Add new infra architecture 4

2026-01-19 14:22:07 +01:00
parent 9edcc8c231
commit e96405b828
10 changed files with 102 additions and 753 deletions
--- a/infrastructure/cicd/gitea/ingress.yaml.disabled
+++ b/infrastructure/cicd/gitea/ingress.yaml.disabled
@@ -1,44 +0,0 @@
-# Gitea Ingress Configuration
-# Routes external traffic to Gitea service for web UI and Git HTTP access
-#
-# Prerequisites:
-#   - Gitea must be deployed in the 'gitea' namespace
-#   - Ingress controller must be installed (nginx, traefik, etc.)
-#   - For HTTPS: cert-manager with a ClusterIssuer named 'letsencrypt-prod' or 'local-ca-issuer'
-
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: gitea-ingress
-  namespace: gitea
-  labels:
-    app.kubernetes.io/name: gitea
-    app.kubernetes.io/component: ingress
-    app.kubernetes.io/part-of: bakery-ia-cicd
-  annotations:
-    # For nginx ingress controller
-    nginx.ingress.kubernetes.io/proxy-body-size: "100m"
-    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
-    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
-    # For traefik ingress controller
-    traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
-    # For TLS with cert-manager (uncomment for HTTPS)
-    # cert-manager.io/cluster-issuer: "local-ca-issuer"
-spec:
-  ingressClassName: nginx
-  # Uncomment for HTTPS
-  # tls:
-  #   - hosts:
-  #       - gitea.bakery-ia.local
-  #     secretName: gitea-tls
-  rules:
-    - host: gitea.bakery-ia.local
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: gitea-http
-                port:
-                  number: 3000
--- a/infrastructure/cicd/kustomization.yaml
+++ b/infrastructure/cicd/kustomization.yaml
@@ -1,9 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-# Tekton is now managed via Helm, so we don't include it directly here
-# The Tekton Helm chart is deployed separately via Tilt
-
-# Gitea is managed via Helm, so we don't include it directly here
-# The Gitea Helm chart is deployed separately and referenced in the ingress
-# Flux is now managed via Helm chart located in this directory, so we don't include it directly here
--- a/infrastructure/cicd/tekton-helm/templates/event-listener.yaml
+++ b/infrastructure/cicd/tekton-helm/templates/event-listener.yaml
@@ -29,5 +29,4 @@ spec:
      bindings:
        - ref: bakery-ia-trigger-binding
      template:
-        ref: bakery-ia-trigger-template
-  replicas: 1
+        ref: bakery-ia-trigger-template
--- a/infrastructure/cicd/tekton-helm/templates/task-detect-changes.yaml
+++ b/infrastructure/cicd/tekton-helm/templates/task-detect-changes.yaml
@@ -0,0 +1,46 @@
+# Tekton Task to Detect Changed Services
+# This task analyzes git changes to determine which services need to be built
+
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: detect-changed-services
+  namespace: {{ .Values.namespace }}
+  labels:
+    app.kubernetes.io/name: {{ .Values.labels.app.name }}
+    app.kubernetes.io/component: detection
+spec:
+  workspaces:
+    - name: source
+      description: Workspace containing the source code
+  results:
+    - name: changed-services
+      description: Comma-separated list of changed services
+  steps:
+    - name: detect-changes
+      image: alpine/git
+      script: |
+        #!/bin/bash
+        set -e
+        
+        cd $(workspaces.source.path)
+        
+        # Get the list of changed files
+        CHANGED_FILES=$(git diff --name-only HEAD~1 HEAD 2>/dev/null || git diff --name-only $(git rev-parse --abbrev-ref HEAD)@{upstream} HEAD 2>/dev/null || echo "")
+        
+        if [ -z "$CHANGED_FILES" ]; then
+          # No changes detected, assume all services need building
+          echo "No git changes detected, building all services"
+          echo "all" > $(results.changed-services.path)
+          exit 0
+        fi
+        
+        # Extract service names from changed file paths
+        CHANGED_SERVICES=$(echo "$CHANGED_FILES" | grep -o 'services/[^/]*' | sed 's/services\/\//' | sort -u | tr '\n' ',' | sed 's/,$//')
+        
+        if [ -z "$CHANGED_SERVICES" ]; then
+          # Changes are in infrastructure or other non-service files
+          echo "infrastructure" > $(results.changed-services.path)
+        else
+          echo "$CHANGED_SERVICES" > $(results.changed-services.path)
+        fi
--- a/infrastructure/cicd/tekton-helm/templates/task-kaniko-build.yaml
+++ b/infrastructure/cicd/tekton-helm/templates/task-kaniko-build.yaml
@@ -34,14 +34,28 @@ spec:
      env:
        - name: DOCKER_CONFIG
          value: /tekton/home/.docker
-      command:
-        - /kaniko/executor
-      args:
-        - --dockerfile=$(workspaces.source.path)/Dockerfile
-        - --destination=$(params.registry)/$(params.service):$(params.git-revision)
-        - --context=$(workspaces.source.path)
-        - --cache=true
-        - --cache-repo=$(params.registry)/cache
+      script: |
+        #!/bin/bash
+        set -e
+        
+        # Split services parameter by comma
+        IFS=',' read -ra SERVICES <<< "$(params.services)"
+        
+        # Build each service
+        for service in "${SERVICES[@]}"; do
+          service=$(echo "$service" | xargs)  # Trim whitespace
+          if [ -n "$service" ] && [ "$service" != "none" ]; then
+            echo "Building service: $service"
+            /kaniko/executor \
+              --dockerfile="$(workspaces.source.path)/services/$service/Dockerfile" \
+              --destination="$(params.registry)/$service:$(params.git-revision)" \
+              --context="$(workspaces.source.path)" \
+              --cache=true \
+              --cache-repo="$(params.registry)/cache"
+          fi
+        done
+        
+        echo "success" > $(results.build-status.path)
      resources:
        limits:
          cpu: 2000m
--- a/infrastructure/cicd/tekton-helm/templates/task-pipeline-summary.yaml
+++ b/infrastructure/cicd/tekton-helm/templates/task-pipeline-summary.yaml
@@ -0,0 +1,33 @@
+# Tekton Task for Pipeline Summary
+# This task generates a summary of the pipeline execution
+
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: pipeline-summary
+  namespace: {{ .Values.namespace }}
+  labels:
+    app.kubernetes.io/name: {{ .Values.labels.app.name }}
+    app.kubernetes.io/component: summary
+spec:
+  params:
+    - name: changed-services
+      type: string
+      description: Services that were changed
+    - name: git-revision
+      type: string
+      description: Git revision being processed
+  steps:
+    - name: generate-summary
+      image: alpine
+      script: |
+        #!/bin/bash
+        set -e
+        
+        echo "=== Bakery-IA CI Pipeline Summary ==="
+        echo "Git Revision: $(params.git-revision)"
+        echo "Changed Services: $(params.changed-services)"
+        echo "Pipeline completed successfully"
+        
+        # Log summary to stdout for visibility
+        echo "Summary generated"
--- a/infrastructure/cicd/tekton-helm/values-test.yaml
+++ b/infrastructure/cicd/tekton-helm/values-test.yaml
@@ -1,24 +0,0 @@
-# Test values for Tekton Helm chart
-# This file overrides default values for testing purposes
-
-# Use a test namespace
-namespace: "tekton-test"
-
-# Test registry URL
-global:
-  registry:
-    url: "localhost:5000"
-
-# Test secrets
-secrets:
-  webhook:
-    token: "test-webhook-token"
-  
-  registry:
-    username: "test-user"
-    password: "test-password"
-    registryUrl: "localhost:5000"
-  
-  git:
-    username: "test-git-user"
-    password: "test-git-password"