Update image code.forgejo.org/forgejo/runner to v5.0.2

2024-11-21 14:34:04 +00:00
41 changed files with 88 additions and 65 deletions
--- a/.archive/default/plex/ks.yaml
+++ b/.archive/default/plex/ks.yaml
@ -1,55 +0,0 @@
 ---
 # yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: &app plex
  namespace: flux-system
 spec:
  targetNamespace: default
  commonMetadata:
    labels:
      app.kubernetes.io/name: *app
  path: ./kubernetes/apps/default/plex/app
  prune: true
  sourceRef:
    kind: GitRepository
    name: theshire
  wait: true
  dependsOn:
    - name: rook-ceph-cluster
    - name: volsync
    - name: external-secrets-stores
  interval: 30m
  timeout: 5m
  postBuild:
    substitute:
      APP: *app
      GATUS_PATH: /web/index.html
      VOLSYNC_CAPACITY: 30Gi
 ---
 # yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: &app kometa-image-maid
  namespace: flux-system
 spec:
  targetNamespace: default
  commonMetadata:
    labels:
      app.kubernetes.io/name: *app
  interval: 30m
  timeout: 5m
  path: "./kubernetes/apps/default/plex/kometa-image-maid"
  prune: true
  sourceRef:
    kind: GitRepository
    name: theshire
  wait: false
  dependsOn:
    - name: external-secrets-stores
    - name: plex
  postBuild:
    substitute:
      APP: *app
--- a/kubernetes/apps/ai/kustomization.yaml
+++ b/kubernetes/apps/ai/kustomization.yaml
@ -6,4 +6,5 @@ resources:
  # Pre Flux-Kustomizations
  - ./namespace.yaml
  # Flux-Kustomizations
  - ./ollama/ks.yaml
  - ./open-webui/ks.yaml
--- a/kubernetes/apps/ai/ollama/app/helmrelease.yaml
+++ b/kubernetes/apps/ai/ollama/app/helmrelease.yaml
--- a/kubernetes/apps/ai/ollama/app/kustomization.yaml
+++ b/kubernetes/apps/ai/ollama/app/kustomization.yaml
--- a/kubernetes/apps/ai/ollama/app/pvc.yaml
+++ b/kubernetes/apps/ai/ollama/app/pvc.yaml
--- a/kubernetes/apps/ai/ollama/ks.yaml
+++ b/kubernetes/apps/ai/ollama/ks.yaml
--- a/kubernetes/apps/ai/open-webui/ks.yaml
+++ b/kubernetes/apps/ai/open-webui/ks.yaml
@ -12,6 +12,7 @@ spec:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: volsync
    - name: ollama
  path: ./kubernetes/apps/ai/open-webui/app
  prune: true
  sourceRef:
--- a/kubernetes/apps/anime/jellyfin/app/helmrelease.yaml
+++ b/kubernetes/apps/anime/jellyfin/app/helmrelease.yaml
--- a/kubernetes/apps/anime/jellyfin/app/kustomization.yaml
+++ b/kubernetes/apps/anime/jellyfin/app/kustomization.yaml
--- a/kubernetes/apps/anime/jellyfin/ks.yaml
+++ b/kubernetes/apps/anime/jellyfin/ks.yaml
--- a/kubernetes/apps/anime/kustomization.yaml
+++ b/kubernetes/apps/anime/kustomization.yaml
@ -6,6 +6,8 @@ resources:
  # Pre Flux-Kustomizations
  - ./namespace.yaml
  # Flux-Kustomizations
  - ./jellyfin/ks.yaml    # sqlite
  - ./jellyseerr/ks.yaml  # sqlite
  - ./radarr/ks.yaml      # postgres
  # - ./shoko/ks.yaml       # sqlite
  - ./sonarr/ks.yaml      # postgres
--- a/kubernetes/apps/ci-runners/forgejo/app/helmrelease.yaml
+++ b/kubernetes/apps/ci-runners/forgejo/app/helmrelease.yaml
@ -30,7 +30,7 @@ spec:
          runner-register:
            image:
              repository: code.forgejo.org/forgejo/runner
-              tag: 5.0.0
+              tag: 5.0.2
            command:
              - "forgejo-runner"
              - "register"
@ -72,7 +72,7 @@ spec:
          app:
            image:
              repository: code.forgejo.org/forgejo/runner
-              tag: 5.0.0
+              tag: 5.0.2
            command:
              - "sh"
              - "-c"
--- a/kubernetes/apps/default/kustomization.yaml
+++ b/kubernetes/apps/default/kustomization.yaml
@ -22,6 +22,7 @@ resources:
  - ./recyclarr/ks.yaml
  - ./redlib/ks.yaml
  - ./sabnzbd/ks.yaml
  - ./scrypted/ks.yaml
  - ./searxng/ks.yaml
  - ./sonarr/ks.yaml
  - ./stirling-pdf/ks.yaml
--- a/kubernetes/apps/default/plex/app/helmrelease.yaml
+++ b/kubernetes/apps/default/plex/app/helmrelease.yaml
--- a/kubernetes/apps/default/plex/app/kustomization.yaml
+++ b/kubernetes/apps/default/plex/app/kustomization.yaml
--- a/kubernetes/apps/default/plex/app/pvc.yaml
+++ b/kubernetes/apps/default/plex/app/pvc.yaml
--- a/kubernetes/apps/default/plex/kometa-image-maid/externalsecret.yaml
+++ b/kubernetes/apps/default/plex/kometa-image-maid/externalsecret.yaml
--- a/kubernetes/apps/default/plex/kometa-image-maid/helmrelease.yaml
+++ b/kubernetes/apps/default/plex/kometa-image-maid/helmrelease.yaml
--- a/kubernetes/apps/default/plex/kometa-image-maid/kustomization.yaml
+++ b/kubernetes/apps/default/plex/kometa-image-maid/kustomization.yaml
--- a/kubernetes/apps/default/plex/ks.yaml
+++ b/kubernetes/apps/default/plex/ks.yaml
@ -2,6 +2,35 @@
 # yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: &app plex
  namespace: flux-system
 spec:
  targetNamespace: default
  commonMetadata:
    labels:
      app.kubernetes.io/name: *app
  path: ./kubernetes/apps/default/plex/app
  prune: true
  sourceRef:
    kind: GitRepository
    name: theshire
  wait: true
  dependsOn:
    - name: rook-ceph-cluster
    - name: volsync
    - name: external-secrets-stores
  interval: 30m
  timeout: 5m
  postBuild:
    substitute:
      APP: *app
      GATUS_PATH: /web/index.html
      VOLSYNC_CAPACITY: 30Gi
 ---
 # yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: &app plex-trakt-sync
  namespace: flux-system
@ -22,7 +51,34 @@ spec:
    - name: rook-ceph-cluster
    - name: volsync
    - name: external-secrets-stores
    - name: plex
  postBuild:
    substitute:
      APP: *app
      VOLSYNC_CAPACITY: 1Gi
 ---
 # yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: &app kometa-image-maid
  namespace: flux-system
 spec:
  targetNamespace: default
  commonMetadata:
    labels:
      app.kubernetes.io/name: *app
  interval: 30m
  timeout: 5m
  path: "./kubernetes/apps/default/plex/kometa-image-maid"
  prune: true
  sourceRef:
    kind: GitRepository
    name: theshire
  wait: false
  dependsOn:
    - name: external-secrets-stores
    - name: plex
  postBuild:
    substitute:
      APP: *app
--- a/kubernetes/apps/default/plex/trakt-sync/helmrelease.yaml
+++ b/kubernetes/apps/default/plex/trakt-sync/helmrelease.yaml
@ -37,8 +37,8 @@ spec:
            args:
              - sync
            env:
-              PLEX_BASEURL: http://10.1.1.61:32400
+              PLEX_BASEURL: http://plex.default.svc.cluster.local:32400
-              PLEX_LOCALURL: http://10.1.1.61:32400
+              PLEX_LOCALURL: http://plex.default.svc.cluster.local:32400
              PLEX_USERNAME: veriwind
              TRAKT_USERNAME: jahanson
            probes:
--- a/kubernetes/apps/default/sabnzbd/app/helmrelease.yaml
+++ b/kubernetes/apps/default/sabnzbd/app/helmrelease.yaml
@ -75,9 +75,12 @@ spec:
              allowPrivilegeEscalation: false
              readOnlyRootFilesystem: true
              capabilities: { drop: ["ALL"] }
            resources:
              requests:
                cpu: 100m
              limits:
                memory: 16Gi
    defaultPodOptions:
      nodeSelector: # ~~testing~~
        kubernetes.io/hostname: gandalf-01
      securityContext:
        runAsNonRoot: true
        runAsUser: 568
--- a/kubernetes/apps/default/scrypted/app/helmrelease.yaml
+++ b/kubernetes/apps/default/scrypted/app/helmrelease.yaml
--- a/kubernetes/apps/default/scrypted/app/kustomization.yaml
+++ b/kubernetes/apps/default/scrypted/app/kustomization.yaml
--- a/kubernetes/apps/default/scrypted/ks.yaml
+++ b/kubernetes/apps/default/scrypted/ks.yaml
--- a/kubernetes/apps/kube-system/kubelet-csr-approver/app/helm-values.yml
+++ b/kubernetes/apps/kube-system/kubelet-csr-approver/app/helm-values.yml
@ -1,2 +1,2 @@
 ---
-providerRegex: ^bilbo|^frodo|^sam|^merry|^pippin|^rosie|^gandalf-01$
+providerRegex: ^bilbo|^frodo|^sam|^merry|^pippin|^rosie|^shadowfax-01|^gandalf-01$
--- a/kubernetes/apps/kyverno/kustomization.yaml
+++ b/kubernetes/apps/kyverno/kustomization.yaml
--- a/kubernetes/apps/kyverno/kyverno/app/helmrelease.yaml
+++ b/kubernetes/apps/kyverno/kyverno/app/helmrelease.yaml
--- a/kubernetes/apps/kyverno/kyverno/app/kustomization.yaml
+++ b/kubernetes/apps/kyverno/kyverno/app/kustomization.yaml
--- a/kubernetes/apps/kyverno/kyverno/ks.yaml
+++ b/kubernetes/apps/kyverno/kyverno/ks.yaml
--- a/kubernetes/apps/kyverno/kyverno/policies/kustomization.yaml
+++ b/kubernetes/apps/kyverno/kyverno/policies/kustomization.yaml
--- a/kubernetes/apps/kyverno/kyverno/policies/remove-cpu-limits.yaml
+++ b/kubernetes/apps/kyverno/kyverno/policies/remove-cpu-limits.yaml
--- a/kubernetes/apps/kyverno/kyverno/policies/schematic-to-pod.yaml
+++ b/kubernetes/apps/kyverno/kyverno/policies/schematic-to-pod.yaml
--- a/kubernetes/apps/kyverno/kyverno/policies/volsync-movers.yaml
+++ b/kubernetes/apps/kyverno/kyverno/policies/volsync-movers.yaml
--- a/kubernetes/apps/kyverno/namespace.yaml
+++ b/kubernetes/apps/kyverno/namespace.yaml
--- a/kubernetes/apps/observability/grafana/app/helmrelease.yaml
+++ b/kubernetes/apps/observability/grafana/app/helmrelease.yaml
@ -196,6 +196,9 @@ spec:
        cert-manager:
          url: https://gitlab.com/uneeq-oss/cert-manager-mixin/-/raw/master/dashboards/cert-manager.json?ref_type=heads
          datasource: Prometheus
        dcgm-exporter:
          url: https://raw.githubusercontent.com/NVIDIA/dcgm-exporter/main/grafana/dcgm-exporter-dashboard.json
          datasource: Prometheus
        external-secrets:
          url: https://raw.githubusercontent.com/external-secrets/external-secrets/main/docs/snippets/dashboard.json
          datasource: Prometheus
--- a/kubernetes/apps/qbittorrent/qbittorrent/app/helmrelease.yaml
+++ b/kubernetes/apps/qbittorrent/qbittorrent/app/helmrelease.yaml
@ -66,9 +66,15 @@ spec:
              capabilities:
                drop:
                  - ALL
            resources:
              requests:
                cpu: 100m
                memory: 1024Mi
              limits:
                memory: 8Gi
    defaultPodOptions:
      nodeSelector: # ~~testing~~
-        kubernetes.io/hostname: gandalf-01
+        kubernetes.io/hostname: shadowfax-01
      securityContext:
        runAsNonRoot: true
        runAsUser: 568
--- a/kubernetes/apps/volsync-system/volsync/app/helmrelease.yaml
+++ b/kubernetes/apps/volsync-system/volsync/app/helmrelease.yaml
@ -22,6 +22,8 @@ spec:
      strategy: rollback
      retries: 3
  dependsOn:
    - name: kyverno
      namespace: kyverno
    - name: snapshot-controller
      namespace: volsync-system
  values:
--- a/kubernetes/apps/volsync-system/volsync/ks.yaml
+++ b/kubernetes/apps/volsync-system/volsync/ks.yaml
@ -10,6 +10,8 @@ spec:
  commonMetadata:
    labels:
      app.kubernetes.io/name: *app
  dependsOn:
    - name: cluster-policies
  path: ./kubernetes/apps/volsync-system/volsync/app
  prune: true
  sourceRef:
--- a/kubernetes/templates/volsync/kustomization.yaml
+++ b/kubernetes/templates/volsync/kustomization.yaml
@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - ./claim.yaml
-  - ./minio.yaml
+  - ./nfs.yaml
  - ./r2.yaml
--- a/shell.nix
+++ b/shell.nix
@ -15,6 +15,8 @@ pkgs.mkShell {
    gitleaks
    helmfile
    k9s
    krew
    kubectl
    kubevirt
    kubernetes-helm
    pre-commit
@ -23,6 +25,5 @@ pkgs.mkShell {
    mqttui
    kustomize
    yq-go
    go-task
  ];
 }
`@ -1,2 +1,2 @@`
	`---`	`---`
	`providerRegex: ^bilbo\|^frodo\|^sam\|^merry\|^pippin\|^rosie\|^gandalf-01$`	`providerRegex: ^bilbo\|^frodo\|^sam\|^merry\|^pippin\|^rosie\|^shadowfax-01\|^gandalf-01$`