHORE_LDAP_ACTIVATED: "'no'"
diff --git a/clusters/default/git-ops/semaphore/semaphore-pvc.yml b/clusters/default/git-ops/semaphore/semaphore-pvc.yml
new file mode 100644
index 0000000..b83e2ba
--- /dev/null
+++ b/clusters/default/git-ops/semaphore/semaphore-pvc.yml
@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: semaphore-longhorn
+  namespace: git-ops
+spec:
+  accessModes:
+    - ReadWriteOnce
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 2Gi
+  storageClassName: longhorn
diff --git a/clusters/default/git-ops/semaphore/semaphore-secret.yml b/clusters/default/git-ops/semaphore/semaphore-secret.yml
new file mode 100644
index 0000000..e3a5d52
--- /dev/null
+++ b/clusters/default/git-ops/semaphore/semaphore-secret.yml
@@ -0,0 +1,16 @@
+---
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  name: semaphore-secrets
+  namespace: git-ops
+spec:
+  encryptedData:
+    admin_password: AgAwgKx0x3yOC9V3rZ+BUKO0+ZK/lWkWlbiCq/DvaKEHY8LS96hnxK2qVbV3kGMILvb2k4LMNV7nmn7JF/MmH5Usm/jZiO0wWfApj5h7CluKIJP/8jAMxKPUBEgpTfblSjN5OuuGv/8XzY1c/+OqhbLvOFic0FOBBCKjeo+zvhxgOsTh/IG54iwvLbUH91wHTN0MEOsonFeXywqMm0HW1zrHoAoaeLPjNLxyYZbRXLx09TRVKwL7dNetv63KpyZ72D8IWwfChdQtBHIEvRKPi83HkfNGFEo5GL/QEZpa7n5KerTdLV8/K/lucwrUigZEeFPEY0VDfVIMk5Qz2zpah/5giGvt7n48qsDlN6beUx9LTj0uQ/LHjNnG9+ysK4MKVEXOR4D/uZdjKu3KErWSxukcebINj6PGEdjwmH9RUJDDY06BDOuP7PbTX3N6IAEvIdbKmrKzGjPP9S9lyV/CkmU+vZfW2mnP0lbv0Xcswn4C3KoC2lS0cyWw65xHq/p1LX4zInfXJasdCMYZwDqGE/EzH//R4jTl1CnBRFN4MoI0nmjbWpjaBLE07c9G7RX6X3yTIlsYGj1TNlbRc2tjaRcE7MmTIEIlTTmPMLokt8Hv1HJuJ3OXwz4K4AvMO49O0skaDUd7FDSENVKmv2xDRwC46F+G6daB3v7Fdeqf32T5U98gZeG7gweUAqTDzhq7Xxg0GJHQxAEi2Jwwhw==
+    key: AgBryVT9XjgveRcNgs5Ic7qdwZEn1EPRYhMGdUICkiHqsNOyArYX3CnGt2mafn56shFRMLbKFyPX35YPy7bfDAgfzxJLuYwdZrTJWwiIwDe8+ZrRXCCGCBnhHE/ZUgqyGkjZH3yLFLI4UsE6sKaQ126GxQ1uIitHh/PydcF3FoDaJ3b2JyerhIApDpb4V7I/XyTcXq8i0R7LFI33v8u8WhvwrzQoxmvFYUf99qdLxcKebJUVr64Zap2DysT+/OERd8MA3nMISVz7lj0ioAG7rob2vBS28mhw8C+Zo4qeKymKx71QyCYYmbBipwqFc5bvlqvGrh7f6HcRTL5yidAYldgfS9Rzw3cVvXdYbCxWMxIeHr7DSaq6RLe7FqO0bOWbdcYlYQ4D2Isy88bJHn3e3WuffrQrrtXACmJwnTxVZkGDKoIhlXY9OyFT+WT4JywqHJJQsRJyxqTwoJFVtq4va2EkGlgNiyjyrxgtCtgFbsWFU8KucxGlFshHcyY+LzMHs3YPnUPnRMjaGYjUd1ZC8KOT+L+8Fl2HNeVgFR+HeygZutj5CP98DXQpsVHCfypWNi3fLLMTL5veQokYzo+Y2Lsrh0EXnYtEcdmorrtaj2+9TfsYW40tsd0Z+4/xuryyEOW9L01foHdkIE1ji77SVvlOr7YP9wrsaFcN7IV+X+EKk7pLfRl7I3qED3qT22PSSJyFZzzlvP2SkkzioBEirT48yPWmxTDFtTQ=
+    mysql_password: AgA8yEUzJC44c0L+oZlprdWpfcUffiE6DvOylxn5JcNOOzKY1w2/f2jHtJAW19PZzEin97GvNGtccPsKod4wc5wMHz4TRoE3SHa0RGYBff0C5toKgIdDz9Lx5pMyP80D9zBVlUKcMnQYspOENwB1sQLXMY2oeKl8IXyKNIN8F8/AwPjJrWxoD+9R1IKtnD7HOuERymV51wsB/o2WMaCP07m3den9fDAvrpeC8AHnLPdGNscP0qSRzrW78dJx7DNQCRmUzawGtqEDrAEu/u7VG/1FxAsYnLQAyMh7DshA4IEkaEBanaMDQXxqtfb1wlBGBQc+9kQPWpRL7eyZbUinvKzOW7t29BEw95Xbxpq3iThbS27faWUoK9FKoKZ/crMGbTCSvk508Ll93tK1LNUwSybVQAEhoHr4qLrLp9s1jbDi1gk2tzqvwUAGnXlqpl0isfPwtthCFUedmgFGwuojDjk0KECX4fd8GCKaSe2aZ0+fn4cHKZs3jtJ81+kNUXEz6bHfFMJB3AV5T/nVKk/7KuMDQYAW+v45eUjGKFunFFnWTH4o28Hmi6xn4PHOV2+y2MZflVyNoTUb6m5cTKHXW7+rydfx0WiC/0Gp0Vma0BgITLNasGQH0x2CrxVUjhljZNzHMhCmgVWiQRi3FCmYI5HpQasaCxYpsLAWpRVRqjOYzjBGTj6Wz2puP7N/mMxo6hOF4ZmPUT8JnN8jIw==
+  template:
+    metadata:
+      name: semaphore-secrets
+      namespace: git-ops
+    type: Opaque
diff --git a/clusters/default/git-ops/semaphore/semaphore-svc.yml b/clusters/default/git-ops/semaphore/semaphore-svc.yml
new file mode 100644
index 0000000..50b82df
--- /dev/null
+++ b/clusters/default/git-ops/semaphore/semaphore-svc.yml
@@ -0,0 +1,13 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: semaphore-service
+  namespace: git-ops
+spec:
+  type: LoadBalancer
+  selector:
+    app: semaphore
+  ports:
+  - port: 3002
+    targetPort: 3000
diff --git a/clusters/default/git-ops/semaphore/semaphore.yml b/clusters/default/git-ops/semaphore/semaphore.yml
new file mode 100644
index 0000000..ed1e11f
--- /dev/null
+++ b/clusters/default/git-ops/semaphore/semaphore.yml
@@ -0,0 +1,68 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: semaphore
+  namespace: git-ops
+spec:
+  strategy:
+    type: Recreate
+  replicas: 1
+  selector:
+    matchLabels:
+      app: semaphore
+  template:
+    metadata:
+      labels:
+        app: semaphore
+    spec:
+      initContainers:
+      - name: mysql
+        image: mysql:9.4.0
+        restartPolicy: Always
+        ports:
+        - containerPort: 3306
+        env:
+        - name: MYSQL_RANDOM_ROOT_PASSWORD
+          value: "'yes'"
+        - name: MYSQL_DATABASE
+          value: "semaphore"
+        - name: MYSQL_USER
+          value: "semaphore"
+        - name: MYSQL_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: semaphore-secrets
+              key: mysql_password
+        volumeMounts:
+        - name: db
+          mountPath: /var/lib/mysql
+          subPath: db
+      containers:
+      - name: semaphore
+        image: public.ecr.aws/semaphore/pro/server:v2.16.34
+        ports:
+        - containerPort: 3000
+        envFrom:
+        - configMapRef:
+            name: semaphore-config
+        env:
+        - name: SEMAPHORE_ADMIN_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: semaphore-secrets
+              key: admin_password
+        - name: SEMAPHORE_DB_PASS
+          valueFrom:
+            secretKeyRef:
+              name: semaphore-secrets
+              key: mysql_password
+        - name: SEMAPHORE_ACCESS_KEY_ENCRYPTION
+          valueFrom:
+            secretKeyRef:
+              name: semaphore-secrets
+              key: key
+      volumes:
+      - name: db
+        persistentVolumeClaim:
+          claimName: semaphore-longhorn
-- 
2.49.1