aggarwalakshun/public-k3s
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Add Kubernetes manifests for Drone application including PVC, RBAC, Service, Deployment, and SealedSecret

Browse Source
This commit is contained in:
Akshun Aggarwal
2025-06-15 10:00:33 +05:30
parent 352643e720
commit 8a9ac3ec15
5 changed files with 161 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
cluster/apps/drone/drone-pvc.yml Normal file
View File

@@ -0,0 +1,13 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: longhorn-drone
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: longhorn
resources:
requests:
storage: 1Gi

40
cluster/apps/drone/drone-rbac.yml Normal file
View File

@@ -0,0 +1,40 @@
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
namespace: default
name: drone
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- delete
- apiGroups:
- ""
resources:
- pods
- pods/log
verbs:
- get
- create
- delete
- list
- watch
- update
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: drone
namespace: default
subjects:
- kind: ServiceAccount
name: default
namespace: default
roleRef:
kind: Role
name: drone
apiGroup: rbac.authorization.k8s.io

14
cluster/apps/drone/drone-svc.yml Normal file
View File

@@ -0,0 +1,14 @@
---
apiVersion: v1
kind: Service
metadata:
name: drone-server-service
namespace: default
spec:
selector:
app.kubernetes.io/name: drone
type: LoadBalancer
ports:
- port: 4338
targetPort: 443
protocol: TCP

78
cluster/apps/drone/drone.yml Normal file
View File

@@ -0,0 +1,78 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: drone
labels:
app.kubernetes.io/name: drone
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: drone
template:
metadata:
labels:
app.kubernetes.io/name: drone
spec:
initContainers:
- name: wait-for-gitea
image: busybox
command:
- sh
- -c
- |
while ! nc -z gitea-int-service 3000; do
echo "Waiting for Gitea to be ready..."
sleep 5
done
echo "Gitea is ready!"
- name: drone-server
image: drone/drone:2
restartPolicy: Always
env:
- name: DRONE_GITEA_SERVER
value: "https://gitea-int-service:3000"
- name: DRONE_GITEA_CLIENT_ID
valueFrom:
secretKeyRef:
name: drone-gitea-secrets
key: client_id
- name: DRONE_GITEA_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: drone-gitea-secrets
key: client_secret
- name: DRONE_RPC_SECRET
valueFrom:
secretKeyRef:
name: drone-gitea-secrets
key: rpc_secret
- name: DRONE_SERVER_HOST
value: "drone-server-service:4338"
- name: DRONE_SERVER_PROTO
value: "http"
volumeMounts:
- name: drone-data
mountPath: /data
containers:
- name: drone-runner
image: drone/drone-runner-kube:latest
env:
- name: DRONE_RPC_SERVER
value: "http://drone-server-service:4338"
- name: DRONE_RPC_SECRET
valueFrom:
secretKeyRef:
name: drone-gitea-secrets
key: rpc_secret
- name: DRONE_RPC_HOST
value: "drone-server-service:4338"
- name: DRONE_RPC_SECRET
valueFrom:
secretKeyRef:
name: drone-gitea-secrets
key: rpc_secret
volumes:
- name: drone-data
persistentVolumeClaim:
claimName: longhorn-drone

16
cluster/config/secrets/drone-secrets-sealed.yml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: drone-gitea-secret
namespace: default
spec:
encryptedData:
client_id: AgCjjXzE9hPk0Vlw6f533kN2HbN0YIiL7RPNk8ZT0sXo6QaOamLA8lvRraiYjYkI2Y+hKIgry9mjA/60Q8kdnyn/Vjz6NRZleHzXPUqWI1qUh1BuFyfnJ/adYiqyWsK3JUqmU611Ul9jdHzwlCSlXl9mBMs3ldujlQtlWkRN4rYCm8sFKI6JSkc9Zv0QVFNktPxqnAA+sdxpF583XsB8AfTfUCl/uw9s8C7bzxjSOvH3hyYuv74AfyyjDmO2XeoQQjghpjnay8nhX8lWhcFN9rXlT0oH8c1KySOdWEvMrPV8AWMLz0mf0kUDyp3MDegO1FESmnfwAj0GGCDKtEaUca8FgLObOSwKeAL0tC7LweXTMJC9UyTPLw1L3cVUlEPM5GQkV66QhMjB6Xdvl1RZQQeBNpor+/C+78prszsG0nJqo+lYZLp+u+dYZnkPCQzMa7P+9AZ+iqYTA1puPyKKFLHIPVNlOsXT7+XTv7/8vD3ECnmBq9Gsoa1NJ6p+WNZtaB/SUn8wzLy/aoFShrJm1B6809D7vKVVf6SGTu7nbg1yzeDyQiasZJwsHzPVxFhsl7MgL2nNFAX2rJInmrF/z/QwKJ08v24q7T3GzVY3nUa1Jzm+sGN/fTtgqXhyc+Jf3gfdsd4rRX/z53GtYOTKL56bgfXuzrJ/e7FBNCYxFGRGsFAS5xvP5A233X7AmX6nVVtuq12+0kZwnk00EcSrbi1PYNbKVV0972TYQS1OWaCT5F2FHg0=
client_secret: AgC1ZZx/9zYONU3RkTFlbGip8zQ7fczjdPwpzjmDarxcUWYQAY+87KHs9EmxoaRG9vUwtJiAWKJwbJqLpH6Iep5W354rH0CNe3xGP9eaQl2grZhe5+65cLPeMl05Oy4szSpCDzGl0VztWTD0CDHGAv+DXU37boqClcKKiCbNvKDyF/POp0ea226bGkNR+D2d1wcn+WBMEkolCcm2E6jyL0eC6Wqhz39lPmHhwm6jthMrjpr4Pz4dZ89LwMbtMT4OzP+X3xofqqeTPlf576HQDqsTXynjShNvTFZDIQswfNG3AlrJoF8HylqHyeYsOfDwAN0cQgcXjwGt+GwkhPJbq3Y1k+L0WqOdeov18XYX/c1NUaiATxxYeH1flgCgP8HgeXFcMefEtvxx0rxAoRw6wk0EFqByfTGggVxLJsN7GZYib1pgMDd/5/gr+jjrJRzuqEcljWpk31PeCiDDEVQcMXDFja1sh0ZA4TrDK10534Us0QUeq2HK7Zzhv9Cu++tjvBWDfw95TQ1wzqBnQ9oeJ1YhePU8Q4JZobmpBSg7bfnZzeFXPyvJocqLAyF6u235xYSpFjydDzf6kBamWdMmuP+UXfj/rlL0FUfxqvT7O0a0vmsD5MjDm0tfqTapmDmWcVXnzZrEYt04eQs6XqQgPfCcvZjmj6U9UDrQu65W6zVQKoYSPdGvs77p0YORfJO3tYcj0dOhsLJAYMd9XpeKc0Eh2b12RTu1vxCAs0oMQnp1Yy5k5cIp58w9N8R4StYGioX3h4a3Ne90WA==
rpc_secret: AgBXG8wLcDVxexL01Z/yS3eDvvo76c6Mfhv0tqwIVGgcZgIEi7MDhf3kMDQLEAP49Jz1jKyEebQJL48udHERKXTUBFgZgYeUHjDkaRP1fJiKqf++w2M6TCSGao26obICZhh11Qtzk9Bg+/J08Hp40eRk2Kagp5ckfshiTcdYWLkZ8SXYYdlS5cPamiQ7A1Jj9NDfYhr+W3Curf3qWbXZqdSkCobsrjzWiruWnXCd2V4ufpuv3sRzjHyPaWj+rlSDkeYkoZUR/NOkOHJH+eHRf6tP+3pK8lICsJSIOhu/KQcstlgIw+h6z7rmwt04wnb1ZVF1nIh+Yjk7HsNjGV4jdz5qOGRsQFGgDoxAEfxSOzZLE8XLk1PJ1KcMWX6s3RKnl9PS0bDpurBwi4CylBY28K6bHphrjqt1uN9jqmpTWsLRMBKaeDgRc5zuj8DPXFMryIh6knub3sDH14YdOHo6J2J54Kc2xjHbwIcZ7nRvvIE9nyakqELaTvVlwoq2bzvcb0j2lWofsewTgm2EcHtVNjhRbPus2nvNsKbUKRrH8KusmtyXjdShJFDKJ9MwdQaKyD2aoPIMSmqlGeGGsdcdpKtzB0af4yuD/4raARRPPPGf5aNvUnbWLMfGN567u3tA32KhOJeXYWGhJp32cnBj6Axx63UGnc5ZKmrNYE4Ic5s1nuq7AhRDYdb78IbhdaQuS1ywBq2HoeuHy1YNdVl4+N+PXm7g6r/JyZj42CJQT8/Pzw==
template:
metadata:
name: drone-gitea-secret
namespace: default
type: Opaque