kubernetes: added woodpecker-ci

- added woodpecker CI - removed kubernetes infra terraform files. - added demo woodpecker pipeline
2025-07-02 22:49:27 +03:00
parent 523c190c7a
commit 448a0a89b9
9 changed files with 411 additions and 150 deletions
--- a/infra/terraform/README.md
+++ b/infra/terraform/README.md
@ -11,8 +11,8 @@ Currently, only the Proxmox virtual machines are managed using Terraform.
 Kubernetes clusters are still created with Ansible, and Kubernetes resources are
 managed using Helm charts and kubectl. Previously, Proxmox was also managed with
 Ansible, but it has been moved to Terraform for improved consistency and state
-management. The goal is to eventually manage all infrastructure—including
-Kubernetes clusters—using Terraform.
+management. The goal is to eventually manage all infrastructure including
+creating Kubernetes clusters with Terraform, but this is a work in progress.

 The terraform state files are stored in a remote backend, which allows for
 collaboration and state management across different environments. The backend
--- a/infra/terraform/kubernetes/backend.tf
+++ b/infra/terraform/kubernetes/backend.tf
@ -1,14 +0,0 @@
-terraform {
-  backend "s3" {
-    bucket                      = "terraform-state" # Name of the MinIO bucket
-    key                         = "kubernetes/terraform.tfstate" # Path to the state file in the bucket
-    endpoint                    = var.minio_endpoint # MinIO API endpoint
-    access_key                  = var.minio_access_key # MinIO access key
-    secret_key                  = var.minio_secret_key # MinIO secret key
-    region                      = "us-east-1" # Arbitrary region (MinIO ignores this)
-    skip_credentials_validation = true # Skip AWS-specific credential checks
-    skip_metadata_api_check     = true # Skip AWS metadata API checks
-    skip_region_validation      = true # Skip AWS region validation
-    use_path_style              = true # Use path-style URLs[](http://<host>/<bucket>)
-  }
-}
--- a/infra/terraform/kubernetes/kube-vip.tf
+++ b/infra/terraform/kubernetes/kube-vip.tf
@ -1,16 +0,0 @@
-# No new namespace is required since it is being deployed in kube-system namespace.
-resource "helm_release" "kube_vip" {
-  name       = "kube-vip"
-  repository = "https://kube-vip.github.io/helm-charts"
-  chart      = "kube-vip"
-  version    = "0.6.6"
-  atomic     = true
-
-  namespace = "kube-system"
-
-  values = [
-      templatefile("${var.kubernetes_project_path}/kube-vip/values.yaml", {
-        VIP_ADDRESS = var.vip_address
-      })
-  ]
-}
--- a/infra/terraform/kubernetes/main.tf
+++ b/infra/terraform/kubernetes/main.tf
@ -1,22 +0,0 @@
-terraform {
-    required_providers {
-        kubernetes = {
-        source  = "hashicorp/kubernetes"
-        version = "2.37.1"
-        }
-        helm = {
-            source  = "hashicorp/helm"
-            version = "3.0.2"
-        }
-    }
-}
-
-provider "kubernetes" {
-    config_path = "~/.kube/config"
-}
-
-provider "helm" {
-    kubernetes = {
-        config_path = "~/.kube/config"
-    }
-}
--- a/infra/terraform/kubernetes/portfolio.tf
+++ b/infra/terraform/kubernetes/portfolio.tf
@ -1,50 +0,0 @@
-resource "kubernetes_namespace" "portfolio" {
-  metadata {
-    name = "my-portfolio"
-  }
-}
-
-resource "kubernetes_secret" "docker_secret" {
-  metadata {
-    name      = "docker-registry-credentials"
-    namespace = "my-portfolio"
-  }
-
-  type = "kubernetes.io/dockerconfigjson"
-
-  data = {
-    ".dockerconfigjson" = jsonencode({
-      auths = {
-        "${var.docker_registry_host}" = {
-          username = var.docker_username
-          password = var.docker_password
-          auth     = base64encode("${var.docker_username}:${var.docker_password}")
-        }
-      }
-    })
-  }
-
-  depends_on = [kubernetes_namespace.portfolio]
-}
-
-locals {
-  # Read and process the YAML file with placeholders
-  manifest_content = templatefile("../../../kubernetes/my-portfolio/portfolioManifest.yaml", {
-    PORTFOLIO_HOST  = var.portfolio_host
-    DOCKER_REGISTRY_HOST = var.docker_registry_host
-  })
-  # Split into individual documents
-  manifest_documents = split("---", replace(local.manifest_content, "/\\n\\s*\\n/", "---"))
-}
-
-resource "kubernetes_manifest" "portfolio_manifest" {
-  for_each = { for i, doc in local.manifest_documents : i => doc if trimspace(doc) != "" }
-
-  manifest = yamldecode(each.value)
-
-  field_manager {
-    force_conflicts = true
-  }
-
-  depends_on = [kubernetes_namespace.portfolio]
-}
--- a/infra/terraform/kubernetes/variables.tf
+++ b/infra/terraform/kubernetes/variables.tf
@ -1,46 +0,0 @@
-# variables for minio backend configuration
-variable "minio_access_key" {
-  description = "MinIO access key"
-  type        = string
-}
-
-variable "minio_secret_key" {
-  description = "MinIO secret key"
-  type        = string
-}
-
-variable "minio_endpoint" {
-  description = "MinIO API endpoint"
-  type        = string
-}
-
-variable "portfolio_host" {
-  description = "Host for the portfolio application"
-  type        = string
-}
-
-variable "docker_registry_host" {
-  description = "Host for the Docker registry"
-  type        = string
-}
-
-variable "docker_username" {
-  description = "Docker registry username"
-  type        = string
-}
-
-variable "docker_password" {
-  description = "Docker registry password"
-  type        = string
-}
-
-variable "kubernetes_project_path" {
-  description = "Path to the Kubernetes configuration files"
-  type        = string
-  default     = "../../../kubernetes"
-}
-
-variable "vip_address" {
-  description = "VIP address for kube-vip"
-  type        = string
-}