feat: add Semaphore deployment, database, services, and persistent volume claim

cluster/apps/semaphore/semaphore-configmap.yml

@@ -0,0 +1,17 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: semaphore-config
+  namespace: default
+data:
+  SEMAPHORE_DB_USER: "semaphore"
+  SEMAPHORE_DB_HOST: "semaphore-db-service"
+  SEMAPHORE_DB_PORT: "3306"
+  SEMAPHORE_DB_DIALECT: "mysql"
+  SEMAPHORE_DB: "semaphore"
+  SEMAPHORE_PLAYBOOK_PATH: "/tmp/semaphore"
+  SEMAPHORE_ADMIN_NAME: "admin"
+  SEMAPHORE_ADMIN_EMAIL: "aggarwalakshun@gmail.com"
+  SEMAPHORE_ADMIN: "admin"
+  SEMAPHORE_LDAP_ACTIVATED: "'no'"

cluster/apps/semaphore/semaphore-db.yml

@@ -0,0 +1,39 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: semaphore-db
+  namespace: default
+spec:
+  selector:
+    matchLabels:
+      app: semaphore-db
+  template:
+    metadata:
+      labels:
+        app: semaphore-db
+    spec:
+      containers:
+      - name: mysql
+        image: mysql:8.4
+        ports:
+        - containerPort: 3306
+        env:
+        - name: MYSQL_RANDOM_ROOT_PASSWORD
+          value: "'yes'"
+        - name: MYSQL_DATABASE
+          value: "semaphore"
+        - name: MYSQL_USER
+          value: "semaphore"
+        - name: MYSQL_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: semaphore-secrets
+              key: mysql_password
+        volumeMounts:
+        - name: db
+          mountPath: /var/lib/mysql
+      volumes:
+      - name: db
+        persistentVolumeClaim:
+          claimName: longhorn-semaphore

cluster/apps/semaphore/semaphore-pvc.yml

@@ -0,0 +1,13 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: longhorn-semaphore
+  namespace: default
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 1Gi

cluster/apps/semaphore/semaphore-svc.yml

@@ -0,0 +1,29 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: semaphore-service
+  namespace: default
+spec:
+  type: NodePort
+  selector:
+    app: semaphore
+  ports:
+  - port: 3000
+    targetPort: 3000
+    nodePort: 3002
+    protocol: TCP
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: semaphore-db-service
+  namespace: default
+spec:
+  selector:
+    app: semaphore-db
+  ports:
+    - protocol: TCP
+      port: 3306
+      targetPort: 3306

cluster/apps/semaphore/semaphore.yml

@@ -0,0 +1,51 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: semaphore
+  namespace: default
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: semaphore
+  template:
+    metadata:
+      labels:
+        app: semaphore
+    spec:
+      initContainers:
+      - name: wait-for-db
+        image: busybox
+        command:
+        - sh
+        - -c
+        - |
+          until nc -z -v -w30 semaphore-db-service 3306; do
+            echo "Waiting for database to be ready..."
+            sleep 2
+          done
+      containers:
+      - name: semaphore
+        image: semaphoreui/semaphore:v2.13.13
+        ports:
+        - containerPort: 3000
+        envFrom:
+        - configMapRef:
+            name: semaphore-config
+        env:
+        - name: SEMAPHORE_ADMIN_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: semaphore-secrets
+              key: admin_password
+        - name: SEMAPHORE_DB_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: semaphore-secrets
+              key: mysql_password
+        - name: SEMAPHORE_ACCESS_KEY_ENCRYPTION
+          valueFrom:
+            secretKeyRef:
+              name: semaphore-secrets
+              key: key