initial commit

2025-11-23 18:58:51 +01:00
commit 376a944abc
1553 changed files with 314731 additions and 0 deletions
--- a/riscv/argo-workflows/README.md
+++ b/riscv/argo-workflows/README.md
@@ -0,0 +1,10 @@
+#Ingressroutes:
+
+Blijkbaar moet je ingressrouteTCP configureren op API traefik.io.
+Kortom, geen TLS-interrupt door traefik, maar verkeer op entrypoint 443/websecure gewoon ongewijzigd doorsturen naar argo-server
+
+#Over de workflow
+
+Je moet een pvc aanmaken om gegevens door te geven tussen de steps.
+Voor build moet je de docker directory mounten in de container met maven.
+Voor deploy moet je een kubeconfig mounten de verwijst naar kubernetes op de host.
--- a/riscv/argo-workflows/argo-workflows-install.yaml
+++ b/riscv/argo-workflows/argo-workflows-install.yaml
--- a/riscv/argo-workflows/argo-workflows-pvc.yaml
+++ b/riscv/argo-workflows/argo-workflows-pvc.yaml
@@ -0,0 +1,31 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: argo-workflows-pv
+  labels:
+    type: local
+spec:
+  storageClassName: ""
+  capacity:
+    storage: 1Gi
+  accessModes:
+    - ReadWriteMany
+  nfs:
+    server: 192.168.2.110
+    path: /mnt/nfs_share/argo-workflows/riscv
+    readOnly: false
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: argo-workflows-pvc
+  namespace: argo
+spec:
+  storageClassName: ""
+  volumeName: argo-workflows-pv
+  accessModes:
+    - ReadWriteMany
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 1Gi
--- a/riscv/argo-workflows/catalog-info.yaml
+++ b/riscv/argo-workflows/catalog-info.yaml
@@ -0,0 +1,11 @@
+apiVersion: backstage.io/v1alpha1
+kind: Component
+metadata:
+  name: riscv-argo-workflows
+  title: Argo-workflows (riscv)
+spec:
+  type: service
+  lifecycle: production
+  owner: platform-team
+  partOf:
+    - ../catalog-info.yaml
--- a/riscv/argo-workflows/create-docker-credentials.sh
+++ b/riscv/argo-workflows/create-docker-credentials.sh
@@ -0,0 +1,4 @@
+kubectl create secret generic docker-creds \
+  --from-literal=username=allardkrings@gmail.com \
+  --from-literal=password='Kubernetes01@' \
+      -n argo
--- a/riscv/argo-workflows/create-gitea-credentials.sh
+++ b/riscv/argo-workflows/create-gitea-credentials.sh
@@ -0,0 +1,4 @@
+kubectl create secret generic gitea-creds \
+    --from-literal=username=allard \
+    --from-literal=password='Gitea01@' \
+      -n argo
--- a/riscv/argo-workflows/create-github-credentials.sh
+++ b/riscv/argo-workflows/create-github-credentials.sh
@@ -0,0 +1,4 @@
+kubectl create secret generic github-creds \
+    --from-literal=username=allardkrings@gmail.com \
+    --from-literal=password='Kubernetes01@' \
+      -n argo
--- a/riscv/argo-workflows/create-kube-config.sh
+++ b/riscv/argo-workflows/create-kube-config.sh
@@ -0,0 +1 @@
+kubectl create secret generic kubeconfig-secret   --from-file=config=/home/ubuntu/.kube/config
--- a/riscv/argo-workflows/create-nexus-credentials.sh
+++ b/riscv/argo-workflows/create-nexus-credentials.sh
@@ -0,0 +1,4 @@
+kubectl create secret generic nexus-credentials \
+  --from-literal=username=admin \
+  --from-literal=password='Nexus01@' \
+      -n argo
--- a/riscv/argo-workflows/ingressrouteTCP-tls.yaml
+++ b/riscv/argo-workflows/ingressrouteTCP-tls.yaml
@@ -0,0 +1,17 @@
+#apiVersion: traefik.containo.us/v1alpha1
+apiVersion: traefik.io/v1alpha1
+kind: IngressRouteTCP
+metadata:
+  name: argo-workflows-tcp-tls
+  namespace: argo
+spec:
+  entryPoints:
+    - websecure
+  routes:
+  - match: HostSNI(`argo-riscv.allarddcs.nl`)
+    services:
+    - name: argo-server
+      port: 2746
+  tls:
+    passthrough: true
+
--- a/riscv/argo-workflows/rbac.yaml
+++ b/riscv/argo-workflows/rbac.yaml
@@ -0,0 +1,38 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: argo-workflow
+  namespace: argo
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: argo-workflow-role
+  namespace: argo
+rules:
+  # Allow managing Deployments
+  - apiGroups: ["apps"]
+    resources: ["deployments"]
+    verbs: ["get", "list", "create", "update", "patch", "delete"]
+  # Allow managing Services
+  - apiGroups: [""]
+    resources: ["services"]
+    verbs: ["get", "list", "create", "update", "patch", "delete"]
+  # Allow managing Traefik IngressRoutes
+  - apiGroups: ["traefik.io"]
+    resources: ["ingressroutes"]
+    verbs: ["get", "list", "create", "update", "patch", "delete"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: argo-workflow-rolebinding
+  namespace: argo
+subjects:
+  - kind: ServiceAccount
+    name: argo-workflow
+    namespace: argo
+roleRef:
+  kind: Role
+  name: argo-workflow-role
+  apiGroup: rbac.authorization.k8s.io
--- a/riscv/argo-workflows/templates/clone-build-deploy-template.yaml
+++ b/riscv/argo-workflows/templates/clone-build-deploy-template.yaml
@@ -0,0 +1,72 @@
+apiVersion: argoproj.io/v1alpha1
+kind: WorkflowTemplate
+metadata:
+  name: clone-build-deploy
+  namespace: argo
+spec:
+  entrypoint: main
+  volumes:
+  - name: workdir
+    persistentVolumeClaim:
+      claimName: argo-workflows-pvc
+  - name: dockersock
+    hostPath:
+      path: /var/run/docker.sock
+  - name: kubeconfig
+    secret:
+      secretName: kubeconfig-secret
+
+  templates:
+  - name: main
+    steps:
+    - - name: build
+        template: git-clone
+    - - name: deploy
+        template: deploy-app
+
+  - name: git-clone
+    container:
+      image: allardkrings/riscv64-maven
+      command: ["sh", "-c"]
+      args:
+        - |
+          echo "Cleaning up /src directory..." && \
+          rm -rf /src/* /src/.* 2>/dev/null || true && \
+          git clone http://allard:Gitea01%40@gitea.gitea.svc.cluster.local:3000/allard/olproperties.git /src && \
+          cd /src && \
+          git status && \
+          ls -la && \
+          mvn clean install
+      env:
+      - name: USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: gitea-creds
+            key: username
+      - name: PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: gitea-creds
+            key: password
+      volumeMounts:
+      - name: workdir
+        mountPath: /src
+      - name: dockersock
+        mountPath: /var/run/docker.sock
+
+  - name: deploy-app
+    serviceAccountName: argo-workflow
+    container:
+      image: allardkrings/riscv64-kubectl
+      command: ["sh", "-c"]
+      args:
+        - |
+          echo "Contents of /src:" && ls -la /src && \
+          echo "Checking deployment.yaml:" && cat /src/deployment.yaml && \
+          echo "Deploying application..." && \
+          kubectl apply -f /src/deployment.yaml --validate=false
+      volumeMounts:
+      - name: workdir
+        mountPath: /src
+    continueOn:
+      failed: true
--- a/riscv/argo-workflows/templates/dag-target.yaml
+++ b/riscv/argo-workflows/templates/dag-target.yaml
@@ -0,0 +1,51 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Workflow
+metadata:
+  generateName: dag-target-
+  namespace: argo
+  name: dag-target
+spec:
+  entrypoint: dag-target
+  arguments:
+    parameters:
+    - name: target
+      value: E
+
+  templates:
+  - name: dag-target
+    dag:
+      target: "{{workflow.parameters.target}}"
+
+      tasks:
+      - name: A
+        template: echo
+        arguments:
+          parameters: [{name: message, value: A}]
+      - name: B
+        depends: "A"
+        template: echo
+        arguments:
+          parameters: [{name: message, value: B}]
+      - name: C
+        depends: "A"
+        template: echo
+        arguments:
+          parameters: [{name: message, value: C}]
+      - name: D
+        depends: "B && C"
+        template: echo
+        arguments:
+          parameters: [{name: message, value: D}]
+      - name: E
+        depends: "D"
+        template: echo
+        arguments:
+          parameters: [{name: message, value: E}]
+
+  - name: echo
+    inputs:
+      parameters:
+      - name: message
+    container:
+      image: riscv64/alpine
+      command: [echo, "{{inputs.parameters.message}}"] 
--- a/riscv/argo-workflows/templates/git-clone-workflow-template.yaml
+++ b/riscv/argo-workflows/templates/git-clone-workflow-template.yaml
@@ -0,0 +1,25 @@
+apiVersion: argoproj.io/v1alpha1
+kind: WorkflowTemplate
+metadata:
+  name: git-clone-template
+spec:
+  entrypoint: git-clone
+  templates:
+  - name: git-clone
+    inputs:
+      artifacts:
+      - name: argo-source
+        path: /src
+        git:
+          repo: https://gitea-riscv/allard/olproperties.git
+          usernameSecret:
+            name: github-creds
+            key: username
+          passwordSecret:
+            name: github-creds
+            key: password
+    container:
+      image: allardkrings/riscv64-maven
+      command: ["sh", "-c"]
+      args: ["git status && ls && cat VERSION"]
+      workingDir: /src
--- a/riscv/argo-workflows/templates/git-clone-workflow.yaml
+++ b/riscv/argo-workflows/templates/git-clone-workflow.yaml
@@ -0,0 +1,26 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Workflow
+metadata:
+  generateName: git-clone-
+  namespace: argo
+spec:
+  entrypoint: git-clone
+  templates:
+  - name: git-clone
+    inputs:
+      artifacts:
+      - name: argo-source
+        path: /src
+        git:
+          repo: gitea.gitea.svc.cluster.local/allard/olproperties.git
+          usernameSecret:
+            name: github-creds
+            key: username
+          passwordSecret:
+            name: github-creds
+            key: password
+    container:
+      image: allardkrings/riscv64-maven
+      command: ["sh", "-c"]
+      args: ["git status && ls && cat VERSION"]
+      workingDir: /src
--- a/riscv/argo-workflows/templates/input-artifact-git.yaml
+++ b/riscv/argo-workflows/templates/input-artifact-git.yaml
@@ -0,0 +1,27 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Workflow
+metadata:
+  generateName: input-artifact-git-
+  name: input-artifact-git
+  namespace: argo
+spec:
+  entrypoint: git-clone
+  templates:
+  - name: git-clone
+    inputs:
+      artifacts:
+      - name: argo-source
+        path: /src
+        git:
+          repo: https://gitea-riscv/allard/olproperties.git
+          usernameSecret:
+            name: github-creds
+            key: username
+          passwordSecret:
+            name: github-creds
+            key: password
+    container:
+      image: allardkrings/riscv64-maven
+      command: [sh, -c]
+      args: ["git status && ls && cat VERSION"]
+      workingDir: /src
				`@@ -0,0 +1 @@`
				`kubectl create secret generic kubeconfig-secret --from-file=config=/home/ubuntu/.kube/config`