From 8a9dc9fce718e7be1eb607cc0df952ca9f14e773 Mon Sep 17 00:00:00 2001 From: GersonRS Date: Mon, 26 Jan 2026 20:02:20 -0300 Subject: [PATCH 1/2] feat: tudo funcionando perfeitamente --- .gitignore | 5 + examples/kind/locals.tf | 2 +- examples/kind/main.tf | 712 +++++++++++++++++++------------------ examples/kind/outputs.tf | 10 +- examples/kind/terraform.tf | 10 +- examples/kind/variables.tf | 12 + 6 files changed, 396 insertions(+), 355 deletions(-) create mode 100644 examples/kind/variables.tf diff --git a/.gitignore b/.gitignore index 13482ce5..966782e9 100644 --- a/.gitignore +++ b/.gitignore @@ -8,6 +8,7 @@ examples/*/terraform.tfstate.* examples/*/.terraform.tfstate.lock.info examples/*/*-config examples/*/.terraform.lock.hcl +examples/*/*.tfvars ### Files and folders when building the website and documentation locally ### @@ -57,3 +58,7 @@ ehthumbs_vista.db # Folder config file [Dd]esktop.ini + +id_ed25519 +copilot-instructions.md +tfplan \ No newline at end of file diff --git a/examples/kind/locals.tf b/examples/kind/locals.tf index e9ca47da..3d6606b8 100644 --- a/examples/kind/locals.tf +++ b/examples/kind/locals.tf @@ -3,7 +3,7 @@ resource "random_password" "airflow_fernetKey" { special = false } locals { - kubernetes_version = "v1.29.2" + kubernetes_version = "v1.35.0" cluster_name = "kind" base_domain = format("%s.nip.io", replace(module.traefik.external_ip, ".", "-")) subdomain = "apps" diff --git a/examples/kind/main.tf b/examples/kind/main.tf index 10c31582..e10bbc2f 100644 --- a/examples/kind/main.tf +++ b/examples/kind/main.tf @@ -1,18 +1,20 @@ module "kind" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-cluster-kind.git?ref=v2.4.2" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-cluster-kind.git?ref=v2.5.0" cluster_name = local.cluster_name kubernetes_version = local.kubernetes_version } module "metallb" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-metallb.git?ref=v2.7.1" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-metallb.git?ref=v2.8.0" subnet = module.kind.kind_subnet + + depends_on = [module.kind] } module "argocd_bootstrap" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-argocd.git//bootstrap?ref=v2.10.0" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-argocd.git//bootstrap?ref=v4.1.0" argocd_projects = { "${local.cluster_name}" = { @@ -20,11 +22,40 @@ module "argocd_bootstrap" { } } + ssh_private_key = var.ssh_private_key + + repositories = [ + "git@github.com:GersonRS/modern-gitops-stack-module-argocd.git", + "git@github.com:GersonRS/modern-gitops-stack-module-metrics-server.git", + "git@github.com:GersonRS/modern-gitops-stack-module-traefik.git", + "git@github.com:GersonRS/modern-gitops-stack-module-cert-manager.git", + "git@github.com:GersonRS/modern-gitops-stack-module-keycloak.git", + "git@github.com:GersonRS/modern-gitops-stack-module-postgresql.git", + "git@github.com:GersonRS/modern-gitops-stack-module-minio.git", + "git@github.com:GersonRS/modern-gitops-stack-module-mlflow.git", + "git@github.com:GersonRS/modern-gitops-stack-module-strimzi.git", + "git@github.com:GersonRS/modern-gitops-stack-module-kafka.git", + "git@github.com:GersonRS/modern-gitops-stack-module-cp-schema-registry.git", + "git@github.com:GersonRS/modern-gitops-stack-module-kafka-ui.git", + "git@github.com:GersonRS/modern-gitops-stack-module-pinot.git", + "git@github.com:GersonRS/modern-gitops-stack-module-trino.git", + "git@github.com:GersonRS/modern-gitops-stack-module-zookeeper.git", + "git@github.com:GersonRS/modern-gitops-stack-module-nifi.git", + "git@github.com:GersonRS/modern-gitops-stack-module-loki-stack.git", + "git@github.com:GersonRS/modern-gitops-stack-module-thanos.git", + "git@github.com:GersonRS/modern-gitops-stack-module-kube-prometheus-stack.git", + "git@github.com:GersonRS/modern-gitops-stack-module-spark.git", + "git@github.com:GersonRS/modern-gitops-stack-module-hive-metastore.git", + "git@github.com:GersonRS/modern-gitops-stack-module-airflow.git", + "git@github.com:GersonRS/modern-gitops-stack-module-jupyterhub.git", + "git@github.com:GersonRS/modern-gitops-stack-module-qdrant.git", + ] + depends_on = [module.kind] } module "metrics-server" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-metrics-server.git?ref=v2.7.1" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-metrics-server.git?ref=v2.9.0" argocd_project = local.cluster_name @@ -38,7 +69,7 @@ module "metrics-server" { } module "traefik" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-traefik.git//kind?ref=v2.6.1" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-traefik.git//kind?ref=v2.9.0" argocd_project = local.cluster_name @@ -51,7 +82,7 @@ module "traefik" { } module "cert-manager" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-cert-manager.git//self-signed?ref=v2.6.6" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-cert-manager.git//self-signed?ref=v2.9.0" argocd_project = local.cluster_name @@ -63,8 +94,23 @@ module "cert-manager" { } } +module "postgresql" { + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-postgresql.git?ref=v2.12.0" + cluster_name = local.cluster_name + base_domain = local.base_domain + subdomain = local.subdomain + cluster_issuer = local.cluster_issuer + argocd_project = local.cluster_name + app_autosync = local.app_autosync + enable_service_monitor = local.enable_service_monitor + + dependency_ids = { + argocd = module.argocd_bootstrap.id + } +} + module "keycloak" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-keycloak.git?ref=v2.5.1" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-keycloak.git?ref=v2.7.0" cluster_name = local.cluster_name base_domain = local.base_domain @@ -73,43 +119,36 @@ module "keycloak" { argocd_project = local.cluster_name app_autosync = local.app_autosync + database = { + host = module.postgresql.cluster_dns + username = module.postgresql.credentials.username + password = module.postgresql.credentials.password + } dependency_ids = { traefik = module.traefik.id cert-manager = module.cert-manager.id + postgresql = module.postgresql.id } } module "oidc" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-keycloak.git//oidc_bootstrap?ref=v2.5.1" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-keycloak.git//oidc_bootstrap?ref=v2.7.0" cluster_name = local.cluster_name base_domain = local.base_domain subdomain = local.subdomain cluster_issuer = local.cluster_issuer - dependency_ids = { - keycloak = module.keycloak.id + keycloak = module.keycloak.id + postgresql = module.postgresql.id } } -module "postgresql" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-postgresql.git?ref=v2.11.0" - cluster_name = local.cluster_name - base_domain = local.base_domain - subdomain = local.subdomain - cluster_issuer = local.cluster_issuer - argocd_project = local.cluster_name - app_autosync = local.app_autosync - enable_service_monitor = local.enable_service_monitor - dependency_ids = { - argocd = module.argocd_bootstrap.id - } -} module "minio" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-minio.git?ref=v2.6.2" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-minio.git?ref=v2.8.0" cluster_name = local.cluster_name base_domain = local.base_domain @@ -121,6 +160,7 @@ module "minio" { config_minio = local.minio_config oidc = module.oidc.oidc + dependency_ids = { traefik = module.traefik.id cert-manager = module.cert-manager.id @@ -128,190 +168,192 @@ module "minio" { } } -# module "mlflow" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-mlflow.git?ref=v1.2.1" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor - -# storage = { -# bucket_name = "mlflow" -# endpoint = module.minio.endpoint -# access_key = module.minio.minio_root_user_credentials.username -# secret_access_key = module.minio.minio_root_user_credentials.password -# } -# database = { -# user = module.postgresql.credentials.user -# password = module.postgresql.credentials.password -# database = "mlflow" -# service = module.postgresql.cluster_dns -# } -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# traefik = module.traefik.id -# minio = module.minio.id -# postgresql = module.postgresql.id -# } -# } - -# module "strimzi" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-strimzi.git?ref=v1.4.3" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# } -# } - -# module "kafka" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-kafka.git?ref=v2.11.0" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# traefik = module.traefik.id -# strimzi = module.strimzi.id -# } -# } - -# module "cp-schema-registry" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-cp-schema-registry.git?ref=v1.3.2" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor -# kafka_broker_name = module.kafka.broker_name -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# kafka = module.kafka.id -# } -# } - -# module "kafka-ui" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-kafka-ui.git?ref=v1.3.3" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor -# kafka_broker_name = module.kafka.broker_name -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# kafka = module.kafka.id -# cp-schema-registry = module.cp-schema-registry.id -# } -# } - -# module "pinot" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-pinot.git?ref=v1.1.1" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor -# storage = { -# bucket_name = "pinot" -# endpoint = module.minio.endpoint -# access_key = module.minio.minio_root_user_credentials.username -# secret_access_key = module.minio.minio_root_user_credentials.password -# } -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# traefik = module.traefik.id -# minio = module.minio.id -# } -# } +module "mlflow" { + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-mlflow.git?ref=v1.3.0" + cluster_name = local.cluster_name + base_domain = local.base_domain + subdomain = local.subdomain + cluster_issuer = local.cluster_issuer + argocd_project = local.cluster_name + app_autosync = local.app_autosync + enable_service_monitor = local.enable_service_monitor -# module "trino" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-trino.git?ref=v1.1.1" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor -# pinot_dns = module.pinot.cluster_dns -# storage = { -# bucket_name = "trino" -# endpoint = module.minio.endpoint -# access_key = module.minio.minio_root_user_credentials.username -# secret_access_key = module.minio.minio_root_user_credentials.password -# } -# database = { -# user = module.postgresql.credentials.user -# password = module.postgresql.credentials.password -# database = "curated" -# service = module.postgresql.cluster_dns -# } -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# traefik = module.traefik.id -# oidc = module.oidc.id -# minio = module.minio.id -# postgresql = module.postgresql.id -# pinot = module.pinot.id -# } -# } -# module "zookeeper" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-zookeeper.git?ref=v2.0.0" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# } -# } + storage = { + bucket_name = "mlflow" + endpoint = module.minio.endpoint + access_key = module.minio.minio_root_user_credentials.username + secret_access_key = module.minio.minio_root_user_credentials.password + } + database = { + user = module.postgresql.credentials.username + password = module.postgresql.credentials.password + database = "mlflow" + service = module.postgresql.cluster_dns + } + dependency_ids = { + argocd = module.argocd_bootstrap.id + traefik = module.traefik.id + minio = module.minio.id + postgresql = module.postgresql.id + } +} -# module "nifi" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-nifi.git?ref=v1.5.0" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor -# oidc = module.oidc.oidc -# dependency_ids = { -# zookeeper = module.zookeeper.id -# } -# } +# # module "strimzi" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-strimzi.git?ref=v1.4.3" +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # } +# # } + +# # module "kafka" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-kafka.git?ref=v2.11.0" +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # traefik = module.traefik.id +# # strimzi = module.strimzi.id +# # } +# # } + +# # module "cp-schema-registry" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-cp-schema-registry.git?ref=v1.3.2" +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor +# # kafka_broker_name = module.kafka.broker_name +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # kafka = module.kafka.id +# # } +# # } + +# # module "kafka-ui" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-kafka-ui.git?ref=v1.3.3" +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor +# # kafka_broker_name = module.kafka.broker_name +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # kafka = module.kafka.id +# # cp-schema-registry = module.cp-schema-registry.id +# # } +# # } + +# # module "pinot" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-pinot.git?ref=v1.1.1" +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor +# # storage = { +# # bucket_name = "pinot" +# # endpoint = module.minio.endpoint +# # access_key = module.minio.minio_root_user_credentials.username +# # secret_access_key = module.minio.minio_root_user_credentials.password +# # } +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # traefik = module.traefik.id +# # minio = module.minio.id +# # } +# # } + +# # module "trino" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-trino.git?ref=v1.1.1" +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor +# # pinot_dns = module.pinot.cluster_dns +# # storage = { +# # bucket_name = "trino" +# # endpoint = module.minio.endpoint +# # access_key = module.minio.minio_root_user_credentials.username +# # secret_access_key = module.minio.minio_root_user_credentials.password +# # } +# # database = { +# # user = module.postgresql.credentials.user +# # password = module.postgresql.credentials.password +# # database = "curated" +# # service = module.postgresql.cluster_dns +# # } +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # traefik = module.traefik.id +# # oidc = module.oidc.id +# # minio = module.minio.id +# # postgresql = module.postgresql.id +# # pinot = module.pinot.id +# # } +# # } + +# # module "zookeeper" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-zookeeper.git?ref=v2.0.0" +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # } +# # } + +# # module "nifi" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-nifi.git?ref=v1.5.0" +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor +# # oidc = module.oidc.oidc +# # dependency_ids = { +# # zookeeper = module.zookeeper.id +# # } +# # } module "loki-stack" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-loki-stack.git//kind?ref=v2.6.1" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-loki-stack.git//kind?ref=v2.7.0" argocd_project = local.cluster_name app_autosync = local.app_autosync enable_service_monitor = local.enable_service_monitor + logs_storage = { bucket_name = local.minio_config.buckets.0.name endpoint = module.minio.endpoint @@ -325,7 +367,7 @@ module "loki-stack" { } module "thanos" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-thanos.git//kind?ref=v2.6.2" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-thanos.git//kind?ref=v2.7.0" cluster_name = local.cluster_name base_domain = local.base_domain @@ -336,6 +378,7 @@ module "thanos" { app_autosync = local.app_autosync enable_service_monitor = local.enable_service_monitor + metrics_storage = { bucket_name = local.minio_config.buckets.1.name endpoint = module.minio.endpoint @@ -347,19 +390,6 @@ module "thanos" { oidc = module.oidc.oidc } - helm_values = [{ - redis = { - image = { - repository = "bitnamilegacy/redis" - } - } - thanos = { - image = { - repository = "bitnamilegacy/thanos" - } - } - }] - dependency_ids = { argocd = module.argocd_bootstrap.id traefik = module.traefik.id @@ -371,7 +401,7 @@ module "thanos" { } module "kube-prometheus-stack" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-kube-prometheus-stack.git//kind?ref=v2.6.1" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-kube-prometheus-stack.git//kind?ref=v2.7.0" cluster_name = local.cluster_name base_domain = local.base_domain @@ -381,6 +411,7 @@ module "kube-prometheus-stack" { app_autosync = local.app_autosync + metrics_storage = { bucket_name = local.minio_config.buckets.1.name endpoint = module.minio.endpoint @@ -406,84 +437,120 @@ module "kube-prometheus-stack" { } } -# module "spark" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-spark.git?ref=v1.5.1" - -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor - +# # module "spark" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-spark.git?ref=v1.5.1" + +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor + +# # storage = { +# # access_key = module.minio.minio_root_user_credentials.username +# # secret_access_key = module.minio.minio_root_user_credentials.password +# # } + +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # traefik = module.traefik.id +# # cert-manager = module.cert-manager.id +# # minio = module.minio.id +# # } +# # } + +# # module "hive-metastore" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-hive-metastore.git?ref=v1.2.0" + +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor + +# # storage = { +# # bucket_name = "warehouse" +# # endpoint = module.minio.endpoint +# # access_key = module.minio.minio_root_user_credentials.username +# # secret_access_key = module.minio.minio_root_user_credentials.password +# # } +# # database = { +# # user = module.postgresql.credentials.user +# # password = module.postgresql.credentials.password +# # database = "metastore" +# # service = module.postgresql.cluster_dns +# # } + +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # traefik = module.traefik.id +# # cert-manager = module.cert-manager.id +# # minio = module.minio.id +# # postgresql = module.postgresql.id +# # spark = module.spark.id +# # } +# # } + +# # module "airflow" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-airflow.git?ref=v1.6.2" +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor +# # oidc = module.oidc.oidc +# # fernetKey = base64encode(resource.random_password.airflow_fernetKey.result) +# # storage = { +# # bucket_name = "airflow" +# # endpoint = module.minio.endpoint +# # access_key = module.minio.minio_root_user_credentials.username +# # secret_access_key = module.minio.minio_root_user_credentials.password +# # } +# # database = { +# # database = "airflow" +# # user = module.postgresql.credentials.user +# # password = module.postgresql.credentials.password +# # endpoint = module.postgresql.cluster_dns +# # } +# # # mlflow = { +# # # endpoint = module.mlflow.cluster_dns +# # # } +# # # ray = { +# # # endpoint = module.ray.cluster_dns +# # # } +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # traefik = module.traefik.id +# # oidc = module.oidc.id +# # minio = module.minio.id +# # postgresql = module.postgresql.id +# # } +# # } + +# module "jupyterhub" { +# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-jupyterhub.git?ref=v1.1.2" +# cluster_name = local.cluster_name +# base_domain = local.base_domain +# subdomain = local.subdomain +# cluster_issuer = local.cluster_issuer +# argocd_project = local.cluster_name +# app_autosync = local.app_autosync +# oidc = module.oidc.oidc # storage = { -# access_key = module.minio.minio_root_user_credentials.username -# secret_access_key = module.minio.minio_root_user_credentials.password -# } - -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# traefik = module.traefik.id -# cert-manager = module.cert-manager.id -# minio = module.minio.id -# } -# } - -# module "hive-metastore" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-hive-metastore.git?ref=v1.2.0" - -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor - -# storage = { -# bucket_name = "warehouse" -# endpoint = module.minio.endpoint -# access_key = module.minio.minio_root_user_credentials.username -# secret_access_key = module.minio.minio_root_user_credentials.password -# } -# database = { -# user = module.postgresql.credentials.user -# password = module.postgresql.credentials.password -# database = "metastore" -# service = module.postgresql.cluster_dns -# } - -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# traefik = module.traefik.id -# cert-manager = module.cert-manager.id -# minio = module.minio.id -# postgresql = module.postgresql.id -# spark = module.spark.id -# } -# } - -# module "airflow" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-airflow.git?ref=v1.6.2" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor -# oidc = module.oidc.oidc -# fernetKey = base64encode(resource.random_password.airflow_fernetKey.result) -# storage = { -# bucket_name = "airflow" +# bucket_name = "mlflow" # endpoint = module.minio.endpoint # access_key = module.minio.minio_root_user_credentials.username # secret_access_key = module.minio.minio_root_user_credentials.password # } # database = { -# database = "airflow" -# user = module.postgresql.credentials.user +# database = "jupyterhub" +# user = module.postgresql.credentials.username # password = module.postgresql.credentials.password # endpoint = module.postgresql.cluster_dns # } @@ -499,66 +566,30 @@ module "kube-prometheus-stack" { # oidc = module.oidc.id # minio = module.minio.id # postgresql = module.postgresql.id +# # mlflow = module.mlflow.id # } # } -module "jupyterhub" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-jupyterhub.git?ref=v1.1.2" - cluster_name = local.cluster_name - base_domain = local.base_domain - subdomain = local.subdomain - cluster_issuer = local.cluster_issuer - argocd_project = local.cluster_name - app_autosync = local.app_autosync - oidc = module.oidc.oidc - storage = { - bucket_name = "mlflow" - endpoint = module.minio.endpoint - access_key = module.minio.minio_root_user_credentials.username - secret_access_key = module.minio.minio_root_user_credentials.password - } - database = { - database = "jupyterhub" - user = module.postgresql.credentials.username - password = module.postgresql.credentials.password - endpoint = module.postgresql.cluster_dns - } - # mlflow = { - # endpoint = module.mlflow.cluster_dns - # } - # ray = { - # endpoint = module.ray.cluster_dns - # } - dependency_ids = { - argocd = module.argocd_bootstrap.id - traefik = module.traefik.id - oidc = module.oidc.id - minio = module.minio.id - postgresql = module.postgresql.id - # mlflow = module.mlflow.id - } -} - -# module "qdrant" { -# source = "git::https://github.com/GersonRS/modern-gitops-stack-module-qdrant.git?ref=v1.2.0" +# # module "qdrant" { +# # source = "git::https://github.com/GersonRS/modern-gitops-stack-module-qdrant.git?ref=v1.2.0" -# cluster_name = local.cluster_name -# base_domain = local.base_domain -# subdomain = local.subdomain -# cluster_issuer = local.cluster_issuer -# argocd_project = local.cluster_name -# app_autosync = local.app_autosync -# enable_service_monitor = local.enable_service_monitor +# # cluster_name = local.cluster_name +# # base_domain = local.base_domain +# # subdomain = local.subdomain +# # cluster_issuer = local.cluster_issuer +# # argocd_project = local.cluster_name +# # app_autosync = local.app_autosync +# # enable_service_monitor = local.enable_service_monitor -# dependency_ids = { -# argocd = module.argocd_bootstrap.id -# traefik = module.traefik.id -# cert-manager = module.cert-manager.id -# } -# } +# # dependency_ids = { +# # argocd = module.argocd_bootstrap.id +# # traefik = module.traefik.id +# # cert-manager = module.cert-manager.id +# # } +# # } module "argocd" { - source = "git::https://github.com/GersonRS/modern-gitops-stack-module-argocd.git?ref=v2.10.0" + source = "git::https://github.com/GersonRS/modern-gitops-stack-module-argocd.git?ref=v4.1.0" base_domain = local.base_domain cluster_name = local.cluster_name @@ -584,13 +615,6 @@ module "argocd" { } } - rbac = { - policy_csv = <<-EOT - g, pipeline, role:admin - g, modern-gitops-stack-admins, role:admin - EOT - } - dependency_ids = { traefik = module.traefik.id cert-manager = module.cert-manager.id diff --git a/examples/kind/outputs.tf b/examples/kind/outputs.tf index 0d8e0797..43a8e71b 100644 --- a/examples/kind/outputs.tf +++ b/examples/kind/outputs.tf @@ -3,11 +3,11 @@ output "ingress_domain" { value = "${local.cluster_name}.${local.base_domain}" } -output "kubernetes_kubeconfig" { - description = "Configuration that can be copied into `.kube/config in order to access the cluster with `kubectl`." - value = module.kind.raw_kubeconfig - sensitive = true -} +# output "kubernetes_kubeconfig" { +# description = "Configuration that can be copied into `.kube/config in order to access the cluster with `kubectl`." +# value = module.kind.raw_kubeconfig +# sensitive = true +# } output "keycloak_admin_credentials" { description = "Credentials for the administrator user of the Keycloak server." diff --git a/examples/kind/terraform.tf b/examples/kind/terraform.tf index d0ffa60e..bf73d2f4 100644 --- a/examples/kind/terraform.tf +++ b/examples/kind/terraform.tf @@ -2,19 +2,19 @@ terraform { required_providers { kubernetes = { source = "hashicorp/kubernetes" - version = "~> 2" + version = ">= 2" } helm = { source = "hashicorp/helm" - version = "~> 3" + version = ">= 3" } argocd = { source = "argoproj-labs/argocd" - version = "~> 7" + version = ">= 7" } keycloak = { source = "mrparkers/keycloak" - version = "~> 4" + version = ">= 4" } } } @@ -55,7 +55,7 @@ provider "keycloak" { client_id = "admin-cli" username = module.keycloak.admin_credentials.username password = module.keycloak.admin_credentials.password - url = format("https://keycloak.%s.%s", trimprefix("${local.subdomain}.${local.cluster_name}", "."), local.base_domain) + url = "https://keycloak.${local.subdomain != "" ? "${trimprefix(local.subdomain, ".")}." : ""}${local.base_domain}" tls_insecure_skip_verify = true initial_login = false } diff --git a/examples/kind/variables.tf b/examples/kind/variables.tf new file mode 100644 index 00000000..a0172694 --- /dev/null +++ b/examples/kind/variables.tf @@ -0,0 +1,12 @@ +variable "ssh_private_key" { + description = <<-EOT + Chave privada SSH no formato PEM utilizada para: + - acesso a repositórios Git privados (deploy keys); + - acesso SSH a nós do cluster quando necessário. + + Guarde essa chave como secret no provedor CI/CD e nunca a comite em texto claro no repositório. + EOT + type = string + sensitive = true + nullable = false +} From 37631ad7c91ece9f3faa5e48e152c82ec4b57891 Mon Sep 17 00:00:00 2001 From: GersonRS Date: Mon, 26 Jan 2026 20:12:40 -0300 Subject: [PATCH 2/2] feat: add new build image module --- .../workflows/modules-docker-build-push.yaml | 95 +++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 .github/workflows/modules-docker-build-push.yaml diff --git a/.github/workflows/modules-docker-build-push.yaml b/.github/workflows/modules-docker-build-push.yaml new file mode 100644 index 00000000..708b4866 --- /dev/null +++ b/.github/workflows/modules-docker-build-push.yaml @@ -0,0 +1,95 @@ +--- +# Workflow do GitHub Actions para criar e publicar uma imagem Docker no Docker Hub. +# +# IMPORTANTE: Este workflow é chamado por outros workflows e está +# centralizado aqui para facilitar a manutenção entre módulos. Por isso, certifique-se de não introduzir +# mudanças que quebrem a compatibilidade ao modificar este workflow. + +name: "modules-docker-build-push" + +on: + workflow_call: + inputs: + image_name: + description: "Nome da imagem Docker (ex: gersonrs/minha-app)" + required: true + type: string + context: + description: "Contexto do Docker build (diretório do Dockerfile)" + required: false + type: string + default: "." + dockerfile: + description: "Caminho para o Dockerfile" + required: false + type: string + default: "Dockerfile" + platforms: + description: "Plataformas para build multi-arch (ex: linux/amd64,linux/arm64)" + required: false + type: string + default: "linux/amd64" + secrets: + DOCKERHUB_USERNAME: + description: "Username do Docker Hub" + required: true + DOCKERHUB_TOKEN: + description: "Token de acesso do Docker Hub" + required: true + +permissions: + id-token: write + packages: write + contents: read + attestations: write + +env: + REGISTRY: docker.io + +jobs: + docker: + runs-on: ubuntu-latest + # Pula o build se o PR foi criado pelo release-please + if: | + github.event_name != 'pull_request' || + !startsWith(github.head_ref, 'release-please--') + steps: + - name: Checkout + uses: actions/checkout@v6 + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ inputs.image_name }} + tags: | + type=ref,event=tag + type=ref,event=pr + type=sha,prefix= + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to DockerHub + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Build and push + id: push + uses: docker/build-push-action@v6 + with: + context: ${{ inputs.context }} + file: ${{ inputs.context }}/${{ inputs.dockerfile }} + platforms: ${{ inputs.platforms }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + annotations: ${{ steps.meta.outputs.annotations }} + cache-from: type=gha + cache-to: type=gha,mode=max \ No newline at end of file