├── .gitignore ├── .ruby-version ├── .travis.yml ├── Gemfile ├── Gemfile.lock ├── README.md ├── Rakefile ├── charts ├── collectd-vsphere │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ └── secret.yaml │ └── values.yaml ├── docker-registry │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── poddisruptionbudget.yaml │ │ ├── pvc.yaml │ │ ├── secret.yaml │ │ └── service.yaml │ └── values.yaml ├── gce-worker │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── cluster.yaml │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ └── secret.yaml │ └── values.yaml ├── gcloud-cleanup │ ├── .helmignore │ ├── Chart.yaml │ ├── README.md │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ └── secret.yaml │ └── values.yaml ├── jupiter-brain │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── secret.yaml │ │ └── service.yaml │ └── values.yaml ├── macbot │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap-imaged.yaml │ │ ├── configmap.yaml │ │ ├── deployment-imaged.yaml │ │ ├── deployment.yaml │ │ ├── secret-ansible.yaml │ │ ├── secret-imaged.yaml │ │ ├── secret.yaml │ │ └── service.yaml │ └── values.yaml ├── macstadium-worker │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── cluster.yaml │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── secret.yaml │ │ └── ssh-key-secret.yaml │ └── values.yaml ├── papertrail │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ └── daemonset.yaml │ └── values.yaml ├── statsd │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ ├── secret.yaml │ │ └── service.yaml │ └── values.yaml ├── travis-autoscaler │ ├── .helmignore │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ └── service.yaml │ └── values.yaml ├── vault │ ├── .helmignore │ ├── CHANGELOG.md │ ├── CONTRIBUTING.md │ ├── Chart.yaml │ ├── LICENSE.md │ ├── Makefile │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── injector-clusterrole.yaml │ │ ├── injector-clusterrolebinding.yaml │ │ ├── injector-deployment.yaml │ │ ├── injector-mutating-webhook.yaml │ │ ├── injector-service.yaml │ │ ├── injector-serviceaccount.yaml │ │ ├── server-clusterrolebinding.yaml │ │ ├── server-config-configmap.yaml │ │ ├── server-disruptionbudget.yaml │ │ ├── server-ingress.yaml │ │ ├── server-service.yaml │ │ ├── server-serviceaccount.yaml │ │ ├── server-statefulset.yaml │ │ └── ui-service.yaml │ ├── test │ │ ├── acceptance │ │ │ ├── _helpers.bash │ │ │ ├── injector-test │ │ │ │ ├── bootstrap.sh │ │ │ │ ├── job.yaml │ │ │ │ ├── pg-deployment.yaml │ │ │ │ └── pgdump-policy.hcl │ │ │ ├── injector.bats │ │ │ ├── server-dev.bats │ │ │ ├── server-ha.bats │ │ │ └── server.bats │ │ ├── docker │ │ │ └── Test.dockerfile │ │ ├── terraform │ │ │ ├── .gitignore │ │ │ ├── main.tf │ │ │ ├── outputs.tf │ │ │ ├── service-account.yaml │ │ │ └── variables.tf │ │ └── unit │ │ │ ├── _helpers.bash │ │ │ ├── injector-clusterrole.bats │ │ │ ├── injector-clusterrolebinding.bats │ │ │ ├── injector-deployment.bats │ │ │ ├── injector-mutating-webhook.bats │ │ │ ├── injector-service.bats │ │ │ ├── injector-serviceaccount.bats │ │ │ ├── server-clusterrolebinding.bats │ │ │ ├── server-configmap.bats │ │ │ ├── server-dev-statefulset.bats │ │ │ ├── server-ha-disruptionbudget.bats │ │ │ ├── server-ha-statefulset.bats │ │ │ ├── server-ingress.bats │ │ │ ├── server-service.bats │ │ │ ├── server-serviceaccount.bats │ │ │ ├── server-statefulset.bats │ │ │ └── ui-service.bats │ └── values.yaml ├── vsphere-janitor │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ └── secret.yaml │ └── values.yaml ├── vsphere-monitor │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ └── secret.yaml │ └── values.yaml └── worker-operator │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ ├── NOTES.txt │ ├── _helpers.tpl │ ├── crd.yaml │ ├── deployment.yaml │ └── rbac.yaml │ └── values.yaml ├── gcs-credentials.json.enc ├── k8s ├── gke_eco-emissary-99515_us-east1_gce-production-1-ue1 │ └── ns.yaml └── gke_travis-ci-prod-services-1_us-central1_travis-ci-services │ ├── .placeholder │ ├── cert-manager-ns.yaml │ ├── cert-manager.yaml │ ├── letsencrypt-production.yaml │ └── ns.yaml ├── releases ├── gke_eco-emissary-99515_us-central1_gce-production-1 │ ├── gcloud-cleanup.yaml │ ├── pagerduty-oncall.yaml │ ├── rate_limit_redis.yaml │ ├── travis-autoscaler.yaml │ ├── travis-rhel-autoscaler.yaml │ ├── vault-synchronizer.yaml │ ├── worker-com-free.yaml │ ├── worker-com.yaml │ ├── worker-n2-com.yaml │ ├── worker-org.yaml │ ├── worker-premium-c2.yaml │ ├── worker-premium-gpu.yaml │ ├── worker-premium-hack.yaml │ └── worker-premium-n2.yaml ├── gke_eco-emissary-99515_us-east1_gce-production-1-ue1 │ ├── rate_limit_redis.yaml │ ├── travis-autoscaler.yaml │ ├── vault-synchronizer.yaml │ ├── worker-com.yaml │ ├── worker-org.yaml │ ├── worker-premium-c2.yaml │ ├── worker-premium-n2-32.yaml │ └── worker-premium-n2.yaml ├── gke_travis-ci-prod-2_us-central1_gce-production-2 │ ├── gcloud-cleanup.yaml │ ├── rate_limit_redis.yaml │ ├── travis-autoscaler.yaml │ ├── vault-synchronizer.yaml │ ├── worker-com-free.yaml │ ├── worker-com.yaml │ ├── worker-org.yaml │ ├── worker-premium-c2.yaml │ ├── worker-premium-hack.yaml │ ├── worker-premium-n2-highcpu.yaml │ ├── worker-premium-n2-highmem.yaml │ └── worker-premium-n2.yaml ├── gke_travis-ci-prod-2_us-east1_gce-production-2-ue1 │ ├── rate_limit_redis.yaml │ ├── travis-autoscaler.yaml │ ├── vault-synchronizer.yaml │ ├── worker-com.yaml │ ├── worker-org.yaml │ ├── worker-premium-c2.yaml │ ├── worker-premium-n2-32.yaml │ ├── worker-premium-n2-4.yaml │ ├── worker-premium-n2-64.yaml │ ├── worker-premium-n2-8.yaml │ └── worker-premium-n2.yaml ├── gke_travis-ci-prod-3_us-central1_gce-production-3 │ ├── gcloud-cleanup.yaml │ ├── rate_limit_redis.yaml │ ├── travis-autoscaler-oss.yaml │ ├── vault-synchronizer.yaml │ ├── worker-com-oss.yaml │ ├── worker-com.yaml │ ├── worker-org.yaml │ ├── worker-premium-c2.yaml │ ├── worker-premium-hack.yaml │ ├── worker-premium-n2-highcpu.yaml │ ├── worker-premium-n2-highmem.yaml │ └── worker-premium-n2.yaml ├── gke_travis-ci-prod-3_us-east1_gce-production-3-ue1 │ ├── rate_limit_redis.yaml │ ├── vault-synchronizer.yaml │ ├── vault.yaml │ ├── worker-com-oss.yaml │ ├── worker-com.yaml │ ├── worker-org.yaml │ ├── worker-premium-c2.yaml │ └── worker-premium-n2.yaml ├── gke_travis-ci-prod-oss-4_us-central1_gce-production-4 │ ├── docker-registry.yaml │ ├── gcloud-cleanup.yaml │ ├── rate_limit_redis.yaml │ ├── worker-com-oss.yaml │ └── worker-org.yaml ├── gke_travis-ci-prod-oss-4_us-east1_gce-production-4-ue1 │ ├── docker-registry.yaml │ ├── rate_limit_redis.yaml │ ├── worker-com-oss.yaml │ └── worker-org.yaml ├── gke_travis-ci-prod-services-1_us-central1_travis-ci-services │ ├── .placeholder │ ├── cert-manager.yaml │ ├── contour.yaml │ ├── travis-vcs-pro.yaml │ └── travis-vcs.yaml ├── gke_travis-ci-staging-services-1_us-central1_travis-ci-services │ └── .placeholder ├── gke_travis-staging-1_us-central1_workers-1 │ ├── docker-registry.yaml │ ├── gcloud-cleanup.yaml │ ├── rate_limit_redis.yaml │ ├── worker-com-free.yaml │ ├── worker-com.yaml │ └── worker-org.yaml ├── macstadium-prod-1 │ ├── collectd-vsphere.yaml │ ├── heapster.yaml │ ├── jupiter-brain-com.yaml │ ├── jupiter-brain-custom-1.yaml │ ├── jupiter-brain-custom-2.yaml │ ├── jupiter-brain-custom-4.yaml │ ├── jupiter-brain-custom-5.yaml │ ├── jupiter-brain-custom-6.yaml │ ├── jupiter-brain-custom-7.yaml │ ├── jupiter-brain-org.yaml │ ├── macbot.yaml │ ├── statsd.yaml │ ├── vsphere-janitor-custom-1.yaml │ ├── vsphere-janitor-custom-2.yaml │ ├── vsphere-janitor-custom-4.yaml │ ├── vsphere-janitor-custom-5.yaml │ ├── vsphere-janitor-custom-6.yaml │ ├── vsphere-janitor.yaml │ ├── vsphere-monitor.yaml │ ├── worker-com.yaml │ ├── worker-custom-1.yaml │ ├── worker-custom-2.yaml │ ├── worker-custom-4.yaml │ ├── worker-custom-5.yaml │ ├── worker-custom-7.yaml │ └── worker-org.yaml ├── macstadium-prod-2 │ ├── collectd-vsphere.yaml │ ├── heapster.yaml │ ├── jupiter-brain-com.yaml │ ├── jupiter-brain-custom-1.yaml │ ├── jupiter-brain-custom-2.yaml │ ├── jupiter-brain-custom-4.yaml │ ├── jupiter-brain-custom-5.yaml │ ├── jupiter-brain-org.yaml │ ├── statsd.yaml │ ├── vsphere-janitor-custom-1.yaml │ ├── vsphere-janitor-custom-2.yaml │ ├── vsphere-janitor-custom-4.yaml │ ├── vsphere-janitor-custom-5.yaml │ ├── vsphere-janitor.yaml │ ├── vsphere-monitor.yaml │ ├── worker-com.yaml │ ├── worker-custom-1.yaml │ ├── worker-custom-2.yaml │ ├── worker-custom-4.yaml │ ├── worker-custom-5.yaml │ └── worker-org.yaml └── macstadium-staging │ ├── collectd-vsphere.yaml │ ├── heapster.yaml │ ├── jupiter-brain-com.yaml │ ├── jupiter-brain-org.yaml │ ├── statsd.yaml │ ├── vsphere-janitor.yaml │ ├── vsphere-monitor.yaml │ ├── worker-com.yaml │ └── worker-org.yaml └── shared ├── fix-metrics.sh ├── heapster-role.yaml ├── install-flux.sh ├── install-papertrail.sh ├── install-tiller.sh ├── install-worker-operator.sh └── update-staging.sh /.gitignore: -------------------------------------------------------------------------------- 1 | build 2 | **/charts/*.tgz 3 | dist 4 | -------------------------------------------------------------------------------- /.ruby-version: -------------------------------------------------------------------------------- 1 | ruby-2.7.1 2 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: ruby 2 | dist: bionic 3 | addons: 4 | snaps: 5 | - name: helm 6 | classic: true 7 | channel: 3.5/stable 8 | 9 | before_install: 10 | - openssl aes-256-cbc -K $encrypted_8a2a23268e29_key -iv $encrypted_8a2a23268e29_iv 11 | -in gcs-credentials.json.enc -out gcs-credentials.json -d 12 | 13 | before_deploy: 14 | - ls dist 15 | 16 | deploy: 17 | provider: gcs 18 | edge: 19 | branch: gcs-ng 20 | project_id: eco-emissary-99515 21 | credentials: gcs-credentials.json 22 | bucket: travis-ci-helm-charts 23 | local_dir: dist 24 | skip_cleanup: true 25 | acl: publicRead 26 | on: 27 | repo: travis-ci/kubernetes-config 28 | 29 | after_success: 30 | - "./shared/update-staging.sh" 31 | 32 | branches: 33 | except: 34 | - flux-sync 35 | - flux-write-check 36 | 37 | notifications: 38 | email: false 39 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | 3 | gem 'rake' 4 | -------------------------------------------------------------------------------- /Gemfile.lock: -------------------------------------------------------------------------------- 1 | GEM 2 | remote: https://rubygems.org/ 3 | specs: 4 | rake (13.0.1) 5 | 6 | PLATFORMS 7 | ruby 8 | 9 | DEPENDENCIES 10 | rake 11 | 12 | BUNDLED WITH 13 | 2.1.4 14 | -------------------------------------------------------------------------------- /charts/collectd-vsphere/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/collectd-vsphere/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: A Helm chart for Kubernetes 4 | name: collectd-vsphere 5 | version: 0.1.1 6 | -------------------------------------------------------------------------------- /charts/collectd-vsphere/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/charts/collectd-vsphere/templates/NOTES.txt -------------------------------------------------------------------------------- /charts/collectd-vsphere/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "collectd-vsphere.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "collectd-vsphere.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "collectd-vsphere.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Use the fullname as the secret name unless a secretName has been provided. 36 | */}} 37 | {{- define "collectd-vsphere.secret" -}} 38 | {{- if .Values.secretName -}} 39 | {{- .Values.secretName -}} 40 | {{- else -}} 41 | {{- include "collectd-vsphere.fullname" . }} 42 | {{- end -}} 43 | {{- end -}} 44 | -------------------------------------------------------------------------------- /charts/collectd-vsphere/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "collectd-vsphere.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "collectd-vsphere.name" . }} 7 | helm.sh/chart: {{ include "collectd-vsphere.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | replicas: 1 12 | selector: 13 | matchLabels: 14 | app.kubernetes.io/name: {{ include "collectd-vsphere.name" . }} 15 | app.kubernetes.io/instance: {{ .Release.Name }} 16 | template: 17 | metadata: 18 | labels: 19 | app.kubernetes.io/name: {{ include "collectd-vsphere.name" . }} 20 | app.kubernetes.io/instance: {{ .Release.Name }} 21 | spec: 22 | containers: 23 | - name: {{ .Chart.Name }} 24 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 25 | imagePullPolicy: {{ .Values.image.pullPolicy }} 26 | envFrom: 27 | - secretRef: 28 | name: {{ include "collectd-vsphere.secret" . }} 29 | resources: 30 | {{ toYaml .Values.resources | indent 12 }} 31 | {{- with .Values.nodeSelector }} 32 | nodeSelector: 33 | {{ toYaml . | indent 8 }} 34 | {{- end }} 35 | {{- with .Values.affinity }} 36 | affinity: 37 | {{ toYaml . | indent 8 }} 38 | {{- end }} 39 | {{- with .Values.tolerations }} 40 | tolerations: 41 | {{ toYaml . | indent 8 }} 42 | {{- end }} 43 | imagePullSecrets: 44 | - name: {{ .Values.imagePullSecrets }} 45 | -------------------------------------------------------------------------------- /charts/collectd-vsphere/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.trvs.enabled }} 2 | apiVersion: travisci.com/v1 3 | kind: TrvsSecret 4 | metadata: 5 | name: {{ include "collectd-vsphere.secret" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "collectd-vsphere.name" . }} 8 | helm.sh/chart: {{ include "collectd-vsphere.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | spec: 12 | app: {{ .Values.trvs.app }} 13 | env: {{ .Values.trvs.env }} 14 | prefix: COLLECTD_VSPHERE 15 | pro: {{ .Values.trvs.pro }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /charts/collectd-vsphere/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for collectd-vsphere. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | image: 6 | repository: gcr.io/travis-ci-prod-services-1/collectd-vsphere 7 | tag: v1.2.0 8 | pullPolicy: IfNotPresent 9 | 10 | nameOverride: "" 11 | fullnameOverride: "" 12 | 13 | # Pull secrets from trvs keychain 14 | trvs: 15 | # If not enabled, be sure to set secretName and create a secret with the 16 | # necessary environment variables for collectd-vsphere 17 | enabled: false 18 | app: collectd-vsphere 19 | env: "" 20 | pro: false 21 | 22 | # Override the name of the secret with environment variables. 23 | # 24 | # If trvs.enabled is true, it will create a secret with this name instead 25 | # of using the fullname of the deployment. 26 | # 27 | # If trvs.enabled is false, this should be set and you must create a secret 28 | # with the given name that has the right environment variables. 29 | secretName: "" 30 | 31 | resources: {} 32 | # We usually recommend not to specify default resources and to leave this as a conscious 33 | # choice for the user. This also increases chances charts run on environments with little 34 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 35 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 36 | # limits: 37 | # cpu: 100m 38 | # memory: 128Mi 39 | # requests: 40 | # cpu: 100m 41 | # memory: 128Mi 42 | 43 | nodeSelector: {} 44 | 45 | tolerations: [] 46 | 47 | affinity: {} 48 | 49 | imagePullSecrets: gcr-io 50 | -------------------------------------------------------------------------------- /charts/docker-registry/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/docker-registry/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 2.7.1 3 | description: A Helm chart for Docker Registry 4 | home: https://hub.docker.com/_/registry/ 5 | icon: https://hub.docker.com/public/images/logos/mini-logo.svg 6 | maintainers: 7 | - email: jpds@protonmail.com 8 | name: jpds 9 | - email: pete.brown@powerhrg.com 10 | name: rendhalver 11 | name: docker-registry 12 | sources: 13 | - https://github.com/docker/distribution-library-image 14 | version: 1.9.4 15 | -------------------------------------------------------------------------------- /charts/docker-registry/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - jpds 3 | - rendhalver 4 | reviewers: 5 | - jpds 6 | - rendhalver 7 | -------------------------------------------------------------------------------- /charts/docker-registry/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range .Values.ingress.hosts }} 4 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} 5 | {{- end }} 6 | {{- else if contains "NodePort" .Values.service.type }} 7 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "docker-registry.fullname" . }}) 8 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 9 | echo http://$NODE_IP:$NODE_PORT 10 | {{- else if contains "LoadBalancer" .Values.service.type }} 11 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 12 | You can watch the status of by running 'kubectl get svc -w {{ template "docker-registry.fullname" . }}' 13 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "docker-registry.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') 14 | echo http://$SERVICE_IP:{{ .Values.service.externalPort }} 15 | {{- else if contains "ClusterIP" .Values.service.type }} 16 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "docker-registry.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 17 | echo "Visit http://127.0.0.1:8080 to use your application" 18 | kubectl -n {{ .Release.Namespace }} port-forward $POD_NAME 8080:5000 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /charts/docker-registry/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "docker-registry.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | */}} 13 | {{- define "docker-registry.fullname" -}} 14 | {{- if .Values.fullnameOverride -}} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 16 | {{- else -}} 17 | {{- $name := default .Chart.Name .Values.nameOverride -}} 18 | {{- if contains $name .Release.Name -}} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 20 | {{- else -}} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 22 | {{- end -}} 23 | {{- end -}} 24 | {{- end -}} 25 | -------------------------------------------------------------------------------- /charts/docker-registry/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "docker-registry.fullname" . }}-config 5 | labels: 6 | app: {{ template "docker-registry.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | data: 11 | config.yml: |- 12 | {{ toYaml .Values.configData | indent 4 }} 13 | -------------------------------------------------------------------------------- /charts/docker-registry/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $serviceName := include "docker-registry.fullname" . -}} 3 | {{- $servicePort := .Values.service.port -}} 4 | {{- $path := .Values.ingress.path -}} 5 | apiVersion: {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} networking.k8s.io/v1beta1 {{- else }} extensions/v1beta1 {{- end }} 6 | kind: Ingress 7 | metadata: 8 | name: {{ template "docker-registry.fullname" . }} 9 | labels: 10 | app: {{ template "docker-registry.name" . }} 11 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 12 | release: {{ .Release.Name }} 13 | heritage: {{ .Release.Service }} 14 | {{- if .Values.ingress.labels }} 15 | {{ toYaml .Values.ingress.labels | indent 4 }} 16 | {{- end }} 17 | annotations: 18 | {{- range $key, $value := .Values.ingress.annotations }} 19 | {{ $key }}: {{ $value | quote }} 20 | {{- end }} 21 | spec: 22 | rules: 23 | {{- range $host := .Values.ingress.hosts }} 24 | - host: {{ $host }} 25 | http: 26 | paths: 27 | - path: {{ $path }} 28 | backend: 29 | serviceName: {{ $serviceName }} 30 | servicePort: {{ $servicePort }} 31 | {{- end -}} 32 | {{- if .Values.ingress.tls }} 33 | tls: 34 | {{ toYaml .Values.ingress.tls | indent 4 }} 35 | {{- end -}} 36 | {{- end -}} 37 | -------------------------------------------------------------------------------- /charts/docker-registry/templates/poddisruptionbudget.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podDisruptionBudget -}} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ template "docker-registry.fullname" . }} 6 | labels: 7 | app: {{ template "docker-registry.name" . }} 8 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | spec: 12 | selector: 13 | matchLabels: 14 | app: {{ template "docker-registry.name" . }} 15 | release: {{ .Release.Name }} 16 | {{ toYaml .Values.podDisruptionBudget | indent 2 }} 17 | {{- end -}} 18 | -------------------------------------------------------------------------------- /charts/docker-registry/templates/pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.persistence.enabled }} 2 | {{- if not .Values.persistence.existingClaim -}} 3 | kind: PersistentVolumeClaim 4 | apiVersion: v1 5 | metadata: 6 | name: {{ template "docker-registry.fullname" . }} 7 | labels: 8 | app: {{ template "docker-registry.fullname" . }} 9 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 10 | release: "{{ .Release.Name }}" 11 | heritage: "{{ .Release.Service }}" 12 | spec: 13 | accessModes: 14 | - {{ .Values.persistence.accessMode | quote }} 15 | resources: 16 | requests: 17 | storage: {{ .Values.persistence.size | quote }} 18 | {{- if .Values.persistence.storageClass }} 19 | {{- if (eq "-" .Values.persistence.storageClass) }} 20 | storageClassName: "" 21 | {{- else }} 22 | storageClassName: "{{ .Values.persistence.storageClass }}" 23 | {{- end }} 24 | {{- end }} 25 | {{- end }} 26 | {{- end -}} 27 | -------------------------------------------------------------------------------- /charts/docker-registry/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "docker-registry.fullname" . }} 5 | labels: 6 | app: {{ template "docker-registry.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | {{- if .Values.service.annotations }} 11 | annotations: 12 | {{ toYaml .Values.service.annotations | indent 4 }} 13 | {{- end }} 14 | spec: 15 | type: {{ .Values.service.type }} 16 | {{- if (and (eq .Values.service.type "ClusterIP") (not (empty .Values.service.clusterIP))) }} 17 | clusterIP: {{ .Values.service.clusterIP }} 18 | {{- end }} 19 | {{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }} 20 | loadBalancerIP: {{ .Values.service.loadBalancerIP }} 21 | {{- end }} 22 | {{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerSourceRanges))) }} 23 | loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }} 24 | {{- end }} 25 | ports: 26 | - port: {{ .Values.service.port }} 27 | protocol: TCP 28 | name: {{ .Values.service.name }} 29 | targetPort: 5000 30 | {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} 31 | nodePort: {{ .Values.service.nodePort }} 32 | {{- end }} 33 | selector: 34 | app: {{ template "docker-registry.name" . }} 35 | release: {{ .Release.Name }} 36 | -------------------------------------------------------------------------------- /charts/gce-worker/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/gce-worker/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "v4.6.2" 3 | description: Deploys worker for provisioning GCE jobs 4 | name: gce-worker 5 | version: 0.1.4 6 | -------------------------------------------------------------------------------- /charts/gce-worker/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/charts/gce-worker/templates/NOTES.txt -------------------------------------------------------------------------------- /charts/gce-worker/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.trvs.enabled }} 2 | apiVersion: travisci.com/v1 3 | kind: TrvsSecret 4 | metadata: 5 | name: {{ include "gce-worker.secret" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "gce-worker.name" . }} 8 | helm.sh/chart: {{ include "gce-worker.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | spec: 12 | app: {{ .Values.trvs.app }} 13 | env: {{ .Values.trvs.env }} 14 | prefix: TRAVIS_WORKER 15 | pro: {{ .Values.trvs.pro }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /charts/gcloud-cleanup/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /charts/gcloud-cleanup/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: A Helm chart for Kubernetes 4 | name: gcloud-cleanup 5 | version: 0.0.1 6 | -------------------------------------------------------------------------------- /charts/gcloud-cleanup/README.md: -------------------------------------------------------------------------------- 1 | # gcloud-cleanup chart 2 | 3 | This chart installs [gcloud-cleanup](https://github.com/travis-ci/gcloud-cleanup) on kubernetes. 4 | 5 | The environment variables are set through [trvs-operator](https://github.com/travis-ci/trvs-operator/) which in turn fetches the full config from the super secret keychain. 6 | 7 | ## Installation 8 | 9 | ```bash 10 | helm upgrade --install --set trvs.enabled=true,trvs.env=staging-1 . 11 | ``` 12 | -------------------------------------------------------------------------------- /charts/gcloud-cleanup/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: redis 3 | repository: https://charts.helm.sh/stable 4 | version: 8.0.13 5 | digest: sha256:a69c64fe9c223bb4749d9eb98310a441086777b32f18b8de22cf71789c3c7904 6 | generated: "2020-10-08T19:37:14.724146-03:00" 7 | -------------------------------------------------------------------------------- /charts/gcloud-cleanup/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: redis 3 | version: 8.0.13 4 | repository: https://charts.helm.sh/stable 5 | condition: redis.enabled 6 | -------------------------------------------------------------------------------- /charts/gcloud-cleanup/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | See the logs of this pod: 2 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "gcloud-cleanup.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 3 | kubectl logs -f $POD_NAME 4 | -------------------------------------------------------------------------------- /charts/gcloud-cleanup/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ include "gcloud-cleanup.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "gcloud-cleanup.name" . }} 7 | helm.sh/chart: {{ include "gcloud-cleanup.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | data: 11 | {{ if .Values.zones -}} 12 | GCLOUD_CLEANUP_ZONES: "{{ .Values.zones }}" 13 | {{- end }} 14 | GCLOUD_CLEANUP_ARCHIVE_SAMPLE_RATE: "10" 15 | GCLOUD_CLEANUP_ARCHIVE_SERIAL: "true" 16 | GCLOUD_CLEANUP_ENTITIES: instances 17 | GCLOUD_CLEANUP_INSTANCE_FILTERS: "name eq ^(testing-gce|travis-job|packer-).*" 18 | GCLOUD_CLEANUP_INSTANCE_MAX_AGE: "3h" 19 | GCLOUD_CLEANUP_LOOP_SLEEP: "1m" 20 | GCLOUD_CLEANUP_OPENCENSUS_SAMPLING_RATE: "10" 21 | GCLOUD_CLEANUP_OPENCENSUS_TRACING_ENABLED: "true" 22 | GCLOUD_CLEANUP_RATE_LIMIT_PREFIX: gcloud-cleanup 23 | GCLOUD_CLEANUP_RATE_LIMIT_DURATION: "2s" 24 | GCLOUD_CLEANUP_RATE_LIMIT_MAX_CALLS: "20" 25 | -------------------------------------------------------------------------------- /charts/gcloud-cleanup/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.trvs.enabled }} 2 | apiVersion: travisci.com/v1 3 | kind: TrvsSecret 4 | metadata: 5 | name: {{ include "gcloud-cleanup.secret" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "gcloud-cleanup.name" . }} 8 | helm.sh/chart: {{ include "gcloud-cleanup.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | spec: 12 | app: {{ .Values.trvs.app }} 13 | env: {{ .Values.trvs.env }} 14 | prefix: GCLOUD_CLEANUP 15 | pro: {{ .Values.trvs.pro }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /charts/gcloud-cleanup/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for gcloud-cleanup. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: gcr.io/travis-ci-prod-services-1/gcloud-cleanup 9 | tag: '' 10 | pullPolicy: IfNotPresent 11 | 12 | nameOverride: "" 13 | fullnameOverride: "" 14 | 15 | # Pull secrets from trvs keychain 16 | trvs: 17 | # If not enabled, be sure to set secretName and create a secret with the 18 | # necessary environment variables for gcloud-cleanup 19 | enabled: false 20 | app: "gcloud-cleanup" 21 | env: "" 22 | pro: false 23 | 24 | secretName: "" 25 | serviceAccountSecretName: "" 26 | 27 | # Self-provisioned Redis through requirements.yaml 28 | redis: 29 | enabled: false 30 | cluster: 31 | enabled: false 32 | master: 33 | persistence: 34 | enabled: false 35 | 36 | # Cluster provided Redis Cluster (see releases/*/rate_limit_redis.yaml) 37 | rateLimitRedis: 38 | enabled: false 39 | secretName: rate-limit-redis 40 | envPrefix: RATE_LIMIT_REDIS 41 | 42 | zones: "us-central1-a,us-central1-b,us-central1-c,us-central1-f" 43 | -------------------------------------------------------------------------------- /charts/jupiter-brain/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/jupiter-brain/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.1.0" 3 | description: API for creating vSphere VM instances 4 | name: jupiter-brain 5 | version: 0.1.1 6 | -------------------------------------------------------------------------------- /charts/jupiter-brain/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/charts/jupiter-brain/templates/NOTES.txt -------------------------------------------------------------------------------- /charts/jupiter-brain/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "jupiter-brain.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "jupiter-brain.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "jupiter-brain.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Use the fullname as the secret name unless a secretName has been provided. 36 | */}} 37 | {{- define "jupiter-brain.secret" -}} 38 | {{- if .Values.secretName -}} 39 | {{- .Values.secretName -}} 40 | {{- else -}} 41 | {{- include "jupiter-brain.fullname" . }} 42 | {{- end -}} 43 | {{- end -}} 44 | -------------------------------------------------------------------------------- /charts/jupiter-brain/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ include "jupiter-brain.fullname" . }} 5 | data: 6 | JUPITER_BRAIN_VSPHERE_CONCURRENT_CREATE_OPERATIONS: "{{ .Values.concurrency.create }}" 7 | JUPITER_BRAIN_VSPHERE_CONCURRENT_DELETE_OPERATIONS: "{{ .Values.concurrency.delete }}" 8 | JUPITER_BRAIN_REQUEST_TIMEOUT: {{ .Values.requestTimeout }} 9 | JUPITER_BRAIN_HONEYCOMB_REQUEST_DATASET: {{ .Values.honeycomb.dataset }} 10 | JUPITER_BRAIN_HONEYCOMB_SAMPLE_RATE: "{{ .Values.honeycomb.sampleRate }}" 11 | -------------------------------------------------------------------------------- /charts/jupiter-brain/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.trvs.enabled }} 2 | apiVersion: travisci.com/v1 3 | kind: TrvsSecret 4 | metadata: 5 | name: {{ include "jupiter-brain.secret" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "jupiter-brain.name" . }} 8 | helm.sh/chart: {{ include "jupiter-brain.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | spec: 12 | app: {{ .Values.trvs.app }} 13 | env: {{ .Values.trvs.env }} 14 | prefix: JUPITER_BRAIN 15 | pro: {{ .Values.trvs.pro }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /charts/jupiter-brain/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "jupiter-brain.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "jupiter-brain.name" . }} 7 | helm.sh/chart: {{ include "jupiter-brain.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | type: {{ .Values.service.type }} 12 | ports: 13 | - port: {{ .Values.service.port }} 14 | targetPort: http 15 | protocol: TCP 16 | name: http 17 | selector: 18 | app.kubernetes.io/name: {{ include "jupiter-brain.name" . }} 19 | app.kubernetes.io/instance: {{ .Release.Name }} 20 | -------------------------------------------------------------------------------- /charts/jupiter-brain/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for jupiter-brain. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 2 6 | 7 | image: 8 | repository: gcr.io/travis-ci-prod-services-1/jupiter-brain 9 | tag: v1.1.0 10 | pullPolicy: IfNotPresent 11 | 12 | nameOverride: "" 13 | fullnameOverride: "" 14 | 15 | # Pull secrets from trvs keychain 16 | trvs: 17 | # If not enabled, be sure to set secretName and create a secret with the 18 | # necessary environment variables for jupiter-brain 19 | enabled: false 20 | app: jupiter-brain 21 | env: "" 22 | pro: false 23 | 24 | # Override the name of the secret with environment variables. 25 | # 26 | # If trvs.enabled is true, it will create a secret with this name instead 27 | # of using the fullname of the deployment. 28 | # 29 | # If trvs.enabled is false, this should be set and you must create a secret 30 | # with the given name that has the right environment variables. 31 | secretName: "" 32 | 33 | concurrency: 34 | create: 20 35 | delete: 20 36 | 37 | requestTimeout: 5m 38 | 39 | honeycomb: 40 | dataset: "" 41 | sampleRate: 1 42 | 43 | service: 44 | type: ClusterIP 45 | port: 80 46 | 47 | imagePullSecrets: gcr-io 48 | 49 | -------------------------------------------------------------------------------- /charts/macbot/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/macbot/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: A Helm chart for Kubernetes 4 | name: macbot 5 | version: 0.1.1 6 | -------------------------------------------------------------------------------- /charts/macbot/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/charts/macbot/templates/NOTES.txt -------------------------------------------------------------------------------- /charts/macbot/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "macbot.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "macbot.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{- define "imaged.fullname" -}} 28 | {{- $name := "imaged" -}} 29 | {{- if contains $name .Release.Name -}} 30 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 31 | {{- else -}} 32 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 33 | {{- end -}} 34 | {{- end -}} 35 | 36 | {{/* 37 | Create chart name and version as used by the chart label. 38 | */}} 39 | {{- define "macbot.chart" -}} 40 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 41 | {{- end -}} 42 | -------------------------------------------------------------------------------- /charts/macbot/templates/configmap-imaged.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ include "imaged.fullname" . }} 5 | data: 6 | IMAGED_TEMPLATES_URL: https://github.com/travis-ci/packer-templates-mac.git 7 | IMAGED_ANSIBLE_SECRETS_FILE: /etc/secrets/ansible.yml 8 | -------------------------------------------------------------------------------- /charts/macbot/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ include "macbot.fullname" . }} 5 | data: 6 | MACBOT_IMAGED_URL: http://{{ include "imaged.fullname" . }} 7 | MACBOT_JOB_BOARD_PRODUCTION_URL: https://job-board-production.herokuapp.com 8 | MACBOT_JOB_BOARD_STAGING_URL: https://job-board-staging.herokuapp.com 9 | -------------------------------------------------------------------------------- /charts/macbot/templates/secret-ansible.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: travisci.com/v1 2 | kind: TrvsSecret 3 | metadata: 4 | name: {{ include "imaged.fullname" . }}-ansible 5 | labels: 6 | app.kubernetes.io/name: imaged-ansible 7 | helm.sh/chart: {{ include "macbot.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | app: macstadium-image-builder 12 | env: ansible-secrets 13 | key: ansible.yml 14 | -------------------------------------------------------------------------------- /charts/macbot/templates/secret-imaged.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: travisci.com/v1 2 | kind: TrvsSecret 3 | metadata: 4 | name: {{ include "imaged.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: imaged 7 | helm.sh/chart: {{ include "macbot.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | app: macstadium-image-builder 12 | env: imaged 13 | -------------------------------------------------------------------------------- /charts/macbot/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: travisci.com/v1 2 | kind: TrvsSecret 3 | metadata: 4 | name: {{ include "macbot.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "macbot.name" . }} 7 | helm.sh/chart: {{ include "macbot.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | app: macstadium-image-builder 12 | env: macbot 13 | -------------------------------------------------------------------------------- /charts/macbot/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "imaged.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: imaged 7 | helm.sh/chart: {{ include "macbot.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | type: {{ .Values.service.type }} 12 | ports: 13 | - port: {{ .Values.service.port }} 14 | targetPort: 8080 15 | protocol: TCP 16 | name: http 17 | selector: 18 | app.kubernetes.io/name: imaged 19 | app.kubernetes.io/instance: {{ .Release.Name }} 20 | -------------------------------------------------------------------------------- /charts/macbot/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for macbot. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | macbot: 6 | image: gcr.io/travis-ci-prod-services-1/macbot:v1.3.1 7 | imagePullPolicy: IfNotPresent 8 | 9 | imaged: 10 | image: gcr.io/travis-ci-prod-services-1/imaged:v1.0.0 11 | imagePullPolicy: IfNotPresent 12 | 13 | nameOverride: "" 14 | fullnameOverride: "" 15 | 16 | service: 17 | type: ClusterIP 18 | port: 80 19 | 20 | resources: {} 21 | # We usually recommend not to specify default resources and to leave this as a conscious 22 | # choice for the user. This also increases chances charts run on environments with little 23 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 24 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 25 | # limits: 26 | # cpu: 100m 27 | # memory: 128Mi 28 | # requests: 29 | # cpu: 100m 30 | # memory: 128Mi 31 | 32 | nodeSelector: {} 33 | 34 | tolerations: [] 35 | 36 | affinity: {} 37 | 38 | imagePullSecrets: gcr-io 39 | -------------------------------------------------------------------------------- /charts/macstadium-worker/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/macstadium-worker/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "v4.6.2" 3 | description: Deploys worker with jupiter-brain for building macOS jobs 4 | name: macstadium-worker 5 | version: 0.1.1 6 | -------------------------------------------------------------------------------- /charts/macstadium-worker/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/charts/macstadium-worker/templates/NOTES.txt -------------------------------------------------------------------------------- /charts/macstadium-worker/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ include "macstadium-worker.fullname" . }} 5 | data: 6 | TRAVIS_WORKER_AMQP_HEARTBEAT: "60s" 7 | TRAVIS_WORKER_BUILD_FIX_ETC_HOSTS: "true" 8 | TRAVIS_WORKER_BUILD_FIX_RESOLV_CONF: "true" 9 | TRAVIS_WORKER_BUILD_PARANOID: "false" 10 | TRAVIS_WORKER_BUILD_TRACE_ENABLED: "true" 11 | TRAVIS_WORKER_BUILD_TRACE_S3_KEY_PREFIX: trace/ 12 | TRAVIS_WORKER_BUILD_TRACE_S3_REGION: us-east-1 13 | TRAVIS_WORKER_HARD_TIMEOUT: "50m" 14 | TRAVIS_WORKER_POOL_SIZE: "1" 15 | TRAVIS_WORKER_POOL_SIZE: "{{ .Values.poolSize }}" 16 | TRAVIS_WORKER_QUEUE_TYPE: "amqp" 17 | TRAVIS_WORKER_RABBITMQ_SHARDING: "true" 18 | TRAVIS_WORKER_SCRIPT_UPLOAD_TIMEOUT: "6m" 19 | TRAVIS_WORKER_STARTUP_TIMEOUT: "8m" 20 | TRAVIS_WORKER_TRAVIS_SITE: "{{ .Values.site }}" 21 | {{ if .Values.queue -}} 22 | TRAVIS_WORKER_QUEUE_NAME: "{{ .Values.queue }}" 23 | {{- end }} 24 | 25 | TRAVIS_WORKER_INFRA: "macstadium" 26 | TRAVIS_WORKER_PROVIDER_NAME: "jupiterbrain" 27 | TRAVIS_WORKER_JUPITERBRAIN_IMAGE_SELECTOR_TYPE: "api" 28 | TRAVIS_WORKER_JUPITERBRAIN_SSH_KEY_PATH: "/etc/worker/ssh/travis-vm.key" 29 | -------------------------------------------------------------------------------- /charts/macstadium-worker/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.trvs.enabled }} 2 | apiVersion: travisci.com/v1 3 | kind: TrvsSecret 4 | metadata: 5 | name: {{ include "macstadium-worker.secret" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "macstadium-worker.name" . }} 8 | helm.sh/chart: {{ include "macstadium-worker.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | spec: 12 | app: {{ .Values.trvs.app }} 13 | env: {{ .Values.trvs.env }} 14 | prefix: TRAVIS_WORKER 15 | pro: {{ .Values.trvs.pro }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /charts/macstadium-worker/templates/ssh-key-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: travisci.com/v1 2 | kind: TrvsSecret 3 | metadata: 4 | name: {{ include "macstadium-worker.fullname" . }}-vm-key 5 | labels: 6 | app.kubernetes.io/name: {{ include "macstadium-worker.name" . }}-vm-key 7 | helm.sh/chart: {{ include "macstadium-worker.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | file: macstadium/travis-vm-ssh-key 12 | key: travis-vm.key 13 | -------------------------------------------------------------------------------- /charts/papertrail/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/papertrail/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: A Helm chart for Kubernetes 4 | name: papertrail 5 | version: 0.1.0 6 | -------------------------------------------------------------------------------- /charts/papertrail/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/charts/papertrail/templates/NOTES.txt -------------------------------------------------------------------------------- /charts/papertrail/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "papertrail.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "papertrail.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "papertrail.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | -------------------------------------------------------------------------------- /charts/papertrail/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for papertrail. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | image: 6 | repository: gliderlabs/logspout 7 | tag: master 8 | pullPolicy: IfNotPresent 9 | 10 | nameOverride: "" 11 | fullnameOverride: "" 12 | 13 | resources: 14 | requests: 15 | cpu: 0.15 16 | limits: 17 | memory: 500Mi 18 | 19 | nodeSelector: {} 20 | 21 | tolerations: [] 22 | 23 | affinity: {} 24 | -------------------------------------------------------------------------------- /charts/statsd/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/statsd/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: A Helm chart for Kubernetes 4 | name: statsd 5 | version: 0.1.0 6 | -------------------------------------------------------------------------------- /charts/statsd/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/charts/statsd/templates/NOTES.txt -------------------------------------------------------------------------------- /charts/statsd/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "statsd.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "statsd.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "statsd.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | -------------------------------------------------------------------------------- /charts/statsd/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: travisci.com/v1 2 | kind: TrvsSecret 3 | metadata: 4 | name: {{ include "statsd.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "statsd.name" . }} 7 | helm.sh/chart: {{ include "statsd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | app: terraform-config 12 | env: {{ .Values.secretEnv }} 13 | -------------------------------------------------------------------------------- /charts/statsd/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "statsd.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "statsd.name" . }} 7 | helm.sh/chart: {{ include "statsd.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | type: {{ .Values.service.type }} 12 | ports: 13 | - port: {{ .Values.service.port }} 14 | targetPort: 8125 15 | protocol: UDP 16 | name: statsd 17 | selector: 18 | app.kubernetes.io/name: {{ include "statsd.name" . }} 19 | app.kubernetes.io/instance: {{ .Release.Name }} 20 | -------------------------------------------------------------------------------- /charts/statsd/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for statsd. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: travisci/statsd-librato:latest 8 | imagePullPolicy: Always 9 | 10 | nameOverride: "" 11 | fullnameOverride: "" 12 | 13 | service: 14 | type: ClusterIP 15 | port: 8125 16 | 17 | resources: {} 18 | # We usually recommend not to specify default resources and to leave this as a conscious 19 | # choice for the user. This also increases chances charts run on environments with little 20 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 21 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 22 | # limits: 23 | # cpu: 100m 24 | # memory: 128Mi 25 | # requests: 26 | # cpu: 100m 27 | # memory: 128Mi 28 | 29 | nodeSelector: {} 30 | 31 | tolerations: [] 32 | 33 | affinity: {} 34 | -------------------------------------------------------------------------------- /charts/travis-autoscaler/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /charts/travis-autoscaler/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: A Helm chart for Kubernetes 4 | name: travis-autoscaler 5 | version: 0.1.1 6 | -------------------------------------------------------------------------------- /charts/travis-autoscaler/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "travis-autoscaler.fullname" . -}} 3 | apiVersion: extensions/v1beta1 4 | kind: Ingress 5 | metadata: 6 | name: {{ $fullName }} 7 | labels: 8 | {{ include "travis-autoscaler.labels" . | indent 4 }} 9 | {{- with .Values.ingress.annotations }} 10 | annotations: 11 | {{- toYaml . | nindent 4 }} 12 | {{- end }} 13 | spec: 14 | {{- if .Values.ingress.tls }} 15 | tls: 16 | {{- range .Values.ingress.tls }} 17 | - hosts: 18 | {{- range .hosts }} 19 | - {{ . | quote }} 20 | {{- end }} 21 | secretName: {{ .secretName }} 22 | {{- end }} 23 | {{- end }} 24 | rules: 25 | {{- range .Values.ingress.hosts }} 26 | - host: {{ .host | quote }} 27 | http: 28 | paths: 29 | {{- range .paths }} 30 | - path: {{ . }} 31 | backend: 32 | serviceName: {{ $fullName }} 33 | servicePort: http 34 | {{- end }} 35 | {{- end }} 36 | {{- end }} 37 | -------------------------------------------------------------------------------- /charts/travis-autoscaler/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "travis-autoscaler.fullname" . }} 5 | labels: 6 | {{ include "travis-autoscaler.labels" . | indent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: 3000 11 | targetPort: {{ .Values.service.port }} 12 | protocol: TCP 13 | name: http 14 | selector: 15 | app.kubernetes.io/name: {{ include "travis-autoscaler.name" . }} 16 | app.kubernetes.io/instance: {{ .Release.Name }} 17 | -------------------------------------------------------------------------------- /charts/travis-autoscaler/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for travis-autoscaler. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: quay:io/travisci/autoscaler 9 | tag: '' 10 | pullPolicy: IfNotPresent 11 | 12 | imagePullSecrets: [] 13 | nameOverride: "" 14 | fullnameOverride: "" 15 | 16 | # Pull secrets from trvs keychain 17 | trvs: 18 | # If not enabled, be sure to set secretName and create a secret with the 19 | # necessary environment variables for travis-autoscaler 20 | enabled: false 21 | app: "travis-autoscaler" 22 | env: "" 23 | pro: true 24 | 25 | service: 26 | type: ClusterIP 27 | port: 3000 28 | 29 | ingress: 30 | enabled: false 31 | annotations: {} 32 | # kubernetes.io/ingress.class: nginx 33 | # kubernetes.io/tls-acme: "true" 34 | hosts: 35 | - host: chart-example.local 36 | paths: [] 37 | 38 | tls: [] 39 | # - secretName: chart-example-tls 40 | # hosts: 41 | # - chart-example.local 42 | 43 | env: [] 44 | 45 | vault: 46 | secret: travis-autoscaler-staging-com 47 | -------------------------------------------------------------------------------- /charts/vault/.helmignore: -------------------------------------------------------------------------------- 1 | .git/ 2 | .terraform/ 3 | bin/ 4 | test/ 5 | -------------------------------------------------------------------------------- /charts/vault/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: vault 3 | version: 0.3.1 4 | description: Install and configure Vault on Kubernetes. 5 | home: https://www.vaultproject.io 6 | icon: https://github.com/hashicorp/vault/raw/f22d202cde2018f9455dec755118a9b84586e082/Vault_PrimaryLogo_Black.png 7 | sources: 8 | - https://github.com/hashicorp/vault 9 | - https://github.com/hashicorp/vault-helm 10 | - https://github.com/hashicorp/vault-k8s 11 | -------------------------------------------------------------------------------- /charts/vault/Makefile: -------------------------------------------------------------------------------- 1 | TEST_IMAGE?=vault-helm-test 2 | 3 | test-image: 4 | @docker build --rm -t '$(TEST_IMAGE)' -f $(CURDIR)/test/docker/Test.dockerfile $(CURDIR) 5 | 6 | test-unit: 7 | @docker run -it -v ${PWD}:/helm-test vault-helm-test bats /helm-test/test/unit 8 | 9 | test-acceptance: 10 | @docker run -it -v ${PWD}:/helm-test vault-helm-test bats /helm-test/test/acceptance 11 | 12 | test-bats: test-unit test-acceptance 13 | 14 | test: test-image test-bats 15 | 16 | 17 | .PHONY: test-docker 18 | -------------------------------------------------------------------------------- /charts/vault/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 2 | Thank you for installing HashiCorp Vault! 3 | 4 | Now that you have deployed Vault, you should look over the docs on using 5 | Vault with Kubernetes available here: 6 | 7 | https://www.vaultproject.io/docs/ 8 | 9 | 10 | Your release is named {{ .Release.Name }}. To learn more about the release, try: 11 | 12 | $ helm status {{ .Release.Name }} 13 | $ helm get {{ .Release.Name }} 14 | 15 | -------------------------------------------------------------------------------- /charts/vault/templates/injector-clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if and (eq (.Values.injector.enabled | toString) "true" ) (eq (.Values.global.enabled | toString) "true") }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: {{ template "vault.fullname" . }}-agent-injector-clusterrole 6 | labels: 7 | app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | rules: 11 | - apiGroups: ["admissionregistration.k8s.io"] 12 | resources: ["mutatingwebhookconfigurations"] 13 | verbs: 14 | - "get" 15 | - "list" 16 | - "watch" 17 | - "patch" 18 | {{ end }} 19 | -------------------------------------------------------------------------------- /charts/vault/templates/injector-clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if and (eq (.Values.injector.enabled | toString) "true" ) (eq (.Values.global.enabled | toString) "true") }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRoleBinding 4 | metadata: 5 | name: {{ template "vault.fullname" . }}-agent-injector-binding 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: {{ template "vault.fullname" . }}-agent-injector-clusterrole 15 | subjects: 16 | - kind: ServiceAccount 17 | name: {{ template "vault.fullname" . }}-agent-injector 18 | namespace: {{ .Release.Namespace }} 19 | {{ end }} 20 | -------------------------------------------------------------------------------- /charts/vault/templates/injector-mutating-webhook.yaml: -------------------------------------------------------------------------------- 1 | {{- if and (eq (.Values.injector.enabled | toString) "true" ) (eq (.Values.global.enabled | toString) "true") }} 2 | apiVersion: admissionregistration.k8s.io/v1beta1 3 | kind: MutatingWebhookConfiguration 4 | metadata: 5 | name: {{ template "vault.fullname" . }}-agent-injector-cfg 6 | labels: 7 | app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | webhooks: 11 | - name: vault.hashicorp.com 12 | clientConfig: 13 | service: 14 | name: {{ template "vault.fullname" . }}-agent-injector-svc 15 | namespace: {{ .Release.Namespace }} 16 | path: "/mutate" 17 | caBundle: {{ .Values.injector.certs.caBundle }} 18 | rules: 19 | - operations: ["CREATE", "UPDATE"] 20 | apiGroups: [""] 21 | apiVersions: ["v1"] 22 | resources: ["pods"] 23 | {{- if .Values.injector.namespaceSelector }} 24 | namespaceSelector: 25 | {{ toYaml .Values.injector.namespaceSelector | indent 6}} 26 | {{ end }} 27 | {{ end }} 28 | -------------------------------------------------------------------------------- /charts/vault/templates/injector-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if and (eq (.Values.injector.enabled | toString) "true" ) (eq (.Values.global.enabled | toString) "true") }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ template "vault.fullname" . }}-agent-injector-svc 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | spec: 12 | ports: 13 | - port: 443 14 | targetPort: 8080 15 | selector: 16 | app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector 17 | app.kubernetes.io/instance: {{ .Release.Name }} 18 | component: webhook 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /charts/vault/templates/injector-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and (eq (.Values.injector.enabled | toString) "true" ) (eq (.Values.global.enabled | toString) "true") }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "vault.fullname" . }}-agent-injector 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | {{ end }} 12 | -------------------------------------------------------------------------------- /charts/vault/templates/server-clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{ template "vault.mode" . }} 2 | {{- if and (ne .mode "") (and (eq (.Values.global.enabled | toString) "true") (eq (.Values.server.authDelegator.enabled | toString) "true")) }} 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: ClusterRoleBinding 5 | metadata: 6 | name: {{ template "vault.fullname" . }}-server-binding 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | helm.sh/chart: {{ include "vault.chart" . }} 10 | app.kubernetes.io/name: {{ include "vault.name" . }} 11 | app.kubernetes.io/instance: {{ .Release.Name }} 12 | app.kubernetes.io/managed-by: {{ .Release.Service }} 13 | roleRef: 14 | apiGroup: rbac.authorization.k8s.io 15 | kind: ClusterRole 16 | name: system:auth-delegator 17 | subjects: 18 | - kind: ServiceAccount 19 | name: {{ template "vault.fullname" . }} 20 | namespace: {{ .Release.Namespace }} 21 | {{ end }} 22 | -------------------------------------------------------------------------------- /charts/vault/templates/server-config-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{ template "vault.mode" . }} 2 | {{- if and (eq (.Values.global.enabled | toString) "true") (ne .mode "dev") -}} 3 | {{ if or (ne .Values.server.standalone.config "") (ne .Values.server.ha.config "") -}} 4 | apiVersion: v1 5 | kind: ConfigMap 6 | metadata: 7 | name: {{ template "vault.fullname" . }}-config 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | helm.sh/chart: {{ include "vault.chart" . }} 11 | app.kubernetes.io/name: {{ include "vault.name" . }} 12 | app.kubernetes.io/instance: {{ .Release.Name }} 13 | app.kubernetes.io/managed-by: {{ .Release.Service }} 14 | data: 15 | extraconfig-from-values.hcl: |- 16 | disable_mlock = true 17 | {{- if eq .mode "standalone" }} 18 | {{ tpl .Values.server.standalone.config . | nindent 4 | trim }} 19 | {{- else if eq .mode "ha" }} 20 | {{ tpl .Values.server.ha.config . | nindent 4 | trim }} 21 | {{ end }} 22 | {{- end }} 23 | {{- end }} 24 | -------------------------------------------------------------------------------- /charts/vault/templates/server-disruptionbudget.yaml: -------------------------------------------------------------------------------- 1 | 2 | {{ template "vault.mode" . }} 3 | {{- if ne .mode "external" -}} 4 | {{- if and (and (eq (.Values.global.enabled | toString) "true") (eq .mode "ha")) (eq (.Values.server.ha.disruptionBudget.enabled | toString) "true") -}} 5 | # PodDisruptionBudget to prevent degrading the server cluster through 6 | # voluntary cluster changes. 7 | apiVersion: policy/v1beta1 8 | kind: PodDisruptionBudget 9 | metadata: 10 | name: {{ template "vault.fullname" . }} 11 | namespace: {{ .Release.Namespace }} 12 | labels: 13 | helm.sh/chart: {{ include "vault.chart" . }} 14 | app.kubernetes.io/name: {{ include "vault.name" . }} 15 | app.kubernetes.io/instance: {{ .Release.Name }} 16 | app.kubernetes.io/managed-by: {{ .Release.Service }} 17 | spec: 18 | maxUnavailable: {{ template "vault.pdb.maxUnavailable" . }} 19 | selector: 20 | matchLabels: 21 | app.kubernetes.io/name: {{ include "vault.name" . }} 22 | app.kubernetes.io/instance: {{ .Release.Name }} 23 | component: server 24 | {{- end -}} 25 | {{- end -}} -------------------------------------------------------------------------------- /charts/vault/templates/server-ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.ingress.enabled -}} 2 | {{- $serviceName := include "vault.fullname" . -}} 3 | {{- $servicePort := .Values.server.service.port -}} 4 | apiVersion: extensions/v1beta1 5 | kind: Ingress 6 | metadata: 7 | name: {{ template "vault.fullname" . }} 8 | namespace: {{ .Release.Namespace }} 9 | labels: 10 | helm.sh/chart: {{ include "vault.chart" . }} 11 | app.kubernetes.io/name: {{ include "vault.name" . }} 12 | app.kubernetes.io/instance: {{ .Release.Name }} 13 | app.kubernetes.io/managed-by: {{ .Release.Service }} 14 | {{- with .Values.server.ingress.labels }} 15 | {{- toYaml . | nindent 4 }} 16 | {{- end }} 17 | {{- with .Values.server.ingress.annotations }} 18 | annotations: 19 | {{- toYaml . | nindent 4 }} 20 | {{- end }} 21 | spec: 22 | {{- if .Values.server.ingress.tls }} 23 | tls: 24 | {{- range .Values.server.ingress.tls }} 25 | - hosts: 26 | {{- range .hosts }} 27 | - {{ . | quote }} 28 | {{- end }} 29 | secretName: {{ .secretName }} 30 | {{- end }} 31 | {{- end }} 32 | rules: 33 | {{- range .Values.server.ingress.hosts }} 34 | - host: {{ .host | quote }} 35 | http: 36 | paths: 37 | {{- range .paths }} 38 | - path: {{ . }} 39 | backend: 40 | serviceName: {{ $serviceName }} 41 | servicePort: {{ $servicePort }} 42 | {{- end }} 43 | {{- end }} 44 | {{- end }} 45 | -------------------------------------------------------------------------------- /charts/vault/templates/server-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{ template "vault.mode" . }} 2 | {{- if and (ne .mode "") (eq (.Values.global.enabled | toString) "true") }} 3 | apiVersion: v1 4 | kind: ServiceAccount 5 | metadata: 6 | name: {{ template "vault.fullname" . }} 7 | namespace: {{ .Release.Namespace }} 8 | labels: 9 | helm.sh/chart: {{ include "vault.chart" . }} 10 | app.kubernetes.io/name: {{ include "vault.name" . }} 11 | app.kubernetes.io/instance: {{ .Release.Name }} 12 | app.kubernetes.io/managed-by: {{ .Release.Service }} 13 | {{ template "vault.serviceAccount.annotations" . }} 14 | {{ end }} 15 | -------------------------------------------------------------------------------- /charts/vault/test/acceptance/injector-test/job.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: pgdump 6 | labels: 7 | app: pgdump 8 | --- 9 | apiVersion: batch/v1 10 | kind: Job 11 | metadata: 12 | name: pgdump 13 | spec: 14 | backoffLimit: 0 15 | template: 16 | metadata: 17 | name: pgdump 18 | labels: 19 | app: pgdump 20 | annotations: 21 | vault.hashicorp.com/agent-inject: "true" 22 | vault.hashicorp.com/agent-inject-secret-db-creds: "database/creds/db-backup" 23 | vault.hashicorp.com/agent-inject-template-db-creds: | 24 | {{- with secret "database/creds/db-backup" -}} 25 | postgresql://{{ .Data.username }}:{{ .Data.password }}@postgres.acceptance.svc.cluster.local:5432/mydb 26 | {{- end }} 27 | vault.hashicorp.com/role: "db-backup" 28 | vault.hashicorp.com/agent-pre-populate-only: "true" 29 | spec: 30 | serviceAccountName: pgdump 31 | containers: 32 | - name: pgdump 33 | image: postgres:11.5 34 | command: 35 | - "/bin/sh" 36 | - "-ec" 37 | args: 38 | - "/usr/bin/pg_dump $(cat /vault/secrets/db-creds) --no-owner > /dev/stdout" 39 | restartPolicy: Never 40 | -------------------------------------------------------------------------------- /charts/vault/test/acceptance/injector-test/pgdump-policy.hcl: -------------------------------------------------------------------------------- 1 | path "database/creds/db-backup" { 2 | capabilities = ["read"] 3 | } 4 | -------------------------------------------------------------------------------- /charts/vault/test/terraform/.gitignore: -------------------------------------------------------------------------------- 1 | vault-helm-dev-creds.json 2 | -------------------------------------------------------------------------------- /charts/vault/test/terraform/outputs.tf: -------------------------------------------------------------------------------- 1 | output "cluster_id" { 2 | value = "${google_container_cluster.cluster.id}" 3 | } 4 | 5 | output "cluster_name" { 6 | value = "${google_container_cluster.cluster.name}" 7 | } 8 | -------------------------------------------------------------------------------- /charts/vault/test/terraform/service-account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: helm 5 | namespace: kube-system 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1beta1 8 | kind: ClusterRoleBinding 9 | metadata: 10 | name: helm 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: cluster-admin 15 | subjects: 16 | - kind: ServiceAccount 17 | name: helm 18 | namespace: kube-system 19 | -------------------------------------------------------------------------------- /charts/vault/test/terraform/variables.tf: -------------------------------------------------------------------------------- 1 | variable "project" { 2 | default = "vault-helm-dev-246514" 3 | 4 | description = < 0' | tee /dev/stderr) 11 | [ "${actual}" = "true" ] 12 | } 13 | 14 | @test "injector/ClusterRole: disable with global.enabled" { 15 | cd `chart_dir` 16 | local actual=$(helm template \ 17 | -x templates/injector-clusterrole.yaml \ 18 | --set 'global.enabled=false' \ 19 | . | tee /dev/stderr | 20 | yq 'length > 0' | tee /dev/stderr) 21 | [ "${actual}" = "false" ] 22 | } 23 | -------------------------------------------------------------------------------- /charts/vault/test/unit/injector-clusterrolebinding.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | load _helpers 4 | 5 | @test "injector/ClusterRoleBinding: enabled by default" { 6 | cd `chart_dir` 7 | local actual=$(helm template \ 8 | -x templates/injector-clusterrolebinding.yaml \ 9 | . | tee /dev/stderr | 10 | yq 'length > 0' | tee /dev/stderr) 11 | [ "${actual}" = "true" ] 12 | } 13 | 14 | @test "injector/ClusterRoleBinding: disable with global.enabled" { 15 | cd `chart_dir` 16 | local actual=$(helm template \ 17 | -x templates/injector-clusterrolebinding.yaml \ 18 | --set 'global.enabled=false' \ 19 | . | tee /dev/stderr | 20 | yq 'length > 0' | tee /dev/stderr) 21 | [ "${actual}" = "false" ] 22 | } 23 | -------------------------------------------------------------------------------- /charts/vault/test/unit/injector-service.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | load _helpers 4 | 5 | @test "injector/Service: service enabled by default" { 6 | cd `chart_dir` 7 | local actual=$(helm template \ 8 | -x templates/injector-service.yaml \ 9 | . | tee /dev/stderr | 10 | yq 'length > 0' | tee /dev/stderr) 11 | [ "${actual}" = "true" ] 12 | 13 | local actual=$(helm template \ 14 | -x templates/injector-service.yaml \ 15 | --set 'injector.enabled=true' \ 16 | . | tee /dev/stderr | 17 | yq 'length > 0' | tee /dev/stderr) 18 | [ "${actual}" = "true" ] 19 | } 20 | 21 | @test "injector/Service: disable with global.enabled false" { 22 | cd `chart_dir` 23 | local actual=$(helm template \ 24 | -x templates/injector-service.yaml \ 25 | --set 'global.enabled=false' \ 26 | . | tee /dev/stderr | 27 | yq 'length > 0' | tee /dev/stderr) 28 | [ "${actual}" = "false" ] 29 | 30 | local actual=$(helm template \ 31 | -x templates/injector-service.yaml \ 32 | --set 'global.enabled=false' \ 33 | --set 'injector.enabled=true' \ 34 | . | tee /dev/stderr | 35 | yq 'length > 0' | tee /dev/stderr) 36 | [ "${actual}" = "false" ] 37 | } 38 | -------------------------------------------------------------------------------- /charts/vault/test/unit/injector-serviceaccount.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | load _helpers 4 | 5 | @test "injector/ServiceAccount: enabled by default" { 6 | cd `chart_dir` 7 | local actual=$(helm template \ 8 | -x templates/injector-serviceaccount.yaml \ 9 | . | tee /dev/stderr | 10 | yq 'length > 0' | tee /dev/stderr) 11 | [ "${actual}" = "true" ] 12 | } 13 | 14 | @test "injector/ServiceAccount: disable with global.enabled" { 15 | cd `chart_dir` 16 | local actual=$(helm template \ 17 | -x templates/injector-serviceaccount.yaml \ 18 | --set 'global.enabled=false' \ 19 | . | tee /dev/stderr | 20 | yq 'length > 0' | tee /dev/stderr) 21 | [ "${actual}" = "false" ] 22 | } 23 | -------------------------------------------------------------------------------- /charts/vault/test/unit/server-serviceaccount.bats: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | load _helpers 4 | 5 | @test "server/ServiceAccount: specify annotations" { 6 | cd `chart_dir` 7 | local actual=$(helm template \ 8 | -x templates/server-serviceaccount.yaml \ 9 | --set 'server.dev.enabled=true' \ 10 | --set 'server.serviceAccount.annotations.foo=bar' \ 11 | . | tee /dev/stderr | 12 | yq -r '.metadata.annotations["foo"]' | tee /dev/stderr) 13 | [ "${actual}" = "null" ] 14 | 15 | local actual=$(helm template \ 16 | -x templates/server-serviceaccount.yaml \ 17 | --set 'server.ha.enabled=true' \ 18 | --set 'server.serviceAccount.annotations.foo=bar' \ 19 | . | tee /dev/stderr | 20 | yq -r '.metadata.annotations["foo"]' | tee /dev/stderr) 21 | [ "${actual}" = "bar" ] 22 | 23 | local actual=$(helm template \ 24 | -x templates/server-serviceaccount.yaml \ 25 | --set 'server.ha.enabled=true' \ 26 | . | tee /dev/stderr | 27 | yq -r '.metadata.annotations["foo"]' | tee /dev/stderr) 28 | [ "${actual}" = "null" ] 29 | } 30 | -------------------------------------------------------------------------------- /charts/vsphere-janitor/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/vsphere-janitor/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: A Helm chart for Kubernetes 4 | name: vsphere-janitor 5 | version: 0.1.1 6 | -------------------------------------------------------------------------------- /charts/vsphere-janitor/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/charts/vsphere-janitor/templates/NOTES.txt -------------------------------------------------------------------------------- /charts/vsphere-janitor/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "vsphere-janitor.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "vsphere-janitor.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "vsphere-janitor.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Use the fullname as the secret name unless a secretName has been provided. 36 | */}} 37 | {{- define "vsphere-janitor.secret" -}} 38 | {{- if .Values.secretName -}} 39 | {{- .Values.secretName -}} 40 | {{- else -}} 41 | {{- include "vsphere-janitor.fullname" . }} 42 | {{- end -}} 43 | {{- end -}} 44 | -------------------------------------------------------------------------------- /charts/vsphere-janitor/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.trvs.enabled }} 2 | apiVersion: travisci.com/v1 3 | kind: TrvsSecret 4 | metadata: 5 | name: {{ include "vsphere-janitor.secret" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "vsphere-janitor.name" . }} 8 | helm.sh/chart: {{ include "vsphere-janitor.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | spec: 12 | app: {{ .Values.trvs.app }} 13 | env: {{ .Values.trvs.env }} 14 | prefix: VSPHERE_JANITOR 15 | pro: {{ .Values.trvs.pro }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /charts/vsphere-janitor/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for vsphere-janitor. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | image: 6 | repository: gcr.io/travis-ci-prod-services-1/vsphere-janitor 7 | tag: v1.0.0 8 | pullPolicy: IfNotPresent 9 | 10 | nameOverride: "" 11 | fullnameOverride: "" 12 | 13 | # Pull secrets from trvs keychain 14 | trvs: 15 | # If not enabled, be sure to set secretName and create a secret with the 16 | # necessary environment variables for vsphere-janitor 17 | enabled: false 18 | app: vsphere-janitor 19 | env: "" 20 | pro: true 21 | 22 | # Override the name of the secret with environment variables. 23 | # 24 | # If trvs.enabled is true, it will create a secret with this name instead 25 | # of using the fullname of the deployment. 26 | # 27 | # If trvs.enabled is false, this should be set and you must create a secret 28 | # with the given name that has the right environment variables. 29 | secretName: "" 30 | 31 | resources: {} 32 | # We usually recommend not to specify default resources and to leave this as a conscious 33 | # choice for the user. This also increases chances charts run on environments with little 34 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 35 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 36 | # limits: 37 | # cpu: 100m 38 | # memory: 128Mi 39 | # requests: 40 | # cpu: 100m 41 | # memory: 128Mi 42 | 43 | nodeSelector: {} 44 | 45 | tolerations: [] 46 | 47 | affinity: {} 48 | 49 | imagePullSecrets: gcr-io -------------------------------------------------------------------------------- /charts/vsphere-monitor/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/vsphere-monitor/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: A Helm chart for Kubernetes 4 | name: vsphere-monitor 5 | version: 0.1.1 6 | -------------------------------------------------------------------------------- /charts/vsphere-monitor/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/charts/vsphere-monitor/templates/NOTES.txt -------------------------------------------------------------------------------- /charts/vsphere-monitor/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "vsphere-monitor.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "vsphere-monitor.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "vsphere-monitor.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Use the fullname as the secret name unless a secretName has been provided. 36 | */}} 37 | {{- define "vsphere-monitor.secret" -}} 38 | {{- if .Values.secretName -}} 39 | {{- .Values.secretName -}} 40 | {{- else -}} 41 | {{- include "vsphere-monitor.fullname" . }} 42 | {{- end -}} 43 | {{- end -}} 44 | -------------------------------------------------------------------------------- /charts/vsphere-monitor/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "vsphere-monitor.fullname" . }} 5 | labels: 6 | app.kubernetes.io/name: {{ include "vsphere-monitor.name" . }} 7 | helm.sh/chart: {{ include "vsphere-monitor.chart" . }} 8 | app.kubernetes.io/instance: {{ .Release.Name }} 9 | app.kubernetes.io/managed-by: {{ .Release.Service }} 10 | spec: 11 | replicas: 1 12 | selector: 13 | matchLabels: 14 | app.kubernetes.io/name: {{ include "vsphere-monitor.name" . }} 15 | app.kubernetes.io/instance: {{ .Release.Name }} 16 | template: 17 | metadata: 18 | labels: 19 | app.kubernetes.io/name: {{ include "vsphere-monitor.name" . }} 20 | app.kubernetes.io/instance: {{ .Release.Name }} 21 | spec: 22 | containers: 23 | - name: {{ .Chart.Name }} 24 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 25 | imagePullPolicy: {{ .Values.image.pullPolicy }} 26 | envFrom: 27 | - secretRef: 28 | name: {{ include "vsphere-monitor.secret" . }} 29 | resources: 30 | {{ toYaml .Values.resources | indent 12 }} 31 | {{- with .Values.nodeSelector }} 32 | nodeSelector: 33 | {{ toYaml . | indent 8 }} 34 | {{- end }} 35 | {{- with .Values.affinity }} 36 | affinity: 37 | {{ toYaml . | indent 8 }} 38 | {{- end }} 39 | {{- with .Values.tolerations }} 40 | tolerations: 41 | {{ toYaml . | indent 8 }} 42 | {{- end }} 43 | imagePullSecrets: 44 | - name: {{ .Values.imagePullSecrets }} 45 | -------------------------------------------------------------------------------- /charts/vsphere-monitor/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.trvs.enabled }} 2 | apiVersion: travisci.com/v1 3 | kind: TrvsSecret 4 | metadata: 5 | name: {{ include "vsphere-monitor.secret" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "vsphere-monitor.name" . }} 8 | helm.sh/chart: {{ include "vsphere-monitor.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | spec: 12 | app: {{ .Values.trvs.app }} 13 | env: {{ .Values.trvs.env }} 14 | prefix: VSPHERE_MONITOR 15 | pro: {{ .Values.trvs.pro }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /charts/vsphere-monitor/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for vsphere-monitor. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | image: 6 | repository: gcr.io/travis-ci-prod-services-1/vsphere-monitor 7 | tag: v1.0.0 8 | pullPolicy: IfNotPresent 9 | 10 | nameOverride: "" 11 | fullnameOverride: "" 12 | 13 | # Pull secrets from trvs keychain 14 | trvs: 15 | # If not enabled, be sure to set secretName and create a secret with the 16 | # necessary environment variables for vsphere-monitor 17 | enabled: false 18 | app: vsphere-monitor 19 | env: "" 20 | pro: false 21 | 22 | # Override the name of the secret with environment variables. 23 | # 24 | # If trvs.enabled is true, it will create a secret with this name instead 25 | # of using the fullname of the deployment. 26 | # 27 | # If trvs.enabled is false, this should be set and you must create a secret 28 | # with the given name that has the right environment variables. 29 | secretName: "" 30 | 31 | resources: {} 32 | # We usually recommend not to specify default resources and to leave this as a conscious 33 | # choice for the user. This also increases chances charts run on environments with little 34 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 35 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 36 | # limits: 37 | # cpu: 100m 38 | # memory: 128Mi 39 | # requests: 40 | # cpu: 100m 41 | # memory: 128Mi 42 | 43 | nodeSelector: {} 44 | 45 | tolerations: [] 46 | 47 | affinity: {} 48 | 49 | imagePullSecrets: gcr-io 50 | -------------------------------------------------------------------------------- /charts/worker-operator/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /charts/worker-operator/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0.0" 3 | description: An operator for running Travis worker clusters 4 | name: worker-operator 5 | version: 0.1.1 6 | -------------------------------------------------------------------------------- /charts/worker-operator/templates/NOTES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/charts/worker-operator/templates/NOTES.txt -------------------------------------------------------------------------------- /charts/worker-operator/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "worker-operator.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "worker-operator.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "worker-operator.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | -------------------------------------------------------------------------------- /charts/worker-operator/templates/crd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | name: workerclusters.travisci.com 5 | spec: 6 | group: travisci.com 7 | names: 8 | kind: WorkerCluster 9 | listKind: WorkerClusterList 10 | plural: workerclusters 11 | singular: workercluster 12 | scope: Namespaced 13 | version: v1alpha1 14 | subresources: 15 | status: {} 16 | -------------------------------------------------------------------------------- /charts/worker-operator/templates/rbac.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | creationTimestamp: null 5 | name: {{ include "worker-operator.fullname" . }} 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - pods 11 | - services 12 | - endpoints 13 | - persistentvolumeclaims 14 | - events 15 | - configmaps 16 | - secrets 17 | verbs: 18 | - '*' 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - namespaces 23 | verbs: 24 | - get 25 | - apiGroups: 26 | - apps 27 | resources: 28 | - deployments 29 | - daemonsets 30 | - replicasets 31 | - statefulsets 32 | verbs: 33 | - '*' 34 | - apiGroups: 35 | - monitoring.coreos.com 36 | resources: 37 | - servicemonitors 38 | verbs: 39 | - get 40 | - create 41 | - apiGroups: 42 | - travisci.com 43 | resources: 44 | - '*' 45 | verbs: 46 | - '*' 47 | --- 48 | apiVersion: v1 49 | kind: ServiceAccount 50 | metadata: 51 | name: {{ include "worker-operator.fullname" . }} 52 | --- 53 | kind: RoleBinding 54 | apiVersion: rbac.authorization.k8s.io/v1 55 | metadata: 56 | name: {{ include "worker-operator.fullname" . }} 57 | subjects: 58 | - kind: ServiceAccount 59 | name: {{ include "worker-operator.fullname" . }} 60 | roleRef: 61 | kind: Role 62 | name: {{ include "worker-operator.fullname" . }} 63 | apiGroup: rbac.authorization.k8s.io 64 | -------------------------------------------------------------------------------- /charts/worker-operator/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for worker-operator. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: gcr.io/travis-ci-prod-services-1/worker-operator 9 | tag: v1.0.0 10 | pullPolicy: IfNotPresent 11 | 12 | nameOverride: "" 13 | fullnameOverride: "" 14 | 15 | resources: {} 16 | # We usually recommend not to specify default resources and to leave this as a conscious 17 | # choice for the user. This also increases chances charts run on environments with little 18 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 19 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 20 | # limits: 21 | # cpu: 100m 22 | # memory: 128Mi 23 | # requests: 24 | # cpu: 100m 25 | # memory: 128Mi 26 | 27 | nodeSelector: {} 28 | 29 | tolerations: [] 30 | 31 | affinity: {} 32 | 33 | imagePullSecrets: gcr-io 34 | -------------------------------------------------------------------------------- /gcs-credentials.json.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/gcs-credentials.json.enc -------------------------------------------------------------------------------- /k8s/gke_eco-emissary-99515_us-east1_gce-production-1-ue1/ns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | name: gce-production-1 6 | name: gce-production-1 7 | --- 8 | -------------------------------------------------------------------------------- /k8s/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/.placeholder: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/k8s/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/.placeholder -------------------------------------------------------------------------------- /k8s/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/cert-manager-ns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: cert-manager 5 | labels: 6 | name: cert-manager 7 | certmanager.k8s.io/disable-validation: "true" 8 | --- 9 | -------------------------------------------------------------------------------- /k8s/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/letsencrypt-production.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: certmanager.k8s.io/v1alpha1 2 | kind: ClusterIssuer 3 | metadata: 4 | name: letsencrypt-production 5 | namespace: gce-production-services-1 6 | spec: 7 | acme: 8 | # You must replace this email address with your own. 9 | # Let's Encrypt will use this to contact you about expiring 10 | # certificates, and issues related to your account. 11 | email: admin+acme_production@travis-ci.org 12 | server: https://acme-v02.api.letsencrypt.org/directory 13 | privateKeySecretRef: 14 | # Secret resource used to store the account's private key. 15 | name: letsencrypt-production-account-key 16 | http01: {} 17 | --- 18 | -------------------------------------------------------------------------------- /k8s/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/ns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | name: gce-production-services-1 6 | name: gce-production-services-1 7 | --- 8 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/gcloud-cleanup.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: gcloud-cleanup 6 | namespace: gce-production-1 7 | annotations: 8 | flux.weave.works/tag.gcloud-cleanup: glob:test-* 9 | flux.weave.works/automated: 'false' 10 | spec: 11 | chart: 12 | path: charts/gcloud-cleanup 13 | git: git@github.com:travis-ci/kubernetes-config.git 14 | ref: master 15 | releaseName: gcloud-cleanup 16 | values: 17 | image: 18 | repository: gcr.io/travis-ci-prod-services-1/gcloud-cleanup 19 | tag: 4890bc7 20 | trvs: 21 | enabled: true 22 | env: production-1 23 | pro: false 24 | rateLimitRedis: 25 | enabled: true 26 | secretName: rate-limit-redis 27 | envPrefix: RATE_LIMIT_REDIS 28 | replicaCount: 1 29 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/pagerduty-oncall.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: pagerduty-oncall 6 | namespace: gce-production-1 7 | spec: 8 | chart: 9 | path: chart/pagerduty-oncall 10 | git: git@github.com:travis-ci/pagerduty-oncall.git 11 | ref: master 12 | releaseName: pagerduty-oncall 13 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/rate_limit_redis.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: rate-limit-redis 6 | namespace: gce-production-1 7 | spec: 8 | chart: 9 | repository: https://charts.helm.sh/stable 10 | name: redis 11 | version: 8.0.13 12 | releaseName: rate-limit-redis 13 | values: 14 | cluster: 15 | enabled: false 16 | master: 17 | persistence: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/travis-autoscaler.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: travis-autoscaler 6 | namespace: gce-production-1 7 | spec: 8 | chart: 9 | path: charts/travis-autoscaler 10 | git: git@github.com:travis-ci/kubernetes-config.git 11 | ref: master 12 | releaseName: travis-autoscaler 13 | values: 14 | image: 15 | repository: quay.io/travisci/autoscaler 16 | tag: v0.1.7 17 | pullPolicy: IfNotPresent 18 | imagePullSecrets: 19 | - name: travisci-travis-autoscaler-pull-secret 20 | vault: 21 | secret: gce-lxd-autoscaler-prod-1 22 | replicaCount: 0 23 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/travis-rhel-autoscaler.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: travis-rhel-autoscaler 6 | namespace: gce-production-1 7 | spec: 8 | chart: 9 | path: charts/travis-autoscaler 10 | git: git@github.com:travis-ci/kubernetes-config.git 11 | ref: master 12 | releaseName: travis-rhel-autoscaler 13 | values: 14 | image: 15 | repository: gcr.io/eco-emissary-99515/autoscaler 16 | tag: v0.1.7-docker-8 17 | pullPolicy: IfNotPresent 18 | imagePullSecrets: 19 | - name: travisci-travis-autoscaler-pull-secret 20 | vault: 21 | secret: gce-rhel-autoscaler-prod-1 22 | replicaCount: 1 23 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/worker-com-free.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com-free 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com-free 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | # Calculation: 17000 CPUs / 2 vCPU per job / 2 worker types per project = 4250 maxJobs per worker type 18 | # Take a bit of headroom, don't go over 4000 maxJobs 19 | # NOTE: com-free is not in use atm. 20 | cluster: 21 | enabled: true 22 | maxJobs: 0 23 | maxJobsPerWorker: 1 24 | 25 | site: com 26 | queue: builds.gce-free 27 | project: eco-emissary-99515 28 | librato_source_prefix: production-1-gce 29 | 30 | trvs: 31 | enabled: true 32 | app: gce-workers 33 | env: production-1 34 | pro: true 35 | 36 | rateLimitRedis: 37 | enabled: true 38 | secretName: rate-limit-redis 39 | envPrefix: RATE_LIMIT_REDIS 40 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/worker-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 700 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce 24 | project: eco-emissary-99515 25 | librato_source_prefix: production-1-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-1 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-central1-c,us-central1-f,us-central1-a" 40 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/worker-n2-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-n2-com 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-n2-com 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 250 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-n2 24 | project: eco-emissary-99515 25 | librato_source_prefix: production-1-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-1 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-central1-c,us-central1-f" 40 | 41 | terraformSecretName: worker-com-terraform 42 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-org 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 150 20 | maxJobsPerWorker: 50 21 | 22 | site: org 23 | queue: builds.gce-paid 24 | project: eco-emissary-99515 25 | librato_source_prefix: production-1-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-1 31 | pro: false 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-central1-c,us-central1-f,us-central1-a" 40 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/worker-premium-c2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-c2 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-c2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 350 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-c2 24 | project: eco-emissary-99515 25 | librato_source_prefix: production-1-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-1 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "c2-standard-4" 40 | worker_gce_zone: "us-central1-c" 41 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/worker-premium-gpu.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-gpu 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-gpu 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | cluster: 17 | enabled: true 18 | maxJobs: 5 19 | maxJobsPerWorker: 5 20 | 21 | site: com 22 | queue: builds.gce-premium-gpu 23 | project: eco-emissary-99515 24 | librato_source_prefix: production-1-gce 25 | 26 | trvs: 27 | enabled: true 28 | app: gce-workers 29 | env: production-1 30 | pro: true 31 | 32 | rateLimitRedis: 33 | enabled: true 34 | secretName: rate-limit-redis 35 | envPrefix: RATE_LIMIT_REDIS 36 | 37 | default_machine_type: "n1-standard-2" 38 | worker_gce_zones: "us-central1-c" 39 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/worker-premium-hack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-hack 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-hack 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 50 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-hack 24 | project: eco-emissary-99515 25 | librato_source_prefix: production-1-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-1 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "n1-standard-8" 40 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-central1_gce-production-1/worker-premium-n2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 150 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2 24 | project: eco-emissary-99515 25 | librato_source_prefix: production-1-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-1 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | premium_machine_type: "n2-standard-16" 40 | worker_gce_zone: "us-central1-c" 41 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-east1_gce-production-1-ue1/rate_limit_redis.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: rate-limit-redis 6 | namespace: gce-production-1 7 | spec: 8 | chart: 9 | repository: https://charts.helm.sh/stable 10 | name: redis 11 | version: 8.0.13 12 | releaseName: rate-limit-redis 13 | values: 14 | cluster: 15 | enabled: false 16 | master: 17 | persistence: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-east1_gce-production-1-ue1/travis-autoscaler.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: travis-autoscaler 6 | namespace: gce-production-1 7 | spec: 8 | chart: 9 | path: charts/travis-autoscaler 10 | git: git@github.com:travis-ci/kubernetes-config.git 11 | ref: master 12 | releaseName: travis-autoscaler 13 | values: 14 | image: 15 | repository: quay.io/travisci/autoscaler 16 | tag: v0.1.7 17 | pullPolicy: IfNotPresent 18 | imagePullSecrets: 19 | - name: travisci-travis-autoscaler-pull-secret 20 | vault: 21 | secret: gce-lxd-autoscaler-prod-1-ue1 22 | replicaCount: 0 23 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-east1_gce-production-1-ue1/worker-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 700 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce 24 | project: eco-emissary-99515 25 | librato_source_prefix: production-1-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-1 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-east1-c,us-east1-d" 40 | default_gce_network: "main-us-east1" 41 | worker_gce_region: "us-east1" 42 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-east1_gce-production-1-ue1/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-org 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 200 20 | maxJobsPerWorker: 50 21 | 22 | site: org 23 | queue: builds.gce-paid 24 | project: eco-emissary-99515 25 | librato_source_prefix: production-1-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-1 31 | pro: false 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-east1-c,us-east1-d" 40 | default_gce_network: "main-us-east1" 41 | worker_gce_region: "us-east1" 42 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-east1_gce-production-1-ue1/worker-premium-c2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-c2 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-c2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 350 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.us-east1-test 24 | project: eco-emissary-99515 25 | librato_source_prefix: production-1-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-1 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "c2-standard-4" 40 | worker_gce_zone: "us-east1-c,us-east1-d" 41 | default_gce_network: "main-us-east1" 42 | worker_gce_region: "us-east1" 43 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-east1_gce-production-1-ue1/worker-premium-n2-32.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2-32 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2-32 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 100 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2-32 24 | project: eco-emissary-99515 25 | 26 | trvs: 27 | enabled: true 28 | app: gce-workers 29 | env: production-1 30 | pro: true 31 | 32 | rateLimitRedis: 33 | enabled: true 34 | secretName: rate-limit-redis 35 | envPrefix: RATE_LIMIT_REDIS 36 | 37 | default_machine_type: "n2-standard-32" 38 | premium_machine_type: "n2-standard-32" 39 | worker_gce_zones: "us-east1-c,us-east1-d" 40 | default_gce_network: "main-us-east1" 41 | worker_gce_region: "us-east1" 42 | -------------------------------------------------------------------------------- /releases/gke_eco-emissary-99515_us-east1_gce-production-1-ue1/worker-premium-n2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2 5 | namespace: gce-production-1 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 5 20 | maxJobsPerWorker: 5 21 | 22 | site: com 23 | queue: builds.us-east1-test 24 | project: eco-emissary-99515 25 | librato_source_prefix: production-1-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-1 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "n2-standard-16" 40 | worker_gce_zone: "us-east1-c,us-east1-d" 41 | default_gce_network: "main-us-east1" 42 | worker_gce_region: "us-east1" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/gcloud-cleanup.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: gcloud-cleanup 6 | namespace: gce-production-2 7 | annotations: 8 | flux.weave.works/tag.gcloud-cleanup: glob:test-* 9 | flux.weave.works/automated: 'false' 10 | spec: 11 | chart: 12 | path: charts/gcloud-cleanup 13 | git: git@github.com:travis-ci/kubernetes-config.git 14 | ref: master 15 | releaseName: gcloud-cleanup 16 | values: 17 | image: 18 | repository: gcr.io/travis-ci-prod-services-1/gcloud-cleanup 19 | tag: 4890bc7 20 | trvs: 21 | enabled: true 22 | env: production-2 23 | pro: false 24 | rateLimitRedis: 25 | enabled: true 26 | secretName: rate-limit-redis 27 | envPrefix: RATE_LIMIT_REDIS 28 | replicaCount: 1 29 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/rate_limit_redis.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: rate-limit-redis 6 | namespace: gce-production-2 7 | spec: 8 | chart: 9 | repository: https://charts.helm.sh/stable 10 | name: redis 11 | version: 8.0.13 12 | releaseName: rate-limit-redis 13 | values: 14 | cluster: 15 | enabled: false 16 | master: 17 | persistence: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/travis-autoscaler.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: travis-autoscaler 6 | namespace: gce-production-2 7 | spec: 8 | chart: 9 | path: charts/travis-autoscaler 10 | git: git@github.com:travis-ci/kubernetes-config.git 11 | ref: master 12 | releaseName: travis-autoscaler 13 | values: 14 | image: 15 | repository: quay.io/travisci/autoscaler 16 | tag: v0.1.7 17 | pullPolicy: IfNotPresent 18 | imagePullSecrets: 19 | - name: travisci-travis-autoscaler-pull-secret 20 | vault: 21 | secret: gce-lxd-autoscaler-prod-2 22 | replicaCount: 1 23 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/worker-com-free.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com-free 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com-free 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | # Calculation: 17000 CPUs / 2 vCPU per job / 2 worker types per project = 4250 maxJobs per worker type 18 | # Take a bit of headroom, don't go over 4000 maxJobs 19 | # NOTE: com-free is not in use atm. 20 | cluster: 21 | enabled: true 22 | maxJobs: 0 23 | maxJobsPerWorker: 1 24 | 25 | site: com 26 | queue: builds.gce-free 27 | project: travis-ci-prod-2 28 | librato_source_prefix: production-2-gce 29 | 30 | trvs: 31 | enabled: true 32 | app: gce-workers 33 | env: production-2 34 | pro: true 35 | 36 | rateLimitRedis: 37 | enabled: true 38 | secretName: rate-limit-redis 39 | envPrefix: RATE_LIMIT_REDIS 40 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/worker-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 700 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-central1-c,us-central1-f,us-central1-a" 40 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-org 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 200 20 | maxJobsPerWorker: 50 21 | 22 | site: org 23 | queue: builds.gce-paid 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: false 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-central1-c,us-central1-f,us-central1-a" 40 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/worker-premium-c2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-c2 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-c2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 250 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-c2 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "c2-standard-4" 40 | worker_gce_zone: "us-central1-b" 41 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/worker-premium-hack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-hack 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-hack 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 50 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-hack 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "n1-standard-8" 40 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/worker-premium-n2-highcpu.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2-highcpu 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2-highcpu 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 600 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2-highcpu 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | terraformSecretName: worker-premium-n2-terraform 39 | 40 | default_machine_type: "n2-highcpu-8" 41 | premium_machine_type: "n2-highcpu-8" 42 | worker_gce_zone: "us-central1-c" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/worker-premium-n2-highmem.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2-highmem 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2-highmem 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 600 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2-highmem 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | terraformSecretName: worker-premium-n2-terraform 39 | 40 | default_machine_type: "n2-highmem-4" 41 | premium_machine_type: "n2-highmem-8" 42 | worker_gce_zone: "us-central1-c" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-central1_gce-production-2/worker-premium-n2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 150 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | premium_machine_type: "n2-standard-16" 40 | worker_gce_zone: "us-central1-c" 41 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-east1_gce-production-2-ue1/rate_limit_redis.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: rate-limit-redis 6 | namespace: gce-production-2 7 | spec: 8 | chart: 9 | repository: https://charts.helm.sh/stable 10 | name: redis 11 | version: 8.0.13 12 | releaseName: rate-limit-redis 13 | values: 14 | cluster: 15 | enabled: false 16 | master: 17 | persistence: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-east1_gce-production-2-ue1/travis-autoscaler.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: travis-autoscaler 6 | namespace: gce-production-2 7 | spec: 8 | chart: 9 | path: charts/travis-autoscaler 10 | git: git@github.com:travis-ci/kubernetes-config.git 11 | ref: master 12 | releaseName: travis-autoscaler 13 | values: 14 | image: 15 | repository: quay.io/travisci/autoscaler 16 | tag: v0.1.7 17 | pullPolicy: IfNotPresent 18 | imagePullSecrets: 19 | - name: travisci-travis-autoscaler-pull-secret 20 | vault: 21 | secret: gce-lxd-autoscaler-prod-2-ue1 22 | replicaCount: 0 23 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-east1_gce-production-2-ue1/worker-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 700 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-east1-c,us-east1-d" 40 | default_gce_network: "main-us-east1" 41 | worker_gce_region: "us-east1" 42 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-east1_gce-production-2-ue1/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-org 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 300 20 | maxJobsPerWorker: 50 21 | 22 | site: org 23 | queue: builds.gce-paid 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: false 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-east1-c,us-east1-d" 40 | default_gce_network: "main-us-east1" 41 | worker_gce_region: "us-east1" 42 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-east1_gce-production-2-ue1/worker-premium-c2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-c2 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-c2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 5 20 | maxJobsPerWorker: 5 21 | 22 | site: com 23 | queue: builds.us-east1-test 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "c2-standard-4" 40 | worker_gce_zone: "us-east1-c,us-east1-d" 41 | default_gce_network: "main-us-east1" 42 | worker_gce_region: "us-east1" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-east1_gce-production-2-ue1/worker-premium-n2-32.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2-32 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2-32 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 150 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2-32 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-32" 39 | premium_machine_type: "n2-standard-32" 40 | worker_gce_zone: "us-east1-c,us-east1-d" 41 | default_gce_network: "main-us-east1" 42 | worker_gce_region: "us-east1" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-east1_gce-production-2-ue1/worker-premium-n2-4.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2-4 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2-4 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 150 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2-4 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-4" 39 | premium_machine_type: "n2-standard-4" 40 | worker_gce_zone: "us-east1-c,us-east1-d" 41 | default_gce_network: "main-us-east1" 42 | worker_gce_region: "us-east1" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-east1_gce-production-2-ue1/worker-premium-n2-64.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2-64 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2-64 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 20 20 | maxJobsPerWorker: 20 21 | 22 | site: com 23 | queue: builds.gce-premium-n2-64 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-64" 39 | premium_machine_type: "n2-standard-64" 40 | worker_gce_zone: "us-east1-c,us-east1-d" 41 | default_gce_network: "main-us-east1" 42 | worker_gce_region: "us-east1" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-east1_gce-production-2-ue1/worker-premium-n2-8.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2-8 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2-8 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 50 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2-8 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-8" 39 | premium_machine_type: "n2-standard-8" 40 | worker_gce_zone: "us-east1-c,us-east1-d" 41 | default_gce_network: "main-us-east1" 42 | worker_gce_region: "us-east1" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-2_us-east1_gce-production-2-ue1/worker-premium-n2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2 5 | namespace: gce-production-2 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 5 20 | maxJobsPerWorker: 5 21 | 22 | site: com 23 | queue: builds.us-east1-test 24 | project: travis-ci-prod-2 25 | librato_source_prefix: production-2-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-2 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "n2-standard-16" 40 | worker_gce_zone: "us-east1-c,us-east1-d" 41 | default_gce_network: "main-us-east1" 42 | worker_gce_region: "us-east1" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/gcloud-cleanup.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: gcloud-cleanup 6 | namespace: gce-production-3 7 | annotations: 8 | flux.weave.works/tag.gcloud-cleanup: glob:test-* 9 | flux.weave.works/automated: 'false' 10 | spec: 11 | chart: 12 | path: charts/gcloud-cleanup 13 | git: git@github.com:travis-ci/kubernetes-config.git 14 | ref: master 15 | releaseName: gcloud-cleanup 16 | values: 17 | image: 18 | repository: gcr.io/travis-ci-prod-services-1/gcloud-cleanup 19 | tag: 4890bc7 20 | trvs: 21 | enabled: true 22 | env: production-3 23 | pro: false 24 | rateLimitRedis: 25 | enabled: true 26 | secretName: rate-limit-redis 27 | envPrefix: RATE_LIMIT_REDIS 28 | replicaCount: 1 29 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/rate_limit_redis.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: rate-limit-redis 6 | namespace: gce-production-3 7 | spec: 8 | chart: 9 | repository: https://charts.helm.sh/stable 10 | name: redis 11 | version: 8.0.13 12 | releaseName: rate-limit-redis 13 | values: 14 | cluster: 15 | enabled: false 16 | master: 17 | persistence: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/travis-autoscaler-oss.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: travis-autoscaler-oss 6 | namespace: gce-production-3 7 | spec: 8 | chart: 9 | path: charts/travis-autoscaler 10 | git: git@github.com:travis-ci/kubernetes-config.git 11 | ref: master 12 | releaseName: travis-autoscaler-oss 13 | values: 14 | image: 15 | repository: quay.io/travisci/autoscaler 16 | tag: v0.1.7 17 | pullPolicy: IfNotPresent 18 | imagePullSecrets: 19 | - name: travisci-travis-autoscaler-pull-secret 20 | vault: 21 | secret: gce-lxd-autoscaler-prod-3 22 | replicaCount: 1 23 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/worker-com-oss.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com-oss 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com-oss 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 500 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-oss 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-central1-c,us-central1-f,us-central1-a" 40 | terraformSecretName: worker-com-terraform 41 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/worker-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-central1-c,us-central1-f,us-central1-a" 40 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-org 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 100 20 | maxJobsPerWorker: 50 21 | 22 | site: org 23 | queue: builds.gce 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: false 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-central1-c,us-central1-f,us-central1-a" 40 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/worker-premium-c2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-c2 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-c2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-c2 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "c2-standard-4" 40 | worker_gce_zone: "us-central1-f" 41 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/worker-premium-hack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-hack 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-hack 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-hack 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "n1-standard-8" 40 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/worker-premium-n2-highcpu.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2-highcpu 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2-highcpu 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2-highcpu 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | terraformSecretName: worker-premium-n2-terraform 39 | 40 | default_machine_type: "n2-highcpu-8" 41 | premium_machine_type: "n2-highcpu-8" 42 | worker_gce_zone: "us-central1-c" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/worker-premium-n2-highmem.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2-highmem 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2-highmem 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2-highmem 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | terraformSecretName: worker-premium-n2-terraform 39 | 40 | default_machine_type: "n2-highmem-4" 41 | premium_machine_type: "n2-highmem-8" 42 | worker_gce_zone: "us-central1-c" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-central1_gce-production-3/worker-premium-n2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-premium-n2 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | premium_machine_type: "n2-standard-16" 40 | worker_gce_zone: "us-central1-c" 41 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-east1_gce-production-3-ue1/rate_limit_redis.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: rate-limit-redis 6 | namespace: gce-production-3 7 | spec: 8 | chart: 9 | repository: https://charts.helm.sh/stable 10 | name: redis 11 | version: 8.0.13 12 | releaseName: rate-limit-redis 13 | values: 14 | cluster: 15 | enabled: false 16 | master: 17 | persistence: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-east1_gce-production-3-ue1/vault.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: vault 6 | namespace: gce-production-3 7 | annotations: 8 | flux.weave.works/automated: 'true' 9 | spec: 10 | chart: 11 | path: charts/vault 12 | git: git@github.com:travis-ci/kubernetes-config.git 13 | ref: master 14 | releaseName: vault 15 | values: 16 | replicaCount: 1 17 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-east1_gce-production-3-ue1/worker-com-oss.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com-oss 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com-oss 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 1100 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-oss 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-east1-c,us-east1-d" 40 | default_gce_network: "main-us-east1" 41 | worker_gce_region: "us-east1" 42 | terraformSecretName: worker-com-terraform 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-east1_gce-production-3-ue1/worker-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-east1-c,us-east1-d" 40 | default_gce_network: "main-us-east1" 41 | worker_gce_region: "us-east1" 42 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-east1_gce-production-3-ue1/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-org 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: org 23 | queue: builds.gce 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: false 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-east1-c,us-east1-d" 40 | default_gce_network: "main-us-east1" 41 | worker_gce_region: "us-east1" 42 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-east1_gce-production-3-ue1/worker-premium-c2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-c2 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-c2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 5 21 | 22 | site: com 23 | queue: builds.us-east1-test 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "c2-standard-4" 40 | worker_gce_zone: "us-east1-c,us-east1-d" 41 | default_gce_network: "main-us-east1" 42 | worker_gce_region: "us-east1" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-3_us-east1_gce-production-3-ue1/worker-premium-n2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-premium-n2 5 | namespace: gce-production-3 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-premium-n2 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 5 21 | 22 | site: com 23 | queue: builds.us-east1-test 24 | project: travis-ci-prod-3 25 | librato_source_prefix: production-3-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-3 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n1-standard-2" 39 | premium_machine_type: "n2-standard-16" 40 | worker_gce_zone: "us-east1-c,us-east1-d" 41 | default_gce_network: "main-us-east1" 42 | worker_gce_region: "us-east1" 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-oss-4_us-central1_gce-production-4/docker-registry.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.fluxcd.io/v1 3 | kind: HelmRelease 4 | metadata: 5 | name: docker-registry 6 | namespace: gce-production-4 7 | spec: 8 | chart: 9 | path: charts/docker-registry 10 | git: git@github.com:travis-ci/kubernetes-config.git 11 | ref: master 12 | releaseName: docker-registry 13 | values: 14 | replicaCount: 6 15 | tlsSecretName: travis-ci-com-tls-04-10-2021 16 | 17 | storage: gcs 18 | gcs: 19 | bucket: travis-docker-registry-central 20 | keyfile: /etc/docker/gcs/keyfile 21 | keyfileSecretName: docker-registry-keyfile 22 | credentials: 23 | project_id: travis-production-4 24 | 25 | resources: 26 | limits: 27 | cpu: 2000m 28 | memory: 2048Mi 29 | requests: 30 | cpu: 2000m 31 | memory: 2048Mi 32 | 33 | service: 34 | type: LoadBalancer 35 | loadBalancerIP: 10.40.0.200 36 | port: 443 37 | annotations: 38 | cloud.google.com/load-balancer-type: "Internal" 39 | 40 | configData: 41 | proxy: 42 | remoteurl: https://registry-1.docker.io 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-oss-4_us-central1_gce-production-4/gcloud-cleanup.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.fluxcd.io/v1 3 | kind: HelmRelease 4 | metadata: 5 | name: gcloud-cleanup 6 | namespace: gce-production-4 7 | annotations: 8 | flux.weave.works/tag.gcloud-cleanup: glob:test-* 9 | flux.weave.works/automated: 'false' 10 | spec: 11 | chart: 12 | path: charts/gcloud-cleanup 13 | git: git@github.com:travis-ci/kubernetes-config.git 14 | ref: master 15 | releaseName: gcloud-cleanup 16 | values: 17 | image: 18 | repository: gcr.io/travis-ci-prod-services-1/gcloud-cleanup 19 | tag: 4890bc7 20 | trvs: 21 | enabled: true 22 | env: production-4 23 | pro: false 24 | rateLimitRedis: 25 | enabled: true 26 | secretName: rate-limit-redis 27 | envPrefix: RATE_LIMIT_REDIS 28 | replicaCount: 1 29 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-oss-4_us-central1_gce-production-4/rate_limit_redis.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.fluxcd.io/v1 3 | kind: HelmRelease 4 | metadata: 5 | name: rate-limit-redis 6 | namespace: gce-production-4 7 | spec: 8 | chart: 9 | repository: https://charts.helm.sh/stable 10 | name: redis 11 | version: 10.0.0 12 | releaseName: rate-limit-redis 13 | values: 14 | cluster: 15 | enabled: false 16 | master: 17 | persistence: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-oss-4_us-central1_gce-production-4/worker-com-oss.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com-oss 5 | namespace: gce-production-4 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com-oss 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-oss 24 | project: travis-ci-prod-4 25 | librato_source_prefix: production-4-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-4 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-central1-c,us-central1-f,us-central1-a" 40 | terraformSecretName: worker-com-terraform 41 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-oss-4_us-central1_gce-production-4/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: helm.fluxcd.io/v1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: gce-production-4 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-org 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 50 20 | maxJobsPerWorker: 50 21 | 22 | site: org 23 | queue: builds.gce 24 | project: travis-ci-prod-oss-4 25 | librato_source_prefix: production-4-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-4 31 | pro: false 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-central1-c,us-central1-f,us-central1-a" 40 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-oss-4_us-east1_gce-production-4-ue1/docker-registry.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: helm.fluxcd.io/v1 3 | kind: HelmRelease 4 | metadata: 5 | name: docker-registry 6 | namespace: gce-production-4 7 | spec: 8 | chart: 9 | path: charts/docker-registry 10 | git: git@github.com:travis-ci/kubernetes-config.git 11 | ref: master 12 | releaseName: docker-registry 13 | values: 14 | replicaCount: 0 15 | tlsSecretName: travis-ci-com-tls-04-10-2021 16 | 17 | storage: gcs 18 | gcs: 19 | bucket: travis-docker-registry-east 20 | keyfile: /etc/docker/gcs/keyfile 21 | keyfileSecretName: docker-registry-keyfile 22 | credentials: 23 | project_id: travis-production-4 24 | 25 | resources: 26 | limits: 27 | cpu: 2000m 28 | memory: 2048Mi 29 | requests: 30 | cpu: 2000m 31 | memory: 2048Mi 32 | 33 | service: 34 | type: LoadBalancer 35 | loadBalancerIP: 10.40.0.200 36 | port: 443 37 | annotations: 38 | cloud.google.com/load-balancer-type: "Internal" 39 | 40 | configData: 41 | proxy: 42 | remoteurl: https://registry-1.docker.io 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-oss-4_us-east1_gce-production-4-ue1/rate_limit_redis.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: rate-limit-redis 6 | namespace: gce-production-4 7 | spec: 8 | chart: 9 | repository: https://charts.helm.sh/stable 10 | name: redis 11 | version: 8.0.13 12 | releaseName: rate-limit-redis 13 | values: 14 | cluster: 15 | enabled: false 16 | master: 17 | persistence: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-oss-4_us-east1_gce-production-4-ue1/worker-com-oss.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com-oss 5 | namespace: gce-production-4 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-com-oss 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: com 23 | queue: builds.gce-oss 24 | project: travis-ci-prod-4 25 | librato_source_prefix: production-4-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-4 31 | pro: true 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-east1-c,us-east1-d" 40 | default_gce_network: "main-us-east1" 41 | worker_gce_region: "us-east1" 42 | terraformSecretName: worker-com-terraform 43 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-oss-4_us-east1_gce-production-4-ue1/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: gce-production-4 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: master 11 | releaseName: worker-org 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | cluster: 18 | enabled: true 19 | maxJobs: 0 20 | maxJobsPerWorker: 50 21 | 22 | site: org 23 | queue: builds.gce 24 | project: travis-ci-prod-4 25 | librato_source_prefix: production-4-gce 26 | 27 | trvs: 28 | enabled: true 29 | app: gce-workers 30 | env: production-4 31 | pro: false 32 | 33 | rateLimitRedis: 34 | enabled: true 35 | secretName: rate-limit-redis 36 | envPrefix: RATE_LIMIT_REDIS 37 | 38 | default_machine_type: "n2-standard-2" 39 | worker_gce_zones: "us-east1-c,us-east1-d" 40 | default_gce_network: "main-us-east1" 41 | worker_gce_region: "us-east1" 42 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/.placeholder: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/releases/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/.placeholder -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/cert-manager.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: cert-manager 6 | namespace: cert-manager 7 | spec: 8 | chart: 9 | repository: https://charts.jetstack.io 10 | name: cert-manager 11 | version: 0.9.1 12 | releaseName: cert-manager 13 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/contour.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: contour 6 | namespace: gce-production-services-1 7 | labels: 8 | chart: contour 9 | spec: 10 | releaseName: contour 11 | chart: 12 | repository: https://charts.rimusz.net 13 | name: contour 14 | version: 0.3.1 15 | values: 16 | replicaCount: 3 17 | controller: 18 | image: 19 | repository: gcr.io/heptio-images/contour 20 | # Note that by default we use appVersion to get images tag 21 | tag: v0.14.2 22 | proxy: 23 | image: 24 | repository: docker.io/envoyproxy/envoy-alpine 25 | tag: v1.11.1 26 | service: 27 | externalTrafficPolicy: "Local" 28 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/travis-vcs-pro.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: travis-vcs-pro 6 | namespace: gce-production-services-1 7 | annotations: 8 | flux.weave.works/automated: 'false' 9 | spec: 10 | chart: 11 | path: charts/travis-vcs 12 | git: git@github.com:travis-ci/kubernetes-config.git 13 | ref: master 14 | releaseName: travis-vcs-pro 15 | values: 16 | image: 17 | repository: quay.io/travisci/travis-vcs 18 | tag: 'f856840' 19 | imagePullSecrets: 20 | - name: travisci-travis-vcs-pull-secret 21 | trvs: 22 | enabled: true 23 | env: production-1 24 | pro: true 25 | replicaCount: 3 26 | ingress: 27 | enabled: true 28 | annotations: 29 | kubernetes.io/ingress.class: contour 30 | certmanager.k8s.io/cluster-issuer: letsencrypt-production 31 | ingress.kubernetes.io/force-ssl-redirect: "true" 32 | kubernetes.io/tls-acme: "true" 33 | contour.heptio.com/tls-minimum-protocol-version: "1.2" 34 | hosts: 35 | - host: vcs.travis-ci.com 36 | paths: ["/"] 37 | 38 | tls: 39 | - secretName: vcs-travis-ci-com-tls 40 | hosts: 41 | - vcs.travis-ci.com 42 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-prod-services-1_us-central1_travis-ci-services/travis-vcs.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: travis-vcs 6 | namespace: gce-production-services-1 7 | annotations: 8 | flux.weave.works/automated: 'false' 9 | spec: 10 | chart: 11 | path: charts/travis-vcs 12 | git: git@github.com:travis-ci/kubernetes-config.git 13 | ref: master 14 | releaseName: travis-vcs 15 | values: 16 | image: 17 | repository: quay.io/travisci/travis-vcs 18 | tag: 'f856840' 19 | imagePullSecrets: 20 | - name: travisci-travis-vcs-pull-secret 21 | trvs: 22 | enabled: true 23 | env: production-1 24 | pro: false 25 | replicaCount: 3 26 | ingress: 27 | enabled: true 28 | annotations: 29 | kubernetes.io/ingress.class: contour 30 | certmanager.k8s.io/cluster-issuer: letsencrypt-production 31 | ingress.kubernetes.io/force-ssl-redirect: "true" 32 | kubernetes.io/tls-acme: "true" 33 | contour.heptio.com/tls-minimum-protocol-version: "1.2" 34 | hosts: 35 | - host: vcs.travis-ci.org 36 | paths: ["/"] 37 | 38 | tls: 39 | - secretName: vcs-travis-ci-org-tls 40 | hosts: 41 | - vcs.travis-ci.org 42 | -------------------------------------------------------------------------------- /releases/gke_travis-ci-staging-services-1_us-central1_travis-ci-services/.placeholder: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/travis-ci/kubernetes-config/b5ef77e3e91830c2f1fece7e45a0d241d3cf7f96/releases/gke_travis-ci-staging-services-1_us-central1_travis-ci-services/.placeholder -------------------------------------------------------------------------------- /releases/gke_travis-staging-1_us-central1_workers-1/docker-registry.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: docker-registry 6 | namespace: default 7 | spec: 8 | chart: 9 | path: charts/docker-registry 10 | git: git@github.com:travis-ci/kubernetes-config.git 11 | ref: staging 12 | releaseName: docker-registry 13 | values: 14 | replicaCount: 2 15 | tlsSecretName: travis-ci-com-tls-04-10-2021 16 | 17 | storage: gcs 18 | gcs: 19 | bucket: travis-docker-registry-staging 20 | keyfile: /etc/docker/gcs/keyfile 21 | credentials: 22 | project_id: travis-staging-1 23 | 24 | resources: 25 | limits: 26 | cpu: 2000m 27 | memory: 512Mi 28 | requests: 29 | cpu: 2000m 30 | memory: 512Mi 31 | 32 | service: 33 | type: LoadBalancer 34 | loadBalancerIP: 10.40.0.200 35 | port: 443 36 | annotations: 37 | cloud.google.com/load-balancer-type: "Internal" 38 | 39 | configData: 40 | proxy: 41 | remoteurl: https://mirror.gcr.io 42 | -------------------------------------------------------------------------------- /releases/gke_travis-staging-1_us-central1_workers-1/gcloud-cleanup.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: gcloud-cleanup 6 | namespace: default 7 | annotations: 8 | flux.weave.works/tag.gcloud-cleanup: glob:test-* 9 | flux.weave.works/automated: 'false' 10 | spec: 11 | chart: 12 | path: charts/gcloud-cleanup 13 | git: git@github.com:travis-ci/kubernetes-config.git 14 | ref: staging 15 | releaseName: gcloud-cleanup 16 | values: 17 | image: 18 | repository: travisci/gcloud-cleanup 19 | tag: 4890bc7 20 | trvs: 21 | enabled: true 22 | env: staging-1 23 | pro: false 24 | rateLimitRedis: 25 | enabled: true 26 | secretName: rate-limit-redis 27 | envPrefix: RATE_LIMIT_REDIS 28 | replicaCount: 1 29 | -------------------------------------------------------------------------------- /releases/gke_travis-staging-1_us-central1_workers-1/rate_limit_redis.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: rate-limit-redis 6 | namespace: default 7 | spec: 8 | chart: 9 | repository: https://charts.helm.sh/stable 10 | name: redis 11 | version: 8.0.13 12 | releaseName: rate-limit-redis 13 | values: 14 | cluster: 15 | enabled: false 16 | master: 17 | persistence: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /releases/gke_travis-staging-1_us-central1_workers-1/worker-com-free.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com-free 5 | namespace: default 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: worker-com-free 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.1 16 | 17 | # Example calculation: 2400 CPUs / 2 vCPU per job = 1200 maxJobs 18 | # Staging doesn't need that much, would be a waste of resources. 19 | cluster: 20 | enabled: true 21 | maxJobs: 0 22 | maxJobsPerWorker: 1 23 | 24 | site: com 25 | queue: builds.gce-free 26 | project: travis-staging-1 27 | librato_source_prefix: staging-1-gce 28 | 29 | trvs: 30 | enabled: true 31 | app: gce-workers 32 | env: staging-1 33 | pro: true 34 | 35 | rateLimitRedis: 36 | enabled: true 37 | secretName: rate-limit-redis 38 | envPrefix: RATE_LIMIT_REDIS 39 | -------------------------------------------------------------------------------- /releases/gke_travis-staging-1_us-central1_workers-1/worker-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com 5 | namespace: default 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: worker-com 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | # Example calculation: 2400 CPUs / 2 vCPU per job = 1200 maxJobs 18 | # Staging doesn't need that much, would be a waste of resources. 19 | cluster: 20 | enabled: true 21 | maxJobs: 20 22 | maxJobsPerWorker: 10 23 | 24 | site: com 25 | queue: builds.gce 26 | project: travis-staging-1 27 | librato_source_prefix: staging-1-gce 28 | 29 | trvs: 30 | enabled: true 31 | app: gce-workers 32 | env: staging-1 33 | pro: true 34 | 35 | rateLimitRedis: 36 | enabled: true 37 | secretName: rate-limit-redis 38 | envPrefix: RATE_LIMIT_REDIS 39 | -------------------------------------------------------------------------------- /releases/gke_travis-staging-1_us-central1_workers-1/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: default 6 | spec: 7 | chart: 8 | path: charts/gce-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: worker-org 12 | values: 13 | image: 14 | repository: gcr.io/travis-ci-prod-services-1/worker 15 | tag: v6.2.22 16 | 17 | # Example calculation: 2400 CPUs / 2 vCPU per job = 1200 maxJobs 18 | # Staging doesn't need that much, would be a waste of resources. 19 | cluster: 20 | enabled: true 21 | maxJobs: 20 22 | maxJobsPerWorker: 10 23 | 24 | site: org 25 | queue: builds.gce 26 | project: travis-staging-1 27 | librato_source_prefix: staging-1-gce 28 | 29 | trvs: 30 | enabled: true 31 | app: gce-workers 32 | env: staging-1 33 | pro: false 34 | 35 | rateLimitRedis: 36 | enabled: true 37 | secretName: rate-limit-redis 38 | envPrefix: RATE_LIMIT_REDIS 39 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/collectd-vsphere.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: collectd-vsphere 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/collectd-vsphere 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: collectd-vsphere 11 | values: 12 | trvs: 13 | enabled: true 14 | env: common-1 15 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/heapster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: heapster 5 | namespace: kube-system 6 | spec: 7 | chart: 8 | repository: https://charts.helm.sh/stable 9 | name: heapster 10 | version: "0.3.2" 11 | releaseName: heapster 12 | values: 13 | rbac: 14 | create: true 15 | command: 16 | - /heapster 17 | - "--source=kubernetes.summary_api:https://kubernetes.default?kubeletHttps=true&kubeletPort=10250&insecure=true" 18 | - "--sink=statsd:udp://statsd:8125?prefix=kubernetes.macstadium-prod-1&allowedLabels=container_name,namespace_name,pod_name,type,hostname,nodename" 19 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/jupiter-brain-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-com 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-com 11 | values: 12 | image: 13 | tag: v1.1.0 14 | trvs: 15 | enabled: true 16 | env: production-1 17 | pro: true 18 | honeycomb: 19 | dataset: jb-requests 20 | sampleRate: 10 21 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/jupiter-brain-custom-1.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-custom-1 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-custom-1 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-1-1 15 | honeycomb: 16 | dataset: jb-requests 17 | sampleRate: 1 18 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/jupiter-brain-custom-2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-custom-2 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-custom-2 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-2-1 15 | honeycomb: 16 | dataset: jb-requests 17 | sampleRate: 1 18 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/jupiter-brain-custom-4.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-custom-4 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-custom-4 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-4-1 15 | honeycomb: 16 | dataset: jb-requests 17 | sampleRate: 1 18 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/jupiter-brain-custom-5.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-custom-5 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-custom-5 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-5-1 15 | honeycomb: 16 | dataset: jb-requests 17 | sampleRate: 1 18 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/jupiter-brain-custom-6.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-custom-6 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-custom-6 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-6-1 15 | pro: true 16 | honeycomb: 17 | dataset: jb-requests 18 | sampleRate: 1 19 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/jupiter-brain-custom-7.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-custom-7 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-custom-7 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-7-1 15 | pro: true 16 | honeycomb: 17 | dataset: jb-requests 18 | sampleRate: 1 19 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/jupiter-brain-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-org 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-org 11 | values: 12 | image: 13 | tag: v1.1.0 14 | trvs: 15 | enabled: true 16 | env: production-1 17 | honeycomb: 18 | dataset: jb-requests 19 | sampleRate: 10 20 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/macbot.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: flux.weave.works/v1beta1 3 | kind: HelmRelease 4 | metadata: 5 | name: macbot 6 | namespace: macstadium-prod-1 7 | annotations: 8 | flux.weave.works/automated: "true" 9 | flux.weave.works/tag.macbot: glob:* 10 | flux.weave.works/tag.imaged: glob:* 11 | spec: 12 | chart: 13 | path: charts/macbot 14 | git: git@github.com:travis-ci/kubernetes-config.git 15 | releaseName: macbot 16 | values: 17 | macbot: 18 | image: gcr.io/travis-ci-prod-services-1/macbot:v1.3.1 19 | imaged: 20 | image: gcr.io/travis-ci-prod-services-1/imaged:v1.0.0 21 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/statsd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: statsd 5 | namespace: kube-system 6 | spec: 7 | chart: 8 | path: charts/statsd 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: statsd 11 | values: 12 | secretEnv: macstadium_prod_1 13 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/vsphere-janitor-custom-1.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor-custom-1 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor-custom-1 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-1-1 15 | pro: false 16 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/vsphere-janitor-custom-2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor-custom-2 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor-custom-2 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-2-1 15 | pro: false 16 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/vsphere-janitor-custom-4.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor-custom-4 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor-custom-4 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-4-1 15 | pro: false 16 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/vsphere-janitor-custom-5.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor-custom-5 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor-custom-5 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-5-1 15 | pro: false 16 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/vsphere-janitor-custom-6.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor-custom-6 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor-custom-6 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-6-1 15 | pro: true 16 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/vsphere-janitor.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor 11 | values: 12 | trvs: 13 | enabled: true 14 | env: production-1 15 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/vsphere-monitor.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-monitor 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/vsphere-monitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-monitor 11 | values: 12 | trvs: 13 | enabled: true 14 | env: common-1 15 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/worker-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-com 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 270 18 | maxJobsPerWorker: 30 19 | 20 | site: com 21 | jupiterBrainName: jupiter-brain-com 22 | 23 | trvs: 24 | enabled: true 25 | app: macstadium-workers 26 | env: production-common 27 | pro: true 28 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/worker-custom-1.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-custom-1 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-custom-1 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 5 18 | maxJobsPerWorker: 5 19 | 20 | site: org 21 | jupiterBrainName: jupiter-brain-custom-1 22 | queue: "" 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: custom-1 28 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/worker-custom-2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-custom-2 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-custom-2 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 0 18 | maxJobsPerWorker: 3 19 | 20 | site: com 21 | jupiterBrainName: jupiter-brain-custom-2 22 | queue: "" 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: custom-2 28 | pro: true 29 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/worker-custom-4.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-custom-4 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-custom-4 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 5 18 | maxJobsPerWorker: 5 19 | 20 | site: org 21 | jupiterBrainName: jupiter-brain-custom-4 22 | queue: "" 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: custom-4 28 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/worker-custom-5.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-custom-5 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-custom-5 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 5 18 | maxJobsPerWorker: 5 19 | 20 | site: org 21 | jupiterBrainName: jupiter-brain-custom-5 22 | queue: "" 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: custom-5 28 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/worker-custom-7.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-custom-7 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-custom-7 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 1 18 | maxJobsPerWorker: 1 19 | 20 | site: com 21 | jupiterBrainName: jupiter-brain-custom-7 22 | queue: "" 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: custom-7 28 | pro: true 29 | -------------------------------------------------------------------------------- /releases/macstadium-prod-1/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: macstadium-prod-1 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-org 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 10 18 | maxJobsPerWorker: 20 19 | 20 | site: org 21 | jupiterBrainName: jupiter-brain-org 22 | 23 | trvs: 24 | enabled: true 25 | app: macstadium-workers 26 | env: production-common 27 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/collectd-vsphere.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: collectd-vsphere 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/collectd-vsphere 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: collectd-vsphere 11 | values: 12 | trvs: 13 | enabled: true 14 | env: common-2 15 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/heapster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: heapster 5 | namespace: kube-system 6 | spec: 7 | chart: 8 | repository: https://charts.helm.sh/stable 9 | name: heapster 10 | version: "0.3.2" 11 | releaseName: heapster 12 | values: 13 | rbac: 14 | create: true 15 | command: 16 | - /heapster 17 | - "--source=kubernetes.summary_api:https://kubernetes.default?kubeletHttps=true&kubeletPort=10250&insecure=true" 18 | - "--sink=statsd:udp://statsd:8125?prefix=kubernetes.macstadium-prod-2&allowedLabels=container_name,namespace_name,pod_name,type,hostname,nodename" 19 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/jupiter-brain-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-com 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-com 11 | values: 12 | image: 13 | tag: v1.1.0 14 | trvs: 15 | enabled: true 16 | env: production-2 17 | pro: true 18 | honeycomb: 19 | dataset: jb-requests 20 | sampleRate: 10 21 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/jupiter-brain-custom-1.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-custom-1 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-custom-1 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-1-2 15 | honeycomb: 16 | dataset: jb-requests 17 | sampleRate: 1 18 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/jupiter-brain-custom-2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-custom-2 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-custom-2 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-2-2 15 | honeycomb: 16 | dataset: jb-requests 17 | sampleRate: 1 18 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/jupiter-brain-custom-4.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-custom-4 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-custom-4 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-4-2 15 | honeycomb: 16 | dataset: jb-requests 17 | sampleRate: 1 18 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/jupiter-brain-custom-5.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-custom-5 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-custom-5 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-5-2 15 | honeycomb: 16 | dataset: jb-requests 17 | sampleRate: 1 18 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/jupiter-brain-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-org 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: jupiter-brain-org 11 | values: 12 | image: 13 | tag: v1.1.0 14 | trvs: 15 | enabled: true 16 | env: production-2 17 | honeycomb: 18 | dataset: jb-requests 19 | sampleRate: 10 20 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/statsd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: statsd 5 | namespace: kube-system 6 | spec: 7 | chart: 8 | path: charts/statsd 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: statsd 11 | values: 12 | secretEnv: macstadium_prod_2 13 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/vsphere-janitor-custom-1.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor-custom-1 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor-custom-1 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-1-2 15 | pro: false 16 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/vsphere-janitor-custom-2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor-custom-2 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor-custom-2 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-2-2 15 | pro: false 16 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/vsphere-janitor-custom-4.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor-custom-4 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor-custom-4 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-4-2 15 | pro: false 16 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/vsphere-janitor-custom-5.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor-custom-5 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor-custom-5 11 | values: 12 | trvs: 13 | enabled: true 14 | env: custom-5-2 15 | pro: false 16 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/vsphere-janitor.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-janitor 11 | values: 12 | trvs: 13 | enabled: true 14 | env: production-2 15 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/vsphere-monitor.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-monitor 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/vsphere-monitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: vsphere-monitor 11 | values: 12 | trvs: 13 | enabled: true 14 | env: common-2 15 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/worker-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-com 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 220 18 | maxJobsPerWorker: 30 19 | 20 | site: com 21 | jupiterBrainName: jupiter-brain-com 22 | 23 | trvs: 24 | enabled: true 25 | app: macstadium-workers 26 | env: production-common 27 | pro: true 28 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/worker-custom-1.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-custom-1 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-custom-1 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 5 18 | maxJobsPerWorker: 5 19 | 20 | site: org 21 | jupiterBrainName: jupiter-brain-custom-1 22 | queue: "" 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: custom-1 28 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/worker-custom-2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-custom-2 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-custom-2 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 3 18 | maxJobsPerWorker: 3 19 | 20 | site: com 21 | jupiterBrainName: jupiter-brain-custom-2 22 | queue: "" 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: custom-2 28 | pro: true 29 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/worker-custom-4.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-custom-4 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-custom-4 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 5 18 | maxJobsPerWorker: 5 19 | 20 | site: org 21 | jupiterBrainName: jupiter-brain-custom-4 22 | queue: "" 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: custom-4 28 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/worker-custom-5.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-custom-5 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-custom-5 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 5 18 | maxJobsPerWorker: 5 19 | 20 | site: org 21 | jupiterBrainName: jupiter-brain-custom-5 22 | queue: "" 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: custom-5 28 | -------------------------------------------------------------------------------- /releases/macstadium-prod-2/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: macstadium-prod-2 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | releaseName: worker-org 11 | values: 12 | image: 13 | tag: v6.2.0 14 | 15 | cluster: 16 | enabled: true 17 | maxJobs: 72 18 | maxJobsPerWorker: 30 19 | 20 | site: org 21 | jupiterBrainName: jupiter-brain-org 22 | 23 | trvs: 24 | enabled: true 25 | app: macstadium-workers 26 | env: production-common 27 | -------------------------------------------------------------------------------- /releases/macstadium-staging/collectd-vsphere.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: collectd-vsphere 5 | namespace: macstadium-staging 6 | spec: 7 | chart: 8 | path: charts/collectd-vsphere 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: collectd-vsphere 12 | values: 13 | trvs: 14 | enabled: true 15 | env: staging-1 16 | -------------------------------------------------------------------------------- /releases/macstadium-staging/heapster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: heapster 5 | namespace: kube-system 6 | spec: 7 | chart: 8 | repository: https://charts.helm.sh/stable 9 | name: heapster 10 | version: "0.3.2" 11 | releaseName: heapster 12 | values: 13 | rbac: 14 | create: true 15 | command: 16 | - /heapster 17 | - "--source=kubernetes.summary_api:https://kubernetes.default?kubeletHttps=true&kubeletPort=10250&insecure=true" 18 | - "--sink=statsd:udp://statsd:8125?prefix=kubernetes.macstadium-staging&allowedLabels=container_name,namespace_name,pod_name,type,hostname,nodename" 19 | -------------------------------------------------------------------------------- /releases/macstadium-staging/jupiter-brain-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-com 5 | namespace: macstadium-staging 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: jupiter-brain-com 12 | values: 13 | image: 14 | tag: v1.2.1-1-g339ced2 15 | trvs: 16 | enabled: true 17 | env: staging-1 18 | pro: true 19 | honeycomb: 20 | dataset: jb-requests-staging 21 | -------------------------------------------------------------------------------- /releases/macstadium-staging/jupiter-brain-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: jupiter-brain-org 5 | namespace: macstadium-staging 6 | spec: 7 | chart: 8 | path: charts/jupiter-brain 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: jupiter-brain-org 12 | values: 13 | image: 14 | tag: v1.2.1-1-g339ced2 15 | trvs: 16 | enabled: true 17 | env: staging-1 18 | honeycomb: 19 | dataset: jb-requests-staging 20 | -------------------------------------------------------------------------------- /releases/macstadium-staging/statsd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: statsd 5 | namespace: kube-system 6 | spec: 7 | chart: 8 | path: charts/statsd 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: statsd 12 | values: 13 | secretEnv: macstadium_staging 14 | -------------------------------------------------------------------------------- /releases/macstadium-staging/vsphere-janitor.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-janitor 5 | namespace: macstadium-staging 6 | spec: 7 | chart: 8 | path: charts/vsphere-janitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: vsphere-janitor 12 | values: 13 | trvs: 14 | enabled: true 15 | env: staging-1 16 | -------------------------------------------------------------------------------- /releases/macstadium-staging/vsphere-monitor.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: vsphere-monitor 5 | namespace: macstadium-staging 6 | spec: 7 | chart: 8 | path: charts/vsphere-monitor 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: vsphere-monitor 12 | values: 13 | trvs: 14 | enabled: true 15 | env: staging-1 16 | -------------------------------------------------------------------------------- /releases/macstadium-staging/worker-com.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-com 5 | namespace: macstadium-staging 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: worker-com 12 | values: 13 | image: 14 | tag: v6.2.0 15 | 16 | cluster: 17 | enabled: true 18 | maxJobs: 8 19 | maxJobsPerWorker: 2 20 | 21 | site: com 22 | jupiterBrainName: jupiter-brain-com 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: staging-common 28 | pro: true 29 | -------------------------------------------------------------------------------- /releases/macstadium-staging/worker-org.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: flux.weave.works/v1beta1 2 | kind: HelmRelease 3 | metadata: 4 | name: worker-org 5 | namespace: macstadium-staging 6 | spec: 7 | chart: 8 | path: charts/macstadium-worker 9 | git: git@github.com:travis-ci/kubernetes-config.git 10 | ref: staging 11 | releaseName: worker-org 12 | values: 13 | image: 14 | tag: v6.2.0 15 | 16 | cluster: 17 | enabled: true 18 | maxJobs: 8 19 | maxJobsPerWorker: 2 20 | 21 | site: org 22 | jupiterBrainName: jupiter-brain-org 23 | 24 | trvs: 25 | enabled: true 26 | app: macstadium-workers 27 | env: staging-common 28 | -------------------------------------------------------------------------------- /shared/fix-metrics.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | TOP=$(git rev-parse --show-toplevel) 4 | 5 | kubectl replace -f "$TOP/shared/heapster-role.yaml" 6 | -------------------------------------------------------------------------------- /shared/heapster-role.yaml: -------------------------------------------------------------------------------- 1 | # The default version of this role in our cluster does not have the "nodes/stats" 2 | # resource available, so Heapster gets a 403 Forbidden when trying to get metrics 3 | # from nodes. We have to manually patch this to add that permission. 4 | 5 | apiVersion: rbac.authorization.k8s.io/v1 6 | kind: ClusterRole 7 | metadata: 8 | annotations: 9 | rbac.authorization.kubernetes.io/autoupdate: "true" 10 | labels: 11 | kubernetes.io/bootstrapping: rbac-defaults 12 | name: system:heapster 13 | rules: 14 | - apiGroups: 15 | - "" 16 | resources: 17 | - events 18 | - namespaces 19 | - nodes 20 | - pods 21 | verbs: 22 | - get 23 | - list 24 | - watch 25 | - apiGroups: 26 | - extensions 27 | resources: 28 | - deployments 29 | verbs: 30 | - get 31 | - list 32 | - watch 33 | - apiGroups: 34 | - "" 35 | resources: 36 | - nodes/stats 37 | verbs: 38 | - get 39 | -------------------------------------------------------------------------------- /shared/install-flux.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | NAMESPACE=$(kubectl config current-context) 4 | 5 | BRANCH="master" 6 | if [[ $NAMESPACE == *staging* ]]; then 7 | BRANCH="staging" 8 | fi 9 | 10 | helm repo add fluxcd https://fluxcd.github.io/flux 11 | helm upgrade flux fluxcd/flux \ 12 | --install \ 13 | --set rbac.create=true \ 14 | --set helmOperator.create=true \ 15 | --set helmOperator.createCRD=true \ 16 | --set git.url=git@github.com:travis-ci/kubernetes-config.git \ 17 | --set git.branch="$BRANCH" \ 18 | --set "git.path=releases/$NAMESPACE" \ 19 | --set git.pollInterval=1m \ 20 | --set git.label="flux-sync-$NAMESPACE" \ 21 | --namespace flux 22 | -------------------------------------------------------------------------------- /shared/install-papertrail.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -u 3 | 4 | TOP=$(git rev-parse --show-toplevel) 5 | ENDPOINT="$1" 6 | 7 | helm install "$TOP/charts/papertrail" \ 8 | --set "endpoint=$ENDPOINT" \ 9 | --name papertrail \ 10 | --namespace kube-system 11 | -------------------------------------------------------------------------------- /shared/install-tiller.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | CONTEXT=$(kubectl config current-context) 4 | 5 | kubectl create serviceaccount tiller \ 6 | --context "$CONTEXT" \ 7 | --namespace kube-system 8 | 9 | kubectl create clusterrolebinding tiller-cluster-role \ 10 | --context "$CONTEXT" \ 11 | --clusterrole=cluster-admin \ 12 | --serviceaccount=kube-system:tiller 13 | 14 | helm init --skip-refresh --upgrade \ 15 | --service-account tiller \ 16 | --kube-context "$CONTEXT" 17 | -------------------------------------------------------------------------------- /shared/install-worker-operator.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | TOP=$(git rev-parse --show-toplevel) 4 | helm upgrade worker-operator "$TOP/charts/worker-operator" \ 5 | --install \ 6 | --set image.tag=v1.0.2 7 | -------------------------------------------------------------------------------- /shared/update-staging.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | GIT_URL="https://$GITHUB_TOKEN@github.com/travis-ci/kubernetes-config.git" 4 | 5 | merge_to_staging() { 6 | git fetch origin staging:staging 7 | git checkout staging 8 | git merge "$1" 9 | git push "$GIT_URL" staging 10 | git checkout - 11 | } 12 | 13 | merge_master_to_staging() { 14 | echo "Merging master branch to staging" 15 | merge_to_staging "$TRAVIS_COMMIT" 16 | } 17 | 18 | merge_pr_to_staging() { 19 | echo "Merging PR to staging" 20 | merge_to_staging "$TRAVIS_PULL_REQUEST_SHA" 21 | } 22 | 23 | if [[ "$TRAVIS_PULL_REQUEST" != "false" ]]; then 24 | if [[ "$TRAVIS_PULL_REQUEST_SLUG" == "travis-ci/kubernetes-config" ]]; then 25 | merge_pr_to_staging 26 | fi 27 | elif [[ "$TRAVIS_BRANCH" == "master" ]]; then 28 | merge_master_to_staging 29 | fi 30 | --------------------------------------------------------------------------------