diff --git a/.gitignore b/.gitignore index 6697b62..72613d1 100644 --- a/.gitignore +++ b/.gitignore @@ -15,10 +15,8 @@ package-lock.json # Secrets .env -chat-api-secrets.yaml litellm-secrets.yaml loki-secrets.yaml -pg-secrets.yaml .env.litellm secret-cloudflare-external-dns.yaml secret-cloudflare-cert-manager.yaml \ No newline at end of file diff --git a/README.md b/README.md index 0b565b1..c7c10f5 100644 --- a/README.md +++ b/README.md @@ -60,10 +60,10 @@ GitOps составляющая взята из подкаста [DKT66 - Что Установить в новый кластер с нуля с восстановлением всех ресов кластера на основе роли (секреты нужно обновить) ```bash kubectl create namespace argocd -kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml +kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/v3.0.12/manifests/ha/install.yaml git clone https://github.com/justgithubaccount/app-release.git cd app-release -kubectl apply -f infra/_roles/role-dev-enviroment.yaml +kubectl apply -f infra/roles/role-dev-enviroment.yaml ``` --- То что дальше требует обновления, но +/- так оно и есть, тесты, да нужно, накинуть... diff --git a/charts/chat/templates/deployment.yaml b/charts/chat/templates/deployment.yaml index 087604e..b2e1f39 100644 --- a/charts/chat/templates/deployment.yaml +++ b/charts/chat/templates/deployment.yaml @@ -72,12 +72,12 @@ spec: envFrom: - secretRef: - name: {{ .Values.secretsRefName | default "chat-api-secrets" }} - {{- if .Values.dbSecretRefName }} + name: {{ .Values.openrouterSecretRefName | default "chat-openrouter" }} + {{- if .Values.postgresSecretRefName }} - secretRef: - name: {{ .Values.dbSecretRefName }} + name: {{ .Values.postgresSecretRefName }} {{- end }} - + resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/charts/chat/values.yaml b/charts/chat/values.yaml index 0d365e1..955df8b 100644 --- a/charts/chat/values.yaml +++ b/charts/chat/values.yaml @@ -69,10 +69,9 @@ externalServices: host: "" port: 5432 -# === Secrets === -# Имя внешнего секрета с OPENROUTER_API_KEY -secretsRefName: "chat-api-secrets" -dbSecretRefName: "chat-api-db" +# Secrets +openrouterSecretRefName: "chat-openrouter" +postgresSecretRefName: "chat-postgres" # PostgreSQL postgres: diff --git a/infra/base/services/agent/chat/api-secrets-sealed.yaml b/infra/base/services/agent/chat/api-secrets-sealed.yaml deleted file mode 100644 index a9a92f4..0000000 --- a/infra/base/services/agent/chat/api-secrets-sealed.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: chat-api-secrets - namespace: chat-api -spec: - encryptedData: - OPENROUTER_API_KEY: AgBAv21rlDWLBlxeytznaXJdE/+jgmN9KG8uzXhvDpj4QMCXtiv1r/nM2nfuX0gtYZ4+AawMwRPozZWBIcbnV9pY8a4VsyxuiSCFwmfoEx3lx2MP7L8nZdWBc0B/928B/KJ/Bobgw+v+NvKiH0nG9UszfLV+4xaS55IiOkHOaVW6wk+E2i3rXFL/puNn8ONeCVeiPXZ/uK1TxFSctTmuFE1rhDQMMgPv8bJeXZCOR/Y1/TPNg9AnslZvTDgK5BmYKn8gmxNHX0jP08pN1OsWPNQ1kXY61M/vwUWr/Fx3ja8yrPjJH2mLF+Uox6DexV2k73jlFyhE2CoDieYZzbYnjkCwCDfMY5v992kz1ps7F77ABdeJl4UFihxwpHz9BU0MD7NzhNJc+ZZuM73uISZ4qIjJrvgkBzCo1e5+KlMdyfC/hd5mbPioO9ole51znovqlGfoaBH89udl/jMJB0lSK7zQtBVj7bYWJD0wJtc+VlJXsWcabO07dLjN6HjcMZHRXhm9YYpWChU+eOw1YjbJwYCvixCGAQsnZ/2OfbyY0vVVJKEyScblmOnaAWENrEOV1pZ3ndmOLZxfIRE7XNlFxUBw5ULclpP3vAo+WLaYe2G1ehOEEUQtrGzkfqnh7TpsGjdLy1K5S80bqRbPJtD9clTFNFlawypQy+kX3c0o6WNtkpJ0JoHAkZItyOogXpEi7EqzWCqtz1XemPC/6RCW+VjaZjuWwctmWeEPytue953quTekYs9z3SJAEuEgcVWTKmbjVVLLh13VmRyZYmOL190H6oJmzPsYi82R - template: - metadata: - creationTimestamp: null - name: chat-api-secrets - namespace: chat-api diff --git a/infra/base/services/agent/chat/application.yaml b/infra/base/services/agent/chat/application.yaml index 60b6c3a..2d5991b 100644 --- a/infra/base/services/agent/chat/application.yaml +++ b/infra/base/services/agent/chat/application.yaml @@ -1,6 +1,12 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: + labels: + app.kubernetes.io/name: chat-api + app.kubernetes.io/part-of: chat + app.kubernetes.io/managed-by: argocd + app.kubernetes.io/component: backend + env: dev name: chat-api namespace: argocd annotations: @@ -15,6 +21,11 @@ metadata: argocd-image-updater.argoproj.io/write-back-target-branch: main argocd-image-updater.argoproj.io/git-commit-user-name: justgithubaccount argocd-image-updater.argoproj.io/git-commit-user-email: kulikovyevgeny@outlook.com + + argocd-image-updater.argoproj.io/git-credentialSecret: chat-github + + # notifications.argoproj.io/subscribe.on-sync-succeeded.slack: chat-devops + # notifications.argoproj.io/subscribe.on-sync-failed.slack: chat-devops spec: project: default source: diff --git a/infra/base/services/agent/chat/github-secrets.yaml b/infra/base/services/agent/chat/github-secrets.yaml new file mode 100644 index 0000000..db24365 --- /dev/null +++ b/infra/base/services/agent/chat/github-secrets.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: chat-github + namespace: argocd +spec: + encryptedData: + GITHUB_TOKEN: AgDaaztNFNBTqtw7l8SrtaPYpQokc0P3hrzmqhn4f8JtT67wEvr3NjAlPUqOkd0SYXM0utS0t+awIwXIra2HuL1UDD0130wZFiz1mZAaZOmVDQNUsZx4v79say+KIncLCVxnMzJcrlKozN0vB0ybmrWQcZJ9HeQsT0kdbbYANEMGXjm98e0Rze1ThIMfBhCguQpbyTyCCd9bsmT0Clt5SJFTR55XeULiKkSdg2qyZbf5lVfyHCKH81bi+BB+wrgfb73O2codtUBd6Ps4yHfQMVuWrY6ca0TBcFgHEH2AhAJpwU0RQP90cY41Zo/6DnB49KF5i24dnelNWzREP0V2BChB/HSjdIUNJCHd2yzWl+60r6jveS53DNtn75fCeZDG6EJDpwhtceXM6wVMnk32VfQAD/WPh74OkwjYcL8LYKwiS+tHcTSeAnG2I+tSbsPKH/sxbMY5OmFRRfhB8/Rt5HMs17LvDONSbRPKbLalcRsOo2aQzriVMFDGouCDxmj5qDaA/UHXJWqghPJaYZOudG9UVp8MXkDKUyJzEk+7zV/2/gYecTtuIBP7+z+bmnTR5YxhIdbysLv5Av+yBaxew3rVnkr5/I5cRfeA2CmqszYIXcj7ySQoc0kWgQi4lNeHhonpcjfEFHczezU/CgNbsrAYvTQx7NI6BtC9wl22c56Pg/rjRHFUJmKXc8LhWYuZR3SufExHYPNnixxfXunU4Xwvlo+03ggiF6kQpbjfYTrs5+B4iH+UGDd3 + template: + metadata: + name: chat-github + namespace: argocd diff --git a/infra/base/services/agent/chat/kustomization.yaml b/infra/base/services/agent/chat/kustomization.yaml index 6c2e72e..607fd16 100644 --- a/infra/base/services/agent/chat/kustomization.yaml +++ b/infra/base/services/agent/chat/kustomization.yaml @@ -1,4 +1,5 @@ resources: - application.yaml - - pg-secrets-sealed.yaml - - api-secrets-sealed.yaml \ No newline at end of file + - postgree-secrets.yaml + - openrouter-secrets.yaml + - github-secrets.yaml diff --git a/infra/base/services/agent/chat/openrouter-secrets.yaml b/infra/base/services/agent/chat/openrouter-secrets.yaml new file mode 100644 index 0000000..e3cfc2b --- /dev/null +++ b/infra/base/services/agent/chat/openrouter-secrets.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: chat-openrouter + namespace: chat-api +spec: + encryptedData: + OPENROUTER_API_KEY: AgApDOexTWU8J7gVykjaBH28Urk8gFrpAzTteXrwcs6ELpuc7oqAvrxeADb80gYu3HC9QUPx69UuY2/zSKXC+Nu8zYnSJlQxQ/C+EeCrShG+LrCfRD1zyKv6ijRKp6jQUouR7DE1VGIWedFoDstZNqgqRAc9nwDn/qAh/z5xdzvqxCxzDT6B+dQMRF6Ae1ytPKU+0xC+J/lTzL2yBkNR0ixjrQyAR52svNxnsV7rDEROsR6wUmLdhsXeXfwnV4bT7xuDhDd4x49QX3YmlLub6384rNaO7rSVjn4cvcoCH9WZzEoCgyR2d1morNjrkVjxHMCbzNqr8tI4wHuZuA762cKJxAKnPtkvsOsysc5QQlYhsBlSAo73NYc/OYkA3ULU+NLHCeegtBCOS2+nQMhbvdsCIzo0s+Hlb48oMzupF6Dl3YfoyQeJERJJ9yZYxkSj7wl5NfhGSUqkd9pDtKHuFkOm9N9+k4bzJdj4GJUxNhSVkq9QvxRtpC+zqxCN6JEpQ8nY9ZEAmcO2tx3Efb/mgN2dZtwa1WGgTF2IJoAAC2Ouzr64ttXXbOdP3m3dF8fLXcEn+CzN50clsgDcxVZN0Upykd2MQFCo4fm90ehbmUIlbl93wGmsHdL6QgJ7+Kb8DjVf758MYzx28ZCaRDgq1MMG+LwPuU/LZ3TKw1Wb7BaGdObkubfuDUVbHyFm1oB+ctdd6/lzNpEzDVQbC7FjJGmvcLAFiL/DHr0eKg2ufyUAmM258IY/1cyHBY94Nl//YJ/MP9jRxeNgCghlDlboPSiu+mziemNXu3Pj + template: + metadata: + name: chat-openrouter + namespace: chat-api diff --git a/infra/base/services/agent/chat/pg-secrets-sealed.yaml b/infra/base/services/agent/chat/pg-secrets-sealed.yaml deleted file mode 100644 index c556c01..0000000 --- a/infra/base/services/agent/chat/pg-secrets-sealed.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: chat-api-db - namespace: chat-api -spec: - encryptedData: - DATABASE_URL: AgCQSaAVwquDckUlU+i0uvXBhsn1suufGpABOX2uV6b2TUL3ddsJU62uUcoBXhG4oZaKNs06y0Wus34c9qQkwWwfLCjhMYYVAhcR1HkAP2CYBaruKLsTBesSNfnN9LzJVJlnB84Qg/g1Xse5jvFCQaTlt6wbNfjA+5YcP8wqTS/YJAdfY6XY8pHF4if9K7+x7/iFpQvpR91QzdjOtpMU4HCnq1nNEej/Ang71J/UPXK+TZetbHJkMh+mNoY+Fy5A8sE8HS+H/wGznxf0AocauyEHFOiY94N6gGEHhq6KNK+6Fvq69arGLWxo3krB58s+4SY4dC2p1YCDoPBSiBAJKh1IN5U/JPdIvDkwko99kPVM72A+6vJ4qKsMGpxc2yWa4RBG6qUxJ53yTLS6bBurfUhqtBmhrEfcCCpQQ602FL3gXvrOkJq8XfUBU5GNeZw85EHPdjRvAKEw11t4kMg+v7TLO0qp7cBUs2AoQ8LhAVSYQT7IkCC/Bf9GfepGsYQsqUNKMsiDSmg2N+mxzKkOPDBKJArioLW/DWxQms7WWZ6y1SwxBXt8wa9tyyhHT2/YGDHdxvekAjUy1MKLHZRdC+o0OLg9EZGxrjrQscZo6yU6aSAw/gt7glwRbg24T/cBf6tvhy5r4buY2l0tMdDe9H+DDIN37u6O4c7QeeQlvwexdwpCb8ojhUsTWwYafwMiWYsYm/Za3jhVsDg9D6wiLC6cPRzIazRhjGqfnpngwbQukCOdqf3nNDuPA9v8WYtC95Zoxf9g4qxQvGyC/ZSHf5y/I1k76A== - template: - metadata: - creationTimestamp: null - name: chat-api-db - namespace: chat-api diff --git a/infra/base/services/agent/chat/postgree-secrets.yaml b/infra/base/services/agent/chat/postgree-secrets.yaml new file mode 100644 index 0000000..1264443 --- /dev/null +++ b/infra/base/services/agent/chat/postgree-secrets.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: chat-postgree + namespace: chat-api +spec: + encryptedData: + DATABASE_URL: AgBl54+/Xy8hL0QijRFyiETgaDBoPEp6+H10M+/SBmOJcDSagNgN/mbTZkZ1VfWH04tjBMO1/naY98NTtQS2cQXTnH3gFRGytCb5YXmCrDYXiNDPHSNg1Di6VQ6Es5lKhM3d9xSpTUAGJ56q2g5OgkcH3XBzt7W+pESxN+6meFYYiRHUnMQgpVDqiU1VWZESXO6m40wXNg9iAs5T8kdj111fobkZkO1WeKJ/7MGBE9yY8bCErNi65fBtzZ9YIKFvW73vZPGOJkE4qnc4fH73607IpaGPyTwn+aWGf1Y8fWfaINls8C+t5VPn63orFezUzqj8NGkebZyHN+TA2N/txLtIMfE312t95/38J3tB01e0gz32mpCN8kF7HuzeaZSHIT1U94Bzb6eXh3jHKhn0gvz3P5LFQqtsqyKV/5l1cs1cbgHktom8VX/Bb8MVE3riF8KwjMGZwMSyFaoHwSho8Ichxzh5V+uUX2SdPbiS5yKqrObBrtzfw/hUSNVNIbZeYvTRcwaVLf//FRoqt4I9w1qwg55L+lXQiH/22t+nda9SGssLNqNO4zqtelxjIma10ENyrBKjW68Mk8/t2iI8griHE0ki4t56xfJzbRePIb5JVMLarcBG4ORKhLF/3qbEf/n/4q4p72N92pidrC6F7ilSCEwHgl+0taM9Xceb+VKm2StTPDhbEcJUlxfpZF0/C7/49br0NHgwyh5844DCJsgTyEo41ran3nNmP3MX4fJiaz/CcFg4m2Id2tcwv/nexTwajqitLMBjhA== + template: + metadata: + name: chat-postgree + namespace: chat-api diff --git a/misc/ddd/data/postgree/pg-secrets.yaml b/misc/ddd/data/postgree/pg-secrets.yaml new file mode 100644 index 0000000..7c250d3 --- /dev/null +++ b/misc/ddd/data/postgree/pg-secrets.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: chat-api-db + namespace: chat-api +type: Opaque +stringData: + DATABASE_URL: "postgresql://gen_user:pass@192.168.0.4:5432/default_db"