├── .aicoe-ci.yaml ├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ ├── calendar-release.md │ ├── feature_request.md │ ├── major-release.md │ ├── minor-release.md │ ├── new_deployment.md │ ├── patch-release.md │ ├── redeliver_container_image.md │ ├── sprint-prod-release.md │ └── user_story.md └── PULL_REQUEST_TEMPLATE.md ├── .gitignore ├── .pre-commit-config.yaml ├── .prow.yaml ├── .sops.yaml ├── .thoth.yaml ├── CHANGELOG.md ├── LICENSE ├── OWNERS ├── README.md ├── advise-reporter ├── OWNERS ├── README.md ├── base │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ ├── moc-prod │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── adviser ├── OWNERS ├── README.md ├── application.yaml ├── base │ ├── argo-workflows │ │ ├── advise.yaml │ │ ├── dependency-monkey.yaml │ │ ├── kebechet-run-results.yaml │ │ ├── parse-adviser-output.yaml │ │ ├── parse-provenance-checker-output.yaml │ │ ├── provenance-check.yaml │ │ └── trigger-integration.yaml │ ├── configmap.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ └── openshift-templates │ │ ├── adviser.yaml │ │ ├── dependency-monkey.yaml │ │ └── provenance-checker.yaml └── overlays │ ├── moc-prod │ ├── advise-resources-patch.yaml │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-amun-inspection-namespace.yaml │ ├── put-into-infra-namespace.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-amun-inspection-namespace.yaml │ ├── put-into-infra-namespace.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── amun ├── .sops.yaml ├── README.md ├── base │ ├── argo-workflows │ │ ├── OWNERS │ │ ├── create-inspection-complete-message.yaml │ │ ├── inspection-build-with-cpu.yaml │ │ ├── inspection-build.yaml │ │ ├── inspection-run-with-cpu.yaml │ │ └── inspection-run.yaml │ ├── deploymentconfig.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── openshift-templates │ │ ├── inspection-with-cpu-workflow.yaml │ │ └── inspection-workflow.yaml │ ├── role.yaml │ ├── route.yaml │ ├── service.yaml │ └── serviceaccount.yaml └── overlays │ ├── moc-prod │ ├── amun-api │ │ ├── argo-role.yaml │ │ ├── argo-workflows │ │ │ ├── send-messages.yaml │ │ │ └── sync-template.yaml │ │ ├── imagestreamtag.yaml │ │ ├── kustomization.yaml │ │ ├── metrics-exporter-reader.yaml │ │ ├── put-into-inspection-namespace.yaml │ │ ├── role_binding.yaml │ │ ├── route53.yaml │ │ ├── secret-generator.yaml │ │ ├── secrets.enc.yaml │ │ └── thoth-notification.yaml │ ├── amun-inspection │ │ ├── argo-deployments.yaml │ │ ├── argo-imagestreams.yaml │ │ ├── argo-management.yaml │ │ ├── argo-role.yaml │ │ ├── argo-ui-controller.yaml │ │ ├── argo-workflow-controller.yaml │ │ ├── configmaps.yaml │ │ ├── kustomization.yaml │ │ ├── metrics-exporter-reader.yaml │ │ └── thoth-notification.yaml │ └── common │ │ ├── configmaps.yaml │ │ └── kustomization.yaml │ ├── ocp4-stage │ ├── amun-api │ │ ├── argo-workflows │ │ │ ├── send-messages.yaml │ │ │ └── sync-template.yaml │ │ ├── imagestreamtag.yaml │ │ ├── kustomization.yaml │ │ ├── metrics-exporter-reader.yaml │ │ ├── put-into-inspection-namespace.yaml │ │ ├── role_binding.yaml │ │ ├── route.enc.yaml │ │ ├── secret-generator.yaml │ │ ├── secrets.enc.yaml │ │ └── thoth-notification.yaml │ ├── amun-inspection │ │ ├── argo-deployments.yaml │ │ ├── argo-imagestreams.yaml │ │ ├── argo-management.yaml │ │ ├── argo-ui-controller.yaml │ │ ├── argo-workflow-controller.yaml │ │ ├── configmaps.yaml │ │ ├── kustomization.yaml │ │ ├── metrics-exporter-reader.yaml │ │ └── thoth-notification.yaml │ └── common │ │ ├── configmaps.yaml │ │ └── kustomization.yaml │ └── test │ ├── argo-workflows │ └── send-messages.yaml │ ├── buildconfig.yaml │ ├── configmaps.yaml │ ├── deploymentconfig.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── openshift-templates │ ├── inspection-with-cpu-workflow.yaml │ └── inspection-workflow.yaml │ ├── role_binding.yaml │ ├── route.enc.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml ├── baboon └── base │ └── secrets.enc.yaml ├── build-watcher ├── README.md ├── base │ ├── configmap.yaml │ ├── deploymentconfig.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── role.yaml │ └── serviceaccount.yaml └── overlays │ ├── amun-api │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-inspection-namespace.yaml │ ├── role-binding.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ └── configmap.yaml ├── buildlog-parser ├── base │ ├── argo-workflows │ │ └── buildlog-parser.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ ├── moc-prod │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ └── test │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── chat-notification ├── application.yaml ├── base │ └── kustomization.yaml └── overlays │ ├── moc-prod │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ └── test │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml ├── core ├── application-backend-stage.yaml ├── application-frontend-stage.yaml ├── application-graph-stage.yaml ├── application-infra-stage.yaml ├── application-middletier-stage.yaml ├── base │ ├── argo-management.yaml │ ├── argo-workflows │ │ ├── send-message.yaml │ │ ├── send-messages.yaml │ │ └── send-webhooks.yaml │ ├── configmaps.yaml │ ├── imagestreams.yaml │ ├── kustomization.yaml │ └── send-webhooks-sa.yaml └── overlays │ ├── moc-prod │ ├── backend-prod │ │ ├── argo-deployments.yaml │ │ ├── argo-imagestreams.yaml │ │ ├── argo-management.yaml │ │ ├── argo-role.yaml │ │ ├── argo-ui-controller.yaml │ │ ├── argo-workflow-controller.yaml │ │ ├── configmaps.yaml │ │ ├── kustomization.yaml │ │ ├── service-monitor.yaml │ │ └── thoth-notification.yaml │ ├── common │ │ ├── argo-workflows │ │ │ ├── send-message.yaml │ │ │ └── send-messages.yaml │ │ ├── configmaps.yaml │ │ ├── imagestreamtags.yaml │ │ ├── kustomization.yaml │ │ ├── roles │ │ │ ├── kustomization.yaml │ │ │ └── metrics-exporter-reader.yaml │ │ ├── secret-generator.yaml │ │ └── secrets.enc.yaml │ ├── frontend-prod │ │ ├── kustomization.yaml │ │ ├── service-monitor.yaml │ │ └── thoth-notification.yaml │ ├── graph-prod │ │ ├── ceph-storage.yaml │ │ ├── kustomization.yaml │ │ ├── pgbouncer.yaml │ │ ├── postgresql-metrics-exporter.yaml │ │ ├── postgresql.yaml │ │ ├── service-monitor.yaml │ │ └── thoth-notification.yaml │ ├── infra-prod │ │ ├── kustomization.yaml │ │ ├── pushgateway.yaml │ │ ├── service-monitor.yaml │ │ └── thoth-notification.yaml │ └── middletier-prod │ │ ├── argo-deployments.yaml │ │ ├── argo-imagestreams.yaml │ │ ├── argo-management.yaml │ │ ├── argo-role.yaml │ │ ├── argo-ui-controller.yaml │ │ ├── argo-workflow-controller.yaml │ │ ├── configmaps.yaml │ │ ├── kustomization.yaml │ │ ├── service-monitor.yaml │ │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── backend-stage │ │ ├── argo-deployments.yaml │ │ ├── argo-imagestreams.yaml │ │ ├── argo-management.yaml │ │ ├── argo-ui-controller.yaml │ │ ├── argo-workflow-controller.yaml │ │ ├── configmaps.yaml │ │ ├── kustomization.yaml │ │ └── thoth-notification.yaml │ ├── common │ │ ├── configmaps.yaml │ │ ├── imagestreamtags.yaml │ │ ├── kustomization.yaml │ │ ├── roles │ │ │ ├── kustomization.yaml │ │ │ └── metrics-exporter-reader.yaml │ │ ├── secret-generator.yaml │ │ └── secrets.enc.yaml │ ├── frontend-stage │ │ ├── kustomization.yaml │ │ └── thoth-notification.yaml │ ├── graph-stage │ │ ├── kustomization.yaml │ │ ├── pgbouncer.yaml │ │ ├── postgresql-metrics-exporter.yaml │ │ ├── postgresql.yaml │ │ └── thoth-notification.yaml │ ├── infra-stage │ │ ├── kustomization.yaml │ │ └── thoth-notification.yaml │ └── middletier-stage │ │ ├── argo-deployments.yaml │ │ ├── argo-imagestreams.yaml │ │ ├── argo-management.yaml │ │ ├── argo-ui-controller.yaml │ │ ├── argo-workflow-controller.yaml │ │ ├── configmaps.yaml │ │ ├── kustomization.yaml │ │ └── thoth-notification.yaml │ └── test │ ├── argo-deployments.yaml │ ├── argo-imagestreams.yaml │ ├── argo-management.yaml │ ├── argo-ui-controller.yaml │ ├── argo-workflow-controller.yaml │ ├── argo-workflows │ ├── send-message.yaml │ └── send-messages.yaml │ ├── buildConfig.yaml │ ├── configmaps.yaml │ ├── imagestreamtags.yaml │ ├── kustomization.yaml │ ├── pgbouncer.yaml │ ├── postgresql-metrics-exporter.yaml │ ├── postgresql.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml ├── cve-update ├── base │ ├── cronjob.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ ├── moc-prod │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildconfig.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── docs ├── environments.md ├── previous_releases │ └── CHANGELOG_2021.md ├── secret_management.md ├── thoth_logging.md ├── thoth_release_procedure.md └── thoth_s2i_procedure.md ├── document-sync-job ├── base │ ├── cronjob.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ └── secrets.enc.yaml └── overlays │ ├── ocp4-stage │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ └── test │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── grafana-dashboard ├── README.md ├── base │ ├── kustomization.yaml │ ├── pulp-metrics.json │ ├── thoth-kafka-argo-metrics.json │ ├── thoth-knowledge-graph-content-metrics.json │ ├── thoth-postgresql-metrics.json │ ├── thoth-service-metrics.json │ ├── thoth-sli-slo.json │ ├── thoth-user-api-metrics.json │ └── thoth-workflow-controllers-metrics.json └── ocp4-stage │ ├── thoth-kafka-argo-metrics.json │ ├── thoth-knowledge-graph-content-metrics.json │ ├── thoth-postgresql-metrics.json │ ├── thoth-report.json │ ├── thoth-service-metrics.json │ ├── thoth-service-user-api.json │ ├── thoth-sli-slo.json │ └── thoth-workflow-controller.json ├── graph-backup-job ├── base │ ├── cronjob.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ ├── moc-prod │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── pvc.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── graph-metrics-exporter ├── base │ ├── cronjob.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ ├── moc-prod │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ └── test │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── graph-refresh ├── README.md ├── base │ ├── cronjob.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── role.yaml │ └── serviceaccount.yaml ├── graph-refresh-application-test.yaml └── overlays │ ├── moc-prod │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ ├── put-into-middletier-namespace.yaml │ ├── rolebindings.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ ├── put-into-middletier-namespace.yaml │ ├── rolebindings.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── rolebindings.yaml │ └── thoth-notification.yaml ├── graph-schema-update ├── base │ ├── kustomization.yaml │ └── openshift-templates │ │ └── graph-schema-update-job-template.yaml └── overlays │ ├── moc-prod │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ └── thoth-notification.yaml │ └── test │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── graph-sync ├── base │ ├── argo-workflows │ │ └── sync-template.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ └── openshift-templates │ │ ├── graph-sync.yaml │ │ └── syncJob-template.yaml └── overlays │ ├── moc-prod │ ├── backend │ │ ├── kustomization.yaml │ │ └── thoth-notification.yaml │ ├── common │ │ ├── imagestreamtag.yaml │ │ ├── kustomization.yaml │ │ └── put-into-infra-namespace.yaml │ └── middletier │ │ ├── kustomization.yaml │ │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── backend │ │ ├── kustomization.yaml │ │ └── thoth-notification.yaml │ ├── common │ │ ├── imagestreamtag.yaml │ │ ├── kustomization.yaml │ │ └── put-into-infra-namespace.yaml │ └── middletier │ │ ├── kustomization.yaml │ │ └── thoth-notification.yaml │ └── test │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── init-job ├── base │ ├── argo-workflows │ │ ├── initialize-schema.yaml │ │ ├── initializer.yaml │ │ ├── register-indexes.yaml │ │ ├── solve-core-packages.yaml │ │ └── solve-data-science-packages.yaml │ ├── generate-name.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── role.yaml │ ├── role_binding.yaml │ └── serviceaccount.yaml └── overlays │ └── test │ ├── buildConfig.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── integration-tests ├── README.md ├── base │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ ├── moc-prod-ocp4-stage │ ├── README.rst │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ └── test │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml ├── investigator ├── OWNERS ├── README.md ├── base │ ├── kustomization.yaml │ └── serviceaccount.yaml └── overlays │ ├── moc-prod │ ├── deployment.yaml │ ├── kustomization.yaml │ ├── role.yaml │ ├── role_binding.yaml │ ├── route.yaml │ ├── service.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── deployment.yaml │ ├── kustomization.yaml │ ├── role.yaml │ ├── role_binding.yaml │ ├── route.yaml │ ├── service.yaml │ └── thoth-notification.yaml │ └── test │ ├── deployment.yaml │ ├── kustomization.yaml │ ├── role.yaml │ ├── role_binding.yaml │ ├── route.yaml │ ├── service.yaml │ └── thoth-notification.yaml ├── investigator_message_metrics ├── README.md ├── base │ ├── deploymentconfig.yaml │ ├── kustomization.yaml │ ├── route.yaml │ ├── service.yaml │ └── serviceaccount.yaml └── overlays │ ├── moc-prod │ ├── deploymentconfig.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── kustomization.yaml │ └── thoth-notification.yaml │ └── test │ ├── deploymentconfig.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── kafka ├── base │ ├── kafka-metrics.yaml │ ├── kustomization.yaml │ ├── route.yaml │ ├── service.yaml │ ├── thoth-kafka.yaml │ └── zookeeper-metrics.yaml └── overlays │ ├── README.md │ └── ocp4-stage │ ├── deployment.yaml │ └── kustomization.yaml ├── kebechet ├── README.md ├── application-test.yaml ├── base │ ├── argo-workflows │ │ ├── kebechet-administrator.yaml │ │ ├── kebechet-run-url.yaml │ │ ├── kebechet.yaml │ │ └── update_keb_installation.yaml │ ├── configmap.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ └── openshift-templates │ │ ├── kebechet-administrator.yaml │ │ ├── kebechet-run-url.yaml │ │ └── kebechet.yaml └── overlays │ ├── moc-prod │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml ├── management-api ├── .sops.yaml ├── application.yaml ├── base │ ├── configmap.yaml │ ├── deploymentconfig.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── role.yaml │ ├── route.yaml │ ├── service.yaml │ └── serviceaccount.yaml └── overlays │ ├── moc-prod │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-amun-inspection-namespace.yaml │ ├── put-into-infra-namespace.yaml │ ├── put-into-middletier-namespace.yaml │ ├── role-binding.yaml │ ├── route53.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-amun-inspection-namespace.yaml │ ├── put-into-infra-namespace.yaml │ ├── put-into-middletier-namespace.yaml │ ├── role-binding.yaml │ ├── route.enc.yaml │ ├── secret-generator.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── resources_patch.yaml │ ├── role-binding.yaml │ ├── route.enc.yaml │ ├── secret-generator.yaml │ └── thoth-notification.yaml ├── metrics-exporter ├── OWNERS ├── README.md ├── application-stage.yaml ├── base │ ├── configmap.yaml │ ├── deploymentconfig.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── role.yaml │ ├── rolebinding.yaml │ ├── route.yaml │ ├── service.yaml │ └── serviceaccount.yaml └── overlays │ ├── moc-prod │ ├── deploymentconfig.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── resources_patch.yaml │ ├── role_bindings.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── resources_patch.yaml │ ├── role_bindings.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── resources_patch.yaml │ └── thoth-notification.yaml ├── mi-scheduler ├── .sops.yaml ├── OWNERS ├── README.md ├── base │ ├── argo-workflows │ │ ├── mi-merge-workflow.yaml │ │ └── mi-workflow-template.yaml │ ├── configmaps.yaml │ ├── cronjob.yaml │ ├── imagestream.yaml │ ├── job.yaml │ ├── kustomization.yaml │ ├── openshift-templates │ │ ├── mi-merge-template.yaml │ │ └── mi-run-template.yaml │ ├── role.yaml │ └── serviceaccount.yaml ├── mi-scheduler-test.yaml └── overlays │ ├── moc-prod │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── role-binding.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── role-binding.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── role-binding.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml ├── monitoring ├── README.md ├── base │ └── kustomization.yaml └── overlays │ ├── moc-prod │ ├── github-receiver.yaml │ ├── kustomization.yaml │ ├── prometheusrule.yaml │ ├── secret-generator.yaml │ └── secrets.enc.yaml │ └── ocp4-stage │ ├── grafana │ ├── grafana-config.yaml │ ├── grafana-pvc.yaml │ ├── grafana-route.yaml │ ├── grafana-sa.yaml │ ├── grafana-secrets.enc.yaml │ ├── grafana-service.yaml │ ├── grafana.yaml │ ├── kustomization.yaml │ └── secret-generator.yaml │ ├── kustomization.yaml │ ├── prometheus │ ├── alertmanager-secrets.enc.yaml │ ├── alertmanager-svc.yaml │ ├── alerts-svc.yaml │ ├── kustomization.yaml │ ├── prometheus-config.yaml │ ├── prometheus-pvc.yaml │ ├── prometheus-sa.yaml │ ├── prometheus-secrets.enc.yaml │ ├── prometheus-svc.yaml │ ├── prometheus.yaml │ └── secret-generator.yaml │ └── pushgateway │ ├── kustomization.yaml │ └── pushgateway.yaml ├── nepthys ├── base │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ └── kustomization.yaml └── overlays │ └── ocp │ ├── buildConfig.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml ├── package-extract ├── base │ ├── argo-workflows │ │ └── package-extract.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ └── openshift-templates │ │ ├── build-analysis.yaml │ │ └── package-extract.yaml └── overlays │ ├── moc-prod │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── package-releases ├── README.md ├── base │ ├── cronjob.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ ├── moc-prod │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildconfig.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── package-update ├── base │ ├── cronjob.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ └── serviceaccount.yaml └── overlays │ ├── moc-prod │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── policy ├── deployment.rego ├── kubernetes.rego ├── kustomize_selectors.rego ├── openshift.rego └── versioning.rego ├── prescriptions-refresh-job ├── base │ ├── argo-workflows │ │ ├── prescriptions-refresh-gh.yaml │ │ ├── prescriptions-refresh-image-analysis.yaml │ │ ├── prescriptions-refresh-pg.yaml │ │ ├── prescriptions-refresh-pypi.yaml │ │ ├── prescriptions-refresh-quay.yaml │ │ └── prescriptions-refresh-scorecards.yaml │ ├── configmap.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ └── secrets.enc.yaml └── overlays │ ├── ocp4-stage │ ├── configmap.yaml │ ├── cronworkflow.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml │ └── test │ ├── configmap.yaml │ ├── cronworkflow.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── pulp-metrics-exporter ├── README.md ├── application-stage.yaml ├── base │ ├── configmap.yaml │ ├── deploymentconfig.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── route.yaml │ └── service.yaml └── overlays │ └── ocp4-stage │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml ├── pulp-pypi-sync-job ├── base │ ├── cronjob.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ ├── ocp4-stage │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ └── test │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml ├── purge-job ├── base │ ├── argo-workflows │ │ ├── purge-issues.yaml │ │ └── purge-template.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ └── openshift-templates │ │ └── purge.yaml └── overlays │ ├── moc-prod │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ └── thoth-notification.yaml │ └── test │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── revsolver ├── base │ ├── argo-workflows │ │ └── revsolver-template.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── openshift-templates │ │ └── revsolve_and_sync-template.yaml │ ├── role.yaml │ └── serviceaccount.yaml └── overlays │ ├── moc-prod │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ ├── rolebinding.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ ├── rolebinding.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── rolebinding.yaml │ └── thoth-notification.yaml ├── security-indicators ├── README.md ├── base │ ├── argo-workflows │ │ ├── aggregator-template.yaml │ │ ├── bandit-template.yaml │ │ ├── cloc-template.yaml │ │ └── download-package-template.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ └── openshift-templates │ │ └── security-indicators.yaml └── overlays │ ├── moc-prod │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── sefkhet-abwy-chatbot ├── .sops.yaml ├── base │ ├── deploymentconfig.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── route.yaml │ └── service.yaml └── overlays │ └── moc │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── route.yaml │ ├── secret-generator.yaml │ └── secrets.enc.yaml ├── sefkhet-abwy ├── base │ ├── deploymentconfig.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── route.yaml │ └── service.yaml └── overlays │ ├── bot │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ ├── thoth-friday-scrum-cronjob.yaml │ └── thoth-scrum-cronjob.yaml │ ├── moc │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── new-label-normalizer.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ └── ocp │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ ├── thoth-notification.yaml │ └── ultrahook.yaml ├── sesheta-srcops └── overlays │ └── smaug │ ├── configmaps.yaml │ ├── gpg-keys.enc.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ └── secrets.enc.yaml ├── slo-reporter ├── OWNERS ├── README.md ├── base │ ├── cronjob.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ ├── moc-prod-ocp4-stage │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildConfig.yaml │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── secret-generator.yaml │ ├── secrets.enc.yaml │ └── thoth-notification.yaml ├── solver-error-classifier-job ├── base │ ├── cronjob.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ └── test │ ├── buildConfig.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── solver ├── README.md ├── base │ ├── argo-workflows │ │ ├── OWNERS │ │ ├── parse-solver-output.yaml │ │ └── solver-template.yaml │ ├── imagestreams.yaml │ ├── kustomization.yaml │ └── openshift-templates │ │ └── solve_and_sync-template.yaml └── overlays │ ├── moc-prod │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ ├── resources_patch.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-infra-namespace.yaml │ ├── resources_patch.yaml │ └── thoth-notification.yaml │ └── test │ ├── argo-workflows │ └── solver-template.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── resources_patch.yaml │ └── thoth-notification.yaml ├── stress-tests ├── base │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── imagestream.yaml │ └── kustomization.yaml └── overlays │ └── test │ ├── configmap.yaml │ ├── cronjob.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── sync-job ├── base │ ├── cron-workflow.yaml │ ├── kustomization.yaml │ ├── workflow-template.yaml │ └── workflow.yaml └── overlays │ ├── common │ ├── imagestreamtag.yaml │ └── kustomization.yaml │ ├── prod-to-stage │ └── kustomization.yaml │ └── stage-to-prod │ └── kustomization.yaml ├── test-kustomize-build ├── thoth-repo-init ├── base │ ├── argo-workflows │ │ └── thoth-repo-init.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ └── openshift-templates │ │ └── thoth-repo-init.yaml └── overlays │ └── test │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ └── thoth-notification.yaml ├── user-api ├── .sops.yaml ├── README.md ├── application-stage.yaml ├── base │ ├── configmap.yaml │ ├── deploymentconfig.yaml │ ├── imagestream.yaml │ ├── kustomization.yaml │ ├── role.yaml │ ├── route.yaml │ ├── service.yaml │ └── serviceaccount.yaml └── overlays │ ├── moc-prod │ ├── deploymentconfig.yaml │ ├── imagestreamtag.yaml │ ├── khemenu-route.yaml │ ├── kustomization.yaml │ ├── put-into-backend-namespace.yaml │ ├── put-into-infra-namespace.yaml │ ├── put-into-middletier-namespace.yaml │ ├── resources_patch.yaml │ ├── role-binding.yaml │ ├── route53.yaml │ └── thoth-notification.yaml │ ├── ocp4-stage │ ├── configmap.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── put-into-backend-namespace.yaml │ ├── put-into-infra-namespace.yaml │ ├── put-into-middletier-namespace.yaml │ ├── resources_patch.yaml │ ├── role-binding.yaml │ ├── route.enc.yaml │ ├── secret-generator.yaml │ └── thoth-notification.yaml │ └── test │ ├── buildconfig.yaml │ ├── configmap.yaml │ ├── deployment-trigger.yaml │ ├── imagestreamtag.yaml │ ├── kustomization.yaml │ ├── resources_patch.yaml │ ├── role-binding.yaml │ ├── route.enc.yaml │ ├── secret-generator.yaml │ └── thoth-notification.yaml └── version.py /.aicoe-ci.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | check: [] 3 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | labels: "kind/bug" 5 | --- 6 | 7 | **Describe the bug** 8 | A clear and concise description of what the bug is. 9 | 10 | **To Reproduce** 11 | Steps to reproduce the behavior: 12 | 1. Go to '...' 13 | 2. Click on '....' 14 | 3. Scroll down to '....' 15 | 4. See error 16 | 17 | **Expected behavior** 18 | A clear and concise description of what you expected to happen. 19 | 20 | **Screenshots** 21 | If applicable, add screenshots to help explain your problem. 22 | 23 | **Additional context** 24 | Add any other context about the problem here. 25 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/calendar-release.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Calendar release 3 | about: Create a new calendar release 4 | title: New calendar release 5 | assignees: 'sesheta' 6 | labels: bot 7 | --- 8 | 9 | Hey, Kebechet! 10 | 11 | create a new calendar release of Thoth application, please. 12 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | labels: "kind/feature" 5 | --- 6 | 7 | **Is your feature request related to a problem? Please describe.** 8 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 9 | 10 | **Describe the solution you'd like** 11 | A clear and concise description of what you want to happen. 12 | 13 | **Describe alternatives you've considered** 14 | A clear and concise description of any alternative solutions or features you've considered. 15 | 16 | **Additional context** 17 | Add any other context or screenshots about the feature request here. 18 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/major-release.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Major release 3 | about: Create a new major release 4 | title: New major release 5 | assignees: sesheta 6 | labels: "bot, priority/critical-urgent" 7 | --- 8 | 9 | Hey, Kebechet! 10 | 11 | Create a new major release, please. 12 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/minor-release.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Minor release 3 | about: Create a new minor release 4 | title: New minor release 5 | assignees: sesheta 6 | labels: "bot, priority/critical-urgent" 7 | --- 8 | 9 | Hey, Kebechet! 10 | 11 | Create a new minor release, please. 12 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/patch-release.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Patch release 3 | about: Create a new patch release 4 | title: New patch release 5 | assignees: sesheta 6 | labels: "bot, priority/critical-urgent" 7 | --- 8 | 9 | Hey, Kebechet! 10 | 11 | Create a new patch release, please. 12 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/redeliver_container_image.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Deliver Container Image 3 | about: build a git tag and push it as a container image to quay 4 | title: Deliver Container Image 5 | assignees: sesheta 6 | labels: "bot, priority/critical-urgent" 7 | --- 8 | 9 | Hey, AICoE-CI! 10 | 11 | Please build and deliver the following git tag: 12 | 13 | Tag: x.y.z 14 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/sprint-prod-release.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Sprint production release 3 | about: Create a new sprint production release 4 | title: New sprint production release 5 | labels: 'deployment_name/moc, lifecycle/active, sig/devops' 6 | --- 7 | 8 | Hello, Thoth-station! 9 | 10 | This Issue would be used for the current sprint cycle production release. 11 | By the end of the sprint cycle, we will consolidate the information of thoth-station components features upgrade and fixes in this issue. 12 | 13 | /kind documentation 14 | /area release-eng 15 | /triage accepted 16 | /milestone 202X.YY.ZZ 17 | /priority important-soon 18 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/user_story.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: UserStory 3 | about: UserStory 4 | title: "[UserStory] ..." 5 | labels: user_story 6 | assignees: '' 7 | 8 | --- 9 | 10 | **User story** 11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 12 | 13 | As a 14 | I want to <...> 15 | so that I <...> 16 | 17 | **Additional context** 18 | Add any other context or screenshots about the feature request here. 19 | 20 | **Acceptance Criteria** 21 | - [ ] At least once acceptance criteria should be present 22 | 23 | **Linked epics / issues** 24 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | ## Related Issues and Dependencies 2 | 3 | … 4 | 5 | ## Does this require new deployment ? 6 | 7 | - [ ] Deployment for Test and Stage `AICoE/aicoe-cd` and Prod `operate-first/argocd-apps`. 8 | 9 | ## Description 10 | 11 | 12 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | secrets.yaml 2 | secrets-*.yaml 3 | secrets/* 4 | application_default_credentials.json 5 | aicoe-thoth-ops-*.json 6 | .vscode 7 | .env 8 | **.env 9 | argocd-role-binding.yaml 10 | **.crt 11 | **.key 12 | sendgrid.env 13 | ssh-keys/ 14 | gpg-keys/ 15 | -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | repos: 3 | - repo: https://github.com/Lucas-C/pre-commit-hooks 4 | rev: v1.3.1 5 | hooks: 6 | - id: remove-tabs 7 | 8 | - repo: https://github.com/pre-commit/pre-commit-hooks 9 | rev: v4.3.0 10 | hooks: 11 | - id: trailing-whitespace 12 | - id: check-merge-conflict 13 | - id: end-of-file-fixer 14 | - id: check-added-large-files 15 | - id: check-case-conflict 16 | - id: check-yaml 17 | args: [--allow-multiple-documents] 18 | - id: end-of-file-fixer 19 | - id: trailing-whitespace 20 | -------------------------------------------------------------------------------- /.sops.yaml: -------------------------------------------------------------------------------- 1 | creation_rules: 2 | - encrypted_regex: '^(data|stringData|tls)$' 3 | pgp: "34AFE2A7C8E00ED66916D95DA9FBD7DE773B2A34, 87FC5D0ACF3AA48FCC029086262A80E41BCEEBF7, EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E, 0508677DD04952D06A943D5B4DC4116D360E3276, 8D191B7544E9CCC3547B25A877E5A5B31D13A647, A01778ACB7CC4D41B00FDD78CCBE624D8FF6D016, CEBD171D5C7B1C5FB960301167AC891FB1FDF3E4" 4 | -------------------------------------------------------------------------------- /.thoth.yaml: -------------------------------------------------------------------------------- 1 | managers: 2 | - name: version 3 | configuration: 4 | assignees: 5 | - sesheta 6 | labels: [bot] 7 | changelog_file: true 8 | -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | 3 | approvers: 4 | - goern 5 | - codificat 6 | - harshad16 7 | - VannTen 8 | 9 | reviewers: 10 | - codificat 11 | - harshad16 12 | - VannTen 13 | 14 | emeritus_approvers: 15 | - fridex # 2022 Jun 16 | - pacospace # 2022 Mar 17 | - mayacostantini # 2023 Jan 18 | -------------------------------------------------------------------------------- /advise-reporter/OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | 3 | approvers: 4 | - fridex 5 | - harshad16 6 | reviewers: 7 | - mayaCostantini 8 | - tumido 9 | -------------------------------------------------------------------------------- /advise-reporter/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Advise Report Consumer 2 | 3 | This is a standalone ArgoCD Application for Thoth's Advise Report Consumer. It is meant to be deployed into a 4 | separate OpenShift Project, therefore it is not references from the `kustomization.yaml` file at the root directory 5 | of this repository. 6 | 7 | The deployment generated by kustomize can be evaluated against Open Policy Agent policies 8 | using: `kustomize build --enable_alpha_plugins overlays/test | conftest test --policy ../policy -`. 9 | -------------------------------------------------------------------------------- /advise-reporter/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: advise-reporter 6 | data: 7 | api-https: "0" 8 | -------------------------------------------------------------------------------- /advise-reporter/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: advise-reporter 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /advise-reporter/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - configmap.yaml 5 | - cronjob.yaml 6 | - imagestream.yaml 7 | commonLabels: 8 | app.kubernetes.io/name: thoth 9 | app.kubernetes.io/component: advise-reporter 10 | app.kubernetes.io/managed-by: aicoe-thoth-devops 11 | -------------------------------------------------------------------------------- /advise-reporter/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: advise-reporter 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/advise-reporter:v0.11.3 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Local 14 | -------------------------------------------------------------------------------- /advise-reporter/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: advise-reporter 6 | labels: 7 | app: thoth 8 | component: advise-reporter 9 | spec: 10 | suspend: false 11 | -------------------------------------------------------------------------------- /advise-reporter/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: advise-reporter 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/advise-reporter:v0.11.3 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Local 14 | -------------------------------------------------------------------------------- /advise-reporter/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: advise-reporter 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/advise-reporter:v0.11.3 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /advise-reporter/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/version: "0.6.0-dev" 5 | resources: 6 | - ../../base 7 | - thoth-notification.yaml 8 | images: 9 | - name: advise-reporter 10 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/advise-reporter 11 | newTag: latest 12 | patchesStrategicMerge: 13 | - imagestreamtag.yaml 14 | - cronjob.yaml 15 | -------------------------------------------------------------------------------- /adviser/OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | 3 | approvers: 4 | - fridex 5 | - goern 6 | reviewers: 7 | - harshad16 8 | - mayaCostantini 9 | -------------------------------------------------------------------------------- /adviser/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Adviser 2 | 3 | This is a standalove ArgoCD Application for Thoth's Adviser. It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not referneces from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | -------------------------------------------------------------------------------- /adviser/application.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: test-thoth-adviser 5 | spec: 6 | destination: 7 | namespace: thoth-test-core 8 | server: "https://api.thoth01.lab.upshift.rdu2.redhat.com:6443" 9 | source: 10 | path: adviser/overlays/test 11 | repoURL: "https://github.com/thoth-station/thoth-application.git" 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | selfHeal: true 20 | -------------------------------------------------------------------------------- /adviser/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: adviser 6 | data: 7 | validate-prescription-schema: "1" 8 | validate-unit-configuration-schema: "1" 9 | blocked-units: "SecurityIndicatorStep,ThothS2IAbiCompatibilitySieve" 10 | search-url: "https://thoth-station.ninja/search/advise/{document_id}/summary" 11 | -------------------------------------------------------------------------------- /adviser/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: adviser 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /adviser/overlays/moc-prod/advise-resources-patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/templates/0/container/resources 3 | value: 4 | requests: 5 | memory: "6Gi" 6 | cpu: "2.5" 7 | limits: 8 | memory: "6Gi" 9 | cpu: "2.5" 10 | -------------------------------------------------------------------------------- /adviser/overlays/moc-prod/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: adviser 6 | data: 7 | validate-prescription-schema: "0" 8 | validate-unit-configuration-schema: "0" 9 | blocked-units: "SecurityIndicatorStep,ThothS2IAbiCompatibilitySieve" 10 | search-url: "https://thoth-station.ninja/search/advise/{document_id}/summary" 11 | -------------------------------------------------------------------------------- /adviser/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: adviser 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/adviser:v0.56.3 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /adviser/overlays/moc-prod/put-into-amun-inspection-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-amun-inspection-prod 4 | -------------------------------------------------------------------------------- /adviser/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /adviser/overlays/ocp4-stage/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: adviser 6 | data: 7 | validate-prescription-schema: "1" 8 | validate-unit-configuration-schema: "1" 9 | blocked-units: "SecurityIndicatorStep,ThothS2IAbiCompatibilitySieve" 10 | search-url: "https://thoth-station.ninja/search/advise/{document_id}/summary" 11 | -------------------------------------------------------------------------------- /adviser/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: adviser 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/adviser:v0.56.3 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /adviser/overlays/ocp4-stage/put-into-amun-inspection-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-amun-inspection-stage 4 | -------------------------------------------------------------------------------- /adviser/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /adviser/overlays/test/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: adviser 6 | data: 7 | validate-prescription-schema: "1" 8 | validate-unit-configuration-schema: "1" 9 | blocked-units: "SecurityIndicatorStep,ThothS2IAbiCompatibilitySieve" 10 | -------------------------------------------------------------------------------- /adviser/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: adviser 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/adviser:v0.56.3 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /amun/.sops.yaml: -------------------------------------------------------------------------------- 1 | creation_rules: 2 | - encrypted_regex: '^(data|stringData|tls)$' 3 | pgp: "34AFE2A7C8E00ED66916D95DA9FBD7DE773B2A34, 87FC5D0ACF3AA48FCC029086262A80E41BCEEBF7, EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E, 8D191B7544E9CCC3547B25A877E5A5B31D13A647" 4 | -------------------------------------------------------------------------------- /amun/README.md: -------------------------------------------------------------------------------- 1 | # Amun 2 | 3 | This is a standalone ArgoCD Application for Amun. It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | -------------------------------------------------------------------------------- /amun/base/argo-workflows/OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | 3 | approvers: 4 | - KPostOffice 5 | - harshad16 6 | - fridex 7 | reviewers: 8 | - mayaCostantini 9 | -------------------------------------------------------------------------------- /amun/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: amun-api 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | --- 10 | apiVersion: image.openshift.io/v1 11 | kind: ImageStream 12 | metadata: 13 | name: amun-inspect-hwinfo 14 | spec: 15 | lookupPolicy: 16 | local: true 17 | --- 18 | apiVersion: image.openshift.io/v1 19 | kind: ImageStream 20 | metadata: 21 | name: kubectl 22 | spec: 23 | lookupPolicy: 24 | local: true 25 | -------------------------------------------------------------------------------- /amun/base/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Route 3 | apiVersion: route.openshift.io/v1 4 | metadata: 5 | name: amun-api 6 | spec: 7 | to: 8 | kind: Service 9 | name: amun-api 10 | -------------------------------------------------------------------------------- /amun/base/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | name: amun-api 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 80 11 | targetPort: 8080 12 | selector: 13 | service: amun-api 14 | app.kubernetes.io/name: thoth 15 | app.kubernetes.io/component: amun 16 | app.kubernetes.io/managed-by: aicoe-thoth-devops 17 | -------------------------------------------------------------------------------- /amun/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: amun-api 6 | --- 7 | apiVersion: v1 8 | kind: ServiceAccount 9 | metadata: 10 | name: amun-api-workflow 11 | --- 12 | apiVersion: v1 13 | kind: ServiceAccount 14 | metadata: 15 | name: amun-prepare-workflow 16 | -------------------------------------------------------------------------------- /amun/overlays/moc-prod/amun-api/put-into-inspection-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-amun-inspection-prod 4 | -------------------------------------------------------------------------------- /amun/overlays/moc-prod/amun-api/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /amun/overlays/moc-prod/amun-inspection/argo-ui-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: argo-server 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 2746 11 | targetPort: 2746 12 | selector: 13 | app: argo-server 14 | --- 15 | apiVersion: route.openshift.io/v1 16 | kind: Route 17 | metadata: 18 | name: argo-ui 19 | spec: 20 | port: 21 | targetPort: 2746 22 | to: 23 | kind: Service 24 | name: argo-server 25 | weight: 100 26 | -------------------------------------------------------------------------------- /amun/overlays/moc-prod/amun-inspection/argo-workflow-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: workflow-controller-metrics 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 80 11 | targetPort: 8080 12 | selector: 13 | app: workflow-controller 14 | --- 15 | apiVersion: route.openshift.io/v1 16 | kind: Route 17 | metadata: 18 | name: workflow-controller-metrics 19 | spec: 20 | to: 21 | kind: Service 22 | name: workflow-controller-metrics 23 | weight: 100 24 | wildcardPolicy: None 25 | -------------------------------------------------------------------------------- /amun/overlays/moc-prod/common/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - configmaps.yaml 5 | -------------------------------------------------------------------------------- /amun/overlays/ocp4-stage/amun-api/put-into-inspection-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-amun-inspection-stage 4 | -------------------------------------------------------------------------------- /amun/overlays/ocp4-stage/amun-api/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | - ./route.enc.yaml 8 | -------------------------------------------------------------------------------- /amun/overlays/ocp4-stage/amun-inspection/argo-ui-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: argo-server 6 | spec: 7 | ports: 8 | - port: 2746 9 | targetPort: 2746 10 | selector: 11 | app: argo-server 12 | --- 13 | apiVersion: route.openshift.io/v1 14 | kind: Route 15 | metadata: 16 | name: argo-ui 17 | spec: 18 | port: 19 | targetPort: 2746 20 | to: 21 | kind: Service 22 | name: argo-server 23 | weight: 100 24 | -------------------------------------------------------------------------------- /amun/overlays/ocp4-stage/amun-inspection/argo-workflow-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: workflow-controller-metrics 6 | spec: 7 | ports: 8 | - port: 80 9 | protocol: TCP 10 | targetPort: 8080 11 | selector: 12 | app: workflow-controller 13 | --- 14 | apiVersion: route.openshift.io/v1 15 | kind: Route 16 | metadata: 17 | name: workflow-controller-metrics 18 | spec: 19 | to: 20 | kind: Service 21 | name: workflow-controller-metrics 22 | weight: 100 23 | wildcardPolicy: None 24 | -------------------------------------------------------------------------------- /amun/overlays/ocp4-stage/common/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - configmaps.yaml 5 | -------------------------------------------------------------------------------- /amun/overlays/test/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | - ./route.enc.yaml 8 | -------------------------------------------------------------------------------- /build-watcher/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Build Watcher 2 | 3 | Watches for builds done in OpenShift and automatically submit newly built images to Thoth's image analysis. 4 | 5 | This is a standalone ArgoCD Application for Thoth Build Watcher.
6 | It is meant to be deployed into a separate OpenShift Project,
7 | therefore it is not references from the `kustomization.yaml` file at the root directory of this repository. 8 | -------------------------------------------------------------------------------- /build-watcher/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: build-watcher 6 | data: 7 | build-analysis-no-build-log: "0" 8 | # We do not need to extract packages out of container images. We have 9 | # inspection specification where all the relevant information can be found. 10 | # No need to add these data to the database. 11 | build-analysis-no-base-image: "1" 12 | build-analysis-no-output-image: "1" 13 | kubernetes-verify-tls: "0" 14 | log-build-watcher: "INFO" 15 | logging-no-json: "0" 16 | -------------------------------------------------------------------------------- /build-watcher/base/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: build-watcher 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /build-watcher/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - configmap.yaml 5 | - imagestreamtag.yaml 6 | - serviceaccount.yaml 7 | - role.yaml 8 | - deploymentconfig.yaml 9 | commonLabels: 10 | app.kubernetes.io/name: thoth 11 | app.kubernetes.io/component: build-watcher 12 | app.kubernetes.io/managed-by: aicoe-thoth-devops 13 | -------------------------------------------------------------------------------- /build-watcher/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: build-watcher 6 | -------------------------------------------------------------------------------- /build-watcher/overlays/amun-api/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: build-watcher 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/build-watcher:v0.8.0 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /build-watcher/overlays/amun-api/put-into-inspection-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-amun-inspection-stage 4 | -------------------------------------------------------------------------------- /build-watcher/overlays/amun-api/role-binding.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: build-watcher 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: Role 9 | name: build-watcher 10 | subjects: 11 | - kind: ServiceAccount 12 | name: build-watcher 13 | namespace: thoth-amun-api-stage 14 | -------------------------------------------------------------------------------- /build-watcher/overlays/amun-api/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /buildlog-parser/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: buildlog-parser 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /buildlog-parser/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - argo-workflows/buildlog-parser.yaml 5 | - imagestream.yaml 6 | commonLabels: 7 | app.kubernetes.io/name: thoth 8 | app.kubernetes.io/component: buildlog-parser 9 | app.kubernetes.io/managed-by: aicoe-thoth-devops 10 | -------------------------------------------------------------------------------- /buildlog-parser/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: buildlog-parser 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/buildlog-parser:v0.1.0 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /buildlog-parser/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: buildlog-parser 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/buildlog-parser:v0.1.0 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /buildlog-parser/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: buildlog-parser 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/buildlog-parser:v0.1.0 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /buildlog-parser/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/version: "0.9" 5 | resources: 6 | - ../../base 7 | - thoth-notification.yaml 8 | patchesStrategicMerge: 9 | - imagestreamtag.yaml 10 | patches: 11 | - patch: |- 12 | - op: replace 13 | path: /spec/templates/0/container/image 14 | value: image-registry.openshift-image-registry.svc:5000/thoth-test-core/buildlog-parser:latest 15 | target: 16 | group: argoproj.io 17 | version: v1alpha1 18 | kind: WorkflowTemplate 19 | annotationSelector: "operation=buildlog-parser" 20 | -------------------------------------------------------------------------------- /chat-notification/application.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: test-thoth-chat-notification 5 | spec: 6 | destination: 7 | namespace: thoth-test-core 8 | server: 'https://api.thoth01.lab.upshift.rdu2.redhat.com:6443' 9 | source: 10 | path: chat-notification/overlays/test 11 | repoURL: 'https://github.com/thoth-station/thoth-application.git' 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | selfHeal: true 20 | -------------------------------------------------------------------------------- /chat-notification/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app: aicoe-cd 5 | component: chat-notification 6 | -------------------------------------------------------------------------------- /chat-notification/overlays/moc-prod/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | generators: 7 | - secret-generator.yaml 8 | generatorOptions: 9 | disableNameSuffixHash: true 10 | -------------------------------------------------------------------------------- /chat-notification/overlays/moc-prod/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /chat-notification/overlays/ocp4-stage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | generatorOptions: 7 | disableNameSuffixHash: true 8 | generators: 9 | - ./secret-generator.yaml 10 | -------------------------------------------------------------------------------- /chat-notification/overlays/ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /chat-notification/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | generatorOptions: 7 | disableNameSuffixHash: true 8 | generators: 9 | - ./secret-generator.yaml 10 | -------------------------------------------------------------------------------- /chat-notification/overlays/test/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /core/application-backend-stage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: stage-thoth-core-backend 5 | spec: 6 | destination: 7 | namespace: thoth-backend-stage 8 | server: "https://api.ocp.prod.psi.redhat.com:6443" 9 | source: 10 | path: core/overlays/backend-stage 11 | repoURL: "https://github.com/thoth-station/thoth-application.git" 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | selfHeal: true 20 | prune: true 21 | -------------------------------------------------------------------------------- /core/application-frontend-stage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: stage-thoth-core-frontend 5 | spec: 6 | destination: 7 | namespace: thoth-frontend-stage 8 | server: "https://api.ocp.prod.psi.redhat.com:6443" 9 | source: 10 | path: core/overlays/frontend-stage 11 | repoURL: "https://github.com/thoth-station/thoth-application.git" 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | selfHeal: true 20 | prune: true 21 | -------------------------------------------------------------------------------- /core/application-graph-stage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: stage-thoth-core-graph 5 | spec: 6 | destination: 7 | namespace: thoth-graph-stage 8 | server: 'https://api.ocp.prod.psi.redhat.com:6443' 9 | source: 10 | path: core/overlays/graph-stage 11 | repoURL: 'https://github.com/thoth-station/thoth-application.git' 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | selfHeal: true 20 | -------------------------------------------------------------------------------- /core/application-infra-stage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: stage-thoth-core-infra 5 | spec: 6 | destination: 7 | namespace: thoth-infra-stage 8 | server: "https://api.ocp.prod.psi.redhat.com:6443" 9 | source: 10 | path: core/overlays/infra-stage 11 | repoURL: "https://github.com/thoth-station/thoth-application.git" 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | selfHeal: true 20 | prune: true 21 | -------------------------------------------------------------------------------- /core/application-middletier-stage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: stage-thoth-core-middletier 5 | spec: 6 | destination: 7 | namespace: thoth-middletier-stage 8 | server: "https://api.ocp.prod.psi.redhat.com:6443" 9 | source: 10 | path: core/overlays/middletier-stage 11 | repoURL: "https://github.com/thoth-station/thoth-application.git" 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | prune: true 20 | selfHeal: true 21 | -------------------------------------------------------------------------------- /core/base/argo-management.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: workflow-role 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - secrets 11 | verbs: 12 | - get 13 | - watch 14 | - list 15 | - apiGroups: 16 | - "" 17 | resources: 18 | - pods 19 | verbs: 20 | - get 21 | - watch 22 | - patch 23 | - delete 24 | - apiGroups: 25 | - "" 26 | resources: 27 | - pods/log 28 | verbs: 29 | - get 30 | - watch 31 | -------------------------------------------------------------------------------- /core/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: core 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - argo-management.yaml 9 | - configmaps.yaml 10 | - imagestreams.yaml 11 | - argo-workflows/send-message.yaml 12 | - argo-workflows/send-messages.yaml 13 | - argo-workflows/send-webhooks.yaml 14 | - send-webhooks-sa.yaml 15 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/backend-prod/argo-ui-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: argo-server 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 2746 11 | targetPort: 2746 12 | selector: 13 | app: argo-server 14 | --- 15 | apiVersion: route.openshift.io/v1 16 | kind: Route 17 | metadata: 18 | name: argo-ui 19 | spec: 20 | port: 21 | targetPort: 2746 22 | to: 23 | kind: Service 24 | name: argo-server 25 | weight: 100 26 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/backend-prod/argo-workflow-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: workflow-controller-metrics 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 80 11 | targetPort: 8080 12 | selector: 13 | app: workflow-controller 14 | --- 15 | apiVersion: route.openshift.io/v1 16 | kind: Route 17 | metadata: 18 | name: workflow-controller-metrics 19 | spec: 20 | to: 21 | kind: Service 22 | name: workflow-controller-metrics 23 | weight: 100 24 | wildcardPolicy: None 25 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/common/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../../base/ 5 | - roles/ 6 | patchesStrategicMerge: 7 | - argo-workflows/send-message.yaml 8 | - argo-workflows/send-messages.yaml 9 | - configmaps.yaml 10 | - imagestreamtags.yaml 11 | generators: 12 | - secret-generator.yaml 13 | generatorOptions: 14 | disableNameSuffixHash: true 15 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/common/roles/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - metrics-exporter-reader.yaml 5 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/common/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/frontend-prod/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../common/ 5 | - thoth-notification.yaml 6 | - service-monitor.yaml 7 | patches: 8 | - patch: |- 9 | - op: add 10 | path: /metadata/namespace 11 | value: "thoth-infra-prod" 12 | target: 13 | group: batch 14 | version: v1 15 | kind: Job 16 | annotationSelector: "operation=chat-notification" 17 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/graph-prod/ceph-storage.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: objectbucket.io/v1alpha1 3 | kind: ObjectBucketClaim 4 | metadata: 5 | name: smaug-ceph 6 | spec: 7 | bucketName: thoth 8 | storageClassName: openshift-storage.noobaa.io 9 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/graph-prod/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../common/ 5 | - ceph-storage.yaml 6 | - pgbouncer.yaml 7 | - postgresql.yaml 8 | - postgresql-metrics-exporter.yaml 9 | - service-monitor.yaml 10 | - thoth-notification.yaml 11 | patches: 12 | - patch: |- 13 | - op: add 14 | path: /metadata/namespace 15 | value: "thoth-infra-prod" 16 | target: 17 | group: batch 18 | version: v1 19 | kind: Job 20 | annotationSelector: "operation=chat-notification" 21 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/infra-prod/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../common/ 5 | - pushgateway.yaml 6 | - thoth-notification.yaml 7 | - service-monitor.yaml 8 | patches: 9 | - patch: |- 10 | - op: add 11 | path: /metadata/namespace 12 | value: "thoth-infra-prod" 13 | target: 14 | group: batch 15 | version: v1 16 | kind: Job 17 | annotationSelector: "operation=chat-notification" 18 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/middletier-prod/argo-ui-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: argo-server 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 2746 11 | targetPort: 2746 12 | selector: 13 | app: argo-server 14 | --- 15 | apiVersion: route.openshift.io/v1 16 | kind: Route 17 | metadata: 18 | name: argo-ui 19 | spec: 20 | port: 21 | targetPort: 2746 22 | to: 23 | kind: Service 24 | name: argo-server 25 | weight: 100 26 | -------------------------------------------------------------------------------- /core/overlays/moc-prod/middletier-prod/argo-workflow-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: workflow-controller-metrics 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 80 11 | targetPort: 8080 12 | selector: 13 | app: workflow-controller 14 | --- 15 | apiVersion: route.openshift.io/v1 16 | kind: Route 17 | metadata: 18 | name: workflow-controller-metrics 19 | spec: 20 | to: 21 | kind: Service 22 | name: workflow-controller-metrics 23 | weight: 100 24 | wildcardPolicy: None 25 | -------------------------------------------------------------------------------- /core/overlays/ocp4-stage/backend-stage/argo-ui-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: argo-server 6 | spec: 7 | ports: 8 | - port: 2746 9 | targetPort: 2746 10 | selector: 11 | app: argo-server 12 | --- 13 | apiVersion: route.openshift.io/v1 14 | kind: Route 15 | metadata: 16 | name: argo-ui 17 | spec: 18 | port: 19 | targetPort: 2746 20 | to: 21 | kind: Service 22 | name: argo-server 23 | weight: 100 24 | -------------------------------------------------------------------------------- /core/overlays/ocp4-stage/backend-stage/argo-workflow-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: workflow-controller-metrics 6 | spec: 7 | ports: 8 | - port: 80 9 | protocol: TCP 10 | targetPort: 8080 11 | selector: 12 | app: workflow-controller 13 | --- 14 | apiVersion: route.openshift.io/v1 15 | kind: Route 16 | metadata: 17 | name: workflow-controller-metrics 18 | spec: 19 | to: 20 | kind: Service 21 | name: workflow-controller-metrics 22 | weight: 100 23 | wildcardPolicy: None 24 | -------------------------------------------------------------------------------- /core/overlays/ocp4-stage/common/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../../base/ 5 | - roles/ 6 | patchesStrategicMerge: 7 | - configmaps.yaml 8 | - imagestreamtags.yaml 9 | generatorOptions: 10 | disableNameSuffixHash: true 11 | generators: 12 | - ./secret-generator.yaml 13 | -------------------------------------------------------------------------------- /core/overlays/ocp4-stage/common/roles/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - metrics-exporter-reader.yaml 5 | -------------------------------------------------------------------------------- /core/overlays/ocp4-stage/common/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /core/overlays/ocp4-stage/frontend-stage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../common/ 5 | - thoth-notification.yaml 6 | patches: 7 | - patch: |- 8 | - op: add 9 | path: /metadata/namespace 10 | value: "thoth-infra-stage" 11 | target: 12 | group: batch 13 | version: v1 14 | kind: Job 15 | annotationSelector: "operation=chat-notification" 16 | -------------------------------------------------------------------------------- /core/overlays/ocp4-stage/graph-stage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../common/ 5 | - pgbouncer.yaml 6 | - postgresql.yaml 7 | - postgresql-metrics-exporter.yaml 8 | - thoth-notification.yaml 9 | patches: 10 | - patch: |- 11 | - op: add 12 | path: /metadata/namespace 13 | value: "thoth-infra-stage" 14 | target: 15 | group: batch 16 | version: v1 17 | kind: Job 18 | annotationSelector: "operation=chat-notification" 19 | -------------------------------------------------------------------------------- /core/overlays/ocp4-stage/infra-stage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../common/ 5 | - thoth-notification.yaml 6 | patches: 7 | - patch: |- 8 | - op: add 9 | path: /metadata/namespace 10 | value: "thoth-infra-stage" 11 | target: 12 | group: batch 13 | version: v1 14 | kind: Job 15 | annotationSelector: "operation=chat-notification" 16 | -------------------------------------------------------------------------------- /core/overlays/ocp4-stage/middletier-stage/argo-ui-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: argo-server 6 | spec: 7 | ports: 8 | - port: 2746 9 | targetPort: 2746 10 | selector: 11 | app: argo-server 12 | --- 13 | apiVersion: route.openshift.io/v1 14 | kind: Route 15 | metadata: 16 | name: argo-ui 17 | spec: 18 | port: 19 | targetPort: 2746 20 | to: 21 | kind: Service 22 | name: argo-server 23 | weight: 100 24 | -------------------------------------------------------------------------------- /core/overlays/ocp4-stage/middletier-stage/argo-workflow-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: workflow-controller-metrics 6 | spec: 7 | ports: 8 | - port: 80 9 | protocol: TCP 10 | targetPort: 8080 11 | selector: 12 | app: workflow-controller 13 | --- 14 | apiVersion: route.openshift.io/v1 15 | kind: Route 16 | metadata: 17 | name: workflow-controller-metrics 18 | spec: 19 | to: 20 | kind: Service 21 | name: workflow-controller-metrics 22 | weight: 100 23 | wildcardPolicy: None 24 | -------------------------------------------------------------------------------- /core/overlays/test/argo-ui-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: argo-server 6 | spec: 7 | ports: 8 | - port: 2746 9 | targetPort: 2746 10 | selector: 11 | app: argo-server 12 | --- 13 | apiVersion: route.openshift.io/v1 14 | kind: Route 15 | metadata: 16 | name: argo-ui 17 | spec: 18 | port: 19 | targetPort: 2746 20 | to: 21 | kind: Service 22 | name: argo-server 23 | weight: 100 24 | -------------------------------------------------------------------------------- /core/overlays/test/argo-workflow-controller.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: workflow-controller-metrics 6 | spec: 7 | ports: 8 | - port: 80 9 | protocol: TCP 10 | targetPort: 8080 11 | selector: 12 | app: workflow-controller 13 | --- 14 | apiVersion: route.openshift.io/v1 15 | kind: Route 16 | metadata: 17 | name: workflow-controller-metrics 18 | spec: 19 | to: 20 | kind: Service 21 | name: workflow-controller-metrics 22 | weight: 100 23 | wildcardPolicy: None 24 | -------------------------------------------------------------------------------- /core/overlays/test/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /cve-update/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: cve-update-job 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /cve-update/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - cronjob.yaml 5 | - imagestream.yaml 6 | generatorOptions: 7 | disableNameSuffixHash: true 8 | commonLabels: 9 | app: thoth 10 | component: cve-update 11 | -------------------------------------------------------------------------------- /cve-update/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: cve-update-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/cve-update-job:v0.5.7 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /cve-update/overlays/moc-prod/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | patchesStrategicMerge: 7 | - imagestreamtag.yaml 8 | - cronjob.yaml 9 | patches: 10 | - patch: |- 11 | - op: add 12 | path: /metadata/namespace 13 | value: "thoth-infra-prod" 14 | target: 15 | group: batch 16 | version: v1 17 | kind: Job 18 | annotationSelector: "operation=chat-notification" 19 | images: 20 | - name: cve-update-job 21 | newName: image-registry.openshift-image-registry.svc:5000/thoth-frontend-prod/cve-update-job 22 | newTag: latest 23 | -------------------------------------------------------------------------------- /cve-update/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: batch/v1beta1 3 | kind: CronJob 4 | metadata: 5 | name: cve-update 6 | labels: 7 | app: thoth 8 | component: cve-update 9 | spec: 10 | suspend: false 11 | -------------------------------------------------------------------------------- /cve-update/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: cve-update-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/cve-update-job:v0.5.7 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /cve-update/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: batch/v1beta1 3 | kind: CronJob 4 | metadata: 5 | name: cve-update 6 | labels: 7 | app: thoth 8 | component: cve-update 9 | spec: 10 | suspend: true 11 | -------------------------------------------------------------------------------- /cve-update/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: cve-update-job 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/cve-update-job:v0.5.7 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /cve-update/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | patchesStrategicMerge: 7 | - imagestreamtag.yaml 8 | - cronjob.yaml 9 | images: 10 | - name: cve-update-job 11 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/cve-update-job 12 | newTag: latest 13 | -------------------------------------------------------------------------------- /document-sync-job/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | labels: 5 | app: thoth 6 | component: document-sync 7 | name: document-sync-job 8 | spec: 9 | lookupPolicy: 10 | local: true 11 | -------------------------------------------------------------------------------- /document-sync-job/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - cronjob.yaml 5 | - imagestream.yaml 6 | commonLabels: 7 | app: thoth 8 | component: document-sync 9 | generators: 10 | - secret-generator.yaml 11 | generatorOptions: 12 | disableNameSuffixHash: true 13 | -------------------------------------------------------------------------------- /document-sync-job/base/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /document-sync-job/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: document-sync 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /document-sync-job/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | labels: 5 | app: thoth 6 | component: document-sync 7 | name: document-sync-job 8 | spec: 9 | tags: 10 | - name: latest 11 | from: 12 | kind: DockerImage 13 | name: quay.io/thoth-station/document-sync-job:v0.3.1 14 | importPolicy: {} 15 | referencePolicy: 16 | type: Local 17 | -------------------------------------------------------------------------------- /document-sync-job/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: document-sync 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /document-sync-job/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | labels: 5 | app: thoth 6 | component: document-sync 7 | name: document-sync-job 8 | spec: 9 | tags: 10 | - name: latest 11 | from: 12 | kind: DockerImage 13 | name: quay.io/thoth-station/document-sync-job:v0.1.0 14 | importPolicy: {} 15 | referencePolicy: 16 | type: Local 17 | -------------------------------------------------------------------------------- /document-sync-job/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: document-sync-job 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/document-sync-job 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - imagestreamtag.yaml 12 | - cronjob.yaml 13 | -------------------------------------------------------------------------------- /grafana-dashboard/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app: thoth 5 | component: grafana-dashboard 6 | -------------------------------------------------------------------------------- /graph-backup-job/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: graph-backup-job 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /graph-backup-job/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - cronjob.yaml 6 | - imagestream.yaml 7 | generatorOptions: 8 | disableNameSuffixHash: true 9 | commonLabels: 10 | app: thoth 11 | component: graph-backup-job 12 | -------------------------------------------------------------------------------- /graph-backup-job/overlays/moc-prod/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: graph-backup 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /graph-backup-job/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-backup-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/graph-backup-job:v0.10.1 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /graph-backup-job/overlays/moc-prod/pvc.yaml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: dbbackup 5 | spec: 6 | accessModes: 7 | - ReadWriteOnce 8 | resources: 9 | requests: 10 | storage: 20Gi 11 | storageClassName: ocs-external-storagecluster-ceph-rbd 12 | volumeMode: Filesystem 13 | -------------------------------------------------------------------------------- /graph-backup-job/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: graph-backup 6 | spec: 7 | suspend: false 8 | -------------------------------------------------------------------------------- /graph-backup-job/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-backup-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/graph-backup-job:v0.10.1 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /graph-backup-job/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: graph-backup 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /graph-backup-job/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-backup-job 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/graph-backup-job:v0.10.1 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /graph-backup-job/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: graph-backup-job 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/graph-backup-job 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - cronjob.yaml 12 | - imagestreamtag.yaml 13 | -------------------------------------------------------------------------------- /graph-metrics-exporter/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: graph-metrics-exporter 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /graph-metrics-exporter/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - cronjob.yaml 6 | - imagestream.yaml 7 | generatorOptions: 8 | disableNameSuffixHash: true 9 | commonLabels: 10 | app: thoth 11 | component: graph-metrics-exporter 12 | -------------------------------------------------------------------------------- /graph-metrics-exporter/overlays/moc-prod/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: graph-metrics-exporter 6 | spec: 7 | suspend: false 8 | -------------------------------------------------------------------------------- /graph-metrics-exporter/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-metrics-exporter 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/graph-metrics-exporter:v0.6.5 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /graph-metrics-exporter/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: graph-metrics-exporter 6 | spec: 7 | suspend: false 8 | -------------------------------------------------------------------------------- /graph-metrics-exporter/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-metrics-exporter 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/graph-metrics-exporter:v0.6.5 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /graph-metrics-exporter/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: graph-metrics-exporter 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /graph-metrics-exporter/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-metrics-exporter 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/graph-metrics-exporter:v0.6.5 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /graph-metrics-exporter/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: graph-metrics-exporter 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/graph-metrics-exporter 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - cronjob.yaml 12 | - imagestreamtag.yaml 13 | -------------------------------------------------------------------------------- /graph-refresh/README.md: -------------------------------------------------------------------------------- 1 | # Thoth's graph refresh Job 2 | 3 | This is a standalone ArgoCD Application for Thoth's graph refresh job. It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | 7 | The deployment generated by kustomize can be evaluated against Open Policy Agent policies 8 | using: `kustomize build --enable_alpha_plugins overlays/test | conftest test --policy ../policy -`. 9 | -------------------------------------------------------------------------------- /graph-refresh/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: graph-refresh-job 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /graph-refresh/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - cronjob.yaml 5 | - serviceaccount.yaml 6 | - role.yaml 7 | - imagestream.yaml 8 | generatorOptions: 9 | disableNameSuffixHash: true 10 | commonLabels: 11 | app: thoth 12 | component: graph-refresh 13 | -------------------------------------------------------------------------------- /graph-refresh/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: graph-refresh-job 6 | -------------------------------------------------------------------------------- /graph-refresh/graph-refresh-application-test.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: test-thoth-graph-refresh 5 | spec: 6 | destination: 7 | namespace: thoth-test-core 8 | server: 'https://api.ocp.prod.psi.redhat.com:6443' 9 | source: 10 | path: graph-refresh/overlays/test 11 | repoURL: 'https://github.com/thoth-station/thoth-application.git' 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | selfHeal: false 20 | -------------------------------------------------------------------------------- /graph-refresh/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-refresh-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/graph-refresh-job:v0.3.22 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /graph-refresh/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /graph-refresh/overlays/moc-prod/put-into-middletier-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-middletier-prod 4 | -------------------------------------------------------------------------------- /graph-refresh/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: graph-refresh 6 | spec: 7 | suspend: false 8 | -------------------------------------------------------------------------------- /graph-refresh/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-refresh-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/graph-refresh-job:v0.3.22 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /graph-refresh/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /graph-refresh/overlays/ocp4-stage/put-into-middletier-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-middletier-stage 4 | -------------------------------------------------------------------------------- /graph-refresh/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: graph-refresh 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /graph-refresh/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-refresh-job 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/graph-refresh-job:v0.3.22 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /graph-refresh/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - rolebindings.yaml 6 | - thoth-notification.yaml 7 | images: 8 | - name: graph-refresh-job 9 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/graph-refresh-job 10 | newTag: latest 11 | patchesStrategicMerge: 12 | - cronjob.yaml 13 | - imagestreamtag.yaml 14 | -------------------------------------------------------------------------------- /graph-schema-update/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: graph-update-schema 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | generatorOptions: 8 | disableNameSuffixHash: true 9 | resources: 10 | - openshift-templates/graph-schema-update-job-template.yaml 11 | -------------------------------------------------------------------------------- /graph-schema-update/overlays/moc-prod/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: graph-schema-update 6 | resources: 7 | - ../../base 8 | - thoth-notification.yaml 9 | patches: 10 | - path: put-into-infra-namespace.yaml 11 | target: 12 | group: batch 13 | version: v1 14 | kind: Job 15 | annotationSelector: "operation=chat-notification" 16 | - path: put-into-infra-namespace.yaml 17 | target: 18 | group: template.openshift.io 19 | version: v1 20 | kind: Template 21 | name: graph-schema-update-job 22 | -------------------------------------------------------------------------------- /graph-schema-update/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /graph-schema-update/overlays/ocp4-stage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: graph-schema-update 6 | resources: 7 | - ../../base 8 | - thoth-notification.yaml 9 | patches: 10 | - path: put-into-infra-namespace.yaml 11 | target: 12 | group: batch 13 | version: v1 14 | kind: Job 15 | annotationSelector: "operation=chat-notification" 16 | - path: put-into-infra-namespace.yaml 17 | target: 18 | group: template.openshift.io 19 | version: v1 20 | kind: Template 21 | name: graph-schema-update-job 22 | -------------------------------------------------------------------------------- /graph-schema-update/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /graph-schema-update/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: graph-schema-update-job 6 | resources: 7 | - ../../base 8 | - thoth-notification.yaml 9 | -------------------------------------------------------------------------------- /graph-sync/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: graph-sync-job 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /graph-sync/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: graph-sync 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | generatorOptions: 8 | disableNameSuffixHash: true 9 | resources: 10 | - imagestream.yaml 11 | - argo-workflows/sync-template.yaml 12 | - openshift-templates/syncJob-template.yaml 13 | - openshift-templates/graph-sync.yaml 14 | -------------------------------------------------------------------------------- /graph-sync/overlays/moc-prod/common/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-sync-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/graph-sync-job:v0.11.1 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /graph-sync/overlays/moc-prod/common/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../../base 5 | patchesStrategicMerge: 6 | - imagestreamtag.yaml 7 | patches: 8 | - path: put-into-infra-namespace.yaml 9 | target: 10 | group: template.openshift.io 11 | version: v1 12 | kind: Template 13 | name: graph-sync-job 14 | - path: put-into-infra-namespace.yaml 15 | target: 16 | group: template.openshift.io 17 | version: v1 18 | kind: Template 19 | name: graph-sync 20 | -------------------------------------------------------------------------------- /graph-sync/overlays/moc-prod/common/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /graph-sync/overlays/ocp4-stage/common/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-sync-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/graph-sync-job:v0.11.1 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /graph-sync/overlays/ocp4-stage/common/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../../base 5 | patchesStrategicMerge: 6 | - imagestreamtag.yaml 7 | patches: 8 | - path: put-into-infra-namespace.yaml 9 | target: 10 | group: template.openshift.io 11 | version: v1 12 | kind: Template 13 | name: graph-sync-job 14 | - path: put-into-infra-namespace.yaml 15 | target: 16 | group: template.openshift.io 17 | version: v1 18 | kind: Template 19 | name: graph-sync 20 | -------------------------------------------------------------------------------- /graph-sync/overlays/ocp4-stage/common/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /graph-sync/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: graph-sync-job 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/graph-sync-job:v0.11.1 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /graph-sync/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: graph-sync 6 | resources: 7 | - ../../base 8 | - thoth-notification.yaml 9 | patchesStrategicMerge: 10 | - imagestreamtag.yaml 11 | patches: 12 | - patch: |- 13 | - op: replace 14 | path: /spec/templates/0/container/image 15 | value: image-registry.openshift-image-registry.svc:5000/thoth-test-core/graph-sync-job:latest 16 | target: 17 | group: argoproj.io 18 | version: v1alpha1 19 | kind: WorkflowTemplate 20 | name: graph-sync 21 | -------------------------------------------------------------------------------- /init-job/base/generate-name.yaml: -------------------------------------------------------------------------------- 1 | - op: copy 2 | from: /metadata/name 3 | path: /metadata/generateName 4 | -------------------------------------------------------------------------------- /init-job/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: init-job 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /init-job/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: init-job 5 | -------------------------------------------------------------------------------- /init-job/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: init-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/init-job:v0.8.1 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /init-job/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | patchesStrategicMerge: 7 | - imagestreamtag.yaml 8 | -------------------------------------------------------------------------------- /integration-tests/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: integration-tests 6 | data: 7 | mail-report: "1" 8 | generate-report: "1" 9 | tags: "" 10 | logging-no-json: "1" 11 | -------------------------------------------------------------------------------- /integration-tests/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: integration-tests 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /integration-tests/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app: thoth 5 | component: integration-tests 6 | generatorOptions: 7 | disableNameSuffixHash: true 8 | resources: 9 | - configmap.yaml 10 | - cronjob.yaml 11 | - imagestream.yaml 12 | -------------------------------------------------------------------------------- /integration-tests/overlays/moc-prod-ocp4-stage/README.rst: -------------------------------------------------------------------------------- 1 | Integration tests for smaug-prod 2 | ------------------------------ 3 | 4 | This overlay keeps manifests needed to run integration tests for smaug-prod. Note 5 | integration tests are executed in ocp4-stage. 6 | -------------------------------------------------------------------------------- /integration-tests/overlays/moc-prod-ocp4-stage/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: integration-tests 6 | data: 7 | deployment-name: "smaug-prod" 8 | user-api: "api.moc.thoth-station.ninja" 9 | management-api: "management.moc.thoth-station.ninja" 10 | amun-api: "amun.moc.thoth-station.ninja" 11 | tags: "~@seizes_middletier_namespace,~@seizes_amun_inspection_namespace" 12 | -------------------------------------------------------------------------------- /integration-tests/overlays/moc-prod-ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: batch/v1beta1 3 | kind: CronJob 4 | metadata: 5 | name: integration-tests 6 | labels: 7 | app: thoth 8 | component: integration-tests 9 | spec: 10 | suspend: true 11 | -------------------------------------------------------------------------------- /integration-tests/overlays/moc-prod-ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: integration-tests 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/integration-tests:v0.11.5 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /integration-tests/overlays/moc-prod-ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /integration-tests/overlays/ocp4-stage/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: integration-tests 6 | data: 7 | deployment-name: "ocp4-stage" 8 | user-api: "stage.thoth-station.ninja" 9 | management-api: "management.stage.thoth-station.ninja" 10 | amun-api: "amun.stage.thoth-station.ninja" 11 | tags: "~@seizes_middletier_namespace" 12 | -------------------------------------------------------------------------------- /integration-tests/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: batch/v1beta1 3 | kind: CronJob 4 | metadata: 5 | name: integration-tests 6 | labels: 7 | app: thoth 8 | component: integration-tests 9 | spec: 10 | suspend: false 11 | -------------------------------------------------------------------------------- /integration-tests/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: integration-tests 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/integration-tests:v0.11.5 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /integration-tests/overlays/ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /integration-tests/overlays/test/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: integration-tests 6 | data: 7 | deployment-name: "ocp4-test" 8 | user-api: "test.thoth-station.ninja" 9 | management-api: "management.test.thoth-station.ninja" 10 | amun-api: "amun.test.thoth-station.ninja" 11 | -------------------------------------------------------------------------------- /integration-tests/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: batch/v1beta1 3 | kind: CronJob 4 | metadata: 5 | name: integration-tests 6 | labels: 7 | app: thoth 8 | component: integration-tests 9 | spec: 10 | suspend: true 11 | -------------------------------------------------------------------------------- /integration-tests/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: integration-tests 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/integration-tests:v0.11.5 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /integration-tests/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: integration-tests 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/integration-tests 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - configmap.yaml 12 | - cronjob.yaml 13 | - imagestreamtag.yaml 14 | generators: 15 | - ./secret-generator.yaml 16 | -------------------------------------------------------------------------------- /integration-tests/overlays/test/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /investigator/OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | 3 | approvers: 4 | - fridex 5 | - harshad16 6 | reviewers: 7 | - mayaCostantini 8 | - tumido 9 | -------------------------------------------------------------------------------- /investigator/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Investigator (Consumer) 2 | 3 | This is a standalone ArgoCD Application for Thoth Investigator (Consumer). It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | -------------------------------------------------------------------------------- /investigator/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - serviceaccount.yaml 5 | commonLabels: 6 | app.kubernetes.io/name: thoth 7 | app.kubernetes.io/component: investigator 8 | app.kubernetes.io/managed-by: aicoe-thoth-devops 9 | -------------------------------------------------------------------------------- /investigator/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: investigator 6 | -------------------------------------------------------------------------------- /investigator/overlays/moc-prod/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Route 3 | apiVersion: route.openshift.io/v1 4 | metadata: 5 | name: investigator-faust-web 6 | spec: 7 | to: 8 | kind: Service 9 | name: investigator-faust-web 10 | -------------------------------------------------------------------------------- /investigator/overlays/moc-prod/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | name: investigator-faust-web 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 80 11 | targetPort: 6066 12 | selector: 13 | service: investigator-consumer 14 | app.kubernetes.io/name: thoth 15 | app.kubernetes.io/component: investigator 16 | app.kubernetes.io/managed-by: aicoe-thoth-devops 17 | -------------------------------------------------------------------------------- /investigator/overlays/ocp4-stage/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Route 3 | apiVersion: route.openshift.io/v1 4 | metadata: 5 | name: investigator-faust-web 6 | spec: 7 | to: 8 | kind: Service 9 | name: investigator-faust-web 10 | -------------------------------------------------------------------------------- /investigator/overlays/ocp4-stage/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | name: investigator-faust-web 6 | spec: 7 | ports: 8 | - port: 80 9 | protocol: TCP 10 | targetPort: 6066 11 | selector: 12 | service: investigator-consumer 13 | app.kubernetes.io/name: thoth 14 | app.kubernetes.io/component: investigator 15 | app.kubernetes.io/managed-by: aicoe-thoth-devops 16 | -------------------------------------------------------------------------------- /investigator/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - deployment.yaml 6 | - role.yaml 7 | - role_binding.yaml 8 | - route.yaml 9 | - service.yaml 10 | - thoth-notification.yaml 11 | images: 12 | - name: investigator 13 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/investigator 14 | newTag: latest 15 | -------------------------------------------------------------------------------- /investigator/overlays/test/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Route 3 | apiVersion: route.openshift.io/v1 4 | metadata: 5 | name: investigator-faust-web 6 | spec: 7 | to: 8 | kind: Service 9 | name: investigator-faust-web 10 | -------------------------------------------------------------------------------- /investigator/overlays/test/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | name: investigator-faust-web 6 | spec: 7 | ports: 8 | - port: 80 9 | protocol: TCP 10 | targetPort: 6066 11 | selector: 12 | service: investigator-consumer 13 | app.kubernetes.io/name: thoth 14 | app.kubernetes.io/component: investigator 15 | app.kubernetes.io/managed-by: aicoe-thoth-devops 16 | -------------------------------------------------------------------------------- /investigator_message_metrics/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Investigator Metrics (Consumer) 2 | 3 | This is a standalone ArgoCD Application for Thoth Investigator Metrics (Consumer). It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this 5 | repository. This deployement runs in `metrics` mode which can be used to expose message statistics by consuming from all topics. 6 | -------------------------------------------------------------------------------- /investigator_message_metrics/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - deploymentconfig.yaml 5 | - route.yaml 6 | - service.yaml 7 | - serviceaccount.yaml 8 | commonLabels: 9 | app.kubernetes.io/name: thoth 10 | app.kubernetes.io/component: investigator-message-metrics 11 | app.kubernetes.io/managed-by: aicoe-thoth-devops 12 | -------------------------------------------------------------------------------- /investigator_message_metrics/base/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Route 3 | apiVersion: route.openshift.io/v1 4 | metadata: 5 | name: investigator-message-metrics 6 | spec: 7 | to: 8 | kind: Service 9 | name: investigator-message-metrics 10 | -------------------------------------------------------------------------------- /investigator_message_metrics/base/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | name: investigator-message-metrics 6 | spec: 7 | ports: 8 | - name: metrics 9 | port: 80 10 | protocol: TCP 11 | targetPort: 6066 12 | selector: 13 | service: investigator-message-metrics 14 | app.kubernetes.io/name: thoth 15 | app.kubernetes.io/component: investigator-message-metrics 16 | app.kubernetes.io/managed-by: aicoe-thoth-devops 17 | -------------------------------------------------------------------------------- /investigator_message_metrics/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: investigator-message-metrics 6 | -------------------------------------------------------------------------------- /investigator_message_metrics/overlays/moc-prod/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: investigator 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-infra-prod/investigator 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - deploymentconfig.yaml 12 | patches: 13 | - patch: |- 14 | - op: add 15 | path: /metadata/namespace 16 | value: "thoth-infra-prod" 17 | target: 18 | group: batch 19 | version: v1 20 | kind: Job 21 | annotationSelector: "operation=chat-notification" 22 | -------------------------------------------------------------------------------- /investigator_message_metrics/overlays/ocp4-stage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: investigator 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-infra-stage/investigator 9 | newTag: latest 10 | patches: 11 | - patch: |- 12 | - op: add 13 | path: /metadata/namespace 14 | value: "thoth-infra-stage" 15 | target: 16 | group: batch 17 | version: v1 18 | kind: Job 19 | annotationSelector: "operation=chat-notification" 20 | -------------------------------------------------------------------------------- /investigator_message_metrics/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: investigator 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/investigator 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - deploymentconfig.yaml 12 | -------------------------------------------------------------------------------- /kafka/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - kafka-metrics.yaml 5 | - route.yaml 6 | - service.yaml 7 | - thoth-kafka.yaml 8 | - zookeeper-metrics.yaml 9 | -------------------------------------------------------------------------------- /kafka/base/route.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: route.openshift.io/v1 2 | kind: Route 3 | metadata: 4 | name: kafdrop-route 5 | spec: 6 | port: 7 | targetPort: 9000 8 | to: 9 | kind: Service 10 | name: kafdrop 11 | -------------------------------------------------------------------------------- /kafka/base/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: kafdrop 5 | labels: 6 | name: kafdrop 7 | spec: 8 | type: ClusterIP 9 | ports: 10 | - port: 9000 11 | targetPort: 9000 12 | protocol: TCP 13 | selector: 14 | name: kafdrop-up 15 | -------------------------------------------------------------------------------- /kafka/overlays/README.md: -------------------------------------------------------------------------------- 1 | # Strimzi ArgoCD Kafdrop Application 2 | 3 | This is a bare minimum ArgoCD Application to get Strimzi deployed along with a Kafdrop instance. 4 | 5 | ## Prerequisites 6 | 7 | - Have a namespace-wide strimzi-kafka-operator or amq-streams-operator installed on your OpenShift 4.3+ cluster. 8 | - Use the namespace KAFKA_BOOTSTRAP_SERVER env variable in the kafdrop deployment to reflect the location of your kafka bootstrap servers 9 | -------------------------------------------------------------------------------- /kafka/overlays/ocp4-stage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - deployment.yaml 6 | -------------------------------------------------------------------------------- /kebechet/application-test.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: test-thoth-kebechet 5 | spec: 6 | destination: 7 | namespace: thoth-test-core 8 | server: "https://api.ocp.prod.psi.redhat.com:6443" 9 | source: 10 | path: kebechet/overlays/test 11 | repoURL: "https://github.com/thoth-station/thoth-application.git" 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: null 16 | -------------------------------------------------------------------------------- /kebechet/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | data: 4 | verbose: "0" 5 | kind: ConfigMap 6 | metadata: 7 | name: kebechet 8 | -------------------------------------------------------------------------------- /kebechet/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: kebechet 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /kebechet/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - configmap.yaml 5 | - imagestream.yaml 6 | - argo-workflows/kebechet.yaml 7 | - openshift-templates/kebechet.yaml 8 | - argo-workflows/kebechet-run-url.yaml 9 | - openshift-templates/kebechet-run-url.yaml 10 | - argo-workflows/kebechet-administrator.yaml 11 | - openshift-templates/kebechet-administrator.yaml 12 | - argo-workflows/update_keb_installation.yaml 13 | commonLabels: 14 | app.kubernetes.io/name: thoth 15 | app.kubernetes.io/component: kebechet 16 | app.kubernetes.io/managed-by: aicoe-thoth-devops 17 | -------------------------------------------------------------------------------- /kebechet/overlays/moc-prod/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | data: 4 | deployment-name: "smaug-prod" 5 | verbose: "1" 6 | kind: ConfigMap 7 | metadata: 8 | name: kebechet 9 | -------------------------------------------------------------------------------- /kebechet/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: kebechet 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/kebechet-job:v1.11.2 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /kebechet/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /kebechet/overlays/moc-prod/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /kebechet/overlays/ocp4-stage/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | data: 4 | deployment-name: "ocp4-stage" 5 | verbose: "1" 6 | kind: ConfigMap 7 | metadata: 8 | name: kebechet 9 | -------------------------------------------------------------------------------- /kebechet/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: kebechet 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/kebechet-job:v1.11.2 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /kebechet/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /kebechet/overlays/ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /kebechet/overlays/test/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | data: 4 | deployment-name: "ocp4-test" 5 | verbose: "1" 6 | kind: ConfigMap 7 | metadata: 8 | name: kebechet 9 | -------------------------------------------------------------------------------- /kebechet/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: kebechet 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/kebechet-job:v1.11.2 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /kebechet/overlays/test/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /management-api/.sops.yaml: -------------------------------------------------------------------------------- 1 | creation_rules: 2 | - encrypted_regex: '^(data|stringData|tls)$' 3 | pgp: "34AFE2A7C8E00ED66916D95DA9FBD7DE773B2A34, 87FC5D0ACF3AA48FCC029086262A80E41BCEEBF7, EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E, 8D191B7544E9CCC3547B25A877E5A5B31D13A647" 4 | -------------------------------------------------------------------------------- /management-api/application.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: test-thoth-management-api 5 | spec: 6 | destination: 7 | namespace: thoth-test-core 8 | server: "https://api.thoth01.lab.upshift.rdu2.redhat.com:6443" 9 | source: 10 | path: management-api/overlays/test 11 | repoURL: "https://github.com/thoth-station/thoth-application.git" 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | selfHeal: true 20 | -------------------------------------------------------------------------------- /management-api/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: management-api 6 | data: 7 | api-https: "1" 8 | validate-responses: "0" 9 | -------------------------------------------------------------------------------- /management-api/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: management-api 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /management-api/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: management-api 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - configmap.yaml 9 | - deploymentconfig.yaml 10 | - imagestream.yaml 11 | - role.yaml 12 | - route.yaml 13 | - service.yaml 14 | - serviceaccount.yaml 15 | -------------------------------------------------------------------------------- /management-api/base/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Route 3 | apiVersion: route.openshift.io/v1 4 | metadata: 5 | name: management-api 6 | spec: 7 | to: 8 | kind: Service 9 | name: management-api 10 | -------------------------------------------------------------------------------- /management-api/base/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | name: management-api 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 80 11 | targetPort: 8080 12 | selector: 13 | service: management-api 14 | app.kubernetes.io/name: thoth 15 | app.kubernetes.io/component: management-api 16 | app.kubernetes.io/managed-by: aicoe-thoth-devops 17 | -------------------------------------------------------------------------------- /management-api/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: management-api 6 | -------------------------------------------------------------------------------- /management-api/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: management-api 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/management-api:v0.18.11 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Local 14 | -------------------------------------------------------------------------------- /management-api/overlays/moc-prod/put-into-amun-inspection-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-amun-inspection-prod 4 | -------------------------------------------------------------------------------- /management-api/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /management-api/overlays/moc-prod/put-into-middletier-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-middletier-prod 4 | -------------------------------------------------------------------------------- /management-api/overlays/ocp4-stage/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: management-api 6 | data: 7 | api-https: "1" 8 | validate-responses: "1" 9 | -------------------------------------------------------------------------------- /management-api/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: management-api 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/management-api:v0.18.11 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Local 14 | -------------------------------------------------------------------------------- /management-api/overlays/ocp4-stage/put-into-amun-inspection-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-amun-inspection-stage 4 | -------------------------------------------------------------------------------- /management-api/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /management-api/overlays/ocp4-stage/put-into-middletier-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-middletier-stage 4 | -------------------------------------------------------------------------------- /management-api/overlays/ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./route.enc.yaml 7 | -------------------------------------------------------------------------------- /management-api/overlays/test/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: management-api 6 | data: 7 | api-https: "1" 8 | validate-responses: "1" 9 | -------------------------------------------------------------------------------- /management-api/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: management-api 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/management-api:v0.18.11 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /management-api/overlays/test/resources_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/template/spec/containers/0/resources 3 | value: 4 | requests: 5 | memory: "384Mi" 6 | cpu: "250m" 7 | limits: 8 | memory: "768Mi" 9 | cpu: "500m" 10 | -------------------------------------------------------------------------------- /management-api/overlays/test/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./route.enc.yaml 7 | -------------------------------------------------------------------------------- /metrics-exporter/OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | 3 | approvers: 4 | - mayaCostantini 5 | - harshad16 6 | reviewers: 7 | - fridex 8 | - tumido 9 | -------------------------------------------------------------------------------- /metrics-exporter/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Metrics Exporter 2 | 3 | This is a standalone ArgoCD Application for Thoth's Metrics Exporter. It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | 7 | ## Dependencies 8 | 9 | The metrics-exporter depends on the `amun` configmap, which is created by the amun Application. 10 | -------------------------------------------------------------------------------- /metrics-exporter/application-stage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: stage-thoth-metrics-exporter 5 | spec: 6 | destination: 7 | namespace: thoth-infra-stage 8 | server: 'https://api.ocp.prod.psi.redhat.com:6443' 9 | source: 10 | path: metrics-exporter/overlays/stage 11 | repoURL: 'https://github.com/thoth-station/thoth-application.git' 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | -------------------------------------------------------------------------------- /metrics-exporter/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: metrics-exporter 6 | data: 7 | update-interval: "20" 8 | grafana-redirect-url: "https://grafana.datahub.redhat.com/" 9 | max-workers: "16" 10 | weak-readiness: "1" 11 | graph-cache-disabled: "1" 12 | knowledge-graph-port: "5432" 13 | knowledge-graph-ssl-disabled: "1" 14 | -------------------------------------------------------------------------------- /metrics-exporter/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: metrics-exporter 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /metrics-exporter/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: metrics-exporter 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - configmap.yaml 9 | - deploymentconfig.yaml 10 | - imagestream.yaml 11 | - role.yaml 12 | - rolebinding.yaml 13 | - route.yaml 14 | - service.yaml 15 | - serviceaccount.yaml 16 | -------------------------------------------------------------------------------- /metrics-exporter/base/rolebinding.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: metrics-exporter 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: Role 9 | name: metrics-exporter 10 | subjects: 11 | - kind: ServiceAccount 12 | name: metrics-exporter 13 | -------------------------------------------------------------------------------- /metrics-exporter/base/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: route.openshift.io/v1 3 | kind: Route 4 | metadata: 5 | name: metrics-exporter 6 | spec: 7 | to: 8 | kind: Service 9 | name: metrics-exporter 10 | -------------------------------------------------------------------------------- /metrics-exporter/base/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | name: metrics-exporter 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 80 11 | targetPort: 8080 12 | selector: 13 | service: metrics-exporter 14 | -------------------------------------------------------------------------------- /metrics-exporter/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: metrics-exporter 6 | -------------------------------------------------------------------------------- /metrics-exporter/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: metrics-exporter 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/metrics-exporter:v0.21.4 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /metrics-exporter/overlays/moc-prod/resources_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/template/spec/containers/0/resources 3 | value: 4 | requests: 5 | memory: "384Mi" 6 | cpu: "100m" 7 | limits: 8 | memory: "768Mi" 9 | cpu: "250m" 10 | -------------------------------------------------------------------------------- /metrics-exporter/overlays/moc-prod/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /metrics-exporter/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: metrics-exporter 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/metrics-exporter:v0.21.4 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /metrics-exporter/overlays/ocp4-stage/resources_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/template/spec/containers/0/resources 3 | value: 4 | requests: 5 | memory: "384Mi" 6 | cpu: "1" 7 | limits: 8 | memory: "768Mi" 9 | cpu: "1" 10 | -------------------------------------------------------------------------------- /metrics-exporter/overlays/ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /metrics-exporter/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: metrics-exporter 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/metrics-exporter:v0.21.4 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /metrics-exporter/overlays/test/resources_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/template/spec/containers/0/resources 3 | value: 4 | requests: 5 | memory: "256Mi" 6 | cpu: "500m" 7 | limits: 8 | memory: "512Mi" 9 | cpu: "500m" 10 | -------------------------------------------------------------------------------- /mi-scheduler/.sops.yaml: -------------------------------------------------------------------------------- 1 | creation_rules: 2 | - encrypted_regex: '^(data|stringData)$' 3 | pgp: "34AFE2A7C8E00ED66916D95DA9FBD7DE773B2A34, 87FC5D0ACF3AA48FCC029086262A80E41BCEEBF7, EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E, 8D191B7544E9CCC3547B25A877E5A5B31D13A647" 4 | -------------------------------------------------------------------------------- /mi-scheduler/OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | 3 | approvers: 4 | - harshad16 5 | - xtuchyna 6 | reviewers: 7 | - mayaCostantini 8 | - kpostoffice 9 | -------------------------------------------------------------------------------- /mi-scheduler/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Meta-information Indicator (MI) analyzer 2 | 3 | This is a standalone ArgoCD Application for Thoth's Meta-information Indicator (MI) analyzer. It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | -------------------------------------------------------------------------------- /mi-scheduler/base/configmaps.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: mi-scheduler 6 | data: 7 | entities: "PullRequest,Issue" 8 | repositories: "openshift/origin" 9 | organizations: "thoth-station,AICoE,aicoe-aiops,operate-first" 10 | parallel-workflows-limit: "1" 11 | --- 12 | kind: ConfigMap 13 | apiVersion: v1 14 | metadata: 15 | name: mi-scheduler-cm 16 | data: 17 | entities: "PullRequest,Issue" 18 | -------------------------------------------------------------------------------- /mi-scheduler/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: mi-scheduler 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | --- 10 | apiVersion: image.openshift.io/v1 11 | kind: ImageStream 12 | metadata: 13 | name: mi 14 | spec: 15 | lookupPolicy: 16 | local: true 17 | -------------------------------------------------------------------------------- /mi-scheduler/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: mi-scheduler 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - argo-workflows/mi-workflow-template.yaml 9 | - argo-workflows/mi-merge-workflow.yaml 10 | - openshift-templates/mi-merge-template.yaml 11 | - openshift-templates/mi-run-template.yaml 12 | - configmaps.yaml 13 | - cronjob.yaml 14 | - imagestream.yaml 15 | - role.yaml 16 | - serviceaccount.yaml 17 | -------------------------------------------------------------------------------- /mi-scheduler/base/role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: mi-scheduler 5 | rules: 6 | - apiGroups: 7 | - "" 8 | resources: 9 | - configmaps 10 | - secrets 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - "" 17 | - template.openshift.io 18 | resources: 19 | - processedtemplates 20 | - templates 21 | verbs: 22 | - create 23 | - delete 24 | - deletecollection 25 | - get 26 | - list 27 | - patch 28 | - update 29 | - watch 30 | -------------------------------------------------------------------------------- /mi-scheduler/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: mi-scheduler 6 | -------------------------------------------------------------------------------- /mi-scheduler/mi-scheduler-test.yaml: -------------------------------------------------------------------------------- 1 | project: thoth 2 | source: 3 | repoURL: 'https://github.com/thoth-station/thoth-application.git' 4 | path: mi-scheduler/overlays/test 5 | targetRevision: master 6 | destination: 7 | server: 'https://api.ocp.prod.psi.redhat.com:6443' 8 | namespace: thoth-test-core 9 | syncPolicy: 10 | automated: 11 | selfHeal: true 12 | -------------------------------------------------------------------------------- /mi-scheduler/overlays/moc-prod/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: mi-scheduler-gh 6 | spec: 7 | suspend: true 8 | --- 9 | kind: CronJob 10 | apiVersion: batch/v1beta1 11 | metadata: 12 | name: mi-scheduler-kebechet-analyse 13 | spec: 14 | suspend: true 15 | --- 16 | kind: CronJob 17 | apiVersion: batch/v1beta1 18 | metadata: 19 | name: mi-scheduler-kebechet-merge 20 | spec: 21 | suspend: true 22 | -------------------------------------------------------------------------------- /mi-scheduler/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: mi 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/mi:v2.10.6 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Local 14 | --- 15 | apiVersion: image.openshift.io/v1 16 | kind: ImageStream 17 | metadata: 18 | name: mi-scheduler 19 | spec: 20 | tags: 21 | - name: latest 22 | from: 23 | kind: DockerImage 24 | name: quay.io/thoth-station/mi-scheduler:v1.7.3 25 | importPolicy: {} 26 | referencePolicy: 27 | type: Local 28 | -------------------------------------------------------------------------------- /mi-scheduler/overlays/moc-prod/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /mi-scheduler/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: mi-scheduler-gh 6 | spec: 7 | suspend: true 8 | --- 9 | kind: CronJob 10 | apiVersion: batch/v1beta1 11 | metadata: 12 | name: mi-scheduler-kebechet-analyse 13 | spec: 14 | suspend: true 15 | --- 16 | kind: CronJob 17 | apiVersion: batch/v1beta1 18 | metadata: 19 | name: mi-scheduler-kebechet-merge 20 | spec: 21 | suspend: true 22 | -------------------------------------------------------------------------------- /mi-scheduler/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: mi 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/mi:v2.12.0 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Local 14 | --- 15 | apiVersion: image.openshift.io/v1 16 | kind: ImageStream 17 | metadata: 18 | name: mi-scheduler 19 | spec: 20 | tags: 21 | - name: latest 22 | from: 23 | kind: DockerImage 24 | name: quay.io/thoth-station/mi-scheduler:v1.7.9 25 | importPolicy: {} 26 | referencePolicy: 27 | type: Local 28 | -------------------------------------------------------------------------------- /mi-scheduler/overlays/ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /mi-scheduler/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: mi-scheduler-gh 6 | spec: 7 | suspend: true 8 | --- 9 | kind: CronJob 10 | apiVersion: batch/v1beta1 11 | metadata: 12 | name: mi-scheduler-kebechet-analyse 13 | spec: 14 | suspend: true 15 | --- 16 | kind: CronJob 17 | apiVersion: batch/v1beta1 18 | metadata: 19 | name: mi-scheduler-kebechet-merge 20 | spec: 21 | suspend: true 22 | -------------------------------------------------------------------------------- /mi-scheduler/overlays/test/role-binding.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: RoleBinding 4 | metadata: 5 | name: mi-scheduler 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: Role 9 | name: mi-scheduler 10 | subjects: 11 | - kind: ServiceAccount 12 | name: mi-scheduler 13 | --- 14 | apiVersion: rbac.authorization.k8s.io/v1 15 | kind: RoleBinding 16 | metadata: 17 | name: mi-scheduler-argo-admin 18 | roleRef: 19 | apiGroup: rbac.authorization.k8s.io 20 | kind: ClusterRole 21 | name: argo-admin 22 | subjects: 23 | - kind: ServiceAccount 24 | name: mi-scheduler 25 | -------------------------------------------------------------------------------- /mi-scheduler/overlays/test/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /monitoring/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Monitoring 2 | 3 | This component would be responsible for thoth monitoring and observations 4 | -------------------------------------------------------------------------------- /monitoring/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: [] 4 | commonLabels: 5 | app.kubernetes.io/name: thoth 6 | app.kubernetes.io/component: monitoring 7 | app.kubernetes.io/managed-by: aicoe-thoth-devops 8 | -------------------------------------------------------------------------------- /monitoring/overlays/moc-prod/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - prometheusrule.yaml 6 | generators: 7 | - secret-generator.yaml 8 | generatorOptions: 9 | disableNameSuffixHash: true 10 | patches: 11 | - patch: | 12 | - op: replace 13 | path: /spec/template/spec/containers/0/args/0 14 | value: --label=environment/moc/smaug 15 | target: 16 | group: apps 17 | kind: Deployment 18 | name: github-receiver 19 | version: v1 20 | -------------------------------------------------------------------------------- /monitoring/overlays/moc-prod/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/grafana/grafana-pvc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: grafana-data 6 | spec: 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: "2Gi" 12 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/grafana/grafana-route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: route.openshift.io/v1 3 | kind: Route 4 | metadata: 5 | name: grafana 6 | spec: 7 | to: 8 | name: grafana 9 | tls: 10 | insecureEdgeTerminationPolicy: Redirect 11 | termination: Reencrypt 12 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/grafana/grafana-sa.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: grafana 6 | annotations: 7 | serviceaccounts.openshift.io/oauth-redirectreference.primary: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"grafana"}}' 8 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/grafana/grafana-service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: grafana 6 | annotations: 7 | service.alpha.openshift.io/serving-cert-secret-name: grafana-tls 8 | labels: 9 | metrics-infra: grafana 10 | name: grafana 11 | spec: 12 | ports: 13 | - name: grafana 14 | port: 443 15 | protocol: TCP 16 | targetPort: 8443 17 | selector: 18 | app: grafana 19 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/grafana/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - grafana-config.yaml 5 | - grafana-pvc.yaml 6 | - grafana-route.yaml 7 | - grafana-sa.yaml 8 | - grafana-service.yaml 9 | - grafana.yaml 10 | images: 11 | - name: oauth-proxy 12 | newName: quay.io/openshift/origin-oauth-proxy 13 | newTag: latest 14 | - name: grafana 15 | newName: quay.io/thoth-station/grafana 16 | newTag: latest 17 | generators: 18 | - secret-generator.yaml 19 | generatorOptions: 20 | disableNameSuffixHash: true 21 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/grafana/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: grafana-secret-generator 5 | files: 6 | - ./grafana-secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - grafana 6 | - prometheus 7 | - pushgateway 8 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/prometheus/prometheus-pvc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: prometheus-data 6 | spec: 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: 16Gi 12 | 13 | --- 14 | apiVersion: v1 15 | kind: PersistentVolumeClaim 16 | metadata: 17 | name: alertmanager-data 18 | spec: 19 | accessModes: 20 | - ReadWriteOnce 21 | resources: 22 | requests: 23 | storage: 1Gi 24 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/prometheus/prometheus-sa.yaml: -------------------------------------------------------------------------------- 1 | # Authorize the prometheus service account 2 | --- 3 | apiVersion: v1 4 | kind: ServiceAccount 5 | metadata: 6 | name: prometheus 7 | 8 | --- 9 | # Create a service account for accessing prometheus data 10 | apiVersion: v1 11 | kind: ServiceAccount 12 | metadata: 13 | name: prometheus-reader 14 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/prometheus/prometheus-svc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: route.openshift.io/v1 3 | kind: Route 4 | metadata: 5 | name: prometheus 6 | spec: 7 | to: 8 | kind: Service 9 | name: prometheus 10 | weight: 100 11 | 12 | --- 13 | apiVersion: v1 14 | kind: Service 15 | metadata: 16 | labels: 17 | name: prometheus 18 | name: prometheus 19 | spec: 20 | ports: 21 | - name: prometheus 22 | port: 80 23 | protocol: TCP 24 | targetPort: 9090 25 | selector: 26 | app: prometheus 27 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/prometheus/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: prometheus-secret-generator 5 | files: 6 | - ./prometheus-secrets.enc.yaml 7 | - ./alertmanager-secrets.enc.yaml 8 | -------------------------------------------------------------------------------- /monitoring/overlays/ocp4-stage/pushgateway/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - pushgateway.yaml 5 | images: 6 | - name: pushgateway 7 | newName: quay.io/prometheus/pushgateway 8 | newTag: latest 9 | -------------------------------------------------------------------------------- /nepthys/base/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: nepthys 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /nepthys/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - cronjob.yaml 5 | - imagestreamtag.yaml 6 | generatorOptions: 7 | disableNameSuffixHash: true 8 | commonLabels: 9 | app: thoth 10 | component: nepthys 11 | -------------------------------------------------------------------------------- /nepthys/overlays/ocp/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: nepthys 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/nepthys:v0.4.4 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /nepthys/overlays/ocp/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /package-extract/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: package-extract 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /package-extract/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: package-extract 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - openshift-templates/build-analysis.yaml 9 | - openshift-templates/package-extract.yaml 10 | - argo-workflows/package-extract.yaml 11 | - imagestream.yaml 12 | -------------------------------------------------------------------------------- /package-extract/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: package-extract 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: "quay.io/thoth-station/package-extract:v1.3.1" 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /package-extract/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /package-extract/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: package-extract 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: "quay.io/thoth-station/package-extract:v1.3.1" 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /package-extract/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /package-extract/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: package-extract 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/package-extract:v1.3.1 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /package-extract/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | patchesStrategicMerge: 7 | - imagestreamtag.yaml 8 | patches: 9 | - patch: |- 10 | - op: replace 11 | path: /spec/templates/0/container/image 12 | value: image-registry.openshift-image-registry.svc:5000/thoth-test-core/package-extract:latest 13 | target: 14 | group: argoproj.io 15 | version: v1alpha1 16 | kind: WorkflowTemplate 17 | name: extract-packages 18 | -------------------------------------------------------------------------------- /package-releases/README.md: -------------------------------------------------------------------------------- 1 | # Thoth package-releases 2 | 3 | This is a standalone ArgoCD Application for Thoth's package-releases. It is meant to be deployed into a separate OpenShift Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this repository. 4 | 5 | The deployment generated by kustomize can be evaluated against Open Policy Agent policies using: `kustomize build --enable_alpha_plugins overlays/test | conftest test --policy ../policy -`. 6 | -------------------------------------------------------------------------------- /package-releases/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: package-releases-job 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /package-releases/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - cronjob.yaml 5 | - imagestream.yaml 6 | commonLabels: 7 | app: thoth 8 | component: package-releases 9 | -------------------------------------------------------------------------------- /package-releases/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: package-releases-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/package-releases-job:v0.11.11 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /package-releases/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: package-releases 6 | spec: 7 | suspend: false 8 | -------------------------------------------------------------------------------- /package-releases/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: package-releases-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/package-releases-job:v0.11.11 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /package-releases/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: package-releases 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /package-releases/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: package-releases-job 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/package-releases-job:v0.11.11 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /package-releases/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: package-releases-job 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/package-releases-job 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - imagestreamtag.yaml 12 | - cronjob.yaml 13 | -------------------------------------------------------------------------------- /package-update/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | labels: 5 | app: thoth 6 | component: package-update 7 | name: package-update-job 8 | spec: 9 | lookupPolicy: 10 | local: true 11 | -------------------------------------------------------------------------------- /package-update/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - cronjob.yaml 5 | - imagestream.yaml 6 | - serviceaccount.yaml 7 | commonLabels: 8 | app: thoth 9 | component: package-update 10 | -------------------------------------------------------------------------------- /package-update/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: package-update 5 | -------------------------------------------------------------------------------- /package-update/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | labels: 5 | app: thoth 6 | component: package-update 7 | name: package-update-job 8 | spec: 9 | tags: 10 | - name: latest 11 | from: 12 | kind: DockerImage 13 | name: quay.io/thoth-station/package-update-job:v0.8.17 14 | importPolicy: {} 15 | referencePolicy: 16 | type: Local 17 | -------------------------------------------------------------------------------- /package-update/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: package-update 6 | spec: 7 | suspend: false 8 | -------------------------------------------------------------------------------- /package-update/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | labels: 5 | app: thoth 6 | component: package-update 7 | name: package-update-job 8 | spec: 9 | tags: 10 | - name: latest 11 | from: 12 | kind: DockerImage 13 | name: quay.io/thoth-station/package-update-job:v0.8.17 14 | importPolicy: {} 15 | referencePolicy: 16 | type: Local 17 | -------------------------------------------------------------------------------- /package-update/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: package-update 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /package-update/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | labels: 5 | app: thoth 6 | component: package-update 7 | name: package-update-job 8 | spec: 9 | tags: 10 | - from: 11 | kind: DockerImage 12 | name: quay.io/thoth-station/package-update-job:v0.8.17 13 | importPolicy: {} 14 | name: latest 15 | referencePolicy: 16 | type: Source 17 | -------------------------------------------------------------------------------- /package-update/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: package-update-job 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/package-update-job 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - imagestreamtag.yaml 12 | - cronjob.yaml 13 | -------------------------------------------------------------------------------- /policy/deployment.rego: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import data.openshift 4 | import data.kubernetes 5 | 6 | name = input.metadata.name 7 | 8 | required_deployment_labels { 9 | input.metadata.labels["app.kubernetes.io/name"] 10 | input.metadata.labels["app.kubernetes.io/component"] 11 | input.metadata.labels["app.kubernetes.io/managed-by"] 12 | } 13 | 14 | deny[msg] { 15 | openshift.is_deploymentConfig 16 | not required_deployment_labels 17 | msg = sprintf("DeploymentConfig/%s must include AICoE recommended labels: https://github.com/AICoE/aicoe-cd/blob/master/docs/recommended_labels.md", [name]) 18 | } 19 | -------------------------------------------------------------------------------- /policy/kubernetes.rego: -------------------------------------------------------------------------------- 1 | package kubernetes 2 | 3 | is_service { 4 | input.kind = "Service" 5 | } 6 | 7 | is_deployment { 8 | input.kind = "Deployment" 9 | } 10 | -------------------------------------------------------------------------------- /policy/openshift.rego: -------------------------------------------------------------------------------- 1 | package openshift 2 | 3 | is_deploymentConfig { 4 | input.kind = "DeploymentConfig" 5 | } 6 | -------------------------------------------------------------------------------- /policy/versioning.rego: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import data.kubernetes 4 | 5 | name = input.metadata.name 6 | 7 | required_version_label { 8 | input.metadata.labels["app.kubernetes.io/version"] 9 | } 10 | 11 | warn[msg] { 12 | kubernetes.is_service 13 | not required_version_label 14 | msg = sprintf("%s/%s should include AICoE recommended version label: https://github.com/AICoE/aicoe-cd/blob/master/docs/recommended_labels.md", [input.kind, name]) 15 | } 16 | -------------------------------------------------------------------------------- /prescriptions-refresh-job/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: prescriptions-refresh-job 6 | data: 7 | configured-images: "" 8 | configured-packages-ml: | 9 | keras 10 | scikit-learn 11 | torch 12 | tensorflow 13 | configured-packages-nlp: | 14 | gensim 15 | nltk 16 | spacy 17 | transformers 18 | configured-packages-cv: | 19 | opencv-python 20 | pillow 21 | pytesseract 22 | torchvision 23 | user-api: "" 24 | -------------------------------------------------------------------------------- /prescriptions-refresh-job/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: prescriptions-refresh-job 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /prescriptions-refresh-job/base/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /prescriptions-refresh-job/overlays/ocp4-stage/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: prescriptions-refresh-job 6 | data: 7 | configured-images: "" 8 | configured-packages-ml: | 9 | keras 10 | scikit-learn 11 | torch 12 | tensorflow 13 | configured-packages-nlp: | 14 | gensim 15 | nltk 16 | spacy 17 | transformers 18 | configured-packages-cv: | 19 | opencv-python 20 | pillow 21 | pytesseract 22 | torchvision 23 | user-api: "stage.thoth-station.ninja" 24 | -------------------------------------------------------------------------------- /prescriptions-refresh-job/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: prescriptions-refresh-job 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/prescriptions-refresh-job:v0.8.0 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /prescriptions-refresh-job/overlays/test/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: prescriptions-refresh-job 6 | data: 7 | configured-images: "" 8 | configured-packages-ml: | 9 | keras 10 | scikit-learn 11 | torch 12 | tensorflow 13 | configured-packages-nlp: | 14 | gensim 15 | nltk 16 | spacy 17 | transformers 18 | configured-packages-cv: | 19 | opencv-python 20 | pillow 21 | pytesseract 22 | torchvision 23 | user-api: "test.thoth-station.ninja" 24 | -------------------------------------------------------------------------------- /prescriptions-refresh-job/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: prescriptions-refresh-job 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/prescriptions-refresh-job:v0.8.0 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /pulp-metrics-exporter/README.md: -------------------------------------------------------------------------------- 1 | # Pulp Metrics Exporter 2 | 3 | This is a standalone ArgoCD Application for Pulp's Metrics Exporter. It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | -------------------------------------------------------------------------------- /pulp-metrics-exporter/application-stage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: stage-thoth-pulp-metrics-exporter 5 | spec: 6 | destination: 7 | namespace: thoth-infra-stage 8 | server: 'https://api.ocp.prod.psi.redhat.com:6443' 9 | source: 10 | path: pulp-metrics-exporter/overlays/stage 11 | repoURL: 'https://github.com/thoth-station/thoth-application.git' 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | -------------------------------------------------------------------------------- /pulp-metrics-exporter/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: pulp-metrics-exporter 6 | data: 7 | update-interval: "20" 8 | grafana-redirect-url: "https://grafana.datahub.redhat.com/" 9 | max-workers: "16" 10 | weak-readiness: "1" 11 | no-json-logging: "1" 12 | pulp-host: "pulp.operate-first.cloud" 13 | -------------------------------------------------------------------------------- /pulp-metrics-exporter/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: pulp-metrics-exporter 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /pulp-metrics-exporter/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: pulp-metrics-exporter 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - configmap.yaml 9 | - deploymentconfig.yaml 10 | - imagestream.yaml 11 | - route.yaml 12 | - service.yaml 13 | -------------------------------------------------------------------------------- /pulp-metrics-exporter/base/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: route.openshift.io/v1 3 | kind: Route 4 | metadata: 5 | name: pulp-metrics-exporter 6 | spec: 7 | to: 8 | kind: Service 9 | name: pulp-metrics-exporter 10 | -------------------------------------------------------------------------------- /pulp-metrics-exporter/base/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | name: pulp-metrics-exporter 6 | spec: 7 | ports: 8 | - name: metrics 9 | protocol: TCP 10 | port: 80 11 | targetPort: 8080 12 | selector: 13 | service: pulp-metrics-exporter 14 | -------------------------------------------------------------------------------- /pulp-metrics-exporter/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: pulp-metrics-exporter 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/pulp-metrics-exporter:v0.1.0 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /pulp-metrics-exporter/overlays/ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /pulp-pypi-sync-job/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: pulp-pypi-sync-job 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /pulp-pypi-sync-job/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: kustomize.config.k8s.io/v1beta1 3 | kind: Kustomization 4 | resources: 5 | - cronjob.yaml 6 | - imagestream.yaml 7 | generatorOptions: 8 | disableNameSuffixHash: true 9 | commonLabels: 10 | app: thoth 11 | component: pulp-pypi-sync-job 12 | -------------------------------------------------------------------------------- /pulp-pypi-sync-job/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: pulp-pypi-sync-job 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /pulp-pypi-sync-job/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: pulp-pypi-sync-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/pulp-pypi-sync-job:v0.1.1 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /pulp-pypi-sync-job/overlays/ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /pulp-pypi-sync-job/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: pulp-pypi-sync-job 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /pulp-pypi-sync-job/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: pulp-pypi-sync-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/pulp-pypi-sync-job:v0.1.1 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /pulp-pypi-sync-job/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: pulp-pypi-sync-job 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/pulp-pypi-sync-job 9 | newTag: latest 10 | generators: 11 | - secret-generator.yaml 12 | generatorOptions: 13 | disableNameSuffixHash: true 14 | patchesStrategicMerge: 15 | - cronjob.yaml 16 | - imagestreamtag.yaml 17 | -------------------------------------------------------------------------------- /pulp-pypi-sync-job/overlays/test/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /purge-job/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: purge-job 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /purge-job/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: purge-job 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | generatorOptions: 8 | disableNameSuffixHash: true 9 | resources: 10 | - imagestream.yaml 11 | - argo-workflows/purge-template.yaml 12 | - argo-workflows/purge-issues.yaml 13 | - openshift-templates/purge.yaml 14 | -------------------------------------------------------------------------------- /purge-job/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: purge-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/purge-job:v0.1.0 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /purge-job/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /purge-job/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: purge-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/purge-job:v0.1.0 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /purge-job/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /purge-job/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: purge-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/purge-job:v0.1.0 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /revsolver/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: revsolver 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /revsolver/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: revsolver 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - imagestream.yaml 9 | - openshift-templates/revsolve_and_sync-template.yaml 10 | - argo-workflows/revsolver-template.yaml 11 | - role.yaml 12 | - serviceaccount.yaml 13 | -------------------------------------------------------------------------------- /revsolver/base/role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: revsolver 5 | rules: 6 | - apiGroups: 7 | - "" 8 | resources: 9 | - configmaps 10 | verbs: 11 | - get 12 | - list 13 | -------------------------------------------------------------------------------- /revsolver/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: revsolver 6 | -------------------------------------------------------------------------------- /revsolver/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: revsolver 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: "quay.io/thoth-station/revsolver:v0.2.13" 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /revsolver/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /revsolver/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: revsolver 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: "quay.io/thoth-station/revsolver:v0.2.13" 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /revsolver/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /revsolver/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: revsolver 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/revsolver:v0.2.13 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /revsolver/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - rolebinding.yaml 6 | - thoth-notification.yaml 7 | patchesStrategicMerge: 8 | - imagestreamtag.yaml 9 | patches: 10 | - patch: |- 11 | - op: replace 12 | path: /spec/templates/0/container/image 13 | value: image-registry.openshift-image-registry.svc:5000/thoth-test-core/revsolver:latest 14 | target: 15 | group: argoproj.io 16 | version: v1alpha1 17 | kind: WorkflowTemplate 18 | name: revsolve 19 | -------------------------------------------------------------------------------- /security-indicators/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Security Indicators 2 | 3 | This is a standalone ArgoCD Application for Thoth's Security Indicators. It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | 7 | The deployment generated by kustomize can be evaluated against Open Policy Agent policies 8 | using: `kustomize build --enable_alpha_plugins overlays/test | conftest test --policy ../policy -`. 9 | -------------------------------------------------------------------------------- /security-indicators/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: si-aggregator 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | --- 10 | apiVersion: image.openshift.io/v1 11 | kind: ImageStream 12 | metadata: 13 | name: si-bandit 14 | spec: 15 | lookupPolicy: 16 | local: true 17 | --- 18 | apiVersion: image.openshift.io/v1 19 | kind: ImageStream 20 | metadata: 21 | name: si-cloc 22 | spec: 23 | lookupPolicy: 24 | local: true 25 | -------------------------------------------------------------------------------- /security-indicators/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - imagestream.yaml 5 | - argo-workflows/aggregator-template.yaml 6 | - argo-workflows/cloc-template.yaml 7 | - argo-workflows/bandit-template.yaml 8 | - argo-workflows/download-package-template.yaml 9 | - openshift-templates/security-indicators.yaml 10 | commonLabels: 11 | app.kubernetes.io/name: thoth 12 | app.kubernetes.io/component: security-indicators 13 | app.kubernetes.io/managed-by: aicoe-thoth-devops 14 | -------------------------------------------------------------------------------- /security-indicators/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /security-indicators/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /sefkhet-abwy-chatbot/.sops.yaml: -------------------------------------------------------------------------------- 1 | creation_rules: 2 | - encrypted_regex: '^(data|stringData|tls)$' 3 | pgp: "34AFE2A7C8E00ED66916D95DA9FBD7DE773B2A34, 87FC5D0ACF3AA48FCC029086262A80E41BCEEBF7, EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E, 8D191B7544E9CCC3547B25A877E5A5B31D13A647" 4 | -------------------------------------------------------------------------------- /sefkhet-abwy-chatbot/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: sefkhet-abwy-chatbot 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /sefkhet-abwy-chatbot/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: sefkhet-abwy-chatbot 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - deploymentconfig.yaml 9 | - imagestream.yaml 10 | - service.yaml 11 | - route.yaml 12 | -------------------------------------------------------------------------------- /sefkhet-abwy-chatbot/base/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: route.openshift.io/v1 3 | kind: Route 4 | metadata: 5 | name: sefkhet-abwy-chatbot 6 | spec: 7 | port: 8 | targetPort: 8080-tcp 9 | tls: 10 | insecureEdgeTerminationPolicy: Redirect 11 | termination: edge 12 | to: 13 | kind: Service 14 | name: sefkhet-abwy-chatbot 15 | weight: 100 16 | -------------------------------------------------------------------------------- /sefkhet-abwy-chatbot/base/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: sefkhet-abwy-chatbot 6 | spec: 7 | ports: 8 | - name: 8080-tcp 9 | port: 8080 10 | protocol: TCP 11 | targetPort: 8080 12 | selector: 13 | deploymentconfig: sefkhet-abwy-chatbot 14 | -------------------------------------------------------------------------------- /sefkhet-abwy-chatbot/overlays/moc/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: sefkhet-abwy-chatbot 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/sefkhet-abwy-webhook-receiver:v0.23.2 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /sefkhet-abwy-chatbot/overlays/moc/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - route.yaml 6 | images: 7 | - name: sefkhet-abwy-chatbot 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-bots-prod/sefkhet-abwy-chatbot 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - imagestreamtag.yaml 12 | generatorOptions: 13 | disableNameSuffixHash: true 14 | generators: 15 | - ./secret-generator.yaml 16 | -------------------------------------------------------------------------------- /sefkhet-abwy-chatbot/overlays/moc/route.yaml: -------------------------------------------------------------------------------- 1 | kind: Route 2 | apiVersion: route.openshift.io/v1 3 | metadata: 4 | name: sefkhet-abwy-chatbot-route53 5 | annotations: 6 | kubernetes.io/tls-acme: "true" 7 | haproxy.router.openshift.io/timeout: 45s 8 | spec: 9 | host: sefkhet-abwy-chatbot.thoth-station.ninja 10 | to: 11 | kind: Service 12 | name: sefkhet-abwy-chatbot 13 | weight: 100 14 | -------------------------------------------------------------------------------- /sefkhet-abwy-chatbot/overlays/moc/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /sefkhet-abwy/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: sefkhet-abwy 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | --- 10 | apiVersion: image.openshift.io/v1 11 | kind: ImageStream 12 | metadata: 13 | name: ghproxy 14 | spec: 15 | lookupPolicy: 16 | local: true 17 | -------------------------------------------------------------------------------- /sefkhet-abwy/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: sefkhet-abwy 5 | app.kubernetes.io/component: webhook-receiver 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - deploymentconfig.yaml 9 | - imagestream.yaml 10 | - service.yaml 11 | - route.yaml 12 | -------------------------------------------------------------------------------- /sefkhet-abwy/base/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: route.openshift.io/v1 3 | kind: Route 4 | metadata: 5 | name: sefkhet-abwy-webhook-receiver 6 | spec: 7 | port: 8 | targetPort: 8080-tcp 9 | to: 10 | kind: Service 11 | name: sefkhet-abwy 12 | weight: 100 13 | -------------------------------------------------------------------------------- /sefkhet-abwy/base/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: sefkhet-abwy 6 | spec: 7 | ports: 8 | - name: 8080-tcp 9 | port: 8080 10 | protocol: TCP 11 | targetPort: 8080 12 | selector: 13 | deploymentconfig: sefkhet-abwy-webhook-receiver 14 | -------------------------------------------------------------------------------- /sefkhet-abwy/overlays/bot/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | data: 4 | scrum-message: ☎️ the scrum is due in one minute... 5 | scrum-url: "https://meet.google.com/fwf-aibs-qop?authuser=0" 6 | sesheta-verbose: "1" 7 | users-invited: >- 8 | ['Christoph Goern', 'Dominik Tuchyna', 'Francesco Murdaca', 9 | 'Frido Pokorny', 'Harshad Reddy Nalla', 'Kevin Postlethwait', 10 | 'Subin Modeel'] 11 | kind: ConfigMap 12 | metadata: 13 | labels: 14 | app: sesheta 15 | name: sesheta-configmap 16 | -------------------------------------------------------------------------------- /sefkhet-abwy/overlays/bot/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: sesheta 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/sesheta:latest 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /sefkhet-abwy/overlays/bot/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - imagestreamtag.yaml 5 | - configmap.yaml 6 | - thoth-friday-scrum-cronjob.yaml 7 | - thoth-scrum-cronjob.yaml 8 | generatorOptions: 9 | disableNameSuffixHash: true 10 | generators: 11 | - ./secret-generator.yaml 12 | -------------------------------------------------------------------------------- /sefkhet-abwy/overlays/bot/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /sefkhet-abwy/overlays/moc/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: sefkhet-abwy 6 | data: 7 | subdomain: sefkhet-abwy 8 | webhook-callback-url: "http://sefkhet-abwy-webhook-receiver-thoth-bots-prod.apps.smaug.na.operate-first.cloud" 9 | -------------------------------------------------------------------------------- /sefkhet-abwy/overlays/moc/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: sefkhet-abwy 6 | spec: 7 | tags: 8 | - name: latest 9 | from: 10 | kind: DockerImage 11 | name: quay.io/thoth-station/sefkhet-abwy-webhook-receiver:v0.24.0 12 | importPolicy: {} 13 | referencePolicy: 14 | type: Local 15 | -------------------------------------------------------------------------------- /sefkhet-abwy/overlays/moc/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /sefkhet-abwy/overlays/ocp/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: sefkhet-abwy 6 | data: 7 | subdomain: sefkhet-abwy 8 | webhook-callback-url: "http://sefkhet-abwy-webhook-receiver-aicoe-prod-bots.apps.ocp4.prod.psi.redhat.com" 9 | -------------------------------------------------------------------------------- /sefkhet-abwy/overlays/ocp/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: sefkhet-abwy 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/sefkhet-abwy-webhook-receiver:v0.24.0 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Local 14 | -------------------------------------------------------------------------------- /sefkhet-abwy/overlays/ocp/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /sesheta-srcops/overlays/smaug/configmaps.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | data: 4 | github-2fa-enabled: "false" 5 | github-username: sesheta-srcops 6 | kind: ConfigMap 7 | metadata: 8 | creationTimestamp: null 9 | name: sesheta-srcops-github 10 | -------------------------------------------------------------------------------- /sesheta-srcops/overlays/smaug/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: sesheta-srcops 5 | app.kubernetes.io/component: github-secrets 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - configmaps.yaml 9 | generatorOptions: 10 | disableNameSuffixHash: true 11 | generators: 12 | - ./secret-generator.yaml 13 | -------------------------------------------------------------------------------- /sesheta-srcops/overlays/smaug/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /slo-reporter/OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | 3 | approvers: 4 | - harshad16 5 | - mayaCostantini 6 | reviewers: 7 | - fridex 8 | - tumido 9 | -------------------------------------------------------------------------------- /slo-reporter/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Service Level Objectives (SLO) Reporter 2 | 3 | This is a standalone ArgoCD Application for Thoth's SLO Reporter. It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | 7 | ## Test Environment 8 | 9 | To create the objects used for a test environment you need to provide the secrets used: 10 | 11 | ```shell 12 | cat overlays/test/test.env 13 | thanos_token=blahfasel 14 | ``` 15 | 16 | and then run `kustomize build --enable_alpha_plugins overlays/test`. 17 | -------------------------------------------------------------------------------- /slo-reporter/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: slo-reporter 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /slo-reporter/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - cronjob.yaml 5 | - imagestream.yaml 6 | commonLabels: 7 | app.kubernetes.io/name: thoth 8 | app.kubernetes.io/component: slo-reporter 9 | app.kubernetes.io/managed-by: aicoe-thoth-devops 10 | -------------------------------------------------------------------------------- /slo-reporter/overlays/moc-prod-ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: slo-reporter 6 | spec: 7 | schedule: "0 6 * * *" 8 | suspend: true 9 | -------------------------------------------------------------------------------- /slo-reporter/overlays/moc-prod-ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: slo-reporter 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/slo-reporter:v0.19.3 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Local 14 | -------------------------------------------------------------------------------- /slo-reporter/overlays/moc-prod-ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /slo-reporter/overlays/ocp4-stage/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: slo-reporter 6 | data: 7 | thanos-endpoint: "http://prometheus-aicoe-infra-prod.apps.ocp4.prod.psi.redhat.com" 8 | smtp-server: "smtp.corp.redhat.com" 9 | sender-address: "aicoe-thoth@redhat.com" 10 | email-recipients: "aicoe-thoth@redhat.com" 11 | -------------------------------------------------------------------------------- /slo-reporter/overlays/ocp4-stage/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: slo-reporter 6 | spec: 7 | schedule: "0 6 * * *" 8 | suspend: false 9 | -------------------------------------------------------------------------------- /slo-reporter/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: slo-reporter 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/slo-reporter:v0.19.3 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Local 14 | -------------------------------------------------------------------------------- /slo-reporter/overlays/ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /slo-reporter/overlays/test/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: slo-reporter 6 | data: 7 | thanos-endpoint: "http://prometheus-aicoe-infra-prod.apps.ocp4.prod.psi.redhat.com" 8 | smtp-server: "smtp.corp.redhat.com" 9 | sender-address: "aicoe-thoth@redhat.com" 10 | email-recipients: "aicoe-thoth@redhat.com" 11 | -------------------------------------------------------------------------------- /slo-reporter/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: slo-reporter 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /slo-reporter/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: slo-reporter 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/slo-reporter:v0.19.3 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /slo-reporter/overlays/test/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./secrets.enc.yaml 7 | -------------------------------------------------------------------------------- /solver-error-classifier-job/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: solver-error-classifier-job 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /solver-error-classifier-job/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - cronjob.yaml 5 | - imagestream.yaml 6 | generatorOptions: 7 | disableNameSuffixHash: true 8 | commonLabels: 9 | app: thoth 10 | component: solver-error-classifier-job 11 | -------------------------------------------------------------------------------- /solver-error-classifier-job/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: CronJob 3 | apiVersion: batch/v1beta1 4 | metadata: 5 | name: solver-error-classifier-job 6 | spec: 7 | suspend: true 8 | -------------------------------------------------------------------------------- /solver-error-classifier-job/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: solver-error-classifier-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/solver-error-classifier-job:v0.1.5 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /solver-error-classifier-job/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | namespace: thoth-test-core 4 | resources: 5 | - ../../base 6 | - thoth-notification.yaml 7 | patchesStrategicMerge: 8 | - cronjob.yaml 9 | - imagestreamtag.yaml 10 | images: 11 | - name: solver-error-classifier-job 12 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/solver-error-classifier-job 13 | newTag: latest 14 | -------------------------------------------------------------------------------- /solver/README.md: -------------------------------------------------------------------------------- 1 | # Thoth Solver 2 | 3 | This is a standalove ArgoCD Application for Thoth's Solver. It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not referneces from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | -------------------------------------------------------------------------------- /solver/base/argo-workflows/OWNERS: -------------------------------------------------------------------------------- 1 | # See the OWNERS docs at https://go.k8s.io/owners 2 | 3 | approvers: 4 | - KPostOffice 5 | - harshad16 6 | - fridex 7 | reviewers: 8 | - mayaCostantini 9 | -------------------------------------------------------------------------------- /solver/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: solver 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - imagestreams.yaml 9 | - openshift-templates/solve_and_sync-template.yaml 10 | - argo-workflows/solver-template.yaml 11 | - argo-workflows/parse-solver-output.yaml 12 | -------------------------------------------------------------------------------- /solver/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /solver/overlays/moc-prod/resources_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/templates/0/resources 3 | value: 4 | requests: 5 | memory: 512Mi 6 | cpu: 250m 7 | limits: 8 | memory: 1024Mi 9 | cpu: 250m 10 | -------------------------------------------------------------------------------- /solver/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /solver/overlays/ocp4-stage/resources_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/templates/0/resources 3 | value: 4 | requests: 5 | memory: 512Mi 6 | cpu: 250m 7 | limits: 8 | memory: 1024Mi 9 | cpu: 250m 10 | -------------------------------------------------------------------------------- /solver/overlays/test/resources_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/templates/0/resources 3 | value: 4 | requests: 5 | memory: 256Mi 6 | cpu: 100m 7 | limits: 8 | memory: 256Mi 9 | cpu: 100m 10 | -------------------------------------------------------------------------------- /stress-tests/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: stress-tests 6 | data: 7 | mail-report: "1" 8 | generate-report: "1" 9 | tags: "" 10 | -------------------------------------------------------------------------------- /stress-tests/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: stress-tests 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /stress-tests/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app: thoth 5 | component: stress-tests 6 | generatorOptions: 7 | disableNameSuffixHash: true 8 | resources: 9 | - configmap.yaml 10 | - cronjob.yaml 11 | - imagestream.yaml 12 | -------------------------------------------------------------------------------- /stress-tests/overlays/test/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: stress-tests 6 | data: 7 | deployment-name: "ocp4-test" 8 | user-api: "test.thoth-station.ninja" 9 | management-api: "management.test.thoth-station.ninja" 10 | amun-api: "amun.test.thoth-station.ninja" 11 | -------------------------------------------------------------------------------- /stress-tests/overlays/test/cronjob.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: batch/v1beta1 3 | kind: CronJob 4 | metadata: 5 | name: stress-tests 6 | labels: 7 | app: thoth 8 | component: stress-tests 9 | spec: 10 | suspend: true 11 | -------------------------------------------------------------------------------- /stress-tests/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: stress-tests 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/stress-tests:v0.0.0 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /stress-tests/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: stress-tests 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/stress-tests 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - configmap.yaml 12 | - cronjob.yaml 13 | - imagestreamtag.yaml 14 | -------------------------------------------------------------------------------- /sync-job/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: sync-job 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | generatorOptions: 8 | disableNameSuffixHash: true 9 | resources: 10 | - workflow-template.yaml 11 | - cron-workflow.yaml 12 | -------------------------------------------------------------------------------- /sync-job/overlays/common/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: sync-job 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/sync-job:v0.2.4 11 | importPolicy: {} 12 | -------------------------------------------------------------------------------- /sync-job/overlays/common/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - imagestreamtag.yaml 5 | - ../../base 6 | -------------------------------------------------------------------------------- /thoth-repo-init/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: workflow-helpers 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /thoth-repo-init/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | commonLabels: 4 | app.kubernetes.io/name: thoth 5 | app.kubernetes.io/component: adviser 6 | app.kubernetes.io/managed-by: aicoe-thoth-devops 7 | resources: 8 | - argo-workflows/thoth-repo-init.yaml 9 | - openshift-templates/thoth-repo-init.yaml 10 | - imagestream.yaml 11 | -------------------------------------------------------------------------------- /thoth-repo-init/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: workflow-helpers 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/workflow-helpers:v0.9.4 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /thoth-repo-init/overlays/test/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - ../../base 5 | - thoth-notification.yaml 6 | images: 7 | - name: workflow-helpers 8 | newName: image-registry.openshift-image-registry.svc:5000/thoth-test-core/workflow-helpers 9 | newTag: latest 10 | patchesStrategicMerge: 11 | - imagestreamtag.yaml 12 | -------------------------------------------------------------------------------- /user-api/.sops.yaml: -------------------------------------------------------------------------------- 1 | creation_rules: 2 | - encrypted_regex: '^(data|stringData|tls)$' 3 | pgp: "34AFE2A7C8E00ED66916D95DA9FBD7DE773B2A34, 87FC5D0ACF3AA48FCC029086262A80E41BCEEBF7, EFDB9AFBD18936D9AB6B2EECBD2C73FF891FBC7E, 8D191B7544E9CCC3547B25A877E5A5B31D13A647" 4 | -------------------------------------------------------------------------------- /user-api/README.md: -------------------------------------------------------------------------------- 1 | # Thoth User API 2 | 3 | This is a standalone ArgoCD Application for Thoth's User API. It is meant to be deployed into a separate OpenShift 4 | Project, therefore it is not references from the `kustomization.yaml` file at the root directory of this 5 | repository. 6 | 7 | The deployment generated by kustomize can be evaluated against Open Policy Agent policies 8 | using: `kustomize build --enable_alpha_plugins overlays/test | conftest test --policy ../policy -`. 9 | -------------------------------------------------------------------------------- /user-api/application-stage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: stage-thoth-user-api 5 | spec: 6 | destination: 7 | namespace: thoth-frontend-stage 8 | server: 'https://api.ocp.prod.psi.redhat.com:6443' 9 | source: 10 | path: user-api/overlays/stage 11 | repoURL: 'https://github.com/thoth-station/thoth-application.git' 12 | targetRevision: master 13 | project: thoth 14 | syncPolicy: 15 | automated: 16 | automated: 17 | prune: false 18 | selfHeal: false 19 | selfHeal: true 20 | -------------------------------------------------------------------------------- /user-api/base/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: user-api 6 | data: 7 | api-https: "1" 8 | validate-responses: "0" 9 | cache-expiration: "14400" # 4 hours 10 | report-exceptions: "0" 11 | -------------------------------------------------------------------------------- /user-api/base/imagestream.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: image.openshift.io/v1 3 | kind: ImageStream 4 | metadata: 5 | name: user-api 6 | spec: 7 | lookupPolicy: 8 | local: true 9 | -------------------------------------------------------------------------------- /user-api/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | resources: 4 | - configmap.yaml 5 | - deploymentconfig.yaml 6 | - imagestream.yaml 7 | - role.yaml 8 | - route.yaml 9 | - service.yaml 10 | - serviceaccount.yaml 11 | commonLabels: 12 | app.kubernetes.io/name: thoth 13 | app.kubernetes.io/component: user-api 14 | app.kubernetes.io/managed-by: aicoe-thoth-devops 15 | -------------------------------------------------------------------------------- /user-api/base/route.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Route 3 | apiVersion: route.openshift.io/v1 4 | metadata: 5 | name: user-api 6 | spec: 7 | to: 8 | kind: Service 9 | name: user-api 10 | -------------------------------------------------------------------------------- /user-api/base/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | labels: 6 | app: thoth 7 | component: user-api 8 | name: user-api 9 | spec: 10 | ports: 11 | - name: metrics 12 | protocol: TCP 13 | port: 80 14 | targetPort: 8080 15 | selector: 16 | service: user-api 17 | app.kubernetes.io/name: thoth 18 | app.kubernetes.io/component: user-api 19 | app.kubernetes.io/managed-by: aicoe-thoth-devops 20 | -------------------------------------------------------------------------------- /user-api/base/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: user-api 6 | -------------------------------------------------------------------------------- /user-api/overlays/moc-prod/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: user-api 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/user-api:v0.35.10 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Local 14 | -------------------------------------------------------------------------------- /user-api/overlays/moc-prod/khemenu-route.yaml: -------------------------------------------------------------------------------- 1 | kind: Route 2 | apiVersion: route.openshift.io/v1 3 | metadata: 4 | name: user-api-khemenu-route53 5 | annotations: 6 | kubernetes.io/tls-acme: "true" 7 | haproxy.router.openshift.io/timeout: 45s 8 | spec: 9 | host: khemenu.thoth-station.ninja 10 | to: 11 | kind: Service 12 | name: user-api 13 | -------------------------------------------------------------------------------- /user-api/overlays/moc-prod/put-into-backend-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-backend-prod 4 | -------------------------------------------------------------------------------- /user-api/overlays/moc-prod/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-prod 4 | -------------------------------------------------------------------------------- /user-api/overlays/moc-prod/put-into-middletier-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-middletier-prod 4 | -------------------------------------------------------------------------------- /user-api/overlays/moc-prod/resources_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/template/spec/containers/0/resources 3 | value: 4 | requests: 5 | memory: "768Mi" 6 | cpu: "1" 7 | limits: 8 | memory: "768Mi" 9 | cpu: "1" 10 | -------------------------------------------------------------------------------- /user-api/overlays/ocp4-stage/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: user-api 6 | data: 7 | api-https: "1" 8 | validate-responses: "1" 9 | report-exceptions: "1" 10 | -------------------------------------------------------------------------------- /user-api/overlays/ocp4-stage/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: user-api 5 | spec: 6 | tags: 7 | - name: latest 8 | from: 9 | kind: DockerImage 10 | name: quay.io/thoth-station/user-api:v0.35.10 11 | importPolicy: {} 12 | referencePolicy: 13 | type: Local 14 | -------------------------------------------------------------------------------- /user-api/overlays/ocp4-stage/put-into-backend-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-backend-stage 4 | -------------------------------------------------------------------------------- /user-api/overlays/ocp4-stage/put-into-infra-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-infra-stage 4 | -------------------------------------------------------------------------------- /user-api/overlays/ocp4-stage/put-into-middletier-namespace.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /metadata/namespace 3 | value: thoth-middletier-stage 4 | -------------------------------------------------------------------------------- /user-api/overlays/ocp4-stage/resources_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/template/spec/containers/0/resources 3 | value: 4 | requests: 5 | memory: "768Mi" 6 | cpu: "1" 7 | limits: 8 | memory: "768Mi" 9 | cpu: "1" 10 | -------------------------------------------------------------------------------- /user-api/overlays/ocp4-stage/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./route.enc.yaml 7 | -------------------------------------------------------------------------------- /user-api/overlays/test/configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: ConfigMap 3 | apiVersion: v1 4 | metadata: 5 | name: user-api 6 | data: 7 | api-https: "1" 8 | validate-responses: "1" 9 | report-exceptions: "1" 10 | -------------------------------------------------------------------------------- /user-api/overlays/test/deployment-trigger.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: batch/v1 3 | kind: Job 4 | metadata: 5 | name: deployment-trigger 6 | annotations: 7 | argocd.argoproj.io/hook: PostSync 8 | argocd.argoproj.io/hook-delete-policy: HookSucceeded 9 | spec: 10 | template: 11 | spec: 12 | containers: 13 | - name: deployment-trigger 14 | image: quay.io/openshift/origin-cli:latest 15 | command: 16 | - "oc" 17 | - "rollout" 18 | - "latest" 19 | - "user-api" 20 | restartPolicy: Never 21 | backoffLimit: 2 22 | -------------------------------------------------------------------------------- /user-api/overlays/test/imagestreamtag.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: image.openshift.io/v1 2 | kind: ImageStream 3 | metadata: 4 | name: user-api 5 | spec: 6 | tags: 7 | - from: 8 | kind: DockerImage 9 | name: quay.io/thoth-station/user-api:v0.35.12 10 | importPolicy: {} 11 | name: latest 12 | referencePolicy: 13 | type: Source 14 | -------------------------------------------------------------------------------- /user-api/overlays/test/resources_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: /spec/template/spec/containers/0/resources 3 | value: 4 | requests: 5 | memory: "384Mi" 6 | cpu: "1" 7 | limits: 8 | memory: "768Mi" 9 | cpu: "1" 10 | -------------------------------------------------------------------------------- /user-api/overlays/test/secret-generator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: viaduct.ai/v1 2 | kind: ksops 3 | metadata: 4 | name: thoth-secret-generator 5 | files: 6 | - ./route.enc.yaml 7 | -------------------------------------------------------------------------------- /version.py: -------------------------------------------------------------------------------- 1 | """Thoth Application.""" 2 | 3 | __name__ = "thoth-station" 4 | __version__ = "2023.01.24" 5 | --------------------------------------------------------------------------------