first commit

2025-07-04 19:51:51 +05:30
commit 42895beb8c
72 changed files with 2584 additions and 0 deletions
--- a/clusters/default/apps/drone/templates/drone-pvc.yaml
+++ b/clusters/default/apps/drone/templates/drone-pvc.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.persistence.enabled }}
+  {{- if not .Values.persistence.existingClaim }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: "longhorn-{{ .Values.name }}"
+  namespace: {{ .Values.namespace }}
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size }}
+  {{- end }}
+{{- end }}
--- a/clusters/default/apps/drone/templates/drone-rbac.yaml
+++ b/clusters/default/apps/drone/templates/drone-rbac.yaml
@@ -0,0 +1,40 @@
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  namespace: {{ .Values.namespace }}
+  name: {{ .Values.name }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - create
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  - pods/log
+  verbs:
+  - get
+  - create
+  - delete
+  - list
+  - watch
+  - update
+
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ .Values.name }}
+  namespace: {{ .Values.namespace }}
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: {{ .Values.namespace }}
+roleRef:
+  kind: Role
+  name: {{ .Values.name }}
+  apiGroup: rbac.authorization.k8s.io
--- a/clusters/default/apps/drone/templates/drone-svc.yaml
+++ b/clusters/default/apps/drone/templates/drone-svc.yaml
@@ -0,0 +1,22 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: "{{ .Values.name }}-service"
+  namespace: {{ .Values.namespace }}
+spec:
+  selector:
+    app.kubernetes.io/name: {{ .Values.name }}
+  {{- if eq .Values.service.type "LoadBalancer" }}
+  type: LoadBalancer
+  {{- else if eq .Values.service.type "NodePort" }}
+  type: NodePort
+  {{- end }}
+  ports:
+  - {{- if eq .Values.service.type "LoadBalancer" }}
+    port: {{ .Values.service.port }}
+    {{- if eq .Values.service.type "NodePort" }}
+    nodePort: {{ .Values.service.nodePort }}
+    {{- end }}
+    targetPort: 80
+    protocol: TCP
--- a/clusters/default/apps/drone/templates/drone.yaml
+++ b/clusters/default/apps/drone/templates/drone.yaml
@@ -0,0 +1,84 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Values.name }}
+  labels:
+    app.kubernetes.io/name: {{ .Values.name }}
+  namespace: {{ .Values.namespace }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ .Values.name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ .Values.name }}
+    spec:
+      initContainers:
+        - name: wait-for-gitea
+          image: busybox
+          command:
+          - sh
+          - -c
+          - |
+            while ! nc -z {{ .Values.gitea.service.name }} {{ .Values.gitea.service.port }}; do
+              echo "Waiting for Gitea to be ready..."
+              sleep 5
+            done
+            echo "Gitea is ready!"
+        - name: "{{ .Values.name }}-server"
+          image: "{{ .Values.image.server.repository }}:{{ .Values.image.server.tag }}"
+          restartPolicy: Always
+          env:
+          - name: DRONE_GITEA_SERVER
+            value: "{{ .Values.server.env.url }}"
+          - name: DRONE_GITEA_CLIENT_ID
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Values.secrets.DRONE_GITEA_CLIENT_ID.secretName }}
+                key: {{ .Values.secrets.DRONE_GITEA_CLIENT_ID.key }}
+          - name: DRONE_GITEA_CLIENT_SECRET
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Values.secrets.DRONE_GITEA_CLIENT_SECRET.secretName }}
+                key: {{ .Values.secrets.DRONE_GITEA_CLIENT_SECRET.key }}
+          - name: DRONE_RPC_SECRET
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Values.secrets.DRONE_RPC_SECRET.secretName }}
+                key: {{ .Values.secrets.DRONE_RPC_SECRET.key }}
+          - name: DRONE_SERVER_HOST
+            value: "{{ .Values.env.server.host }}"
+          - name: DRONE_SERVER_PROTO
+            value: "{{ .Values.env.server.proto }}"
+          volumeMounts:
+          - name: drone-data
+            mountPath: /data
+      containers:
+      - name: drone-runner
+        image: "{{ .Values.image.runner.repository }}:{{ .Values.image.runner.tag }}"
+        env:
+        - name: DRONE_RPC_SERVER
+          value: "http://localhost:80"
+        - name: DRONE_RPC_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.secrets.DRONE_RPC_SECRET.secretName }}
+              key: {{ .Values.secrets.DRONE_RPC_SECRET.key }}
+        - name: DRONE_RPC_HOST
+          value: "localhost:80"
+      volumes:
+      {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
+      - name: drone-data
+        persistentVolumeClaim:
+          claimName: "{{ .Values.persistence.claimName }}"
+      {{- else if .Values.persistence.enabled }}
+      - name: drone-data
+        persistentVolumeClaim:
+          claimName: "longhorn-{{ .Values.name }}"
+      {{- else }}
+      - name: drone-data
+        emptyDir: {}
+      {{- end }}